Managing operations Questions
Practice questions for Managing operations topic in Google Professional Cloud Security Engineer. 39 questions covering this domain.
For most Google Cloud services, which audit log type is disabled by default because of its potentially large volume?
Which service is Google Cloud's centralized vulnerability and threat reporting platform that also provides asset inventory and discovery?
What happens when Binary Authorization blocks a deployment because an image does not satisfy policy?
When does Google Cloud write a Policy Denied audit log entry?
Where are audit logs stored by default in Cloud Logging?
An organization routes Admin Activity audit logs to a different project. What is required if the destination project must also store those routed logs...
A reviewer has roles/logging.viewer but cannot read Data Access audit logs stored in the _Default bucket. Which additional role is needed?
Which statement about a Cloud IDS endpoint is correct?
Which Cloud Audit Logs type is always written and cannot be disabled?
A company's Cloud Run service is generating thousands of low-severity Security Command Center findings per day due to a known acceptable configuration...
A team wants to prevent Cloud Logging from ingesting low-value debug log entries from a verbose application, reducing storage costs without modifying ...
An organization wants to ensure that all Cloud Audit Logs from every project are retained for five years in a centralized, tamper-resistant location. ...
A security team wants to forward all Security Command Center findings from multiple Google Cloud organizations into a single SIEM for centralized anal...
A security operations team wants to automatically receive a notification in a Slack channel whenever Security Command Center generates a Critical find...
Which Security Command Center tier provides managed detection, response services, and integration with Chronicle for advanced threat investigation?
A security team wants to investigate whether a specific service account has accessed a sensitive Cloud Storage bucket in the past 30 days. They need t...
Which Cloud Logging bucket is write-protected and cannot be deleted, modified, or have its retention period changed by customers?
An organization uses Security Command Center Premium. Their SOC team needs to automatically create a ticket in their JIRA system whenever SCC generate...
Which Cloud Audit Log type records operations that create, modify, or delete Google Cloud resources, such as creating a VM instance or updating an IAM...
A company wants to detect when a GKE pod spawns an unexpected process (such as a reverse shell) at runtime. Which Security Command Center detection so...
Sign in to see all 39 questions
Create a free account to browse all questions — completely free during our launch phase.