GCP Professional Cloud Security Engineer Practice Question
In your organization-level logging strategy, the security team mandates that every API call that deletes or modifies Cloud SQL instances must be logged centrally for incident investigations. Budget constraints forbid enabling any high-volume, chargeable logs. Which action ensures that the required events are captured and routed to the centralized log bucket without incurring additional logging fees?
Enable Cloud SQL Data Access audit logs and create a project-level sink to export them.
Turn on Cloud SQL maintenance events and export them via Pub/Sub to the SIEM.
Enable Cloud Asset Inventory feeds and configure real-time export to BigQuery.
Rely on the default Admin Activity audit logs and create an organization-level log sink filtering for Cloud SQL Admin Activity entries.
Admin Activity audit logs are written automatically for all Google Cloud services and record configuration-changing API calls such as the creation, update, or deletion of Cloud SQL instances. These logs are always on and their ingestion does not generate charges. By creating an organization-level log sink that filters for the Cloud SQL Admin Activity log entries, the events can be forwarded to the central log bucket without turning on any additional, billable log types. Enabling Data Access logs, Asset Inventory feeds, or maintenance events would either incur extra logging fees or fail to capture every configuration-changing API call.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Admin Activity audit logs in GCP?
Open an interactive chat with Bash
What is a log sink in GCP, and how does it work?
Open an interactive chat with Bash
What is the difference between Admin Activity audit logs and Data Access audit logs in GCP?
Open an interactive chat with Bash
What are Admin Activity audit logs in Google Cloud?
Open an interactive chat with Bash
What is an organization-level log sink and why is it useful?
Open an interactive chat with Bash
How do Admin Activity logs differ from Data Access audit logs?
Open an interactive chat with Bash
GCP Professional Cloud Security Engineer
Managing operations
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .