A company migrated their entire data/center to Google Cloud Platform. It is running thousands of instances across multiple projects managed by different departments. You want to have a historical record of what was running in Google Cloud Platform at any point in time.
What should you do?
To maintain a historical record of what was running in Google Cloud Platform at any point in time, the best approach is to use Security Command Center. Security Command Center provides visibility into various assets, allowing you to review historical discovery scans to identify new, modified, or deleted assets. This capability ensures that you can have a comprehensive and historical view across different projects and departments in your organization.
'B is the correct answer. Only Forseti security can have both 'past' and 'present' (i.e. historical) records of the resources. https://forsetisecurity.org/about/
Forseti is outdated,no one uses it anymore
Outdated questions- you should use asset inventory now.
The correct answer is A. Feature of Resource Manager - https://cloud.google.com/asset-inventory
The answer is not A because Cloud Asset Inventory is not one of the choices. The correct answer is B.
SEE THE SUB-HEADING 'INVENTORY' ON THIS LINK: https://forsetisecurity.org/about/
Resource Manager / Cloud Asset Inventory only keeps data for 6 weeks, so doesn't meet the requirements in the question
I will go with B question says " historical inventory" and that makes B the right choice
https://cloud.google.com/security-command-center Discover and view your assets in near-real time across App Engine, BigQuery, Cloud SQL, Cloud Storage, Compute Engine, Cloud Identity and Access Management, Google Kubernetes Engine, and more. Review historical discovery scans to identify new, modified, or deleted assets. Why not D?
I guess the reason to discard D is that it says "all assets", while according to the documentation, "Security Command Center supports a large subset of Google Cloud assets.", so it supports a large number but not all assets. Ref: https://cloud.google.com/security-command-center/docs/concepts-security-command-center-overview#inventory
Azure security center does provide only realtime view on cloud. Endpoints once deleted or offboarded are no more visible in azure security center, which means historical details are lost
And about D?
It seems that for set is outdated and its features have been incorporated into security command center
Ans - B
Ans : B. You need to keep the records for long time so it's Inventory.
Answer is B
https://forsetisecurity.org/about/ inventory
B is the correct answer. Only Forseti security can have both 'past' and 'present' (i.e. historical) records of the resources. https://forsetisecurity.org/about/
"B" is the correct answer. Forseti has been deprecated however it's capabilities and features (like asset inventory) have been incorporated into Security Command Center. https://cloud.google.com/security-command-center/docs/concepts-security-command-center-overview#inventory
B is old way of doing things and things got updated
D is a good answer
D is good answer in this case. Foreseti is outdated
D is good answer in this case. Foreseti is outdated
A is correct
B IS CORRECT SEE: https://forsetisecurity.org/about/
B is correct
Correct answer is B
B is the right answer, Forseti has a track of inventory snapshots
b of course
B is the correct answer. "Keep track of your environment Take inventory snapshots of your Google Cloud Platform (GCP) resources on a recurring cadence so that you always have a history of what was in your cloud." https://forsetisecurity.org/
Correct is A Problem with Forseti - it's a third party tool, and it's sunset archived now due to lack of involvement. Do you really think Google would care to place it in test? Using Resource Manager on the organization level is a good way to have a historical record of what was running in Google Cloud Platform at any point in time. This is because Resource Manager provides a centralized view of all of your organization's resources, including projects, folders, and organization policies. It's a native tool, so I would go for answer A.
weird, Forseti - depreciated on Oct 2018, why was it even considered as an answer! 😉😁 https://forsetisecurity.org/news/2019/02/18/deprecate-1.0.html I'm going with option D
For an actual recent answer, D is the correct one.
D - SCC is supported by Gemini and not Forseti.
To maintain a historical record of what resources were running in Google Cloud Platform (GCP) at any point in time, you need a solution that periodically takes inventory snapshots of all assets. Forseti Security is specifically designed to automate this process, making it the best option for this use case.
Old question. Forseti? SCC is the newest kid on the block and fits best here.
B. Only Forseti keeps a complete record over time. SCC gives you how it looks now, but you cannot look into the past, which the scenario in the question requires.