ExamTopics Logo
Mail Us[email protected]
Menu
Palo-Alto-Networks Discussions
exam questions

Exam PCCSE All Questions

View all questions & answers for the PCCSE exam
Go to Exam

Exam PCCSE topic 1 question 93 discussion

Actual exam question from Palo Alto Networks's PCCSE
Question #: 93
Topic #: 1
[All PCCSE Questions]

One of the resources on the network has triggered an alert for a Default Config policy.

Given the following resource JSON snippet:



Which RQL detected the vulnerability?

  • A.
  • B.
  • C.
  • D.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Jihe at March 1, 2023, 7:25 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
assadhashmi
8 months ago
Selected Answer: B
B is the correct answer. Verified in the console on the investigate tab.
upvoted 1 times
...
Spippolo
11 months ago
Selected Answer: B
B is correct. config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = '(access_key_1_active is true and access_key_1_last_rotated != N/A and _DateTime.ageInDays(access_key_1_last_rotated) > 90) or (access_key_2_active is true and access_key_2_last_rotated != N/A and _DateTime.ageInDays(access_key_2_last_rotated) > 90)'
upvoted 1 times
...
Jihe
1 year, 2 months ago
B is correct As the RQL Lists resource names where access keys are not rotated for 90 days. (https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/operators)
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago