Explanation:
Option B is the optimal choice because it efficiently addresses both requirements: discovering publicly exposed network assets and performing a security audit in the least amount of time. Cloud Asset Inventory provides a comprehensive and rapid way to identify all external assets across the Google Cloud environment, eliminating the need for manual discovery. Once identified, running a network security scanner specifically against these external assets focuses the audit effort, saving time compared to scanning all instances (Option A). Option C, involving a third-party vendor, introduces delays due to scheduling and may incur additional costs. Option D is unnecessary for a self-initiated audit and does not contribute to timely asset discovery or scanning. The community discussion strongly supports B, with 100% consensus and upvoted comments emphasizing its efficiency and scope coverage.
Ultimate access to all questions.
Your company uses Google Cloud and has publicly exposed network assets. You want to discover these assets and perform a security audit on them using a software tool in the least amount of time.
What should you do?
A
Run a platform security scanner on all instances in the organization.
B
Identify all external assets by using Cloud Asset Inventory, and then run a network security scanner against them.
C
Contact a Google approved security vendor to perform the audit.
D
Notify Google about the pending audit, and wait for confirmation before performing the scan.
No comments yet.