Google
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #116
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #116: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to reveal the answer and full explanation for question #116. The question stem and answer options stay visible for context.
Question
You are a security analyst at an organization that uses Google Security Operations (SecOps). Google SecOps triggered a medium severity alert of Unusual Cloud Storage Access - High Volume Download for [email protected] from the internal-project-code-repository bucket. This user is a senior developer within your organization who has legitimate access, but their download volume is unusually high and occurs outside working hours. You need to investigate this alert. What should you do first?
Options
- ARun a Google SecOps SOAR playbook to suspend user1's bucket access, and review their user
- BEnrich the bucket entity with sensitivity labels and access control list (ACL) data.
- CCreate a default detection rule in Google SecOps to monitor future high-volume downloads from
- DReview user1's timeline in Google SecOps, focusing on network events and resource access
Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER questions. Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.