Join the discussion
Question 1/145
Which IAM RQL query would correctly generate an output to view users who enabled console access with both access keys and passwords?
Correct Answer: B
View users who enabled console access with both access keys and passwords: config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled is true
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/config-query/co
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/config-query/co
Add Comments
- Other Question (145q)
- Q1. Which IAM RQL query would correctly generate an output to view users who enabled console a...
- Q2. A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized w...
- Q3. A customer has a development environment with 50 connected Defenders. A maintenance window...
- Q4. A Prisma Cloud administrator is tasked with pulling a report via API The Prisma Cloud tena...
- Q5. During an initial deployment of Prisma Cloud Compute, the customer sees vulnerabilities in...
- Q6. A manager informs the SOC that one or more RDS instances have been compromised and the SOC...
- Q7. The development team is building pods to host a web front end, and they want to protect th...
- Q8. An S3 bucket within AWS has generated an alert by violating the Prisma Cloud Default polic...
- Q9. An administrator sees that a runtime audit has been generated for a Container. The audit m...
- Q10. An administrator sees that a runtime audit has been generated for a Container The audit me...
- Q11. An administrator wants to enforce a rate limit for users not being able to post five (5) ....
- Q12. The development team wants to fail CI jobs where a specific CVE is contained within the im...
- Q13. A customer has a requirement to terminate any Container from image topSecret:latest when a...
- Q14. Which two statements are true about the differences between build and run config policies?...
- Q15. A customer has a requirement to scan serverless functions for vulnerabilities. What is the...
- Q16. Which order of steps map a policy to a custom compliance standard? (Drag the steps into th...
- Q17. An administrator has deployed Console into a Kubernetes cluster running in AWS. The admini...
- Q18. What is the correct method for ensuring key-sensitive data related to SSNs and credit card...
- Q19. An administrator sees that a runtime audit has been generated for a container. The audit m...
- Q20. The security team wants to enable the "block" option under compliance checks on the host. ...
- Q21. Who can access saved searches in a cloud account?...
- Q22. A container and image compliance rule has been configured by enabling all checks; however,...
- Q23. Review this admission control policy: match[{"msg": msg}] { input.request.operation == "CR...
- Q24. In Prisma Cloud Software Release 22.06 (Kepler), which Registry type is added?...
- Q25. What are the three states of the Container Runtime Model? (Choose three.)...
- Q26. The attempted bytes count displays?
- Q27. During an initial deployment of Prisma Cloud Compute, the customer sees vulnerabilities in...
- Q28. Which container scan is constructed correctly?...
- Q29. Which policy type provides information about connections from suspicious IPs in a customer...
- Q30. A customer has a large environment that needs to upgrade Console without upgrading all Def...
- Q31. Which options show the steps required after upgrade of Console?...
- Q32. The development team is building pods to host a web front end, and they want to protect th...
- Q33. Match the service on the right that evaluates each exposure type on the left. (Select your...
- Q34. Order the steps involved in onboarding an AWS Account for use with Data Security feature. ...
- Q35. Match the service on the right that evaluates each exposure type on the left. (Select your...
- Q36. A customer has Prisma Cloud Enterprise and host Defenders deployed. What are two options t...
- Q37. A customer finds that an open alert from the previous day has been resolved No auto-remedi...
- Q38. Which port should a security team use to pull data from Console's API?...
- Q39. An administrator has deployed Console into a Kubernetes cluster running in AWS. The admini...
- Q40. Which two of the following are required to be entered on the IdP side when setting up SSO ...
- Q41. Creation of a new custom compliance standard that is based on other individual custom comp...
- Q42. Under which tactic is "Exploit Public-Facing Application" categorized in the ATT&CK fr...
- Q43. Given the following audit event activity snippet: (Exhibit) Which RQL will be triggered by...
- Q44. Move the steps to the correct order to set up and execute a serverless scan using AWS DevO...
- Q45. Which two services require external notifications to be enabled for policy violations in t...
- Q46. Which type of query is used for scanning Infrastructure as Code (laC) templates?...
- Q47. An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is r...
