Answer-first summary for fast verification
Answer: Scan and alert vulnerabilities and misconfigurations by using Secure Health Analytics detectors in Security Command Center Premium.
The question requires identifying common misconfigurations and compliance violations across the organization and tracking findings in a dashboard. Security Health Analytics (SHA) in Security Command Center Premium is specifically designed for this purpose - it continuously scans cloud environments for misconfigurations and compliance violations against standards like CIS benchmarks, provides detailed findings, and integrates with dashboards for tracking remediation. Option B directly addresses the core requirements. Option A (Cloud Asset Inventory) focuses on asset discovery and IAM analysis but doesn't provide comprehensive misconfiguration detection. Option C (Cloud Audit Logs) is reactive and focuses on API activity monitoring rather than configuration assessment. Option D (Event Threat Detection) is for detecting active threats and attacks, not misconfigurations or compliance violations.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your organization's Google Cloud usage has expanded significantly, with multiple groups independently using various cloud resources. You need to identify common misconfigurations and compliance violations across the organization and track the findings for remediation in a dashboard. What should you do?
A
Create a filter set in Cloud Asset Inventory to identify service accounts with high privileges and IAM principals with Gmail domains.
B
Scan and alert vulnerabilities and misconfigurations by using Secure Health Analytics detectors in Security Command Center Premium.
C
Set up filters on Cloud Audit Logs to flag log entries for specific, risky API calls, and display the calls in a Cloud Log Analytics dashboard.
D
Alert and track emerging attacks detected in your environment by using Event Threat Detection detectors.