Given the following RQL:
event from cloud.audit_logs where operation IN ('CreateCryptoKey', 'DestroyCryptoKeyVersion',
'v1.compute.disks.createSnapshot')
Which audit event snippet is identified?
A)

B)

C)

D)

• A.Option C
• B.Option B
• C.Option A
• D.Option D

Comment: *

Name: *

Email: *

Verification: *

Which three actions are required in order to use the automated method within Azure Cloud to streamline the process of using remediation in the identity and access management (IAM) module? (Choose three.)

• A.Install boto3 & requests library.
• B.Configure IAM Azure remediation script.
• C.Integrate with Azure Service Bus.
• D.Configure IAM AWS remediation script.
• E.Install azure.servicebus & requests library.

Comment: *

Name: *

Email: *

Verification: *

Which two bot types are part of Web Application and API Security (WAAS) bot protection? (Choose two.)

• A.Customer bots
• B.Unknown bots
• C.Chat bots
• D.User-defined bots

Comment: *

Name: *

Email: *

Verification: *

What is an automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks?

• A.policy
• B.anomaly
• C.audit
• D.incident

Comment: *

Name: *

Email: *

Verification: *

An administrator sees that a runtime audit has been generated for a container.
The audit message is:
"/bin/ls launched and is explicitly blocked in the runtime rule. Full command: ls -latr" Which protection in the runtime rule would cause this audit?

• A.Networking
• B.File systems
• C.Processes
• D.Container

Comment: *

Name: *

Email: *

Verification: *