Prisma Certified Cloud Security Engineer (PCCSE) — Question 132

The development team is building pods to host a web front end, and they want to protect these pods with an application firewall.

Which type of policy should be created to protect this pod from Layer7 attacks?

Answer options

• A. The development team should create a WAAS rule for the host where these pods will be running.
• B. The development team should create a WAAS rule targeted at all resources on the host.
• C. The development team should create a runtime policy with networking protections.
• D. The development team should create a WAAS rule targeted at the image name of the pods.

Correct answer: D

Explanation

The correct answer is D because creating a WAAS rule targeted at the image name of the pods allows for specific protection against Layer 7 attacks that may exploit vulnerabilities in the application layer. Options A and B are too broad and do not specifically address the pod's security, while option C focuses on runtime policies, which may not provide the targeted protection needed for Layer 7 attacks.