Answer-first summary for fast verification
Answer: Enable Data Access audit logs for the Cloud Storage API.
The correct answer is D. Enable Data Access audit logs for the Cloud Storage API. Data Access audit logs are specifically designed to track Google Cloud API operations related to data, including reads from Cloud Storage buckets. These logs include details about the user or service account making the request, the time, and the specific data resource accessed. Having this audit trail is essential for demonstrating adherence to regulations around sensitive data handling. Other options like enabling the Identity-Aware Proxy API, scanning the bucket using the Data Loss Prevention API, or restricting access to a single service account do not fulfill the requirement to log all read operations in a comprehensive and automated manner.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are tasked with storing sensitive information in a Google Cloud Storage bucket. Due to legal requirements, it is imperative that you have a system in place to log all read requests accessing any of the stored data. How can you ensure you are meeting these compliance requirements?
A
Enable the Identity Aware Proxy API on the project.
B
Scan the bucket using the Data Loss Prevention API.
C
Allow only a single Service Account access to read the data.
D
Enable Data Access audit logs for the Cloud Storage API.
No comments yet.