To automate patch management in virtual machines, which two actions should you take?

Enabling automatic patch updates using VM Manager is a robust way to automate patch management for virtual machines. VM Manager offers capabilities to manage the lifecycle of your VMs, which includes the ability to schedule and automatically apply patches across a fleet of instances. By activating this feature, you mitigate the risk of vulnerabilities due to unpatched systems while also reducing the manual workload associated with managing updates individually.

This approach not only ensures that the VMs are regularly and systematically updated but also adheres to best practices in maintaining security across your infrastructure. In contrast, manually deploying patches on each VM would require significant administrative effort and could lead to inconsistent patch levels across your environments, which is less efficient and raises security concerns. Relying solely on the Google Cloud Console for updates lacks the automation and management capabilities offered by VM Manager, and viewing patch management data in a Security Command Center does not actively engage with patch management processes, missing the proactive measures required for thorough management of VM security.