Exam Security-Operations-Engineer Topic 4 Question 51 Discussion

Actual exam question for Google's Security-Operations-Engineer exam
Question #: 51
Topic #: 4
Your company's SOC analysts frequently submit manual change requests to a system administrator to make changes to the firewall rules on a specific router. You have the integration for the firewall installed and configured with credentials. You want to use the integration to trigger firewall rule changes directly from the Google Security Operations (SecOps) SOAR. Your system administrator requires the ability to manually approve the requested changes prior to deployment.
How should you implement the workflow for analysts to trigger on demand?

Suggested Answer: D Vote an answer

The best approach is to create a SOAR request with a field for the firewall rule and trigger a playbook based on that request. Configure the playbook so that the firewall rule change step requires approval from the system administrator, including the relevant parameters. This allows analysts to initiate changes on demand while ensuring that all modifications are reviewed and approved before deployment, automating the workflow while respecting the approval requirement.

by Yvette at Jul 06, 2026, 12:40 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10