Google Cloud Professional Cloud Security Engineer Practice Exam

Which Security Command Center service should be utilized to detect instances of cryptocurrency mining software?

• A. Virtual Machine Threat Detection
• B. Data Loss Prevention API
• C. Access Transparency
• D. Container Threat Detection

The correct answer is: Virtual Machine Threat Detection

Using the Virtual Machine Threat Detection service is appropriate for identifying instances of cryptocurrency mining software because this service is specifically designed to monitor Google Cloud environments for potentially malicious activities that could be happening on virtual machines. Cryptocurrency mining can be categorized as a form of unwanted software activity that may consume excessive resources or indicate unauthorized use of cloud resources. Virtual Machine Threat Detection actively analyzes the behavior of virtual machines, looking for known patterns and signatures associated with harmful software, including cryptocurrency miners. When it detects unusual behavior consistent with these activities, it generates alerts that help in taking quick action to mitigate any potential risks. Other options, while useful in their own contexts, do not directly address the specific need for detecting cryptocurrency mining software. The Data Loss Prevention API focuses on identifying and protecting sensitive data rather than monitoring for malicious software activities. Access Transparency deals with audit logs for Google Cloud services, providing insights into actions taken on resources, which is not oriented towards detecting unwanted software presence. Container Threat Detection aims to secure container environments and may not be effective in spotting threats that are native to virtual machine environments.