TerramEarth manufactures heavy equipment for the mining and agricultural industries.
They currently have over 500 dealers and service centers in 100 countries.
Their mission is to build products that make their customers more productive.
Solution concept - There are 2 million TerramEarth vehicles in operation currently, and we see 20% yearly growth.
Vehicles collect telemetry data from many sensors during operation.
A small subset of critical data is transmitted from the vehicles in real time to facilitate fleet management.
The rest of the sensor data is collected, compressed, and uploaded daily when the vehicles return to home base.
Each vehicle usually generates 200 to 500 megabytes of data per day.
Existing technical environment - TerramEarth's vehicle data aggregation and analysis infrastructure resides in Google Cloud and serves clients from all around the world.
A growing amount of sensor data is captured from their two main manufacturing plants and sent to private data centers that contain their legacy inventory and logistics management systems.
The private data centers have multiple network interconnects configured to Google Cloud.
The web frontend for dealers and customers is running in Google Cloud and allows access to stock management and analytics.
Business requirements - Predict and detect vehicle malfunction and rapidly ship parts to dealerships for just-in-time repair where possible.
Decrease cloud operational costs and adapt to seasonality.
Increase speed and reliability of development workflow.
Allow remote developers to be productive without compromising code or data security.
Create a flexible and scalable platform for developers to create custom API services for dealers and partners.
Technical requirements - Create a new abstraction layer for HTTP API access to their legacy systems to enable a gradual move into the cloud without disrupting operations.
Modernize all CI/CD pipelines to allow developers to deploy container-based workloads in highly scalable environments.
Allow developers to run experiments without compromising security and governance requirements.
Create a self-service portal for internal and partner developers to create new projects, request resources for data analytics jobs, and centrally manage access to the API endpoints.
Use cloud-native solutions for keys and secrets management and optimize for identity-based access.
Improve and standardize tools necessary for application and network monitoring and troubleshooting.
Executive statement - Our competitive advantage has always been our focus on the customer, with our ability to provide excellent customer service and minimize vehicle downtimes.
TerramEarth security team sent you several recent Linux vulnerabilities published by Common Vulnerabilities and Exposures (CVE)
You need assistance in understanding how these vulnerabilities could impact your migration.
What should you do? (Choose two.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.AD.
TerramEarth is a heavy equipment manufacturer that collects telemetry data from their vehicles' sensors during operation. A subset of this data is transmitted in real-time for fleet management, while the rest is collected and uploaded daily. TerramEarth uses Google Cloud for their data aggregation and analysis infrastructure, and the web frontend for dealers and customers is also hosted on Google Cloud.
To address their business requirements and technical requirements, TerramEarth needs to create a new abstraction layer for HTTP API access to their legacy systems, modernize all CI/CD pipelines, and create a self-service portal for internal and partner developers. They also need to use cloud-native solutions for keys and secrets management, improve and standardize tools for monitoring and troubleshooting, and optimize for identity-based access.
The executive statement highlights the importance of customer service and minimizing vehicle downtimes as TerramEarth's competitive advantage. The security team has sent several Linux vulnerabilities published by Common Vulnerabilities and Exposures (CVE), and TerramEarth needs assistance in understanding how these vulnerabilities could impact their migration.
The question asks what TerramEarth should do to address these vulnerabilities. The correct answers are A and C.
Option A suggests opening a support case regarding the CVE and chatting with a support engineer. This is a good approach because Google Cloud provides support to help customers understand how vulnerabilities could impact their migration. Support engineers can also suggest best practices for mitigating risks and provide guidance on how to update systems to address vulnerabilities.
Option B suggests reading the CVEs from the Google Cloud Status Dashboard to understand the impact. This option is not as helpful because the Google Cloud Status Dashboard is designed to provide information about service disruptions and outages. It may not provide detailed information about specific vulnerabilities.
Option C suggests reading the CVEs from the Google Cloud Platform Security Bulletins to understand the impact. This option is also a good approach because the Google Cloud Platform Security Bulletins provide detailed information about vulnerabilities that affect Google Cloud services. These bulletins also provide guidance on how to address vulnerabilities and mitigate risks.
Option D suggests posting a question regarding the CVE in Stack Overflow to get an explanation. This option is not recommended because Stack Overflow is a community-driven platform where developers can ask and answer technical questions. While it may be helpful for some technical questions, it may not be the best resource for understanding the impact of vulnerabilities.
Option E suggests posting a question regarding the CVE in a Google Cloud discussion group to get an explanation. This option is also not as helpful because discussion groups may not provide the level of support and guidance that a support engineer can provide.
In summary, TerramEarth should open a support case and chat with a support engineer to get guidance on how to address the vulnerabilities. They should also read the CVEs from the Google Cloud Platform Security Bulletins to understand the impact of the vulnerabilities.