Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Palo Alto Networks Exam PCCSE Topic 1 Question 77 Discussion

Actual exam question for Palo Alto Networks's PCCSE exam
Question #: 77
Topic #: 1
[All PCCSE Questions]

Which IAM RQL query would correctly generate an output to view users who enabled console access with both access keys and passwords?

Show Suggested Answer Hide Answer
Suggested Answer: B

View users who enabled console access with both access keys and passwords: config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled is true https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/config-query/config-query-examples


by Mammie at May 20, 2024, 10:58 PM

Limited Time Offer

25%

Off

Get Premium PCCSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Marlon
1 years ago
Option B for the win! Though I have to say, the exam team really likes to make these IAM queries as complicated as possible, don't they?
upvoted 0 times
...
Glendora
1 years ago
Haha, looks like the exam writers are trying to trick us with all these 'cloud.resource' and 'json.rule' shenanigans. I'd go with the simplest option, which is B.
upvoted 0 times
...
Donte
1 years ago
Hmm, option B looks good, but shouldn't we use 'AND' instead of 'OR' between the access key and password checks? Just to be sure we get users with both.
upvoted 0 times
...
Carmen
1 years ago
Option B it is! But I'm wondering, do we really need to check for both access keys? Wouldn't just one active key be enough?
upvoted 0 times
...
Twana
1 years ago
The query in option B seems a bit convoluted. Shouldn't it be simpler, like just checking for 'access_key_1_active' or 'access_key_2_active' and 'password_enabled'?
upvoted 0 times
Selma
11 months ago
That would make it easier to understand and use.
upvoted 0 times
...
Emmett
11 months ago
Maybe they could simplify it by just checking for 'access_key_1_active' or 'access_key_2_active' and 'password_enabled'.
upvoted 0 times
...
Marylyn
12 months ago
Option B does seem a bit complex.
upvoted 0 times
...
...
Kiera
1 years ago
I'm not sure about the use of 'cloud.resource' in the query. Shouldn't it be 'network' since we're looking for IAM users?
upvoted 0 times
Nakisha
12 months ago
I'm not sure about the use of 'cloud.resource' in the query. Shouldn't it be 'network' since we're looking for IAM users?
upvoted 0 times
...
Kara
1 years ago
B) config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled equals "true"
upvoted 0 times
...
Kanisha
1 years ago
A) config from network where api.name = 'aws-iam-get-credential-report' AND json.rule = cert_1_active is true or cert_2_active is true and password_enabled equals "true"
upvoted 0 times
...
...
Marvel
1 years ago
Option B looks correct to me. It checks for users with active access keys and enabled passwords.
upvoted 0 times
Fletcher
1 years ago
Let's try both options and see which one gives us the most accurate results.
upvoted 0 times
...
Margery
1 years ago
Yes, it seems like either option A or B could generate the desired output.
upvoted 0 times
...
Glory
1 years ago
I see, so both option A and B could potentially work for this query.
upvoted 0 times
...
Dulce
1 years ago
Option A seems to be checking for both access keys and passwords as well.
upvoted 0 times
...
Oneida
1 years ago
Yes, I agree. It specifically looks for users with active access keys and enabled passwords.
upvoted 0 times
...
Ozell
1 years ago
But what about option A? It also mentions checking for password_enabled equals 'true'.
upvoted 0 times
...
Mohammad
1 years ago
I think option B is the correct one.
upvoted 0 times
...
Arlette
1 years ago
I agree, option B checks for users with active access keys and enabled passwords.
upvoted 0 times
...
Vincenza
1 years ago
I think option B is the correct one.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77