Google
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #73
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #73: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to reveal the answer and full explanation for question #73. The question stem and answer options stay visible for context.
Question
Your organization's Google Security Operations (SecOps) tenant is ingesting a vendor's firewall logs in its default JSON format using the Google-provided parser for that log. The vendor recently released a patch that introduces a new field and renames an existing field in the logs. The parser does not recognize these two fields and they remain available only in the raw logs, while the rest of the log is parsed normally. You need to resolve this logging issue as soon as possible while minimizing the overall change management impact. What should you do?
Options
- AWrite a code snippet, and deploy it in a parser extension to map both fields to UDM.
- BUse the web interface-based custom parser feature in Google SecOps to copy the parser, and
- CDeploy a third-party data pipeline management tool to ingest the logs, and transform the updated
- DUse the Extract Additional Fields tool in Google SecOps to convert the raw log entries to
Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER questions. Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.