Topic 1 Question 169
Your company runs services on Google Cloud. Each team runs their applications in a dedicated project. New teams and projects are created regularly. Your security team requires that all logs are processed by a security information and event management (SIEM) system. The SIEM ingests logs by using Pub/Sub. You must ensure that all existing and future logs are scanned by the SIEM. What should you do?
Create an organization-level aggregated sink with a siem log bucket as the destination. Set an inclusion filter to include all logs.
Create a folder-level aggregated sink with a siem Pub/Sub topic as the destination. Set an inclusion filter to include all logs. Repeat for each folder.
Create an organization-level aggregated sink with a siem Pub/Sub topic as the destination. Set an inclusion filter to include all logs.
Create a project-level logging sink with a siem Pub/Sub topic as the destination. Set an inclusion filter to include all logs. Repeat for each project.
ユーザの投票
コメント(2)
- 正解だと思う選択肢: C
since we are using another app/system , so best to use queue solution in between it i.e pubsub so C
👍 2roaming_panda2025/01/15 - 正解だと思う選択肢: C
SIEM ingests logs by using Pub/Sub
👍 1LONGBOW_RA2025/02/19
シャッフルモード