Exam Professional Cloud Security Engineer topic 1 question 263 discussion

This approach ensures that: Centralized Image Management: Hardened VM images are created and stored in a central registry. Automated Security Enforcement: Vulnerability scans are run in the pipeline, ensuring that only secure images are used. Consistency: Instance templates pointing to the registry ensure that all VMs are created from the approved, secure images. Option A suggests using VM Manager to automatically distribute and apply patches to VMs across your projects and integrating VM Manager with hardened, organization-standard VM images stored in a central repository. While this approach addresses patch management and centralizes image storage, it doesn't fully automate the enforcement of security baselines throughout the VM lifecycle.

Explanation: VM sprawl and security hardening challenges necessitate a robust solution for centralized VM image management and automation of security baselines. Implementing a pipeline to create, validate, and distribute hardened images ensures consistency, security, and compliance throughout the VM lifecycle. While VM Manager is excellent for patch management, it does not centralize or automate the creation of hardened VM images. This solution does not address the root cause of inconsistent VM configurations caused by VM sprawl.

VM Manager allows you to automate the management of your virtual machines, including patch management.

It's A

It's A 100%

A is the correct answer ,VM Manager allows you to centrally manage and automate patching, configuration management, and compliance enforcement for VMs. By integrating with hardened VM images stored in a central repository, you ensure that VMs are consistently created with security baselines and regularly updated. • This solution provides automation and central control, which addresses both the challenges of VM sprawl and the need for consistent security.

I think it's C.