Prisma Certified Cloud Security Engineer (PCCSE) — Question 2

Which two statements are true about the differences between build and run config policies? (Choose two.)

Answer options

• A. Run and Network policies belong to the configuration policy set.
• B. Build and Audit Events policies belong to the configuration policy set.
• C. Run policies monitor resources, and check for potential issues after these cloud resources are deployed.
• D. Build policies enable you to check for security misconfigurations in the IaC templates and ensure that these issues do not get into production.
• E. Run policies monitor network activities in your environment, and check for potential issues during runtime.

Correct answer: B, E

Explanation

Option B is correct because Build and Audit Events policies are indeed part of the configuration policy set. Option E is also correct as Run policies monitor network activities and check for potential issues during runtime. The other options either mischaracterize the policies or incorrectly categorize them within the configuration policy set.