🔥 3-day streak
Professional Security Operations Engineer138 / 241
Question 138 of 241

During a busy shift, a SecOps engineer opens Security Command Center Premium and sees 40+ active findings across projects. Two findings stand out: (1) a HIGH-severity 'Public IP address' finding on a development VM that hosts no sensitive data and sits in an isolated project, and (2) a MEDIUM-severity 'Over-privileged service account' finding on an account that, according to the attack path in SCC, has a viable route to a Crown Jewel BigQuery dataset containing regulated customer PII. Analyst time is limited. Which finding should be triaged and remediated first, and on what basis?

Reviewed for accuracy · Report an issueNext question