GCP Professional Cloud Security Engineer Practice Question
Your compliance auditors need to review Cloud Audit Logs, including Data Access entries and Access Transparency logs, across every project in your organization. They must not be able to create or modify log sinks, delete logs, or change any logging configuration. Which predefined IAM role should you grant at the organization level to satisfy these requirements?
Grant roles/logging.viewer on the organization
Grant roles/logging.privateLogViewer on the organization
Grant roles/iam.securityReviewer on the organization
The roles/logging.privateLogViewer role grants read-only access to all log entries, including sensitive categories such as Data Access audit logs and Access Transparency logs. It does not allow any changes to logging configurations or sinks, meeting the auditors' need for broad but strictly read-only visibility.
roles/logging.viewer cannot view Data Access or other sensitive logs. roles/logging.admin provides full administrative control over Cloud Logging, which exceeds the auditors' needs and violates least-privilege principles. roles/iam.securityReviewer offers broad visibility into IAM policies but does not grant access to sensitive log data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the roles/logging.privateLogViewer IAM role in GCP?
Open an interactive chat with Bash
What are Data Access audit logs and Access Transparency logs in GCP?
Open an interactive chat with Bash
Why is least privilege important when assigning IAM roles?
Open an interactive chat with Bash
What is the difference between roles/logging.viewer and roles/logging.privateLogViewer?
Open an interactive chat with Bash
What are Access Transparency logs in Google Cloud?
Open an interactive chat with Bash
Why is roles/logging.admin not suitable for compliance auditors?
Open an interactive chat with Bash
GCP Professional Cloud Security Engineer
Managing operations
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .