Answer-first summary for fast verification
Answer: Turn on Data Access Logs for the buckets they want to audit, and then build a query in the log viewer that filters on Cloud Storage.
The correct answer is A. Data Access Logs are not enabled by default as they can incur costs. Therefore, the first step is to enable Data Access Logs for the specific Cloud Storage buckets they want to audit. After enabling the logs, you can build a query in the log viewer that filters on Cloud Storage to provide the auditor with the necessary information about who accessed the data. This approach directly addresses the auditor's interest in auditing data access in Cloud Storage.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your organization's auditor has expressed a need to review how data is being used within your Google Cloud environment, with particular interest in tracking who has accessed data stored in Cloud Storage buckets. As part of your responsibilities, you must assist the auditor in gaining access to the relevant data. What steps should you take to facilitate this?
A
Turn on Data Access Logs for the buckets they want to audit, and then build a query in the log viewer that filters on Cloud Storage.
B
Assign the appropriate permissions, and then create a Data Studio report on Admin Activity Audit Logs.
C
Assign the appropriate permissions, and then use Cloud Monitoring to review metrics.
D
Use the export logs API to provide the Admin Activity Audit Logs in the format they want.
No comments yet.