Google
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #15
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #15: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to reveal the answer and full explanation for question #15. The question stem and answer options stay visible for context.
Question
Your organization recently acquired a Google Security Operations (SecOps) Enterprise Plus license. Your organization is already ingesting Cloud Audit Logs, firewall logs, proxy logs and endpoint logs, but there are no threat intelligence feeds being ingested into your Google SecOps environment. You need to design and deploy a solution that alerts your team quickly if an IOC of an active breach is observed in your environment. What should you do?
Options
- AWrite, enable, and configure alerting on a custom multi-event rule.
- BWrite, enable, and configure alerting on a custom single-event rule.
- CEnable and configure alerting for relevant curated detection rule sets.
- DCreate and schedule a dashboard to send periodic summaries of the active breach IOCs and
Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER questions. Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.