ExpertMedium1 markMultiple Choice
GCP ACE · Question 50 · Domain 5.3: Viewing audit logs
Your company is subject to strict compliance regulations that require all Admin Activity audit logs to be retained for exactly 3 years. By default, Cloud Logging only retains these logs for 400 days.
Which TWO actions should you take to meet this compliance requirement? (Select TWO)
Your company is subject to strict compliance regulations that require all Admin Activity audit logs to be retained for exactly 3 years. By default, Cloud Logging only retains these logs for 400 days.
Which TWO actions should you take to meet this compliance requirement? (Select TWO)
Answer options:
A.
Increase the default retention period in Cloud Logging to 3 years.
B.
Create a Log Sink to export the audit logs to a Cloud Storage bucket.
C.
Configure a retention policy on the Cloud Storage bucket for 3 years.
D.
Export the logs to a Cloud SQL database.
E.
Take a snapshot of the Cloud Logging disk every month.
How to approach this question
Combine Cloud Logging export features with Cloud Storage compliance features.
Full Answer
Create a Log Sink to export the audit logs to a Cloud Storage bucket., Configure a retention policy on the Cloud Storage bucket for 3 years.
For long-term retention of logs (beyond the default Cloud Logging limits), the best practice is to create a Log Router Sink that exports the logs to a Cloud Storage bucket. To meet strict compliance regulations (WORM - Write Once Read Many), you apply a Retention Policy to the bucket, which physically prevents deletion of the logs until the 3-year period expires.
Common mistakes
Trying to use Cloud SQL for log storage, or assuming Cloud Logging can't export data.
Practice the full GCP Associate Cloud Engineer Practice Exam 3
50 questions · hints · full answers · grading
More questions from this exam
Q01You are starting a new project in Google Cloud and need to create a new GCP project and enable th...EasyQ02A new team member has joined your operations team. They need to be able to view all Compute Engin...MediumQ03Your company is migrating to Google Cloud. You currently manage all employee identities in an on-...MediumQ04Your development team is experimenting with new GCP services in a sandbox project. The finance te...MediumQ05Your company wants to perform complex, custom SQL analysis on their Google Cloud billing data to ...Easy