ExpertMedium1 markMultiple Choice
GCP ACE · Question 49 · Domain 5.3: Viewing audit logs
You suspect that an unauthorized user has been reading sensitive data from a Cloud Storage bucket. Which type of audit log must be enabled to investigate this?
You suspect that an unauthorized user has been reading sensitive data from a Cloud Storage bucket. Which type of audit log must be enabled to investigate this?
Answer options:
A.
Admin Activity audit logs
B.
Data Access audit logs
C.
VPC Flow Logs
D.
System Event audit logs
How to approach this question
Identify the log type that tracks 'reads' of user data.
Full Answer
B.Data Access audit logs✓ Correct
Data Access audit logs
Data Access audit logs record API calls that read the configuration or metadata of resources, as well as user-driven API calls that create, modify, or read user-provided resource data (like downloading a file from Cloud Storage). Because these logs can be very large, they are disabled by default and must be explicitly enabled.
Common mistakes
Assuming Admin Activity logs track data reads.
Practice the full GCP Associate Cloud Engineer Practice Exam 1
50 questions · hints · full answers · grading
More questions from this exam
Q01What is the highest level of the Google Cloud resource hierarchy?EasyQ02You need to enable the Compute Engine API in a new project using the command line. Which command ...EasyQ03You are setting up a new GCP environment. You need to grant a group of developers access to view ...MediumQ04You want to receive an email notification when your GCP spending exceeds $1000 this month. What s...EasyQ05You need to analyze your GCP billing data using complex SQL queries to understand cost trends acr...Medium