Answer-first summary for fast verification
Answer: Activate Security Command Center (SCC) Premium. Create a rule to mute the security findings in SCC so they are not evaluated.
Option B is the correct answer because it provides an automated and scalable solution using Security Command Center (SCC) Premium. SCC Premium allows the creation of custom rules to mute specific security findings, which aligns with the requirement to disregard irrelevant CIS controls in a continuous evaluation process. This approach eliminates manual intervention, reduces noise, and ensures efficiency. Option A involves manual tagging and muting, which is labor-intensive and error-prone. Option C relies on manual CSV processing, which is not automated. Option D involves external audits, which do not provide an automated internal process.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your organization needs to implement an automated process for continuous evaluation against the CIS Google Cloud Computing Foundations Benchmark v1.3.0, while excluding specific controls that are irrelevant. How should you proceed?
A
Mark all security findings that are irrelevant with a tag and a value that indicates a security exception. Select all marked findings, and mute them on the console every time they appear. Activate Security Command Center (SCC) Premium.
B
Activate Security Command Center (SCC) Premium. Create a rule to mute the security findings in SCC so they are not evaluated.
C
Download all findings from Security Command Center (SCC) to a CSV file. Mark the findings that are part of CIS Google Cloud Foundation 1.3 in the file. Ignore the entries that are irrelevant and out of scope for the company.
D
Ask an external audit company to provide independent reports including needed CIS benchmarks. In the scope of the audit, clarify that some of the controls are not needed and must be disregarded.