Exam Security-Operations-Engineer Topic 5 Question 55 Discussion
Actual exam question for Google's Security-Operations-Engineer exam
Question #: 55
Topic #: 5
Question #: 55
Topic #: 5
You need to augment your organization's existing Security Command Center (SCC) implementation with additional detectors. You have a list of known IOCs and would like to include external signals for this capability to ensure broad detection coverage. What should you do?
Suggested Answer: A Vote an answer
The correct approach is to create an Event Threat Detection (ETD) custom module using the
"Configurable Bad IP" template. This allows you to ingest known IOCs, including external threat intelligence signals, and generate detections when these IOCs are observed in your environment, augmenting SCC's built-in detection capabilities.
"Configurable Bad IP" template. This allows you to ingest known IOCs, including external threat intelligence signals, and generate detections when these IOCs are observed in your environment, augmenting SCC's built-in detection capabilities.
by Harvey at Mar 15, 2026, 05:02 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).