Topic 1 Question 298
A security audit uncovered several inconsistencies in your project's Identity and Access Management (IAM) configuration. Some service accounts have overly permissive roles, and a few external collaborators have more access than necessary. You need to gain detailed visibility into changes to IAM policies, user activity, service account behavior, and access to sensitive projects. What should you do?
Configure Google Cloud Functions to be triggered by changes to IAM policies. Analyze changes by using the policy simulator, send alerts upon risky modifications, and store event details.
Enable the metrics explorer in Cloud Monitoring to follow the service account authentication events and build alerts linked on it.
Use Cloud Audit Logs. Create log export sinks to send these logs to a security information and event management (SIEM) solution for correlation with other event sources.
Deploy the OS Config Management agent to your VMs. Use OS Config Management to create patch management jobs and monitor system modifications.
ユーザの投票
コメント(3)
C - Comprehensive Logging: Cloud Audit Logs capture a wide range of activities, including IAM policy changes, user logins, API calls, and resource access. This provides a comprehensive view of your organization's IAM activity. Log Export: By creating log export sinks, you can send Cloud Audit Logs to a SIEM solution, where they can be correlated with other event sources to identify potential security threats. Detailed Analysis: SIEM solutions can provide advanced analytics and reporting capabilities, allowing you to analyze IAM changes, detect anomalies, and identify potential security risks.
👍 3abdelrahman892024/10/04- 正解だと思う選択肢: C
It's C
👍 1json4u2024/10/15 - 正解だと思う選択肢: C
This approach allows you to monitor and analyze IAM changes comprehensively, ensuring that you can detect and respond to any security issues effectively https://cloud.google.com/iam/docs/audit-logging
👍 1Pime132024/12/09
シャッフルモード