Prisma Certified Cloud Security Engineer (PCCSE) — Question 195

Which policy type should be used to detect and alert on cryptominer network activity?

Answer options

• A. Anomaly
• B. Config-run
• C. Config-build
• D. Audit event

Correct answer: A

Explanation

The correct answer is A, Anomaly, because this policy type is specifically designed to identify unusual behavior or patterns that deviate from the norm, such as cryptominer activity. The other options, including Config-run, Config-build, and Audit event, do not focus on detecting unusual network activities and are better suited for configuration management and auditing purposes.