The analytic rule titled 'DSQuery Domain Discovery' is designed to detect the execution of the Windows command line utility 'dsquery.exe', specifically when it is used with arguments that target 'TrustedDomain' queries. This detection is critical as it indicates possible domain trust discovery activity, a common technique leveraged by adversaries for lateral movement or privilege escalation within network environments. By utilizing Endpoint Detection and Response (EDR) telemetry, the rule monitors process names and their respective command-line arguments to identify any suspicious activity. Detecting this behavior can help security teams mitigate the risk of unauthorized access and potential exploitation associated with compromised domain trusts. Effective implementation requires the setup of suitable EDR logging and configuration to allow the collection and analysis of relevant endpoint telemetry.