Prisma Certified Cloud Security Engineer (PCCSE) — Question 163

Which statement about build and run policies is true?

Answer options

• A. Build policies enable you to check for security misconfigurations in the IaC templates.
• B. Every type of policy has auto-remediation enabled by default.
• C. The four main types of policies are: Audit Events, Build, Network, and Run.
• D. Run policies monitor network activities in the environment and check for potential issues during runtime.

Correct answer: A

Explanation

Option A is correct because build policies are specifically designed to identify security misconfigurations within IaC templates. Option B is incorrect as not all policy types have auto-remediation enabled by default. Option C is misleading because while these categories exist, they do not encompass all types of policies. Option D is also incorrect because run policies focus on runtime issues, not solely on monitoring network activities.