Exam Security-Operations-Engineer Topic 5 Question 55 Discussion

Actual exam question for Google's Security-Operations-Engineer exam
Question #: 55
Topic #: 5
You need to augment your organization's existing Security Command Center (SCC) implementation with additional detectors. You have a list of known IOCs and would like to include external signals for this capability to ensure broad detection coverage. What should you do?

Suggested Answer: A Vote an answer

The correct approach is to create an Event Threat Detection (ETD) custom module using the
"Configurable Bad IP" template. This allows you to ingest known IOCs, including external threat intelligence signals, and generate detections when these IOCs are observed in your environment, augmenting SCC's built-in detection capabilities.

by Harvey at Mar 15, 2026, 05:02 PM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10