Crucial Exams

GCP Professional Cloud Security Engineer Practice Question

Your organization runs hundreds of projects. Cloud IDS threat detection (fed by Packet Mirroring) and VPC Flow Logs are enabled in every project. The security operations team wants to correlate IDS threat events with flow-level network metadata using familiar SQL queries. They must keep the data for 18 months and want to minimize operational overhead by avoiding custom ETL jobs or separate BigQuery datasets. Which solution best meets these requirements?

  • Enable the Cloud IDS BigQuery export feature and add a second sink that exports VPC Flow Logs to the same BigQuery dataset; configure table partition expiration for 550 days.

  • Stream both Cloud IDS and VPC Flow Logs to Pub/Sub, process them with a Dataflow pipeline that writes to BigQuery, and schedule a job to delete partitions older than 550 days.

  • Create an organization-level aggregated log sink that routes Cloud IDS and VPC Flow Logs into a dedicated log bucket, enable Log Analytics on that bucket, set the bucket retention to 550 days, and grant analysts read-only Logging IAM roles.

  • Forward Cloud IDS alerts to Chronicle and export VPC Flow Logs to Cloud Storage; query the combined data through Chronicle's YARA-L interface.

GCP Professional Cloud Security Engineer
Managing operations
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot