nerdexam
Google

PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #93

PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #93: Real Exam Question with Answer & Explanation

The correct answer is B. Ingest on-premises and cloud security logs into Google SecOps SIEM as events. D. Use Google SecOps SOAR integrations with GTI for event enrichment.. Ingest on-premises and cloud security logs into Google SecOps SIEM as events - This provides visibility across all environments (multi-cloud and on-prem) and forms the foundation for Use Google SecOps SOAR integrations with GTI for event enrichment - GTI adds global threat contex

Question

You are developing a security strategy for your organization. You are planning to use Google Security Operations (SecOps) and Google Threat Intelligence (GTI). You need to enhance the detection and response across multi-cloud and on-premises systems. How should you integrate these products? (Choose two.)

Options

  • AIngest GTI IOCs into Google SecOps as security events.
  • BIngest on-premises and cloud security logs into Google SecOps SIEM as events.
  • CIngest on-premises and cloud security logs into Google SecOps SIEM as entities.
  • DUse Google SecOps SOAR integrations with GTI for event enrichment.
  • EUse Google SecOps SOAR integrations with GTI for entity enrichment.

Explanation

Ingest on-premises and cloud security logs into Google SecOps SIEM as events - This provides visibility across all environments (multi-cloud and on-prem) and forms the foundation for Use Google SecOps SOAR integrations with GTI for event enrichment - GTI adds global threat context (IOCs, actor campaigns, TTPs) to ingested events, enhancing detection and response.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Practice