GCP Professional Cloud Security Engineer Practice Question
As the security lead for a multinational enterprise with hundreds of Google Cloud projects, you must give the central SOC team a single console where they can review vulnerability findings from Web Security Scanner, configuration issues from Security Health Analytics, and threat alerts from Event Threat Detection across the entire organization. The solution must minimize engineering effort and avoid granting the SOC administrative roles on each project. What should you do?
Deploy a third-party SIEM via Pub/Sub and Cloud Functions to collect findings from each project and give the SOC access to that external console.
Enable Security Command Center Premium at the organization level, activate the required built-in detectors, and grant the SOC the Security Center Findings Viewer IAM role on the organization so they can use the SCC dashboard.
Build a centralized Cloud Monitoring dashboard that displays log-based metrics collected from every project, and grant the SOC the Monitoring Viewer role on the workspace.
Create organization-level aggregated log sinks to BigQuery for all projects and develop a custom Looker Studio report; provide the SOC BigQuery Data Viewer access.
Security Command Center (SCC) is enabled at the organization level, where it automatically aggregates asset inventories and security findings-including Web Security Scanner, Security Health Analytics, and Event Threat Detection-across all descendant projects and folders. Granting the read-only Security Center Findings Viewer role on the organization lets the SOC view findings in the SCC dashboard without project-level ownership. Building custom Monitoring dashboards or exporting logs to BigQuery/third-party SIEMs would require significant additional engineering work and would not provide the native, integrated findings view that SCC offers.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Security Command Center (SCC) in Google Cloud?
Open an interactive chat with Bash
What is the Security Center Findings Viewer IAM role, and what does it allow users to do?
Open an interactive chat with Bash
Why is enabling SCC Premium at the organization level the recommended solution for this scenario?
Open an interactive chat with Bash
What is Security Command Center in GCP?
Open an interactive chat with Bash
What does the Security Center Findings Viewer role enable?
Open an interactive chat with Bash
How does Security Command Center reduce engineering effort?
Open an interactive chat with Bash
GCP Professional Cloud Security Engineer
Managing operations
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .