New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks PCCSE Exam - Topic 2 Question 80 Discussion

Actual exam question for Palo Alto Networks's PCCSE exam
Question #: 80
Topic #: 2
[All PCCSE Questions]

Which policy type should be used to detect and alert on cryptominer network activity?

Show Suggested Answer Hide Answer
Suggested Answer: B

View users who enabled console access with both access keys and passwords: config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled is true https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/config-query/config-query-examples


by Meaghan at Jul 03, 2024, 05:47 AM

Limited Time Offer

25%

Off

Get Premium PCCSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Valentine
3 months ago
Wait, I thought config-build was the way to go?
upvoted 0 times
...
Kirk
3 months ago
Audit events might catch more than just anomalies.
upvoted 0 times
...
Cristal
3 months ago
Not sure if anomaly is the best choice here.
upvoted 0 times
...
Chauncey
4 months ago
I agree, anomalies can really signal unusual behavior.
upvoted 0 times
...
Jerry
4 months ago
Anomaly detection is key for cryptominer activity.
upvoted 0 times
...
Brianne
4 months ago
I feel like config-run could be relevant, but I’m leaning towards anomaly detection for cryptominer activity. It just seems more fitting.
upvoted 0 times
...
Hester
4 months ago
Config-build sounds familiar, but I can't recall if it relates to detecting network activity. Maybe it's more about system setup?
upvoted 0 times
...
Ira
4 months ago
I remember practicing a similar question, and I think audit events are more about logging rather than real-time detection.
upvoted 0 times
...
Aja
5 months ago
I think an anomaly policy might be the right choice since it focuses on detecting unusual behavior, but I'm not entirely sure.
upvoted 0 times
...
Germaine
5 months ago
I'm a bit confused on the differences between these policy types. Maybe I should review the course material again to make sure I understand the strengths and use cases of each one.
upvoted 0 times
...
Robt
5 months ago
Config-run seems like it could work too, since it focuses on monitoring the runtime behavior of the system, which could potentially pick up on cryptominer activity.
upvoted 0 times
...
Shasta
5 months ago
Hmm, I'm not sure about that. Audit event might be a better option since it can log and monitor specific security-related events, which could include cryptominer activity.
upvoted 0 times
...
Arlette
5 months ago
I think the Anomaly policy type would be best for detecting and alerting on cryptominer network activity, since it can identify unusual patterns or deviations from normal behavior.
upvoted 0 times
...
Meghan
5 months ago
Based on what I've learned, I'd say the Anomaly policy type is the best choice here. It's designed to detect unusual or suspicious activity, which is exactly what we're looking for when it comes to cryptominer detection.
upvoted 0 times
...
Delsie
5 months ago
This seems like a straightforward question about the disclosure requirements for companies listed on the New York Stock Exchange. I'll carefully read through the options and think about which events the company must promptly notify the NYSE about.
upvoted 0 times
...
Mitzie
9 months ago
A) Audit Mitzient? More like a 'cryptocurrency Mitzient' if you ask me! I'm sticking with B) Anomaly.
upvoted 0 times
...
Gilberto
9 months ago
Haha, this question is a real crypto-conundrum! I'm betting on B) Anomaly, but I might need to consult a cryptographer to be sure.
upvoted 0 times
Shoshana
8 months ago
Good point, combining both options could provide comprehensive coverage.
upvoted 0 times
...
Elli
8 months ago
Maybe we should also consider A) Audit event to ensure thorough monitoring.
upvoted 0 times
...
Hubert
8 months ago
I agree, it's important to be vigilant for any unusual behavior.
upvoted 0 times
...
Dulce
9 months ago
I think B) Anomaly is the way to go for detecting cryptominer network activity.
upvoted 0 times
...
...
Lai
10 months ago
Hmm, I'm torn between B) Anomaly and D) Config-run. Guess I'll have to flip a coin on this one!
upvoted 0 times
Frederica
8 months ago
If you're torn between Anomaly and Config-run, maybe consider how each option can specifically help detect cryptominer activity.
upvoted 0 times
...
Maynard
9 months ago
I agree, Anomaly detection can help identify unusual behavior that may indicate cryptominer activity.
upvoted 0 times
...
Sang
9 months ago
I think B) Anomaly would be the best choice for detecting cryptominer network activity.
upvoted 0 times
...
...
Zachary
10 months ago
I'm gonna go with D) Config-run. Monitoring the runtime configuration seems like the way to catch those sneaky cryptominers in the act.
upvoted 0 times
Lili
8 months ago
Config-run does seem like the best option to catch cryptominers in action. It's all about monitoring in real-time.
upvoted 0 times
...
Lashon
9 months ago
I agree, keeping an eye on the runtime configuration can help detect any suspicious cryptominer activity.
upvoted 0 times
...
Marylin
10 months ago
I think D) Config-run is a good choice. It's important to monitor the configuration at runtime.
upvoted 0 times
...
...
Jani
10 months ago
I'm pretty sure the correct answer is B) Anomaly. Cryptomining activity would definitely stand out as anomalous network behavior.
upvoted 0 times
Cyril
8 months ago
Exactly, that way we can detect and respond to cryptominer activity quickly.
upvoted 0 times
...
Sommer
8 months ago
So, we should set up alerts for any anomalous network behavior.
upvoted 0 times
...
Margo
9 months ago
I agree, cryptomining activity would definitely be considered anomalous.
upvoted 0 times
...
Jose
9 months ago
I think the answer is B) Anomaly.
upvoted 0 times
...
...
Laura
10 months ago
I'm not sure, but I think A) Audit event could also be used to detect cryptominer network activity.
upvoted 0 times
...
Ashlyn
10 months ago
I agree with Nobuko, because anomalies can help detect unusual behavior.
upvoted 0 times
...
Nobuko
10 months ago
I think the answer is B) Anomaly.
upvoted 0 times
...
Toi
11 months ago
I'm not sure, but I think A) Audit event could also be used to detect cryptominer network activity.
upvoted 0 times
...
Ludivina
11 months ago
I agree with Junita, because anomalies can help detect unusual behavior.
upvoted 0 times
...
Junita
11 months ago
I think the answer is B) Anomaly.
upvoted 0 times
...

Save Cancel