Google Cloud SecOps Sales Credential Answers
This learning path is designed to help you understand the solution capabilities, value proposition, and competitive differentiation for Google Cloud SecOps products (Chronicle and Mandiant) to equip you with the tools to deliver effective solution messaging.
All answers to pass this certification are only in our .PDF file, you can buy and download here:
Indice del contenido
Google Cloud Security Overview
Select three that apply, and then click Submit.
- Understand how the threat actors will attack you
- Understand your attack surface
- Integrate with third-party applications
- Build an effective detection and response capability, so you can detect these attacks early
Which products and solutions can Google help you transfer your cyber defense with?
Select three that apply, and then click Submit.
- Threat Ready with Mandiant
- Threat Detections, Investigation, and Response
- Anti-Fraud Solutions
- Managed Offense
Threat Ready with Mandiant is about helping you answer some core questions. Identify.
Select three that apply, and then click Submit.
- Who’s targeting us?
- Why do I need a pen test at all?
- Where are we exposed?
- Are you prepared for an attack?
Identify how much the supply chain’s initial infection vector has increased.
Select one that applies, and then click Submit.
- <1% in 2020 to 17% in 2021
- <10% in 2020 to 27% in 2021
- <5% in 20202 to 19% in 2023
How many new malware families were identified by Mandiant in 2022?
Select one that applies, and then click Submit.
- 588
- 625
- 500
Select one that applies, and then click Submit.
- Sec-PaLM
- Threat Intel
- BeyondCorp Enterprise
Why do many of the leading security vendors build their capabilities on Google Cloud?
Select five that apply, and then click Submit.
- Secure Cloud
- Protection and visibility at planet scale
- Leader in data privacy and sovereignty
- Only Cloud vendor committed to shared fate
- Google Security innovations
- Least expensive service on the market
Select all that apply, and then click Submit.
- Google Safe Browsing protects over 5 billion devices each day from malware and social engineering.
- Google’s embedded security monitoring for over 2.5 billion active Gmail users to protect against phishing, malware, and spam.
- VirusTotal, the world’s premier malware intelligence service, has over 2.4 billion files in its dataset.
- Chronicle and Security Command Center analyze petabytes of information each day for threat detection and response.
- Google’s network prevented a 46 million request-per-second Distributed Denial-of-Service (DDoS) attack on a customer, the largest L7 attack recorded to date.
Identify the different aspects of moving to the cloud.
Select one that applies, and then click Submit.
- Security controls, visibility challenges, and threats to be managed
- Users, applications, and use cases
Select one that applies, and then click Submit.
- A cyber-attack that targets a software vulnerability that is unknown to the software vendor or antivirus vendors
- A vulnerability once made public, is known as an UNC
- A vulnerability once made public, is known as an FIN
Chronicle Security Operations
Who is Chronicle Security Operations (SecOps) for?
Select one that applies, and then click Submit.
- Security operations teams in small and mid-size organizations, not security service providers
- Security operations teams in mid to large-size organizations, not security service providers
- Security operations teams in mid to large-size organizations as well as security service providers
What does Security Operations (SecOps) do?
Select one that applies, and then click Submit.
- Empowers Security Operations (SecOps) teams to detect and investigate cyber threats across the customer environment, including Google Cloud, other clouds, and on-premises
- Empowers Security Operations (SecOps) teams to detect, investigate, and respond to cyber threats across the customer environment, including Google Cloud, other clouds, and on-premises
- Empowers Security Operations (SecOps) teams to detect, investigate, and respond to cyber threats on Google Cloud only
What sets Chronicle Security Operations (SecOps) apart?
Select one that applies, and then click Submit.
- Google scale, speed of search, and threat intelligence
- Easiest to use solution
- Most intuitive interface
What is Chronicle Security Operations (SecOps) competitive advantage?
Select one that applies, and then click Submit.
- Chronicle Security Operations (SecOps) is the cheapest solution currently on the market
- You get Google Workspace functionality included with Chronicle Security Operations (SecOps)
- Get all your data at a disruptive cost, at your fingertips with Google intelligence, leveraging automated responses and Google best practices
Identify the key capabilities of Chronicle Security Operations.
Select one that applies, and then click Submit.
- Collection, detection, investigation, and response
- Automation, detection, and AI Security Workbench
- Collection, investigation, alert monitoring
Who are the target audiences for Chronicle Security Operations (SecOps)?
