🔥 3-day streak
Professional Security Operations Engineer39 / 241
Question 39 of 241

Your SOC uses Security Command Center (SCC), Google SecOps (SIEM/SOAR), Google Threat Intelligence (GTI), and Cloud IDS. Analysts report that east-west (VM-to-VM) traffic containing exploit attempts against internal services is going undetected until well after compromise. Leadership asks you to justify which telemetry source should be prioritized to close this specific detection gap, and how it fits the architecture. Which recommendation best addresses the gap?

Reviewed for accuracy · Report an issueNext question