Palo Alto Networks PCCSE Exam - Topic 1 Question 47 Discussion

Actual exam question for Palo Alto Networks's PCCSE exam

Question #: 47
Topic #: 1

A manager informs the SOC that one or more RDS instances have been compromised and the SOC needs to make sure production RDS instances are NOT publicly accessible.

Which action should the SOC take to follow security best practices?

AEnable ''AWS S3 bucket is publicly accessible'' policy and manually remediate each alert.

BEnable ''AWS RDS database instance is publicly accessible'' policy and for each alert, check that it is a production instance, and then manually remediate.

CEnable ''AWS S3 bucket is publicly accessible'' policy and add policy to an auto-remediation alert rule.

DEnable ''AWS RDS database instance is publicly accessible'' policy and add policy to an auto-remediation alert rule.

Show Suggested Answer

Suggested Answer: D

by Skye at Sep 22, 2022, 08:21 AM

Limited Time Offer

25%

Off

Get Premium PCCSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Mozelle

4 months ago

D is spot on, we need to automate this to avoid human error.

upvoted 0 times

...

Kenneth

4 months ago

Definitely not A, that's for S3, not RDS!

upvoted 0 times

...

Soledad

4 months ago

Wait, are we sure auto-remediation is safe? Sounds risky.

upvoted 0 times

...

Dean

4 months ago

I think B makes more sense, gotta check each instance manually.

upvoted 0 times

...

Alana

4 months ago

Option D is the best choice for auto-remediation!

upvoted 0 times

...

Ryann

5 months ago

I'm leaning towards option D since it mentions RDS and auto-remediation, which seems like a best practice we talked about in class.

upvoted 0 times

...

Wilda

5 months ago

I feel like enabling an auto-remediation rule could save time, but I can't recall if we covered that in the context of RDS specifically.

upvoted 0 times

...

Jose

5 months ago

I think we practiced a similar question where we had to enable the RDS policy and check for production instances. That might be relevant here.

upvoted 0 times

...

Janella

5 months ago

I remember we discussed the importance of ensuring RDS instances are not publicly accessible, but I'm not sure if we should focus on S3 or RDS policies here.

upvoted 0 times

...

Enola

5 months ago

Okay, I think I've got this. The key is understanding what "lift" means in this context. I'll go with option B - it seems to best capture the meaning of lift at a depth of 0.1.

upvoted 0 times

...

Okay, I think I've got this. The key is understanding that the Deployment Plan has the highest precedence, followed by the application and library descriptors and annotations. I'll double-check my answer before submitting.

upvoted 0 times

...

Rashad

5 months ago

Hmm, I'm a bit unsure about the advantages of cloud databases. Let me think this through carefully.

upvoted 0 times

...

Palo Alto Networks PCCSE Exam - Topic 1 Question 47 Discussion

Contribute your Thoughts:

Mozelle

Kenneth

Soledad

Dean

Alana

Ryann

Wilda

Jose

Janella

Enola

Maia

Rashad