🔥 3-day streak
Professional Security Operations Engineer64 / 241
Question 64 of 241
A large enterprise runs a single Google SecOps tenant shared by three regional SOC teams (EMEA, APAC, Americas). Each team must only investigate alerts and search logs that originate from assets in their own region, and a central detection engineering team must author and deploy rules that apply across all regions. Compliance requires that an EMEA analyst can never view APAC log data, even within search results. Which approach best enforces this requirement while preserving the central team's cross-region rule authoring?
Reviewed for accuracy · Report an issueNext question