Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 248 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 248
Topic #: 1
[All Professional Cloud Security Engineer Questions]

During a routine security review, your team discovered a suspicious login attempt to impersonate a highly privileged but regularly used service account by an unknown IP address. You need to effectively investigate in order to respond to this potential security incident. What should you do?

  • A. Enable Cloud Audit Logs for the resources that the service account interacts with. Review the logs for further evidence of unauthorized activity.
  • B. Review Cloud Audit Logs for activity related to the service account. Focus on the time period of the suspicious login attempt.
  • C. Run a vulnerability scan to identify potentially exploitable weaknesses in systems that use the service account.
  • D. Check Event Threat Detection in Security Command Center for any related alerts. Cross-reference your findings with Cloud Audit Logs.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by yokoyan at Sept. 5, 2024, 9:15 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
dv1
1 month ago
Selected Answer: B
Question does not say that SCC is enabled, does it?
upvoted 3 times
KLei
1 week, 2 days ago
" need to effectively investigate in order to respond to this potential security incident"
upvoted 2 times
...
...
Mr_MIXER007
2 months, 1 week ago
Selected Answer: D
Selected Answer: D
upvoted 1 times
...
1e22522
2 months, 2 weeks ago
Selected Answer: D
D. Check Event Threat Detection in Security Command Center for any related alerts. Cross-reference your findings with Cloud Audit Logs. Explanation: Security Command Center (SCC) is Google Cloud's security and risk management platform. Event Threat Detection within SCC is specifically designed to detect suspicious activity, such as unauthorized logins, and generates alerts based on predefined threat patterns. This tool would help you quickly identify if the suspicious login attempt is part of a known threat pattern. After checking for alerts in Event Threat Detection, cross-referencing with Cloud Audit Logs will give you detailed insights into the actions performed by the service account, allowing you to investigate the extent of any potential breach.
upvoted 2 times
...
yokoyan
2 months, 2 weeks ago
Selected Answer: D
I think it's D.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel