🔥 3-day streak
Professional Security Operations Engineer20 / 241
Question 20 of 241
A security operations engineer is evaluating tool effectiveness across the organization's Google Cloud environment. The current stack includes Security Command Center (SCC) for posture and misconfiguration findings, Cloud IDS for network-layer intrusion detection on VPC traffic, and Google SecOps ingesting audit and platform logs. During a tabletop exercise, the team notes that a compromised Cloud Run service executing malicious code was not detected until data exfiltration triggered a downstream alert. Which conclusion best identifies the coverage gap the engineer should address?
Reviewed for accuracy · Report an issueNext question