Which step should a SecOps engineer implement in order to create a network exposure policy...

In Policy Section-> Add Policy-> Config type -> Define Policy details Like Name,Severity-> Configure RQL query "config from network where source.network = UNTRUSTJNTERNET and dest.resource.type = 'Instance' and dest.cloud.type = 'AWS*" -> define compliance standard -> Define recommendation for remediation & save.

In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name.Severity-> Configure RQL query "network from vpc.flow_record where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest.resource IN (resource where role IN ('Instance ))" -> define compliance standard -> Define recommendation for remediation & save.

In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name.Severity-> Configure RQL query "network from vpc.flow_record where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest.resource IN (resource where role IN ( Instance ))" -> define compliance standard -> Define recommendation for remediation & save.

In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name.Severity-> Configure RQL query "config from network where source.network = UNTRUSTJNTERNET and dest.resource.type = 'Instance' and dest.cloud.type = 'AWS'" -> Define recommendation for remediation & save.