Question: 1
The Unusual protocol activity (Internal) network anomaly is generating too many alerts An administrator has been asked to tune it to the option that will generate the least number of events without disabling it entirely.
Which strategy should the administrator use to achieve this goal?
Question: 2
An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default service endpoint and will be exporting to YAML
Console Address SCONSOLE_ADDRESS
Websocket Address SWEBSOCKHT_ADDRESS
User: SADMIN USER
Which command generates the YAML file for Defender install?
A)
B)
C)
D)
Question: 3
A customer finds that an open alert from the previous day has been resolved No auto-remediation was configured Which two reasons explain this change in alert status? (Choose two )
Question: 4
The administrator wants to review the Console audit logs from within the Console Which page in the Console should the administrator use to review this data, if it can be reviewed at all?
Question: 5
A customer has Prisma Cloud Enterprise and host Defenders deployed
What are two options that allow an administrator to upgrade Defenders'? (Choose two )
