Google
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #91
PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #91: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to reveal the answer and full explanation for question #91. The question stem and answer options stay visible for context.
Question
You are planning log onboarding for a Google Security Operations (SecOps) SIEM deployment in a cloud-heavy enterprise environment. The detection engineering team is requesting log sources that support visibility into: - User identity behavior - Lateral movement - Privilege escalation attempts You need to determine which telemetry sources are ingested first. Which log source should you prioritize?
Options
- ACloud access security broker (CASB) logs
- BEDR logs
- CIAM logs
- DNetwork firewall logs
Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER questions. Unlock PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.