Palo_Alto_NetworksPalo_Alto_Networks
PCCSE · Question #102
PCCSE Question #102: Real Exam Question with Answer & Explanation
Sign in or unlock PCCSE to reveal the answer and full explanation for question #102. The question stem and answer options stay visible for context.
Cloud Compliance and Governance
Question
One of the resources on the network has triggered an alert for a Default Config policy. Given the following resource JSON snippet: Which RQL detected the vulnerability? A. B. C. D.
Options
- Aconfig from cloud.resource where api.name = 'aws-ecs-service' AND json.rule = launchType equals EC2 as Xi config from cloud.resource where api.name = 'aws-ecs-cluster' AND json.rule = status equals ACTIVE and resource.metadata.tags.key exists ('test') as Xj, combine Xi, Xj with (resource.name = 'test') | show Yi
- Bconfig from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-iam-get-credential-report' AND json.rule = 'report.LastCredentialRotation' < days_ago(90) AND (access_key_1_active is true and access_key_2_activated by N/A and date_time.apiKeyDays(access_key_2_last_rotated) > 90)
- Cconfig from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-ec2-describe-images' AND json.rule = 'image.platform contains windows and image.imageid contains ami-1e542176'
- Dconfig from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-ec2-describe-security-groups' AND json.rule = 'egress.IpPermissions[] contains (ipProtocol equals tcp AND (IpRanges[] contains 0.0.0.0/0 OR IpRanges[] contains ::/0) OR IpProtocol equals icmpv6 OR ipProtocol equals udp) AND (IpRanges[] contains 0.0.0.0/0 OR IpRanges[] contains ::/0)'
Unlock PCCSE to see the answer
You've previewed enough free PCCSE questions. Unlock PCCSE for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Prisma Cloud RQL#Configuration Management#Policy Enforcement#Misconfiguration Detection