Free GCP-SOE-B Questions for Google Security Operations Engineer (Beta) GCP-SOE-B Exam as PDF & Practice Test Engine
You are ingesting and parsing logs from an SSO provider and an on-premises appliance using Google Security Operations (SecOps). Users are tagged as "restricted" by an internal process. Restrictions last five days from the most recent flagging time. You need to create a rule to detect when restricted users log into the appliance. Your solution must be quickly implemented and easily maintained. What should you do?
Correct Answer: D
Vote an answer
Your organization has a standard set of Google Security Operations (SecOps) playbooks that are applied to alerts in different circumstances. One playbook uses an "All" trigger that should always be applied if no other more specific playbooks have triggered. You need to ensure that the more specific playbook is attached and not the generic "All" playbook when multiple triggers match.
What should you do?
What should you do?
Correct Answer: B
Vote an answer
Your organization is a Google Security Operations (SecOps) customer. The compliance team requires a weekly export of case resolutions and SLA metrics of high and critical severity cases over the past week. The compliance team's post- processing scripts require this data to be formatted as tabular data in CSV files, zipped, and delivered to their email each Monday morning.
What should you do?
What should you do?
Correct Answer: B
Vote an answer
You are responsible for monitoring the ingestion of critical Windows server logs to Google Security Operations (SecOps) by using the Bindplane agent. You want to receive an immediate notification when no logs have been ingested for over 30 minutes. You want to use the most efficient notification solution. What should you do?
Correct Answer: B
Vote an answer
You are investigating an alert in Google Security Operations (SecOps). You want to view previous enrichment attributes and relevant historical cases for an entity using the fewest number of steps. What should you do?
Correct Answer: B
Vote an answer
You are a security analyst at an organization that uses Google Security Operations (SecOps). You have identified a new IP address that is known to be used by a malicious threat actor to launch network attacks. You need to search for this IP address in Google SecOps using all normalized logs to determine whether any malicious activity has occurred. You want to use the most effective approach. What should you do?
Correct Answer: B
Vote an answer
Which Google Cloud security feature MOST helps enforce the principle of least privilege at scale?
Correct Answer: B
Vote an answer
Your company is adopting a multi-cloud environment. You need to configure comprehensive monitoring of threats using Google Security Operations (SecOps). You want to start identifying threats as soon as possible. What should you do?
Correct Answer: D
Vote an answer
You received an alert from Container Threat Detection that an added binary has been executed in a business critical workload. You need to investigate and respond to this incident. What should you do? (Choose two.)
Correct Answer: A,D
Vote an answer
0
0
0
10
