Topic 1 Question 76
Government regulations in your industry mandate that you have to maintain an auditable record of access to certain types of data. Assuming that all expiring logs will be archived correctly, where should you store data that is subject to that mandate?
Encrypted on Cloud Storage with user-supplied encryption keys. A separate decryption key will be given to each authorized user.
In a BigQuery dataset that is viewable only by authorized personnel, with the Data Access log used to provide the auditability.
In Cloud SQL, with separate database user names to each user. The Cloud SQL Admin activity logs will be used to provide the auditability.
In a bucket on Cloud Storage that is accessible only by an AppEngine service that collects user information and logs the access before providing a link to the bucket.
ユーザの投票
コメント(17)
Keywords here are
- "Archived": Immutable and hence, BQ and Cloud SQL are ruled out
- "Auditable": Means track any changes done. Only D can provide the audibility piece! I will go with D
👍 44Mitra1232021/03/20Answer: B Description: Bigquery is used to analyse access logs, data access logs capture the details of the user that accessed the data
👍 20[Removed]2020/03/27- 正解だと思う選択肢: D
I was thinking it should be A. However, 'data' in this question is too vague. It does not say anywhere that the data could fit in BigQuery tables. It could be unstructure data such as videos or images Option D seems to involve more setup but it is the only viable option for this scenario. Note that GCS do have Cloud Audit logs. That should be the best option. Maybe this question was asked when Cloud Audit log is not yet available for GCS.
👍 4midgoo2023/03/01
シャッフルモード