Exam Security-Operations-Engineer Topic 5 Question 78 Discussion
Actual exam question for Google's Security-Operations-Engineer exam
Question #: 78
Topic #: 5
Question #: 78
Topic #: 5
Your organization uses Google Security Operations (SecOps). You discover frequent file downloads from a shared workspace within a short time window. You need to configure a rule in Google SecOps that identifies these suspicious events and assigns higher risk scores to repeated anomalies. What should you do?
Suggested Answer: B Vote an answer
The correct approach is to create a frequency-based YARA-L detection rule in Google SecOps.
Frequency-based rules allow you to detect repeated suspicious behavior, such as multiple file downloads within a short time window, and assign higher risk outcome scores accordingly. This ensures anomalies are prioritized based on their frequency and severity, rather than flagging isolated single events.
Frequency-based rules allow you to detect repeated suspicious behavior, such as multiple file downloads within a short time window, and assign higher risk outcome scores accordingly. This ensures anomalies are prioritized based on their frequency and severity, rather than flagging isolated single events.
by Beatrice at Feb 08, 2026, 12:00 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).