🔥 3-day streak
Professional Security Operations Engineer88 / 241
Question 88 of 241

Your SOC is deploying a Google SecOps SOAR playbook that automatically quarantines Compute Engine instances flagged by Security Command Center findings. The playbook uses a dedicated service account to call the Compute Engine API to apply deny-all firewall tags. During an architecture review, the security lead insists the integration follow least privilege while still being able to remediate across all production projects. Which access configuration best satisfies both the functional and least-privilege requirements?

Reviewed for accuracy · Report an issueNext question