ExpertEasy1 markMultiple Choice
GCP ACE · Question 48 · Domain 5.3: Viewing audit logs
A critical Compute Engine instance was unexpectedly deleted. You need to find out which user or service account issued the delete command.
Which type of Cloud Audit Log should you review?
A critical Compute Engine instance was unexpectedly deleted. You need to find out which user or service account issued the delete command.
Which type of Cloud Audit Log should you review?
Answer options:
A.
Admin Activity audit logs
B.
Data Access audit logs
C.
System Event audit logs
D.
VPC Flow Logs
How to approach this question
Differentiate between the types of audit logs. Deleting a resource is an administrative action.
Full Answer
A.Admin Activity audit logs✓ Correct
Admin Activity audit logs
Cloud Audit Logs are divided into several categories. 'Admin Activity' logs contain log entries for API calls or other actions that modify the configuration or metadata of resources. Deleting a VM is a configuration change. These logs are always enabled and cannot be disabled.
Common mistakes
Choosing Data Access logs, which are for tracking who *looked* at data, not who *deleted* infrastructure.
Practice the full GCP Associate Cloud Engineer Practice Exam 5
50 questions · hints · full answers · grading
More questions from this exam
Q01You are starting a new initiative and need to create a new Google Cloud project using the command...EasyQ02A developer on your team needs to manage App Engine applications, including deploying new version...MediumQ03You have created a new Google Cloud project. You need to allow a specific group of developers to ...MediumQ04Which statement best describes the relationship between Google Cloud projects and billing accounts?EasyQ05Your company wants to be notified immediately in their Slack channel whenever their monthly Googl...Medium