Select one that applies, and then click Submit.
- Level 1 and 2 Analysts only
- Chief Information Security Officer (CISO), Security Operations Center (SOC) Manager, Security Engineer, Cloud Stakeholder
- Practitioners only
Select two that apply, and then click Submit.
- Small and Midsize Business (SMB) with no Security Information and Event Management (SIEM) usage, up to one analyst, no security operations team, and less than 10 daily meaningful alerts
- Medium with minimal Security Information and Event Management (SIEM) capabilities, two to three full-time analysts, some alert handling, and 11–100 daily meaningful alerts
- Medium enterprise with mid-range Security Information and Event Management (SIEM) capabilities, four to 10 full-time analysts, an eight-by-five (8×5) Security Operations Center (SOC), and 101–500 daily meaningful alerts
- Large enterprise with mature Security Information and Event Management (SIEM) capability, more than 10 full-time analysts, a twenty-four-by-seven (24×7) Security Operations Center (SOC), and more than 500 daily meaningful alerts
What are the top Go-to-Market (GTM) plays for Chronicle Security Operations (SecOps)?
Select one that applies, and then click Submit.
- Standard Security Information and Event Management (SIEM) (new or replacement) and SIEM augmentation only
- Security Information and Event Management (SIEM) augmentation only
- Standard Security Information and Event Management (SIEM) (new or replacement), SIEM augmentation, Cloud Threat Detection and Incident Response (TDIR), and Security Operations Center (SOC) transformation
Select one that applies, and then click Submit.
- Integration with VirusTotal solution
- Patented technology
- Artificial Intelligence (AI) Security Workbench
Select one that applies, and then click Submit.
- Manually, from a selection of playbooks
- Automatically, based on the alert
What are the Chronicle Security Orchestration, Automation, and Response (SOAR) playbooks?
Select one that applies, and then click Submit.
- Guides on how to use Chronicle and deploy across an organization
- How to sell Chronicle Security Orchestration, Automation, and Response (SOAR) to end users
- Repeatable processes that automate repetitive tasks to free up analyst time and guide the analyst through the process of investigating and remediating alerts
What does a Chronicle Security Orchestration, Automation, and Response (SOAR) playbook begin with?
Select one that applies, and then click Submit.
- A trigger
- A manual action from the analyst
- A report
Select one that applies, and then click Submit.
- Create customizable views
- Enable manual selection of views
Select one that applies, and then click Submit.
- Chronicle Security Orchestration, Automation, and Response (SOAR) summarizes all the remediation actions that the user might want to take in one central location.
- Chronicle Security Orchestration, Automation, and Response (SOAR) enables security teams to detect, investigate, and respond to threats at Google speed and scale.
How would you summarize the power of the Google Cloud Security Operations Suite?
Select one that applies, and then click Submit.
- Google Cloud Security Operations Suite enables modern threat detection and investigation with the speed, scale, and intelligence of Google.
- Google Cloud Security Operations Suite enables modern threat detection, investigation, and response with the speed, scale, and intelligence of Google.
- Google Cloud Security Operations Suite provides Google Workspace-powered alert detection for cloud environments.
Select one that applies, and then click Submit.
- Best-of-breed automated response tool for on-premises environments
- Reporting and analytics tool for incident response
- Ingest and analyze massive amounts of data and provide cutting-edge detection
Select one that applies, and then click Submit.
- Ability to automate responses and provide a centralized workbench for the Security Operations Center (SOC)
- Analyze small amounts of data for alert set-ups
- Security Operations Center (SOC) tool to provide cutting-edge security Artificial Intelligence (AI)
Select one that applies, and then click Submit.
- Google Cloud, other clouds, Endpoint Detection and Response (EDR), and on-premises environments
- Any cloud environment sold through Google Cloud
- Only on-premises environments
Select one that applies, and then click Submit.
- 3 months
- 6 months
- 9 months
- 12 months
What can you find in the Malware detection view?
Select one that applies, and then click Submit.
- Additional information from VirusTotal and Mandiant
- Additional information from the Security Command Center
- Additional information from Web Risk
Mandiant Sales Overview
Identify the problems that Mandiant Consulting Services solves for customers.
Select seven that apply, and then click Submit.
