Exam Security-Operations-Engineer Topic 5 Question 91 Discussion

Actual exam question for Google's Security-Operations-Engineer exam
Question #: 91
Topic #: 5
You are responsible for evaluating the level of effort required to integrate a new third-party endpoint detection tool with Google Security Operations (SecOps). Your organization's leadership wants to minimize customization for the new tool for faster deployment. You need to verify that the Google SecOps SOAR and SIEM support the expected workflows for the new third-party tool.
You must recommend a tool to your leadership team as quickly as possible. What should you do?
(Choose two.)

Suggested Answer: D,E Vote an answer

Reviewing documentation to confirm whether default parsers exist for the tool ensures logs can be ingested into Google SecOps without heavy customization.
Checking the Google SecOps Marketplace verifies whether the tool has native SOAR/SIEM integration and supported actions, which directly impacts how quickly and easily workflows can be implemented.

by Kyle at Jan 27, 2026, 10:09 PM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10