CLOUD-DIGITAL-LEADER · Question #271
The operating systems of some of your organization's virtual machines may have a security vulnerability. How can your organization most effectively identify all virtual machines that do not have the l
The correct answer is A. View the Security Command Center to identify virtual machines running vulnerable disk images. Security Command Center (SCC) is Google Cloud's centralized security and risk management platform. It continuously scans your environment for vulnerabilities, including VMs running outdated or vulnerable OS images. It can pinpoint exactly which VMs lack the latest security patche
Question
The operating systems of some of your organization's virtual machines may have a security vulnerability. How can your organization most effectively identify all virtual machines that do not have the latest security update?
Options
- AView the Security Command Center to identify virtual machines running vulnerable disk images
- BView the Compliance Reports Manager to identify and download a recent PCI audit
- CView the Security Command Center to identify virtual machines started more than 2 weeks ago
- DView the Compliance Reports Manager to identify and download a recent SOC 1 audit
How the community answered
(45 responses)- A82% (37)
- B4% (2)
- C11% (5)
- D2% (1)
Explanation
Security Command Center (SCC) is Google Cloud's centralized security and risk management platform. It continuously scans your environment for vulnerabilities, including VMs running outdated or vulnerable OS images. It can pinpoint exactly which VMs lack the latest security patches by analyzing their disk images against known vulnerability databases. Option C is a red herring-a VM's uptime is not a reliable indicator of whether it has the latest updates. Options B and D reference the Compliance Reports Manager, which provides audit reports (PCI, SOC) for compliance documentation, not for identifying missing OS patches.
Topics
Community Discussion
No community discussion yet for this question.