Valid PCCSE Dumps shared by ExamDiscuss.com for Helping Passing PCCSE Exam! ExamDiscuss.com now offer the newest PCCSE exam dumps, the ExamDiscuss.com PCCSE exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com PCCSE dumps with Test Engine here:
Which ROL query is used to detect certain high-risk activities executed by a root user in AWS?
Correct Answer: D
The correct Resource Query Language (RQL) query to detect high-risk activities executed by a root user in AWS is the one that specifies cloud audit logs as the data source and filters events based on operations that are indicative of high-risk activities. The query should include operations like 'ChangePassword', 'ConsoleLogin', 'DeactivateMFADevice', 'DeleteAccessKey', and 'DeleteAlarms', which are typically sensitive and should be monitored closely when performed by a root user, due to the elevated privileges associated with this account. The query filters for events where the user is 'root', ensuring that only activities executed by this highly privileged user are returned in the results.