Google
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #105
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #105: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to reveal the answer and full explanation for question #105. The question stem and answer options stay visible for context.
Question
You are a SOC analyst working a case in Google Security Operations (SecOps). The case contains a file hash that your playbooks have automatically enriched with VirusTotal context and categorized as likely malicious. You need to quickly identify devices and users in your organization who have interacted with this file. What should you do?
Options
- ABuild a playbook to perform a UDM search matching on the file hash in Google SecOps SIEM.
- BBuild a playbook to query your threat intelligence platform (TIP) for the presence of the file hash.
- CUse a manual action in Google SecOps SOAR to perform a UDM search matching on the file
- DUse a manual action in Google SecOps SOAR to query your threat intelligence platform (TIP) for
Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER questions. Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.