You need to generate a list of all virtual machines (VMs) with available but uninstalled critical operating system (OS) security updates for a semi-annual compliance report. How can you accomplish this task efficiently?

Exam-Like

Run a Security Command Center security scan on all VMs to extract a list of VMs with critical OS vulnerabilities every six months.

Run a gcloud CLI command from the Command Line Interface (CLI) to extract the VM's OS version information every six months.

Ensure that the Cloud Logging agent is installed on all VMs, and extract the OS last update log date every six months.

Ensure the OS Config agent is installed on all VMs and extract the patch status dashboard every six months.

Google Professional Cloud Security Engineer