🔥 3-day streak
Professional Security Operations Engineer18 / 241
Question 18 of 241

A SOC manager wants to reduce analyst pivot time during triage. Analysts currently review Google SecOps alerts, then manually copy suspicious hashes and domains into the Google Threat Intelligence (GTI) web portal to check reputation and associations. The manager asks you to redesign the integration so that reputation context appears directly within the SecOps investigation workflow, while keeping GTI's deeper attribution and malware-family reporting available for escalations. Which approach best satisfies both requirements?

Reviewed for accuracy · Report an issueNext question