- Incident Response
- Ransomware
- Targeted Attack Testing
- Security Due Diligence
- Operational Technology (OT)/Industrial Control Systems (ICS)
- Skills Gap
- Cyber Risk Management
- Budget Constraints
Identify the key differentiators of Mandiant Consulting Services.
Select four that apply, and then click Submit.
- Industry-leading intelligence and frontline expertise
- Focuses on a single offering
- Specializes in cyber security
- Leverages insights into the latest attacker Tactics, Techniques, and Procedures (TTPs) and applies them to Red Team assessments
- Delivers cyber security training by frontline consultants
How would you combat the comment “Your solution is too expensive”?
Select all that apply, and then click Submit.
- Most Incident Response (IR) providers rely on outdated, offline methodologies
- Mandiant’s purpose-built technology results in less people and less time—with an overall lower cost
- Mandiant performs Incident Response (IR) and assesses compromises with less people in less time with greater efficacy
- Mandiant can engage in a matter of hours without shipping hardware
How would you combat the comment “Your solution is too expensive” with proof points?
Select all that apply, and then click Submit.
- Mandiant’s work on most of the largest and most publicized incidents in history makes it uniquely qualified to assist with technical response and crisis management
- Mandiant is trusted worldwide. Customers include 40% of the Fortune 100
- Mandiant’s annual M-Trends report is a proof point
Which of the following is not a role in consulting?
Select two that apply, and then click Submit.
- Deployment and integration
- Long-term staffing needs
- Assessments, programs, and guidance
What should a Chief Executive Officer (CEO) know about cyber security?
Select all that apply, and then click Submit.
- Understand the impacts on your bottom line
- Know that everyone is responsible
- Staff your security team
- Be ready for Ransomware
- Invest in technology to enable remote work
What is the meaning of strategic readiness?
Select one that applies, and then click Submit.
- Improving capabilities against future compromise
- Testing controls and operations with a real-world attack
- Developing a mature security posture with improved processes and technologies
Select one that applies, and then click Submit.
- Daily News Analysis, Quarterly Threat Briefs, Mandiant Advantage Threat Intelligence Free, and the Mandiant Incident Response Retainer (With Optional Service Level Agreement (SLA))
- Monthly News Analysis, Yearly Threat Briefs, Mandiant Advantage Threat Intelligence, and the Mandiant Incident Response Retainer (With no optional Service Level Agreement (SLA))
What should a Head of Information Security (InfoSec) know about cyber security?
Select three that apply, and then click Submit.
- Supervise the team, hire, and manage the budget
- Drive efficiencies and cost-savings
- Oversee security operations
- Analyze multiplying threats
What should a Chief Information Officer (CIO) know about cyber security?
Select all that apply, and then click Submit.
- Digital transformation and Change Management
- Digital adoption and employee training
- Latest technology
- Cyber security dangers
- Financial inadequacies
What is the name of the software that Mandiant deploys to perform validation testing?
Select one that applies, and then click Submit.
- Actors
- Agents
- Simulators
Select one that applies, and then click Submit.
- A Neutral Check
- A Passive Check
- An Active Check
Select one that applies, and then click Submit.
- Orchestration and Automation, Threat Intelligence, and Incident Response
- Security Validation, Managed Defense, and Threat Intelligence
- Security Automation, Incident Response, and Threat Intelligence
Select one that applies, and then click Submit.
- Security Validation
- Threat Intelligence
- Expertise on Demand
- Managed Defense
Select one that applies, and then click Submit.
- Enterprise Attack Surface Management
- Expanding Attack Surface Management
- External Attack Surface Management
Select one that applies, and then click Submit.
- Attack Surface Management
- Artificial Surface Management
- Active Storage Management
What is Mandiant Attack Surface Management based on?
Select one that applies, and then click Submit.
- Software-as-a-Service (SaaS)
- On-Premises
Fingerprinting applies to which entity types?
Select all that apply, and then click Submit.
- All entities
- Domains
- Netblocks
- Network Services and Uniform Resource Identifiers (URIs)
Select one that applies, and then click Submit.
- Smaller
- Mid-Size
- Larger
- Privately Owned
Identify what scoping use to determine a true/false?
Select one that applies, and then click Submit.
- Heuristics and Global Intelligence
- Algorithmic and Emotional Intelligence
Identify the primary target audience for Mandiant Threat Intelligence.
Select one that applies, and then click Submit.
- Vulnerability and Hunting
- Security Operations Center (SOC) and Incident Response (IR)
- Cyber Threat Intel and Risk
Select one that applies, and then click Submit.
- Fusion
- Security Operations
- Intelligence Access
Select one that applies, and then click Submit.
- Boring Analyst Stories
- Breach and Attack Simulation
- Breach Analysis Signals
- Breach Attack Source
Why do organizations need Cyber Threat Intelligence?
Select three that apply, and then click Submit.
- Organizations have to know what actions they need to take to mitigate risk.
- Organizations must apply very limited security resources against endless, evolving threats.
- Organizations need to know if they are targets in this ever-evolving threat landscape.
- Organizations do not have to know what actions they need to take to mitigate risk.
Identify the ecosystems from which customers can decouple the underlying application infrastructure.
Select three that apply, and then click Submit.
- OpenSource
- One Source
- Open Source
- Open-Source
What are the relevant threats that can be identified to reduce risk?
Select all that apply, and then click Submit.
- Ransomware
- Identified Threat Actors
- Supply-Chain Compromise
- Advanced Persistent Threat (APT38)
- Advanced Persistent Threat (APT41)
- FIN1
Identify how Mandiant Threat Intelligence Security Operations helps customers.
Select one that applies, and then click Submit.
- Respond and Report
- Detect, Triage, and Respond
- Detect, Triage, Investigate, and Respond
- Investigate and Respond
- Report Only
Approximately how many hours of Incident Response engagements occur per year?
Select one that applies, and then click Submit.
- 5000
- 200000
- 20000
- 100000
Select one that applies, and then click Submit.
- Explore
- Research Tools
- File Analysis
- Search
Select all that apply, and then click Submit.
- Research
- Analysis
- Written Reports
- Threat Briefings
Select four that apply, and then click Submit.
- Limit the scope to three to five Actors (one hosted Actor, one network, and one endpoint recommended).
- Strongly recommended not to include Protected Theater, Email Theater, or the use of Mac or Linux deployments.
- Understand if a proxy or web security service is being used.
- Ensure that the test plan and Proof of Concept (POC) execution are aligned with the customer’s expected outcomes. Do not over-scope.
- Suggest the lowest value or hardest to set up integrations.
Identify how Mandiant Security Validation helps customers improve their security.
Select one that applies, and then click Submit.
- Proving effectiveness, reducing risk, and optimizing and rationalizing investments
- Adding an endpoint firewall to the network stack
- Including anti-virus agents in the installation
- Proving effectiveness, eliminating risk, and degrading investments
Select three that apply, and then click Submit.
- Measuring control effectiveness
- Optimizing and rationalizing investments
- Continuously monitoring and improving risk visibility
- Disabling automated drift detection
Identify the ideal candidates for Mandiant Security Validation.
Select one that applies, and then click Submit.
- Organizations that have concerns around specific threats (i.e., ransomware) or threat actors
- Organizations that are not mature enough or have the resources to execute
- Organizations that do not run their own Security Operations Center (SOC)
- Organizations looking to “check a box”
How is Mandiant Security Validation designed to measure the effectiveness of security controls?
Select one that applies, and then click Submit.
- Emulating real attacks
- Simulating real attacks
Mandiant Security Validation helps answer critical questions. Identify.
Select all that apply, and then click Submit.
- Can we be compromised?
- Are our cyber defenses working?
- Are we prepared for the prevalent threat of ransomware?
- Can we prove it?
Identify what needs to be deployed to ensure Mandiant Security Validation is effective.
Select one that applies, and then click Submit.
- Actor
- Internet of Things (IoT)
- Virus protection
What is Mandiant Security Validation all about?
Select three that apply, and then click Submit.
- Mandiant Security Validation is another way to consume and realize value from Threat Intelligence.
- Mandiant Security Validation proactively understands how you can defend and respond to real cyber security attacks.
- Mandiant Security Validation uses intel and allows organizations to test their security detection, prevention, and response capabilities against real threats.
- Mandiant Security Validation is the same as Attack Surface Management.
What does Mandiant Security Validation help with and how does it accomplish this?
Select three that apply, and then click Submit.
- Assess
- Optimize/Rationalize
- Monitor
- Overlook
Identify the requirement for using Mandiant Security Validation.
Select one that applies, and then click Submit.
- Prioritizing the threats that are most relevant to the organization
- Identifying the security technologies that the organization has in place
- Enabling a walkthrough of the approaches to determine that the organization is safe against the latest attacks
Google Cloud Sales Credentials
What is the mission of Google Cloud?
Select the correct option, and then click Submit.
- Global scale, distributed security infrastructure
- Organize your information and supercharge it for you
- Higher availability and lower latency
What does “Identifying the objective of customer’s business needs” mean?
Select the correct option, and then click Submit.
- Identifying groups of products and services designed to solve customer’s business issues
- Identifying the highest-level outcome that a customer desires to achieve to address a business issue
- Identifying specific business issues that can be addressed with Google Cloud services and related products
Select the correct option, and then click Submit.
- False
- True
Which of the following options is NOT a key differentiator of Google Cloud versus its competitors?
Select the correct option, and then click Submit.
- Best-in-Class Security
- Best of Google
- Aggressive pricing
- Embedded, Artificial Intelligence AI/Machine Learning (ML)
- Hybrid and Multi-Cloud
Select the correct option, and then click Submit.
- True
- False
Select the correct option, and then click Submit.
- Cloud technology is all of the technology and processes needed to store, manage, and access data running programs that are transferred to the cloud.
- Cloud technology is where the company stores its data and files.
- Cloud technology occurs when a company shifts to virtual machines.
- Cloud technology is the process of migrating a company from on-premises to a data center.
Select the correct option, and then click Submit.
- Google Cloud helps companies transform by providing products and solutions designed to address a company’s business challenges.
- Google Cloud consists of products and services like Gmail that companies use to transform.
- Google Cloud has data centers all around the world and provides a secure private network.
- Google Cloud is a Platform as a Service.
Select the correct option, and then click Submit.
- Ask the customer about their current cloud provider situation and ask the customer to speak more about their level of satisfaction with the other cloud provider.
- Ask the customer to tell you more about their business needs and objectives.
- Tell the customer how Google Cloud solutions can help their business.
- Tell the customer all about cloud technology and Google Cloud.
When analyzing a customer’s business needs, which of the following approaches should be used?
Select the correct option, and then click Submit.
- Analyze the business needs against a solution and use case.
- Analyze the business needs against Google’s differentiators.
- Analyze the business needs against a product.
- Analyze the business needs against a priority service.
Which of the following products and services aligns with the description mentioned?
Select the correct option, and then click Submit.
- Google Cloud
- Google Cloud Professional Services
- Google Workspace
- Chrome Enterprise
Which of the following products and services aligns with the description mentioned?
Select the correct option, and then click Submit.
- Google Workspace
- Google Cloud Partners
- Chrome Enterprise
- Google Cloud
Which of the following products and services aligns with the description mentioned?
Select the correct option, and then click Submit.
- Google Cloud
- Google Cloud Professional Services
- Google Workspace
- Chrome Enterprise
Which of the following products and services aligns with the description mentioned?
Select the correct option, and then click Submit.
- Google Cloud Partners
- Google Cloud Professional Services
- Google Cloud
- Google Workspace
Which of the following products and services aligns with the description mentioned?
Select the correct option, and then click Submit.
- Google Cloud
- Google Cloud Professional Services
- Google Cloud Partners
- Google Workspace
Identify which key differentiator the proof point aligns with.
Select the correct option, and then click Submit.
- Best-in-class Security
- Best of Google Cloud
- Fully Managed No Operations
- Hybrid and Multi Cloud
Identify which key differentiator the proof point aligns with.
Select the correct option, and then click Submit.
- Best of Google Cloud
- Embedded Artificial Intelligence / Machine Learning
- Fully Managed No Operations
- Hybrid and Multi Cloud
Identify which key differentiator the proof point aligns with.
Select the correct option, and then click Submit.
- Hybrid and Multi Cloud
- Fully Managed No Operations
- Best-in-class Security
- Embedded Artificial Intelligence / Machine Learning
Identify which key differentiator the proof point aligns with.
Select the correct option, and then click Submit.
- Best of Google
- Best-in-class Security
- Hybrid and Multi Cloud
- Embedded Artificial Intelligence / Machine Learning
Identify which key differentiator the proof point aligns with.
Select the correct option, and then click Submit.
- Best of Google Cloud
- Best-in-class Security
- Hybrid and Multi Cloud
- Fully Managed No Operations