Which audit event snippet is identified?
Given the following RQL:
event from cloud.audit_logs where operation IN (‘CreateCryptoKey’, ‘DestroyCryptoKeyVersion’, ‘v1.compute.disks.createSnapshot’)
Which audit event snippet is identified?
A)
B)
C)
D)
A . Option A
B . Option B
C . Option C
D . Option D
Answer: C
Explanation:
The given RQL (Resource Query Language) query is looking for specific audit events related to cryptographic key actions and snapshot creation. The snippet that matches this query is Option C, which contains the statement indicating permissions that allow any action ("Action": "*") and the reference to the version date "2012-10-17" that corresponds to the policy within the audit log.
This can be cross-referenced with cloud provider documentation, such as AWS CloudTrail or Google Cloud Audit Logs, which record user activities and API usage. The RQL provided would be used in a CSPM tool to query these audit logs for the specified events.
Latest PCCSE Dumps Valid Version with 85 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund