🔥 3-day streak
Professional Security Operations Engineer1 / 241
Question 1 of 241
A security operations team must detect network-based exploitation attempts (e.g., known CVE exploit signatures) targeting workloads communicating across a shared VPC. The team already forwards SCC findings and VPC Flow Logs into Google SecOps but is not detecting in-flight exploit payloads. They want to justify adding a new telemetry source rather than expanding an existing one. Which telemetry source should be prioritized, and why is it not redundant with the existing sources?
Reviewed for accuracy · Report an issueNext question