Which RQL string monitors all traffic from the internet and Suspicious IPs for AWS databases?

Prepare for the PSE Prisma Pro Test. Utilize flashcards and multiple choice questions, each with hints and explanations. Elevate your readiness for certification!

Multiple Choice

Which RQL string monitors all traffic from the internet and Suspicious IPs for AWS databases?

Explanation:
The selected RQL string is effective because it precisely targets the monitoring requirements specified in the question. By using "source publicnetwork IN ('Suspicious IPs', 'Internet IPs')", it ensures that all traffic being analyzed includes not just the general internet traffic but also any traffic originating from suspicious IP addresses. This dual monitoring is crucial for identifying potential threats or unauthorized access attempts directed toward AWS databases. Additionally, the phrase "dest.resource IN (resource where role IN ('AWS RDS', 'Database'))" effectively narrows down the focus to the appropriate resources—specifically, AWS RDS instances or any databases—ensuring that only relevant traffic is considered. This targeted approach enhances the efficiency of monitoring by concentrating on critical resources associated with database functionalities. The combination of these components makes the first choice the right decision for monitoring all internet traffic and suspicious IPs relevant to AWS databases. The other options either do not monitor all necessary traffic sources or reference irrelevant resource types.

The selected RQL string is effective because it precisely targets the monitoring requirements specified in the question. By using "source publicnetwork IN ('Suspicious IPs', 'Internet IPs')", it ensures that all traffic being analyzed includes not just the general internet traffic but also any traffic originating from suspicious IP addresses. This dual monitoring is crucial for identifying potential threats or unauthorized access attempts directed toward AWS databases.

Additionally, the phrase "dest.resource IN (resource where role IN ('AWS RDS', 'Database'))" effectively narrows down the focus to the appropriate resources—specifically, AWS RDS instances or any databases—ensuring that only relevant traffic is considered. This targeted approach enhances the efficiency of monitoring by concentrating on critical resources associated with database functionalities.

The combination of these components makes the first choice the right decision for monitoring all internet traffic and suspicious IPs relevant to AWS databases. The other options either do not monitor all necessary traffic sources or reference irrelevant resource types.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy