Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam PCCSE Topic 1 Question 77 Discussion

Actual exam question for Palo Alto Networks's PCCSE exam
Question #: 77
Topic #: 1
[All PCCSE Questions]

Which IAM RQL query would correctly generate an output to view users who enabled console access with both access keys and passwords?

Show Suggested Answer Hide Answer
Suggested Answer: B

View users who enabled console access with both access keys and passwords: config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled is true https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/config-query/config-query-examples


by Mammie at May 20, 2024, 10:58 PM

Limited Time Offer

25%

Off

Get Premium PCCSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Marlon
10 months ago
Option B for the win! Though I have to say, the exam team really likes to make these IAM queries as complicated as possible, don't they?
upvoted 0 times
...
Glendora
10 months ago
Haha, looks like the exam writers are trying to trick us with all these 'cloud.resource' and 'json.rule' shenanigans. I'd go with the simplest option, which is B.
upvoted 0 times
...
Donte
10 months ago
Hmm, option B looks good, but shouldn't we use 'AND' instead of 'OR' between the access key and password checks? Just to be sure we get users with both.
upvoted 0 times
...
Carmen
10 months ago
Option B it is! But I'm wondering, do we really need to check for both access keys? Wouldn't just one active key be enough?
upvoted 0 times
...
Twana
10 months ago
The query in option B seems a bit convoluted. Shouldn't it be simpler, like just checking for 'access_key_1_active' or 'access_key_2_active' and 'password_enabled'?
upvoted 0 times
Selma
9 months ago
That would make it easier to understand and use.
upvoted 0 times
...
Emmett
9 months ago
Maybe they could simplify it by just checking for 'access_key_1_active' or 'access_key_2_active' and 'password_enabled'.
upvoted 0 times
...
Marylyn
9 months ago
Option B does seem a bit complex.
upvoted 0 times
...
...
Kiera
10 months ago
I'm not sure about the use of 'cloud.resource' in the query. Shouldn't it be 'network' since we're looking for IAM users?
upvoted 0 times
Nakisha
9 months ago
I'm not sure about the use of 'cloud.resource' in the query. Shouldn't it be 'network' since we're looking for IAM users?
upvoted 0 times
...
Kara
10 months ago
B) config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled equals "true"
upvoted 0 times
...
Kanisha
10 months ago
A) config from network where api.name = 'aws-iam-get-credential-report' AND json.rule = cert_1_active is true or cert_2_active is true and password_enabled equals "true"
upvoted 0 times
...
...
Marvel
11 months ago
Option B looks correct to me. It checks for users with active access keys and enabled passwords.
upvoted 0 times
Fletcher
10 months ago
Let's try both options and see which one gives us the most accurate results.
upvoted 0 times
...
Margery
10 months ago
Yes, it seems like either option A or B could generate the desired output.
upvoted 0 times
...
Glory
10 months ago
I see, so both option A and B could potentially work for this query.
upvoted 0 times
...
Dulce
10 months ago
Option A seems to be checking for both access keys and passwords as well.
upvoted 0 times
...
Oneida
10 months ago
Yes, I agree. It specifically looks for users with active access keys and enabled passwords.
upvoted 0 times
...
Ozell
10 months ago
But what about option A? It also mentions checking for password_enabled equals 'true'.
upvoted 0 times
...
Mohammad
10 months ago
I think option B is the correct one.
upvoted 0 times
...
Arlette
10 months ago
I agree, option B checks for users with active access keys and enabled passwords.
upvoted 0 times
...
Vincenza
10 months ago
I think option B is the correct one.
upvoted 0 times
...
...

Save Cancel