Prisma Certified Cloud Security Engineer (PCCSE) — Question 236
A customer is reviewing Container audits, and an audit has identified a cryptominer attack.
Which three options could have generated this audit? (Choose three.)
Answer options
- A. The value of the mined currency exceeds $100.
- B. High CPU usage over time for the container is detected.
- C. Common cryptominer process name was found.
- D. The mined currency is associated with a user token.
- E. Common cryptominer port usage was found.
Correct answer: B, C, E
Explanation
The correct answers B, C, and E indicate signs of a cryptominer attack. High CPU usage (B) suggests excessive processing, while detecting a common process name (C) and identifying common port usage (E) are typical indicators of cryptomining activities. Options A and D do not directly relate to the identification of an attack; they focus instead on the monetary value and user token association, which are not definitive signs of a cryptominer presence.