U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks PSE-PrismaCloud Exam - Topic 6 Question 4 Discussion

Which RQL string using network query attributes returns all traffic destined for Internet or for Suspicious IPs that also exceeds 1GB?
B) network where dest publicnetwork IN ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
A) network where publicnetwork = ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
C) show traffic where destination.network = ('Internet IPs', 'Suspicious IPs') AND bytes > 1000000000
D) network where bytes > 1GB and destination = 'Internet IPs' OR 'Suspicious IPs' https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/rql-examples All network traffic that is greater than 1GB and destined to Internet or Suspicious IPs (allows you to identify data exfiltration attempt on any cloud environment). network where dest.publicnetwork IN ( 'Internet IPs', 'Suspicious IPs' ) AND bytes > 1000000000

Palo Alto Networks PSE-PrismaCloud Exam - Topic 6 Question 4 Discussion

Actual exam question for Palo Alto Networks's PSE-PrismaCloud exam
Question #: 4
Topic #: 6
[All PSE-PrismaCloud Questions]

Which RQL string using network query attributes returns all traffic destined for Internet or for Suspicious IPs that also exceeds 1GB?

Show Suggested Answer Hide Answer
Suggested Answer: B

Contribute your Thoughts:

0/2000 characters
Magda
7 months ago
I thought it was C at first, but B makes more sense.
upvoted 0 times
...
Markus
7 months ago
A looks off, should be IN not =.
upvoted 0 times
...
Aleshia
7 months ago
Wait, isn't 1GB a bit low for suspicious traffic?
upvoted 0 times
...
Moon
8 months ago
Definitely agree with B!
upvoted 0 times
...
Hildegarde
8 months ago
I think option B is the right one.
upvoted 0 times
...
Pok
8 months ago
I definitely remember that we need to check for bytes greater than 1GB, but I’m confused about how to structure the conditions correctly.
upvoted 0 times
...
Maryrose
8 months ago
I feel like "destination.network" might be the correct attribute, but I can't recall if it should be "dest" instead.
upvoted 0 times
...
Jin
8 months ago
I think option B looks familiar; it seems to match the syntax we used in the last practice exam.
upvoted 0 times
...
Cordie
9 months ago
I remember practicing RQL queries, but I'm not sure if "IN" is the right operator here.
upvoted 0 times
...
Adelina
9 months ago
Okay, let's see. The question is asking about the technique used by the audit software tool, not just the purpose of the audit software. I'm leaning towards B - Parallel simulation, but I'll double-check the other options just to be sure.
upvoted 0 times
...
Gertude
9 months ago
Hmm, I'm not totally sure about the difference between some of these terms like "function" and "workflow." I'll have to think it through and see if I can eliminate any options that don't seem to fit the description.
upvoted 0 times
...
Terrilyn
9 months ago
Hmm, I'm a bit confused on the difference between custom products and the content library. I'll need to review that material again to make an informed decision.
upvoted 0 times
...
Aleshia
9 months ago
Using to enforce strict type definitions definitely sounds familiar, and it's crucial for data validation.
upvoted 0 times
...
Vesta
9 months ago
Okay, let's see. I know password and Social Security number are definitely personal data under GDPR. I'm a bit less sure about the other options, but I'll give it my best shot.
upvoted 0 times
...

Save Cancel