The goal is to detect cryptocurrency mining software using Security Command Center (SCC).
Security Command Center Threat Detection Services: SCC Premium and Enterprise tiers offer various specialized threat detection services.
Virtual Machine Threat Detection (VMTD): This service is explicitly designed to scan virtual machines (Compute Engine instances and GKE nodes) for specific threats, including cryptocurrency mining software. It operates at the hypervisor level, performing deep scans of VM memory and disks.Extract Reference: "Virtual Machine Threat Detection (VMTD) helps you detect potential threats, such as cryptocurrency mining and malware, within your Compute Engine instances and GKE nodes." (Google Cloud Documentation: "Virtual Machine Threat Detection overview | Security Command Center" - https://cloud.google.com/security-command-center/docs/concepts-vm-threat-detection-overview)
Extract Reference: "This service scans virtual machines to detect potentially malicious applications, such as cryptocurrency mining software, kernel-mode rootkits, and malware running in compromised cloud environments." (Google Cloud Documentation: "Virtual Machine Threat Detection overview | Security Command Center" - https://cloud.google.com/security-command-center/docs/concepts-vm-threat-detection-overview)
Let's evaluate the other options:
A. Web Security Scanner: This service scans for common web application vulnerabilities like XSS, Flash injection, and mixed content. It is not designed to detect runtime threats like cryptocurrency mining software.
B. Container Threat Detection: While Container Threat Detection (CTD) also detects cryptocurrency mining, it specifically focuses on runtime threats within GKE containers. The question asks for detection of "cryptocurrency mining software" generally, and VMs are a common target for such activity (and GKE nodes are VMs). VMTD provides a more general detection across Compute Engine VMs and GKE nodes for this specific type of threat. If the context explicitly mentioned containers or Cloud Run, CTD would be the more specific answer. However, for a general detection of "software" on "workloads", and given that VMTD explicitly lists "cryptocurrency mining software" for VMs, it is the most direct and broadly applicable answer among the choices.
C. Rapid Vulnerability Detection: This service actively scans internet-exposed assets for network vulnerabilities and misconfigurations. It focuses on finding known vulnerabilities, not detecting active malicious processes like cryptocurrency mining.
Given the direct and explicit mention of cryptocurrency mining detection for VMs in its documentation, Virtual Machine Threat Detection is the correct SCC service to use.
