Topic 1 Question 155
You are storing sensitive information in a Cloud Storage bucket. For legal reasons, you need to be able to record all requests that read any of the stored data. You want to make sure you comply with these requirements. What should you do?
Enable the Identity Aware Proxy API on the project.
Scan the bucket using the Data Loss Prevention API.
Allow only a single Service Account access to read the data.
Enable Data Access audit logs for the Cloud Storage API.
解説
ユーザの投票
コメント(15)
Correct Answer is (D):
Logged information Within Cloud Audit Logs, there are two types of logs:
Admin Activity logs: Entries for operations that modify the configuration or metadata of a project, bucket, or object.
Data Access logs: Entries for operations that modify objects or read a project, bucket, or object. There are several sub-types of data access logs:
ADMIN_READ: Entries for operations that read the configuration or metadata of a project, bucket, or object.
DATA_READ: Entries for operations that read an object.
DATA_WRITE: Entries for operations that create or modify an object.
👍 27ESP_SAP2020/08/22D is the correct one
👍 19francisco_guerra2020/08/12agree with D
👍 2pepepy2020/08/14
シャッフルモード