GCP Professional Cloud Security Engineer Practice Question
Your security team requires that all Cloud Audit Logs from every project in your organization be retained for seven years to meet regulatory mandates. Analysts also need to run interactive SQL queries against the most recent 30 days of logs and expect results within seconds to support threat-hunting. Beyond 30 days, logs must be preserved at the lowest possible cost but still retrievable within 24 hours when investigations arise. Which logging architecture best satisfies these requirements while minimizing storage spend?
Export all logs to a single BigQuery dataset and set the dataset's default table expiration to seven years; analysts query the same dataset for recent data.
Configure an aggregated sink that sends logs to the default Cloud Logging bucket, then increase the bucket's retention setting to 2555 days (seven years) and use Log Analytics for queries.
Create two organization-level log sinks: one routes logs to a partitioned BigQuery dataset with a 30-day partition TTL for fast querying, and a second routes the same logs to a Cloud Storage bucket set to the Archive storage class with a seven-year retention policy.
Create one sink that streams logs to Pub/Sub and uses Dataflow to load them into Cloud Storage Nearline; analysts execute queries by running BigQuery federated queries over the Nearline bucket.
Creating two aggregated log sinks addresses both performance and cost goals. Exporting all logs to a centralized BigQuery dataset lets analysts issue fast SQL queries; applying a 30-day partition expiration automatically deletes older partitions, controlling BigQuery storage cost. A second aggregated sink that writes the same logs to a Cloud Storage bucket in the Archive storage class preserves every entry for the full seven-year retention period at the lowest per-GB price. A bucket-level retention policy guarantees that objects cannot be deleted before the mandate expires, and retrieval from Archive class meets the 24-hour access objective. Designs that keep seven years of data in BigQuery or Cloud Logging buckets dramatically increase cost, while solutions that rely solely on Cloud Storage eliminate the interactive query capability required for recent data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an aggregated log sink in GCP?
Open an interactive chat with Bash
What is the difference between Archive storage class and Nearline in Cloud Storage?
Open an interactive chat with Bash
What is TTL in BigQuery, and how does it help manage storage costs?
Open an interactive chat with Bash
What is the purpose of a log sink in GCP?
Open an interactive chat with Bash
What is the Cloud Storage Archive storage class, and how does it help reduce costs?
Open an interactive chat with Bash
How does partitioning improve query performance in BigQuery?
Open an interactive chat with Bash
GCP Professional Cloud Security Engineer
Managing operations
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .