New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks PCCSE Exam - Topic 7 Question 86 Discussion

Actual exam question for Palo Alto Networks's PCCSE exam
Question #: 86
Topic #: 7
[All PCCSE Questions]

Which two statements explain differences between build and run config policies? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, D

The Run policies monitor resources and check for potential issues once these cloud resources are deployed Build policies enable you to check for security misconfigurations in the IaC templates and ensure that these issues do not make their way into production. https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/create-a-policy

B . Build policies: These are designed to identify insecure configurations in your Infrastructure as Code (IaC) templates, such as AWS CloudFormation, HashiCorp Terraform, and Kubernetes App manifests. The goal of build policies is to detect security issues early in the development process, before the actual resources are deployed in runtime environments.This helps ensure that security issues are identified and remediated before they can affect production1.

D . Run policies: These policies are focused on monitoring the deployed cloud resources and checking for potential issues during their operation.Run policies are essential for ongoing security and compliance in the production environment, as they provide visibility into the actual state of resources and their activities1.

Run and Network policies (A) are indeed part of the configuration policy set, but they do not highlight the difference between build and run policies. Similarly, while Run policies do monitor network activities , this statement does not contrast them with Build policies.


by Josefa at Sep 13, 2024, 10:21 AM

Limited Time Offer

25%

Off

Get Premium PCCSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Ona
3 months ago
Not sure about D, seems a bit vague to me.
upvoted 0 times
...
Glenna
3 months ago
A and C are spot on!
upvoted 0 times
...
Dorothy
3 months ago
Wait, I thought run policies were just for network checks?
upvoted 0 times
...
Ayesha
4 months ago
Totally agree, run policies are all about monitoring after deployment.
upvoted 0 times
...
Norah
4 months ago
Build policies focus on security in IaC templates.
upvoted 0 times
...
Teddy
4 months ago
I think option D sounds right because it mentions monitoring resources after they're deployed, which aligns with what I studied.
upvoted 0 times
...
Detra
4 months ago
I feel like there was a practice question that mentioned run policies checking for network activities, but I can't recall the exact details.
upvoted 0 times
...
Rodney
4 months ago
I'm not entirely sure, but I remember something about run policies being related to monitoring after deployment.
upvoted 0 times
...
Layla
5 months ago
I think build policies are more about preventing issues before deployment, like checking for security misconfigurations.
upvoted 0 times
...
Gail
5 months ago
I'm pretty confident I know the differences here. Build policies prevent security issues from getting into production, and run policies check for problems during runtime. I'll select those two answers.
upvoted 0 times
...
Marica
5 months ago
Okay, I've got this. Build policies focus on security in the infrastructure as code templates, while run policies monitor the deployed resources. I'll choose the two options that best explain that.
upvoted 0 times
...
Kenia
5 months ago
Hmm, I'm a bit confused about the difference between run and network policies. I'll need to review those concepts before answering this.
upvoted 0 times
...
Rolland
5 months ago
This question seems straightforward. I think the key is to understand the differences between build and run config policies.
upvoted 0 times
...
Carlee
5 months ago
Ah, this is a tricky one. I'm not sure if the serial number would actually contain the product name or give the status of the camera. I'll have to think about the practical benefits of having that list of numbers. Maybe option C is the way to go?
upvoted 0 times
...
Johanna
1 year ago
I've been studying for this exam like a mad person, and I think B and D are the way to go. Though I have to say, the number of policies and configs is enough to make my head spin. Somebody get me a coffee, stat!
upvoted 0 times
Hester
1 year ago
Thanks, I really appreciate it. I need all the help I can get for this exam.
upvoted 0 times
...
Anjelica
1 year ago
I'll grab you a coffee, don't worry. Just keep focusing on studying.
upvoted 0 times
...
Brittni
1 year ago
I know what you mean, it's a lot to keep track of. But you got this!
upvoted 0 times
...
Remedios
1 year ago
I agree, B and D are the correct statements. The number of policies can be overwhelming.
upvoted 0 times
...
...
Alaine
1 year ago
Ah, the joys of infrastructure as code. It's like a never-ending game of Tetris, but with more AWS services and less falling blocks. I'll go with B and D, they sound the most logical.
upvoted 0 times
...
Eun
1 year ago
I'm a bit confused, to be honest. All these policies and configs, it's like a whole new language! But I'll give it a shot - B and D, maybe?
upvoted 0 times
Anika
1 year ago
C) Run policies monitor network activities in the environment and check for potential issues during runtime.
upvoted 0 times
...
Eveline
1 year ago
B) Build policies allow checking for security misconfigurations in the IaC templates and ensure these issues do not get into production.
upvoted 0 times
...
Alona
1 year ago
A) Run and Network policies belong to the configuration policy set.
upvoted 0 times
...
...
Ronny
1 year ago
I'm going with B and C. Gotta keep an eye on those network activities, am I right? Can't be too careful these days.
upvoted 0 times
Reena
1 year ago
User 3: Build policies are also essential for ensuring security misconfigurations are caught before production.
upvoted 0 times
...
Julieta
1 year ago
User 2: Run policies are definitely important for checking potential issues during runtime.
upvoted 0 times
...
Yoko
1 year ago
I agree, monitoring network activities is crucial.
upvoted 0 times
...
...
Sharan
1 year ago
B and D seem like the correct answers here. Build policies are for checking security issues in the IaC templates, and run policies monitor resources after deployment. Easy peasy!
upvoted 0 times
Son
1 year ago
And run policies keep an eye on potential issues with resources post-deployment.
upvoted 0 times
...
Eladia
1 year ago
That's right, build policies focus on security in the IaC templates.
upvoted 0 times
...
Olene
1 year ago
Yes, build policies check for security misconfigurations and run policies monitor resources after deployment.
upvoted 0 times
...
Chery
1 year ago
I think B and D are the correct answers.
upvoted 0 times
...
...
Bettina
1 year ago
So, build policies are more proactive in preventing issues, while run policies are reactive in monitoring deployed resources.
upvoted 0 times
...
Roosevelt
1 year ago
Yes, that's correct. Build policies help prevent issues before deployment, while run policies monitor resources after deployment.
upvoted 0 times
...
Malcom
1 year ago
I think the difference is that build policies focus on security misconfigurations in IaC templates.
upvoted 0 times
...

Save Cancel