Exam Security-Operations-Engineer Topic 1 Question 22 Discussion
Actual exam question for Google's Security-Operations-Engineer exam
Question #: 22
Topic #: 1
Question #: 22
Topic #: 1
You are a security engineer at a managed security service provider (MSSP) that is onboarding to Google Security Operations (SecOps). You need to ensure that cases for each customer are logically separated. How should you configure this logical separation?
Suggested Answer: D Vote an answer
Comprehensive and Detailed 150 to 250 words of Explanation From Exact Extract Google Security Operations Engineer documents:
The correct mechanism for achieving logical data segregation for different customers in a Google Security Operations (SecOps) SOAR multi-tenant environment is by using Environments. The documentation explicitly states that "you can define different environments and environment groups to create logical data segregation." This separation applies to most platform modules, including cases, playbooks, and dashboards.
This feature is specifically designed for this use case: "This process is useful for businesses and Managed Security Service Providers (MSSPs) who need to segment their operations and networks. Each environment...
can represent a separate customer." When an analyst is associated with a specific environment, they can only see the cases and data relevant to that customer, ensuring strict logical separation.
While permission groups (Option C) and roles (Option A) are used to control what a user can do within the platform (e.g., view cases, edit playbooks), they do not provide the primary data segregation. Environments are the top-level containers that separate one customer's data and cases from another's. Playbooks (Option B) are automation workflows and are not a mechanism for logical separation.
(Reference: Google Cloud documentation, "Control access to the platform using SOAR permissions"; " Support multiple instances [SOAR]")
The correct mechanism for achieving logical data segregation for different customers in a Google Security Operations (SecOps) SOAR multi-tenant environment is by using Environments. The documentation explicitly states that "you can define different environments and environment groups to create logical data segregation." This separation applies to most platform modules, including cases, playbooks, and dashboards.
This feature is specifically designed for this use case: "This process is useful for businesses and Managed Security Service Providers (MSSPs) who need to segment their operations and networks. Each environment...
can represent a separate customer." When an analyst is associated with a specific environment, they can only see the cases and data relevant to that customer, ensuring strict logical separation.
While permission groups (Option C) and roles (Option A) are used to control what a user can do within the platform (e.g., view cases, edit playbooks), they do not provide the primary data segregation. Environments are the top-level containers that separate one customer's data and cases from another's. Playbooks (Option B) are automation workflows and are not a mechanism for logical separation.
(Reference: Google Cloud documentation, "Control access to the platform using SOAR permissions"; " Support multiple instances [SOAR]")
by Stev at Apr 12, 2026, 10:00 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).