Google
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #17
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #17: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to reveal the answer and full explanation for question #17. The question stem and answer options stay visible for context.
Question
You are a platform engineer at an organization that is migrating from a third-party SIEM product to Google Security Operations (SecOps). You previously manually exported context data from Active Directory (AD) and imported the data into your previous SIEM as a watchlist when there were changes in AD's user/asset context data. You want to improve this process using Google SecOps. What should you do?
Options
- AConfigure a Google SecOps SOAR integration for AD to enrich user/asset information in your
- BCreate a reference list that contains the AD context data. Use the reference list in your YARA-L
- CCreate a data table that contains AD context data. Use the data table in your YARA-L rule to find
- DIngest AD organizational context data as user/asset context to enrich user/asset information in
Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER questions. Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.