- Q48. What must be created in order to receive notifications about alerts generated when the ope...
- Q49. Given the following information, which twistcli command should be run if an administrator ...
- Q50. Which statement applies to Adoption Advisor?
- Q51. What must be created in order to receive notifications about alerts generated when the ope...
- Q52. A customer wants to monitor its Amazon Web Services (AWS) accounts via Prisma Cloud, but o...
- Q53. What is a benefit of the Cloud Discovery feature?...
- Q54. Prisma Cloud Compute has been installed on Onebox. After Prisma Cloud Console has been acc...
- Q55. Which "kind" of Kubernetes object that is configured to ensure that Defender is acting as ...
- Q56. Which two statements explain differences between build and run config policies? (Choose tw...
- Q57. In WAAS Access control file upload controls, which three file types are supported out of t...
- Q58. Which two variables must be modified to achieve automatic remediation for identity and acc...
- Q59. What is the function of the external ID when onboarding a new Amazon Web Services (AWS) ac...
- Q60. Which statement is true about obtaining Console images for Prisma Cloud Compute Edition?...
- Q61. Given the following RQL: event from cloud.audit_logs where operation IN ('CreateCryptoKey'...
- Q62. You have onboarded a public cloud account into Prisma Cloud Enterprise. Configuration Reso...
- Q63. Which type of query is used for scanning Infrastructure as Code (laC) templates?...
- Q64. Which container image scan is constructed correctly?...
- Q65. Order the steps involved in onboarding an AWS Account for use with Data Security feature. ...
- Q66. An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is r...
- Q67. Which three elements are part of SSH Events in Host Observations? (Choose three.)...
- Q68. Which three Orchestrator types are supported when deploying Defender? (Choose three.)...
- Q69. What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct or...
- Q70. Which Defender type performs registry scanning?...
- Q71. Which statement is true about obtaining Console images for Prisma Cloud Compute Edition?...
- Q72. A customer finds that an open alert from the previous day has been resolved. No auto-remed...
- Q73. A customer has a requirement to terminate any Container from image topSecret:latest when a...
- Q74. Which two bot types are part of Web Application and API Security (WAAS) bot protection? (C...
- Q75. A customer has a large environment that needs to upgrade Console without upgrading all Def...
- Q76. A customer wants to turn on Auto Remediation. Which policy type has the built-in CLI comma...
- Q77. What is the behavior of Defenders when the Console is unreachable during upgrades?...
- Q78. A security team has been asked to create a custom policy. Which two methods can the team u...
- Q79. Which two required request headers interface with Prisma Cloud API? (Choose two.)...
- Q80. The administrator wants to review the Console audit logs from within the Console. Which pa...
- Q81. An administrator wants to retrieve the compliance policies for images scanned in a continu...
- Q82. When an alert notification from the alarm center is deleted, how many hours will a similar...
- Q83. Which policy type in Prisma Cloud can protect against malware?...
- Q84. Given the following RQL: event from cloud.audit_logs where operation IN ('CreateCryptoKey'...
- Q85. Which three serverless runtimes are supported by Prisma Cloud for vulnerability and compli...
- Q86. Which two fields are required to configure SSO in Prisma Cloud? (Choose two.)...
- Q87. Which three types of buckets exposure are available in the Data Security module? (Choose t...
- Q88. Which two roles have access to view the Prisma Cloud policies? (Choose two.)...
- Q89. A customer is interested in PCI requirements and needs to ensure that no privilege contain...
- Q90. The Prisma Cloud administrator has configured a new policy. Which steps should be used to ...
- Q91. A security team has a requirement to ensure the environment is scanned for vulnerabilities...
- Q92. A customer has serverless functions that are deployed in multiple clouds. Which serverless...
- Q93. Which step is included when configuring Kubernetes to use Prisma Cloud Compute as an admis...
- Q94. A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized w...
- Q95. Which options show the steps required to upgrade Console when using projects?...
- Q96. A customer has configured the JIT, and the user created by the process is trying to log in...
- Q97. You wish to create a custom policy with build and run subtypes. Match the query types for ...
