🔥 3-day streak
Professional Cloud Security Engineer114 / 152
Question 114 of 152
Your security operations team relies on Security Command Center Premium. Overnight, an attacker used stolen credentials to grant themselves the Owner role on a production project. The SOC wants Google-managed detection that automatically surfaces this kind of suspicious IAM behavior from Cloud Audit Logs as a finding, without the team having to author and maintain custom log-based metrics or detection rules. Which capability should they rely on?
Reviewed for accuracy · Report an issueNext question