최신Google Cloud Certified - Professional Security Operations Engineer (PSOE) - Security-Operations-Engineer무료샘플문제
문제1
You are ingesting and parsing logs from an SSO provider and an on-premises appliance using Google Security Operations (SecOps). Users are tagged as "restricted" by an internal process.
Restrictions last five days from the most recent flagging time. You need to create a rule to detect when restricted users log into the appliance. Your solution must be quickly implemented and easily maintained. What should you do?
You are ingesting and parsing logs from an SSO provider and an on-premises appliance using Google Security Operations (SecOps). Users are tagged as "restricted" by an internal process.
Restrictions last five days from the most recent flagging time. You need to create a rule to detect when restricted users log into the appliance. Your solution must be quickly implemented and easily maintained. What should you do?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제2
Your organization requires the SOC director to be notified by email of escalated incidents and their results before a case is closed. You need to create a process that automatically sends the email when an escalated case is closed. You need to ensure the email is reliably sent for the appropriate cases. What process should you use?
Your organization requires the SOC director to be notified by email of escalated incidents and their results before a case is closed. You need to create a process that automatically sends the email when an escalated case is closed. You need to ensure the email is reliably sent for the appropriate cases. What process should you use?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제3
A SOC team notices repeated outbound HTTPS connections from a Compute Engine instance to an external IP every 60 seconds. CPU usage is normal and no malware signatures trigger. What is the BEST next analytical step?
A SOC team notices repeated outbound HTTPS connections from a Compute Engine instance to an external IP every 60 seconds. CPU usage is normal and no malware signatures trigger. What is the BEST next analytical step?
정답: A
설명: (KoreaDumps 회원만 볼 수 있음)
문제4
You recently joined a company that uses Google Security Operations (SecOps) with Applied Threat Intelligence enabled. You have alert fatigue from a recent red team exercise, and you want to reduce the amount of time spent sifting through noise. You need to filter out IOCs that you suspect were generated due to the exercise. What should you do?
You recently joined a company that uses Google Security Operations (SecOps) with Applied Threat Intelligence enabled. You have alert fatigue from a recent red team exercise, and you want to reduce the amount of time spent sifting through noise. You need to filter out IOCs that you suspect were generated due to the exercise. What should you do?
정답: B
설명: (KoreaDumps 회원만 볼 수 있음)
문제5
You work for an organization that operates an ecommerce platform. You have identified a remote shell on your company's web host. The existing incident response playbook is outdated and lacks specific procedures for handling this attack. You want to create a new, functional playbook that can be deployed as soon as possible by junior analysts. You plan to use available tools in Google Security Operations (SecOps) to streamline the playbook creation process. What should you do?
You work for an organization that operates an ecommerce platform. You have identified a remote shell on your company's web host. The existing incident response playbook is outdated and lacks specific procedures for handling this attack. You want to create a new, functional playbook that can be deployed as soon as possible by junior analysts. You plan to use available tools in Google Security Operations (SecOps) to streamline the playbook creation process. What should you do?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제6
You are managing the integration of Security Command Center (SCC) with downstream tooling.
You need to pull security findings from SCC and import those findings as part of Google Security Operations (SecOps) SOAR actions. You need to configure the connection between SCC and Google SecOps. What should you do?
You are managing the integration of Security Command Center (SCC) with downstream tooling.
You need to pull security findings from SCC and import those findings as part of Google Security Operations (SecOps) SOAR actions. You need to configure the connection between SCC and Google SecOps. What should you do?
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)
문제7
Your organization's Google Security Operations (SecOps) tenant is ingesting a vendor's firewall logs in its default JSON format using the Google-provided parser for that log. The vendor recently released a patch that introduces a new field and renames an existing field in the logs. The parser does not recognize these two fields and they remain available only in the raw logs, while the rest of the log is parsed normally. You need to resolve this logging issue as soon as possible while minimizing the overall change management impact. What should you do?
Your organization's Google Security Operations (SecOps) tenant is ingesting a vendor's firewall logs in its default JSON format using the Google-provided parser for that log. The vendor recently released a patch that introduces a new field and renames an existing field in the logs. The parser does not recognize these two fields and they remain available only in the raw logs, while the rest of the log is parsed normally. You need to resolve this logging issue as soon as possible while minimizing the overall change management impact. What should you do?
정답: D
설명: (KoreaDumps 회원만 볼 수 있음)
문제8
You manage a large fleet of Compute Engine instances. Security Health Analytics (SHA) has generated a CONFIDENTIAL_COMPUTING_DISABLED finding within Security Command Center (SCC). You need to quickly remediate this finding. What should you do?
You manage a large fleet of Compute Engine instances. Security Health Analytics (SHA) has generated a CONFIDENTIAL_COMPUTING_DISABLED finding within Security Command Center (SCC). You need to quickly remediate this finding. What should you do?
정답: C
설명: (KoreaDumps 회원만 볼 수 있음)