PCCSE Question #114: Real Exam Question with Answer & Explanation

Sign in or unlock PCCSE to reveal the answer and full explanation for question #114. The question stem and answer options stay visible for context.

Security Operations and Incident Response

Question

Given the following RQL: Which audit event snippet is identified by the RQL? A. B. C. D.

Options

A"eventTime": "2021-05-19T14:34:05Z", "eventSource": "iam.amazonaws.com", "eventName": "AttachRolePolicy", "awsRegion": "us-east-1"
B"payload": { > "requestMetadata": { "callerSuppliedUserAgent": "terraform/0.14.0 (+https://www.terraform.io Terraform-Plugin-SDK/2.1.0 terraform-provider-google/3.50.0) gcloud/345.0.0 call "v1.compute.firewall-rules.delete" }, "request": { "type": "type.googleapis.com/compute.backendServices.delete"
C"resource": "projects /buckets/gvtest110221", "permission": "storage.buckets.setIamPolicy", "resourceAttributes": {}, "granted": true
D"userIdentity": { "type": "Root", "principalId": "68499955112419", "arn": "arn:aws:iam::684999551124:root", "accountId": "68499955112419", "accessKeyId": "AKIAYGS61234567890"

Unlock PCCSE to see the answer

You've previewed enough free PCCSE questions. Unlock PCCSE for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock PCCSE - $49.99 / 30 days Sign in

Topics

#RQL#Audit Events#Prisma Cloud#Security Operations

Full PCCSE Practice Browse All PCCSE Questions