Topic 1 Question 161
A recent audit revealed that a new network was created in your GCP project. In this network, a GCE instance has an SSH port open to the world. You want to discover this network's origin. What should you do?
Search for Create VM entry in the Stackdriver alerting console
Navigate to the Activity page in the Home section. Set category to Data Access and search for Create VM entry
In the Logging section of the console, specify GCE Network as the logging section. Search for the Create Insert entry
Connect to the GCE instance using project SSH keys. Identify previous logins in system logs, and match these with the project owners list
解説
Incorrect Answers: A: To use the Stackdriver alerting console we must first set up alerting policies. B: Data access logs only contain read-only operations. Audit logs help you determine who did what, where, and when. Cloud Audit Logging returns two types of logs: ✑ Admin activity logs ✑ Data access logs: Contains log entries for operations that perform read-only operations do not modify any data, such as get, list, and aggregated list methods.
ユーザの投票
コメント(17)
When you search for Create Insert, it displays a JSON code string that contains the creators e-mail
👍 13Eroc2019/10/22I am going to go with C. Answer A doesn't seem to fit because the matter of when a VM was created. Answer B focuses on Data Access logs which doesn't seem to fit since the matter of creating a network firewall rule is an Admin activity, not a data access activity. D focuses on who logged in which is good to know but doesn't answer the question of how the network was created. C focuses on logging, the selection of network events, and the Create/Insert entry.
👍 11clouddude2020/05/09Sorry to gripe again, but why on Earth would anybody need to remember this from the top of their mind. You will never be in a situation in which you need to remember this without looking at the available options in the console (or simply Googling it, lol).
👍 6cloudmon2022/04/06
シャッフルモード