Topic 1 Question 226
Your organization wants to protect all workloads that run on Compute Engine VM to ensure that the instances weren't compromised by boot-level or kernel-level malware. Also, you need to ensure that data in use on the VM cannot be read by the underlying host system by using a hardware-based solution.
What should you do?
- Use Google Shielded VM including secure boot, Virtual Trusted Platform Module (vTPM), and integrity monitoring.
- Create a Cloud Run function to check for the VM settings, generate metrics, and run the function regularly.
- Activate Virtual Machine Threat Detection in Security Command Center (SCC) Premium.
- Monitor the findings in SCC.
- Use Google Shielded VM including secure boot, Virtual Trusted Platform Module (vTPM), and integrity monitoring.
- Activate Confidential Computing.
- Enforce these actions by using organization policies.
- Use secure hardened images from the Google Cloud Marketplace.
- When deploying the images, activate the Confidential Computing option.
- Enforce the use of the correct images and Confidential Computing by using organization policies.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: C
C is the correct
👍 2pfilourenco2023/08/04 - 正解だと思う選択肢: C
C it the best option
👍 2gcp4test2023/08/04 C is correct because questions says data should remain secure at rest which can only be done by Confidential Vms
👍 1rishi1101962023/09/03
シャッフルモード