Google
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #111
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #111: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to reveal the answer and full explanation for question #111. The question stem and answer options stay visible for context.
Question
You are a senior SOC analyst in your organization. You are receiving alerts of traffic to a command and control (C2) IP address. You want to use Google Security Operations (SecOps) to investigate the IP address associated with the C2 IP address. What should you do?
Options
- AUse Google SecOps SOAR Search to run a playbook designed to investigate the suspicious IP
- BUse Google SecOps SOAR Search to identify the cases where the suspicious IP address exists.
- CConduct a Google SecOps SIEM Search that uses src.ip and target.ip to identify outbound and
- DUse Google SecOps SIEM Search to query against the grouped ip field, and use the enriched
Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER questions. Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.