🔥 40% Off Crucial Exams Memberships — Deal ends today!

1 hour, 58 minutes remaining!
Crucial Exams

GCP Associate Cloud Engineer Practice Question

Your security team needs to stream all Admin Activity audit logs from the production project to a third-party SIEM that subscribes to a Pub/Sub topic. You created the topic "prod-audit-topic" and then ran:

gcloud logging sinks create siem-sink \
  pubsub.googleapis.com/projects/prod-project/topics/prod-audit-topic \
  --log-filter="logName:cloudaudit.googleapis.com%2Factivity"

The sink shows as active, but the SIEM is not receiving any messages. What is the most likely action you still need to perform to make the export work?

  • Grant the Pub/Sub Subscriber role on prod-audit-topic to the default Compute Engine service account.

  • Increase the retention period of the _Default log bucket to 30 days.

  • Enable VPC Service Controls for the Pub/Sub API in the project.

  • Grant the Pub/Sub Publisher role on prod-audit-topic to the sink's writer identity service account.

GCP Associate Cloud Engineer
Ensuring successful operation of a cloud solution
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot