Prisma Certified Cloud Security Engineer (PCCSE) — Question 188

A customer's Security Operations Center (SOC) team wants to receive alerts from Prisma Cloud via email once a day about all policies that have a violation, rather than receiving an alert every time a new violation occurs.

Which alert rule configuration meets this requirement?

Answer options

• A. Configure an alert rule with all the defaults except selecting email within the "Alert Notifications" tab and specifying recipient.
• B. Configure an alert rule. Under the "Policies" tab, select "High Risk Severity Policies." In the "Set Alert Notifications" tab, select "Email > Recurring," set to repeat every 1 day, and enable "Email."
• C. Set up email integrations under the "Integrations" tab in "Settings" and create a notification template.
• D. Configure an alert rule. Under the "Policies" tab, select "All Policies." In the "Set Alert Notifications" tab, select "Email > Recurring," set to repeat every 1 day, and then enable "Email."

Correct answer: D

Explanation

The correct answer is D because it allows the configuration of alerts for all policies on a recurring daily basis, which fulfills the requirement of daily notifications for violations. Option A does not specify the recurrence needed, while option B limits the focus to high-risk policies only, and option C does not directly create the necessary alert rule.