ExpertMedium1 markMultiple Choice
GCP ACE · Question 50 · Domain 5.3: Viewing audit logs
Your compliance department requires that all Data Access audit logs be retained for 3 years. Cloud Logging only retains these logs for 30 days by default.
Which TWO actions should you take to meet this compliance requirement? (Select TWO)
Your compliance department requires that all Data Access audit logs be retained for 3 years. Cloud Logging only retains these logs for 30 days by default.
Which TWO actions should you take to meet this compliance requirement? (Select TWO)
Answer options:
A.
Create a Log Sink in Cloud Logging.
B.
Set the destination of the Log Sink to a Cloud Storage bucket.
C.
Upgrade your Google Cloud support plan to Premium to extend log retention.
D.
Set the destination of the Log Sink to Cloud Memorystore.
E.
Take a daily snapshot of the Cloud Logging database.
How to approach this question
Understand how to export logs for long-term retention in GCP.
Full Answer
Create a Log Sink in Cloud Logging., Set the destination of the Log Sink to a Cloud Storage bucket.
To retain logs beyond the default retention period of Cloud Logging, you must export them. You do this by creating a Log Sink (a router). The sink uses a filter to select the logs you want (Data Access logs) and routes them to a supported destination. For long-term, 3-year compliance retention, a Cloud Storage bucket (often using the Archive storage class) is the most cost-effective and standard destination.
Common mistakes
Thinking you can just change a setting to keep logs for 3 years in Cloud Logging. While custom retention is possible, it is very expensive compared to exporting to Cloud Storage.
Practice the full GCP Associate Cloud Engineer Practice Exam 7
50 questions · hints · full answers · grading
More questions from this exam
Q01You are starting a new initiative and need to create a new Google Cloud project using the Cloud S...EasyQ02Your company is migrating to Google Cloud and wants to manage user identities centrally. They cur...MediumQ03You have just created a new Google Cloud project and want to deploy a containerized application u...MediumQ04Your finance team wants to perform complex SQL queries on your Google Cloud billing data to analy...MediumQ05You are managing a development project in Google Cloud. You want to ensure that you are notified ...Easy