- Q98. Which Defender type performs registry scanning?...
- Q99. You are tasked with configuring a Prisma Cloud build policy for Terraform. What type of qu...
- Q100. A DevOps lead reviewed some system logs and notices some odd behavior that could be a data...
- Q101. A security team has been asked to create a custom policy. Which two methods can the team u...
- Q102. An administrator needs to detect and alert on any activities performed by a root account. ...
- Q103. An administrator has added a Cloud account on Prisma Cloud and then deleted it. What will ...
- Q104. A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized w...
- Q105. Which "kind" of Kubernetes object is configured to ensure that Defender is acting as the a...
- Q106. Which port should a security team use to pull data from Console's API?...
- Q107. Which three types of classifications are available in the Data Security module? (Choose th...
- Q108. The development team is building pods to host a web front end, and they want to protect th...
- Q109. Which API calls can scan an image named myimage: latest with twistcli and then retrieve th...
- Q110. Which two statements are true about the differences between build and run config policies?...
- Q111. Web-Application and API Security (WAAS) provides protection for which two protocols? (Choo...
- Q112. Which statement applies to Adoption Advisor?
- Q113. What is an example of an outbound notification within Prisma Cloud?...
- Q114. Given this information: The Console is located at https://prisma-console.mydomain.local Th...
- Q115. What are two key requirements for integrating Okta with Prisma Cloud when multiple Amazon ...
- Q116. The Prisma Cloud administrator has configured a new policy. Which steps should be used to ...
- Q117. How is the scope of each rule determined in the Prisma Cloud Compute host runtime policy?...
- Q118. Which two services require external notifications to be enabled for policy violations in t...
- Q119. Which two statements are true about the differences between build and run config policies?...
- Q120. When would a policy apply if the policy is set under Defend > Vulnerability > Images...
- Q121. An administrator has access to a Prisma Cloud Enterprise. What are the steps to deploy a s...
- Q122. What are two ways to scan container images in Jenkins pipelines? (Choose two.)...
- Q123. In which two ways can Prisma Cloud images be retrieved in Prisma Cloud Compute Self-Hosted...
- Q124. You have onboarded a public cloud account into Prisma Cloud Enterprise. Configuration Reso...
- Q125. Which API calls can scan an image named myimage: latest with twistcli and then retrieve th...
- Q126. What are two ways to scan container images in Jenkins pipelines? (Choose two )...
- Q127. A customer has a requirement to restrict any container from resolving the name www.evil-ur...
- Q128. Which two statements are true about the differences between build and run config policies?...
- Q129. Prisma Cloud supports which three external systems that allow the import of vulnerabilitie...
- Q130. Which three fields are mandatory when authenticating the Prisma Cloud plugin in the Intell...
- Q131. A customer is interested in PCI requirements and needs to ensure that no privilege contain...
- Q132. Where can Defender debug logs be viewed? (Choose two.)...
- Q133. The development team wants to fail CI jobs where a specific CVE is contained within the im...
- Q134. Which three fields are mandatory when authenticating the Prisma Cloud plugin in the Intell...
- Q135. A customer wants to scan a serverless function as part of a build process. Which twistcli ...
- Q136. Which two filters are available in the SecOps dashboard? (Choose two.)...
- Q137. The exclamation mark on the resource explorer page would represent?...
- Q138. The exclamation mark on the resource explorer page would represent?...
- Q139. Given an existing ECS Cluster, which option shows the steps required to install the Consol...
- Q140. Given an existing ECS Cluster, which option shows the steps required to install the Consol...
- Q141. What is the primary purpose of Prisma Cloud Code Security?...
- Q142. Which three elements are part of SSH Events in Host Observations? (Choose three.)...
- Q143. The development team wants to fail CI jobs where a specific CVE is contained within the im...
- Q144. Which option shows the steps to install the Console in a Kubernetes Cluster?...
- Q145. A customer wants to be notified about port scanning network activities in their environmen...
[×]
Download PDF File
Enter your email address to download PaloAltoNetworks.PCCSE.v2025-04-09.q145.pdf