Google
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #23
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #23: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to reveal the answer and full explanation for question #23. The question stem and answer options stay visible for context.
Question
You are a security analyst at an organization that uses Google Security Operations (SecOps). You notice suspicious login attempts on several user accounts. You need to determine whether these attempts are part of a coordinated attack as quickly as possible. What action should you take first?
Options
- AEnable default curated detections to automatically block suspicious IP addresses.
- BUse UDM Search to query historical logs for recent IOCs associated with the suspicious login
- CRemove user accounts that have repeated invalid login attempts.
- DLook for correlations across impacted users in the Risk Analytics dashboard.
Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER questions. Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.