Exam PCCSE topic 1 question 252 discussion

Actual exam question from Palo Alto Networks's PCCSE

Question #: 252
Topic #: 1

Which step should a SecOps engineer implement in order to create a network exposure policy that identifies instances accessible from any untrusted internet sources?

A. In Policy Section-> Add Policy-> Config type -> Define Policy details Like Name,Severity-> Configure RQL query "config from network where source.network = UNTRUST INTERNET and dest.resource.type = 'Instance' and dest.cloud.type = 'AWS' " -> define compliance standard -> Define recommendation for remediation & save.
B. In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name,Severity-> Configure RQL query "network from vpc.flow_record where source.publicnetwork IN ( 'Suspicious IPs' , 'Internet IPs' ) and dest.resource IN ( resource where role IN ( 'Instance ) )" -> define compliance standard -> Define recommendation for remediation & save.
C. In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name,Severity-> Configure RQL query "network from vpc.flow_record where source.publicnetwork IN ( 'Suspicious IPs' , 'Internet IPs') and dest.resource IN ( resource where role IN ( 'Instance ) )" -> define compliance standard -> Define recommendation for remediation & save.
D. In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name,Severity-> Configure RQL query "config from network where source.network = UNTRUST INTERNET and dest.resource.type = 'Instance' and dest.cloud.type = 'AWS' " -> Define recommendation for remediation & save.

Show Suggested Answer

Suggested Answer: A 🗳️

by Duke_CT at Aug. 8, 2025, 6:37 a.m.

Comments

Submit Cancel

Duke_CT

1 week ago

Selected Answer: C

This is a core concept for this certification. The answer has to be C.

upvoted 1 times

...