Prisma Certified Cloud Security Engineer (PCCSE) — Question 114

Which action would be applicable after enabling anomalous compute provisioning?

Answer options

• A. It detects the activity caused by the spambot.
• B. It detects unusual server port activity or unusual protocol activity from a client within or outside the cloud environment.
• C. It detects potential creation of an unauthorized network of compute instances with AutoFocus.
• D. It detects potential creation of an unauthorized network of compute instances either accidentally or for cryptojacking.

Correct answer: D

Explanation

The correct answer is D because it specifically addresses the detection of unauthorized compute instances being created, which could be linked to cryptojacking activities. Options A, B, and C do not focus on the unauthorized network creation in the context of cryptojacking, making them less relevant to the question.