New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks PCCSE Exam - Topic 1 Question 77 Discussion

Actual exam question for Palo Alto Networks's PCCSE exam
Question #: 77
Topic #: 1
[All PCCSE Questions]

Which IAM RQL query would correctly generate an output to view users who enabled console access with both access keys and passwords?

Show Suggested Answer Hide Answer
Suggested Answer: B

View users who enabled console access with both access keys and passwords: config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled is true https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/config-query/config-query-examples


by Mammie at May 20, 2024, 10:58 PM

Limited Time Offer

25%

Off

Get Premium PCCSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Kirk
3 months ago
Surprised there's no mention of MFA in any of these options!
upvoted 0 times
...
Salome
3 months ago
Definitely B! It covers both access keys and password enabled.
upvoted 0 times
...
Shayne
3 months ago
Wait, isn't C a bit off? It says access_key_1 is false.
upvoted 0 times
...
Avery
4 months ago
I think D is the right choice, though.
upvoted 0 times
...
Socorro
4 months ago
Option B looks correct for checking access keys and passwords.
upvoted 0 times
...
Cordie
4 months ago
I practiced a similar question, and I think the logic about checking for both access keys and password enabled is crucial, so maybe B is the right choice.
upvoted 0 times
...
Alesia
4 months ago
I feel like option D might be incorrect because of the way the quotes are used around 'true'. That seems off to me.
upvoted 0 times
...
Felicidad
4 months ago
I'm not entirely sure, but I remember something about using 'cloud.resource' in the context of IAM queries.
upvoted 0 times
...
Lashaunda
5 months ago
I think option B sounds familiar because it mentions both access keys and passwords, which is what we're looking for.
upvoted 0 times
...
Lelia
5 months ago
This is a great opportunity to demonstrate my understanding of IAM RQL. I'll carefully analyze each option and select the one that most accurately matches the question.
upvoted 0 times
...
Derrick
5 months ago
I'm not totally sure about this one. I might need to ask the instructor for some clarification on the specific requirements before I can confidently select an answer.
upvoted 0 times
...
Brianne
5 months ago
Okay, I think I've got a handle on this. Option B looks like the right approach, checking for active access keys and enabled passwords.
upvoted 0 times
...
Sylvia
5 months ago
This looks like a tricky one. I'll need to carefully read through the options and think about the IAM RQL syntax.
upvoted 0 times
...
Adelina
5 months ago
Hmm, I'm a bit confused by the different conditions in the options. I'll need to review the IAM documentation to make sure I understand how to properly check for both access keys and passwords.
upvoted 0 times
...
Yasuko
5 months ago
This looks like a straightforward true/false question. I'll carefully read the statement and select the appropriate option.
upvoted 0 times
...
Emerson
5 months ago
No problem, I've got this. I just need to calculate the adjusted cost base, then subtract that from the sale price to get the capital gain. Piece of cake!
upvoted 0 times
...
Crista
5 months ago
I'm a bit confused by this question. The options mention things like PaaS integration and BGP, which don't seem directly related to the bank's goals. I'll need to re-read the question and think through which Cisco SD-WAN capabilities would be most helpful in this scenario.
upvoted 0 times
...
Marlon
2 years ago
Option B for the win! Though I have to say, the exam team really likes to make these IAM queries as complicated as possible, don't they?
upvoted 0 times
...
Glendora
2 years ago
Haha, looks like the exam writers are trying to trick us with all these 'cloud.resource' and 'json.rule' shenanigans. I'd go with the simplest option, which is B.
upvoted 0 times
...
Donte
2 years ago
Hmm, option B looks good, but shouldn't we use 'AND' instead of 'OR' between the access key and password checks? Just to be sure we get users with both.
upvoted 0 times
...
Carmen
2 years ago
Option B it is! But I'm wondering, do we really need to check for both access keys? Wouldn't just one active key be enough?
upvoted 0 times
...
Twana
2 years ago
The query in option B seems a bit convoluted. Shouldn't it be simpler, like just checking for 'access_key_1_active' or 'access_key_2_active' and 'password_enabled'?
upvoted 0 times
Selma
2 years ago
That would make it easier to understand and use.
upvoted 0 times
...
Emmett
2 years ago
Maybe they could simplify it by just checking for 'access_key_1_active' or 'access_key_2_active' and 'password_enabled'.
upvoted 0 times
...
Marylyn
2 years ago
Option B does seem a bit complex.
upvoted 0 times
...
...
Kiera
2 years ago
I'm not sure about the use of 'cloud.resource' in the query. Shouldn't it be 'network' since we're looking for IAM users?
upvoted 0 times
Nakisha
2 years ago
I'm not sure about the use of 'cloud.resource' in the query. Shouldn't it be 'network' since we're looking for IAM users?
upvoted 0 times
...
Kara
2 years ago
B) config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled equals "true"
upvoted 0 times
...
Kanisha
2 years ago
A) config from network where api.name = 'aws-iam-get-credential-report' AND json.rule = cert_1_active is true or cert_2_active is true and password_enabled equals "true"
upvoted 0 times
...
...
Marvel
2 years ago
Option B looks correct to me. It checks for users with active access keys and enabled passwords.
upvoted 0 times
Fletcher
2 years ago
Let's try both options and see which one gives us the most accurate results.
upvoted 0 times
...
Margery
2 years ago
Yes, it seems like either option A or B could generate the desired output.
upvoted 0 times
...
Glory
2 years ago
I see, so both option A and B could potentially work for this query.
upvoted 0 times
...
Dulce
2 years ago
Option A seems to be checking for both access keys and passwords as well.
upvoted 0 times
...
Oneida
2 years ago
Yes, I agree. It specifically looks for users with active access keys and enabled passwords.
upvoted 0 times
...
Ozell
2 years ago
But what about option A? It also mentions checking for password_enabled equals 'true'.
upvoted 0 times
...
Mohammad
2 years ago
I think option B is the correct one.
upvoted 0 times
...
Arlette
2 years ago
I agree, option B checks for users with active access keys and enabled passwords.
upvoted 0 times
...
Vincenza
2 years ago
I think option B is the correct one.
upvoted 0 times
...
...

Save Cancel