Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Google Exam Professional Cloud Security Engineer Topic 4 Question 81 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 81
Topic #: 4
[All Professional Cloud Security Engineer Questions]

A company is using Google Kubernetes Engine (GKE) with container images of a mission-critical application The company wants to scan the images for known security issues and securely share the report with the security team without exposing them outside Google Cloud.

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

'The service evaluates all changes and remote access attempts to detect runtime attacks in near-real time.' : https://cloud.google.com/security-command-center/docs/concepts-container-threat-detection-overview This has nothing to do with KNOWN security Vulns in images


Contribute your Thoughts:

Odette
5 months ago
I agree with Maynard, Option C is the way to go. Keeping everything within the Google Cloud ecosystem makes the most sense for this use case.
upvoted 0 times
Craig
3 months ago
Agreed. It's important to keep security measures within the same ecosystem.
upvoted 0 times
...
Keshia
3 months ago
I think so too. Using Artifact Registry for automatic scanning is a smart move.
upvoted 0 times
...
Tricia
4 months ago
Option C is definitely the best choice. It keeps everything secure within Google Cloud.
upvoted 0 times
...
Kati
4 months ago
Agreed, using Cloud Build to build and push images for automatic scanning is the way to go.
upvoted 0 times
...
Jacquelyne
4 months ago
I think enabling vulnerability scanning in the Artifact Registry is a smart move. It's all about security.
upvoted 0 times
...
Providencia
4 months ago
Option C is definitely the best choice. It keeps everything secure within Google Cloud.
upvoted 0 times
...
...
Alberto
5 months ago
Haha, getting a GitHub subscription just to download a security report? Option D is a bit overkill, don't you think?
upvoted 0 times
Wade
4 months ago
B: Definitely, I think Option A or C would be more efficient for scanning and sharing the report securely.
upvoted 0 times
...
Laura
5 months ago
A: Yeah, I agree. Option D seems like too much work for just sharing a security report.
upvoted 0 times
...
...
Tasia
5 months ago
I think enabling vulnerability scanning in the Artifact Registry settings and pushing images for automatic scanning is the way to go.
upvoted 0 times
...
Jenelle
6 months ago
I prefer using an open source tool in Cloud Build to scan the images and share the report link with the security department.
upvoted 0 times
...
Heike
6 months ago
I like how Option C integrates the security scanning directly into the build and deployment process. That way, you don't have to worry about additional steps to share the reports.
upvoted 0 times
...
Maynard
6 months ago
Option C seems to be the most comprehensive solution. Scanning the images in the Artifact Registry and viewing the reports right there is a clean and efficient approach.
upvoted 0 times
Ettie
5 months ago
Using Artifact Registry for vulnerability scanning and viewing the reports there is a smart move.
upvoted 0 times
...
Jerry
5 months ago
I agree, option C seems like the best choice for securely scanning and sharing the reports.
upvoted 0 times
...
Shantay
5 months ago
Definitely, it's important to have a streamlined solution for security scanning and reporting.
upvoted 0 times
...
Elin
6 months ago
I agree, using Artifact Registry for automatic scanning and viewing reports in one place simplifies the process.
upvoted 0 times
...
Kanisha
6 months ago
Option C seems to be the most comprehensive solution. Scanning the images in the Artifact Registry and viewing the reports right there is a clean and efficient approach.
upvoted 0 times
...
...
Kristofer
6 months ago
I agree with Winifred, upgrading all clusters to the latest GKE version is crucial for security.
upvoted 0 times
...
Winifred
6 months ago
I think we should enable Container Threat Detection in the Security Command Center Premium tier.
upvoted 0 times
...

Save Cancel