GCP Professional Cloud Security Engineer Practice Question
You are investigating a potential data leak and must list only Cloud Audit Log entries for the last 24 hours that show a principal enumerating objects in any Cloud Storage bucket within project finance-prod. The investigator will run gcloud logging read from a workstation that already has application-default credentials for the project. Which advanced log filter should they supply to return only the relevant Data Access log entries and exclude every other service or log type?
logName="projects/finance-prod/logs/cloudaudit.googleapis.com%2Factivity" AND resource.type="gcs_bucket" AND protoPayload.methodName="storage.objects.list"
resource.type="gcs_bucket" AND protoPayload.serviceName="storage.googleapis.com" AND protoPayload.methodName="storage.buckets.list"
logName="projects/finance-prod/logs/cloudaudit.googleapis.com%2Fdata_access" AND resource.type="gcs_bucket" AND protoPayload.serviceName="storage.googleapis.com" AND protoPayload.methodName="storage.objects.list"
logName="projects/finance-prod/logs/cloudaudit.googleapis.com%2Fdata_access" AND resource.type="gcs_object" AND protoPayload.serviceName="storage.googleapis.com" AND protoPayload.methodName="storage.objects.get"
Cloud Storage object-listing operations are logged as Data Access entries with protoPayload.methodName="storage.objects.list" and protoPayload.serviceName="storage.googleapis.com". Restricting resource.type to gcs_bucket scopes the query to bucket-level operations, and specifying logName="projects/finance-prod/logs/cloudaudit.googleapis.com%2Fdata_access" guarantees that only the Data Access audit log is searched. The other options are incorrect because they either query the Admin Activity log, target the wrong resource type or method, or omit the logName filter and therefore risk returning entries from other log categories.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of Data Access audit logs in Google Cloud?
Open an interactive chat with Bash
Why is the `resource.type` field important in advanced log filters?
Open an interactive chat with Bash
What is the difference between the `data_access` and `activity` audit logs?
Open an interactive chat with Bash
What is the difference between Data Access logs and Admin Activity logs in Cloud Audit Logs?
Open an interactive chat with Bash
What does `protoPayload.methodName` signify in the log filter?
Open an interactive chat with Bash
Why is the `logName` field important in advanced queries?
Open an interactive chat with Bash
GCP Professional Cloud Security Engineer
Managing operations
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .