Exam: Cloud Digital Leader 0 Likes
How can your organization most effectively identify all virtual... (Digital Leader)
The operating systems of some of your organization's virtual machines may have a security vulnerability.
How can your organization most effectively identify all virtual machines that do not have the latest security update?
A) View the Security Command Center to identify virtual machines running vulnerable disk images.
B) View the Compliance Reports Manager to identify and download a recent PCI audit.
C) View the Security Command Center to identify virtual machines started more than 2 weeks ago.
D) View the Compliance Reports Manager to identify and download a recent SOC 1 audit.
Solution
Correct answer: A) View the Security Command Center to identify virtual machines running vulnerable disk images.
A - The Security Command Center is typically designed to provide insights and visibility into the security posture of resources in a cloud environment. By using the Security Command Center, you can identify virtual machines that are running vulnerable disk images and may not have the latest security updates.
B - The Compliance Reports Manager, especially with PCI or SOC 1 audits, focuses more on compliance standards rather than identifying specific security vulnerabilities in virtual machines.
C - Viewing virtual machines started more than 2 weeks ago may not necessarily help identify whether they have the latest security updates. The age of a virtual machine does not directly correlate with its security status.
D - Similar to option B, the Compliance Reports Manager with SOC 1 audits is more about compliance with specific standards rather than identifying the latest security updates on virtual machines.
In conclusion, option A is the most suitable for identifying virtual machines with security vulnerabilities as it leverages the Security Command Center, which is designed for monitoring and identifying security issues in a cloud environment.
Category: Google Cloud security and operations