GCP Professional Cloud Architect Practice Question
Your organization needs to build a centralized log sink that collects only the entries created when Google Cloud performs automatic actions such as Compute Engine live-migration, hypervisor maintenance, or automatic node restarts. The security team also wants to guarantee that these entries are always written, even if individual project administrators change their own logging configurations, and that the logs do not incur additional ingestion charges. Which Cloud Audit Logs type should you specify in the sink's inclusion filter, and why?
Admin Activity audit logs - they capture all configuration changes by users and are always enabled, ensuring the required events are logged.
Policy Denied audit logs - they record system-generated denial events and cannot be disabled, so they will include the needed maintenance actions.
System Event audit logs - they are written for platform-initiated actions, are always enabled, and are ingested at no additional cost.
Data Access audit logs - they track metadata and data reads or writes and are generated without charge when enabled across projects.
System Event audit logs are generated by Google Cloud itself whenever the platform performs internal operations that modify customer resources-for example, when the infrastructure live-migrates a VM or restarts it after a host failure. These logs are always on and cannot be disabled at the project, folder, or organization level, so they will be captured regardless of any logging changes made by project owners. Like all always-on audit logs, their ingestion into Cloud Logging does not incur additional charges. Admin Activity logs are also always on and free, but they record actions initiated by users or service accounts rather than automatic platform operations, so they would miss the required events. Data Access logs are disabled by default and can generate extra costs, while Policy Denied logs only record authorization failures, not successful maintenance actions.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are System Event audit logs used for in Google Cloud?
Open an interactive chat with Bash
How do System Event audit logs differ from Admin Activity audit logs?
Open an interactive chat with Bash
Why don't System Event audit logs incur ingestion charges?
Open an interactive chat with Bash
What are System Event audit logs?
Open an interactive chat with Bash
How do System Event audit logs differ from Admin Activity audit logs?
Open an interactive chat with Bash
Why do System Event audit logs not incur additional ingestion charges?
Open an interactive chat with Bash
GCP Professional Cloud Architect
Designing for security and compliance
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .