ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCCSE
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which three types of runtime rules can be created? (Choose three.)
DRAG DROP What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct order of occurrence, from the first step to the last.)
DRAG DROP Match the correct scanning mode for each given operation. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Which type of query is used for scanning Infrastructure as Code (laC) templates?
Where can a user submit an external new feature request?
What should be used to associate Prisma Cloud policies with compliance frameworks?
Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)
A customer has a requirement to restrict any container from resolving the name www.evil-url.com . How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)
DRAG DROP You wish to create a custom policy with build and run subtypes. Match the query types for each example. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Question 64 - PCCSE discussion

Report
Export

Which IAM Azure RQL query would correctly generate an output to view users who have sufficient permissions to create security groups within Azure AD and create applications?

A.
config where api.name = 'azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is true and defaultUserRolePermissions.allowedToCreateApps is true
Answers
A.
config where api.name = 'azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is true and defaultUserRolePermissions.allowedToCreateApps is true
B.
config from cloud.resource where api.name = 'azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions exists
Answers
B.
config from cloud.resource where api.name = 'azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions exists
C.
config from network where api.name = 'azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is false and defaultUserRolePermissions.allowedToCreateApps is true
Answers
C.
config from network where api.name = 'azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is false and defaultUserRolePermissions.allowedToCreateApps is true
D.
config from cloud.resource where api.name = 'azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is true and defaultUserRolePermissions.allowedToCreateApps is true
Answers
D.
config from cloud.resource where api.name = 'azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is true and defaultUserRolePermissions.allowedToCreateApps is true
Suggested answer: D

Explanation:

The correct RQL query to view users who have sufficient permissions to create security groups within Azure AD and create applications is option D. This query is specifically designed to assess policies within Azure Active Directory (Azure AD) by checking the authorization policy settings related to user default role permissions. The query targets the azure-active-directory-authorization-policy API to fetch configurations (config from cloud.resource) and then filters those configurations based on the JSON rules that dictate whether users are allowed to create security groups (defaultUserRolePermissions.allowedToCreateSecurityGroups is true) and applications (defaultUserRolePermissions.allowedToCreateApps is true). This query provides a comprehensive check by ensuring both conditions are met, which is necessary for users to have the combined capabilities of creating security groups and applications within Azure AD.

In the context of Prisma Cloud and cloud security principles, the RQL (Resource Query Language) is utilized for querying the configuration state of resources within cloud environments to ensure compliance with security policies. The RQL syntax in option D precisely aligns with the requirements for identifying users with specific permissions, leveraging Prisma Cloud's capability to provide visibility and control over cloud resources, as emphasized in various resources like the 'Prisma Cloud Visibility and Control Qualification Guide' and the 'Guide to Cloud Security Posture Management Tools.' These documents highlight the importance of continuous monitoring and validation of cloud resource configurations to maintain a secure and compliant cloud environment, which is effectively achieved through targeted RQL queries like the one in option D.

'Prisma Cloud Visibility and Control Qualification Guide' discusses the importance of visibility and compliance in cloud environments, which is directly applicable to the use of RQL for querying resource configurations.

'Guide to Cloud Security Posture Management Tools' emphasizes the need for comprehensive visibility and governance across cloud environments, further supporting the rationale behind the specific RQL query used to assess user permissions in Azure AD.

Show Answer
asked 23/09/2024
Grant Taylor
58 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms