Google
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #77
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #77: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to reveal the answer and full explanation for question #77. The question stem and answer options stay visible for context.
Question
During a high-priority phishing incident at your company, Google Security Operations (SecOps) created and assigned the case to a Tier 1 analyst. The analyst added email headers and attached the malicious file as evidence but failed to escalate the case, violating an internal SLA of 30 minutes for a phishing response. The delay led to multiple users opening the file before containment actions were initiated. You want to optimize the case management workflow for future high-priority incidents. What should you do?
Options
- ABuild a playbook that automatically ingests reported phishing emails, enriches entities with threat
- BChange the default case assignment logic to route all phishing alerts to the Tier 2 team.
- CConfigure a SOAR notification loop that sends escalating email alerts to the Tier 1 analysts, the
- DUpdate the playbook to automatically close phishing cases after 60 minutes if no manual
Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER questions. Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.