nerdexam
Google

PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER · Question #97

PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Question #97: Real Exam Question with Answer & Explanation

The correct answer is C. Create a Cloud Run function that is subscribed to the Pub/Sub topic and uses a Google SecOps. The recommended low-latency and robust method to ingest third-party Pub/Sub data into Google Security Operations (SecOps) is to create a Cloud Run function subscribed to the Pub/Sub topic. The function can process each message and forward it securely using a Google SecOps Ingesti

Question

Your third-party application data is published in a Pub/Sub topic located in a separate Google Cloud project from your Google Security Operations (SecOps) instance. Your attempts to push data from the Pub/Sub topic to Google SecOps have failed. You need to send this data into Google SecOps in a low-latency, robust way. What should you do?

Options

  • APush the data to Cloud Logging, and modify the export filter in direct ingestion.
  • BEnable the Chronicle API in the project that owns the Pub/Sub topic to push the subscription to
  • CCreate a Cloud Run function that is subscribed to the Pub/Sub topic and uses a Google SecOps
  • DSend Pub/Sub messages to a Cloud Storage bucket. Create an ingestion feed in Google SecOps

Explanation

The recommended low-latency and robust method to ingest third-party Pub/Sub data into Google Security Operations (SecOps) is to create a Cloud Run function subscribed to the Pub/Sub topic. The function can process each message and forward it securely using a Google SecOps Ingestion API key. This design handles cross-project integration cleanly, provides fault tolerance and scalability, and ensures near real-time ingestion into SecOps.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PROFESSIONAL-SECURITY-OPERATIONS-ENGINEER Practice