Topic 1 Question 132

Professional Cloud Security Engineer

Topic 1 Question 132
You are tasked with exporting and auditing security logs for login activity events for Google Cloud console and API calls that modify configurations to Google Cloud resources. Your export must meet the following requirements: ✑ Export related logs for all projects in the Google Cloud organization. ✑ Export logs in near real-time to an external SIEM. What should you do?

2 つ選択
- Create a Log Sink at the organization level with a Pub/Sub destination.
- Create a Log Sink at the organization level with the includeChildren parameter, and set the destination to a Pub/Sub topic.
- Enable Data Access audit logs at the organization level to apply to all projects.
- Enable Google Workspace audit logs to be shared with Google Cloud in the Admin Console.
- Ensure that the SIEM processes the AuthenticationInfo field in the audit log entry to gather identity information.
解説
Reference: https://www.datadoghq.com/blog/monitoring-gcp-audit-logs/

ユーザの投票
コメント(7)
- 正解だと思う選択肢: BD
  B because for all projects
  
  D "Google Workspace Login Audit: Login Audit logs track user sign-ins to your domain. These logs only record the login event. They don't record which system was used to perform the login action." https://cloud.google.com/logging/docs/audit/gsuite-audit-logging#services
  
  👍 10
  cloudprincipal2022/05/31
- Ans:B,C https://cloud.google.com/logging/docs/export/aggregated_sinks: To use aggregated sinks, you create a sink in a Google Cloud organization or folder, and set the sink's includeChildren parameter to True. That sink can then route log entries from the organization or folder, plus (recursively) from any contained folders, billing accounts, or Cloud projects. https://cloud.google.com/logging/docs/audit#data-access Data Access audit logs-- except for BigQuery Data Access audit logs-- are disabled by default because audit logs can be quite large. If you want Data Access audit logs to be written for Google Cloud services other than BigQuery, you must explicitly enable them
  
  👍 8
  ExamQnA2022/05/20
- Correct answers are : B,D
  
  B : to respond to the "logs for all projects" requirement and " near real-time "requirement D: to be able de log "login activities" we need to export audit logs from Google Workspace to Google Cloud.
  
  👍 7
  Medofree2022/05/26
シャッフルモード

解説

ユーザの投票

コメント(7)