ASSOCIATE-CLOUD-ENGINEER · Question #43
ASSOCIATE-CLOUD-ENGINEER Question #43: Real Exam Question with Answer & Explanation
The correct answer is C: Mark image as obsolete to prevent users from using the old image.. To enforce the use of updated images and prevent developers from using old, unpatched ones for PCI compliance, the most effective programmatic method is to mark old images as obsolete.
Question
You are working a System Administrator and have been asked to make sure that all images are patched up to date and developers are not allowed to use old images which are not up to date as per PCI compliance. How would you achieve this?
Options
- ADrop a mail to all the developers regarding which image to use whenever you patch images.
- BMark image as deprecated to prevent users from using the old image.
- CMark image as obsolete to prevent users from using the old image.
- DNone of the above.
Explanation
To enforce the use of updated images and prevent developers from using old, unpatched ones for PCI compliance, the most effective programmatic method is to mark old images as obsolete.
Common mistakes.
- A. Sending an email is a procedural control that relies on human action and compliance, which is prone to errors and does not programmatically prevent developers from using outdated images, failing to meet strict compliance needs.
- B. Marking an image as
DEPRECATEDissues a warning when users attempt to create instances from it but does not prevent the creation of new instances, making it less effective for strict compliance compared toOBSOLETE. - D. There is a direct method (marking images as obsolete) available in Google Cloud to achieve the stated goal.
Concept tested. Google Compute Engine image lifecycle management
Reference. https://cloud.google.com/compute/docs/images/managing-images#state
Community Discussion
No community discussion yet for this question.