GCP-PSOE
Threat hunting
medium
Question 1 of 35

An investigator needs to understand how a high-risk alert spread across related systems and accounts. Which Google SecOps workflow is the best fit?

AOpen the Graph tab to inspect entity relationships, then pivot related entities into the Risk Analytics timeline
BExport the raw logs to Cloud Storage and stop there
COnly review the current alert severity field
DDisable grouped fields in search

More Threat hunting Questions

35 questions

Full Google Professional Security Operations Engineer Practice Test

All topics covered

All Google Professional Security Operations Engineer Questions

Browse by topic

Related Questions

In Google SecOps search, what does the grouped field ip do?...

easy

What is the purpose of watchlists in Google SecOps Risk Analytics?...

easy

An analyst wants to discover which UDM field contains a specific text value before writing a search ...

easy

An alert shows only a suspicious file hash and no direct asset identifier. What is the best next ste...

medium

A SOC wants to prioritize triage by organizational threat rather than by arrival time. Which workflo...

medium
View all Threat hunting questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account