🔥 3-day streak
Professional Security Operations Engineer50 / 241
Question 50 of 241

A security operations team runs Security Command Center (Premium) with Vulnerability and Web Security Scanner detectors enabled, and forwards SCC findings into Google SecOps where they build correlation rules. During a quarterly review, leadership asks the team to demonstrate that each tool is being used for its highest-value purpose rather than overlapping wastefully. The team notes that most SecOps correlation rules simply re-alert on the same misconfiguration findings SCC already surfaces, producing duplicate tickets. Which change best improves overall tool effectiveness while preserving justified overlap?

Reviewed for accuracy · Report an issueNext question