Google
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #76
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #76: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to reveal the answer and full explanation for question #76. The question stem and answer options stay visible for context.
Question
You are conducting proactive threat hunting in your company's Google Cloud environment. You suspect that an attacker compromised a developer's credentials and is attempting to move laterally from a development Google Kubernetes Engine (GKE) cluster to critical production systems. You need to identify IOCs and prioritize investigative actions by using Google Cloud's security tools before analyzing raw logs in detail. What should you do next?
Options
- AIn the Security Command Center (SCC) console, apply filters for the cluster and analyze the
- BReview threat intelligence feeds within Google Security Operations (SecOps), and enrich any
- CInvestigate Virtual Machine (VM) Threat Detection findings in Security Command Center (SCC).
- DCreate a Google SecOps SOAR playbook that automatically isolates any GKE resources
Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER questions. Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.