In today’s cybersecurity landscape, organizations struggle with three key security challenges. Identify.
Select three that apply, and then click Submit.
- Growing threats
- Lacking talent
- Endless toil
- Reducing resources
Questions
When selecting Integration packages in the Google SecOps Marketplace, which of the following will NOT be contained in any package?
When selecting Integration packages in the Google SecOps Marketplace, which of the following will NOT be contained in any package?
- Webhooks
- Actions
- Mapping rules
- Connectors
A core function of Google SecOps is to collect information and present it in a way that it is actionable by humans or automation. What is the logical order of SOAR elements and their grouping?
A core function of Google SecOps is to collect information and present it in a way that it is actionable by humans or automation. What is the logical order of SOAR elements and their grouping?
- Events -> Alerts -> Rule
- Alerts -> Groups -> Rule
- Events -> Alerts -> Case
- Alerts -> Events -> Case
Google SecOps has functions within the SOAR components that allow you to group alerts via what mechanism?
Google SecOps has functions within the SOAR components that allow you to group alerts via what mechanism?
- Time window
- Entity mapping
- Grouping Rules
- Case viewer
Events are modelled into Visual Families based on a hierarchy. What is the best representation of that hierarchy?
Events are modelled into Visual Families based on a hierarchy. What is the best representation of that hierarchy?
- Alert Type – Period – Data Source
- Alert Type – Product – Data Source
- Data Source – Product – Event Type
- Product – Subscriber Product – Data Source
When grouping alerts by entities it can be possible to group too many alerts because the entity occurs often within your logs. This can interfere with case triage and incident investigation by attaching irrelevant alerts. What feature can you use to prevent this from happening?
When grouping alerts by entities it can be possible to group too many alerts because the entity occurs often within your logs. This can interfere with case triage and incident investigation by attaching irrelevant alerts. What feature can you use to prevent this from happening?
- Exception list
- Playbooks
- Filter list
- Blocklist