Free Preparation Discussions
MENU
Google Professional Cloud Security Engineer Exam - Topic 4 Question 109 Discussion
Topic #: 4
You are using Security Command Center (SCC) to protect your workloads and receive alerts for suspected security breaches at your company You need to detect cryptocurrency mining software Which SCC service should you use?
The goal is to detect cryptocurrency mining software using Security Command Center (SCC)
Security Command Center Threat Detection Services: SCC Premium and Enterprise tiers offer various specialized threat detection services
Virtual Machine Threat Detection (VMTD): This service is explicitly designed to scan virtual machines (Compute Engine instances and GKE nodes) for specific threats, including cryptocurrency mining software It operates at the hypervisor level, performing deep scans of VM memory and disksExtract Reference: 'Virtual Machine Threat Detection (VMTD) helps you detect potential threats, such as cryptocurrency mining and malware, within your Compute Engine instances and GKE nodes' (Google Cloud Documentation: 'Virtual Machine Threat Detection overview | Security Command Center' - https://cloudgooglecom/security-command-center/docs/concepts-vm-threat-detection-overview)
Extract Reference: 'This service scans virtual machines to detect potentially malicious applications, such as cryptocurrency mining software, kernel-mode rootkits, and malware running in compromised cloud environments' (Google Cloud Documentation: 'Virtual Machine Threat Detection overview | Security Command Center' - https://cloudgooglecom/security-command-center/docs/concepts-vm-threat-detection-overview)
Let's evaluate the other options:
A Web Security Scanner: This service scans for common web application vulnerabilities like XSS, Flash injection, and mixed content It is not designed to detect runtime threats like cryptocurrency mining software
B Container Threat Detection: While Container Threat Detection (CTD) also detects cryptocurrency mining, it specifically focuses on runtime threats within GKE containers The question asks for detection of 'cryptocurrency mining software' generally, and VMs are a common target for such activity (and GKE nodes are VMs) VMTD provides a more general detection across Compute Engine VMs and GKE nodes for this specific type of threat If the context explicitly mentioned containers or Cloud Run, CTD would be the more specific answer However, for a general detection of 'software' on 'workloads', and given that VMTD explicitly lists 'cryptocurrency mining software' for VMs, it is the most direct and broadly applicable answer among the choices
C Rapid Vulnerability Detection: This service actively scans internet-exposed assets for network vulnerabilities and misconfigurations It focuses on finding known vulnerabilities, not detecting active malicious processes like cryptocurrency mining
Dexter
9 hours agoLamonica
6 days agoCasie
11 days agoDulce
16 days agoPa
21 days agoLinwood
26 days agoBronwyn
1 month agoSage
1 month agoCasie
1 month agoCecilia
2 months agoJestine
2 months agoHelga
2 months agoEmilio
2 months agoJunita
2 months agoLorriane
2 months agoVon
3 months agoMariann
3 months agoBronwyn
3 months agoLaine
3 months ago