Prisma Certified Cloud Security Engineer (PCCSE) — Question 192

Which two statements explain differences between build and run config policies? (Choose two.)

Answer options

• A. Run and Network policies belong to the configuration policy set.
• B. Build policies allow checking for security misconfigurations in the IaC templates and ensure these issues do not get into production.
• C. Run policies monitor network activities in the environment and check for potential issues during runtime.
• D. Run policies monitor resources and check for potential issues after these cloud resources are deployed.

Correct answer: B, D

Explanation

Option B is correct because build policies specifically focus on identifying and preventing security misconfigurations in IaC during the build phase. Option D is also correct as run policies are designed to monitor deployed resources for issues post-deployment. Options A and C do not accurately describe the core functions of build and run policies, making them incorrect.