Topic 1 Question 254
Your company's security vulnerability management policy wants a member of the security team to have visibility into vulnerabilities and other OS metadata for a specific Compute Engine instance. This Compute Engine instance hosts a critical application in your Google Cloud project. You need to implement your company's security vulnerability management policy. What should you do?
• Ensure that the Ops Agent is installed on the Compute Engine instance. • Create a custom metric in the Cloud Monitoring dashboard. • Provide the security team member with access to this dashboard.
• Ensure that the Ops Agent is installed on the Compute Engine instance. • Provide the security team member roles/osconfig.inventoryViewer permission.
• Ensure that the OS Config agent is installed on the Compute Engine instance. • Provide the security team member roles/osconfig.vulnerabilityReportViewer permission.
• Ensure that the OS Config agent is installed on the Compute Engine instance. • Create a log sink to BigQuery dataset. • Provide the security team member with access to this dataset.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: C
Ops Agent: The Ops Agent is primarily used for collecting system and application metrics, as well as logs in Google Cloud. It is adept at monitoring the performance and health of applications and virtual machines but does not specialize in vulnerability assessment or OS-level inventory management.
OS Config Agent: This agent is specifically designed for OS configuration, inventory management, and vulnerability reporting in Google Cloud. It can gather and report on system-level inventory information (like installed packages) and OS vulnerabilities.
👍 3Cynthia20232024/01/02 C. • Ensure that the OS Config agent is installed on the Compute Engine instance. • Provide the security team member roles/osconfig.vulnerabilityReportViewer permission.
👍 1shiowbah2023/12/29- 正解だと思う選択肢: C
Per ChatGPT, Option C aligns with the requirement of providing visibility into vulnerabilities and other OS metadata for the specific Compute Engine instance while following the principle of least privilege by granting only the necessary permissions to the security team member.
👍 1KelvinToo2023/12/31
シャッフルモード