Answer-first summary for fast verification
Answer: • Navigate to the Audit Logs page in the Google Cloud console, and enable Data Read, Data Write and Admin Read logs for the Bigtable instance. • Create a Pub/Sub topic as a Cloud Logging sink destination, and add your SIEM as a subscriber to the topic.
Option C is the most appropriate choice for capturing audit and data access logs from a Bigtable instance and sending them to your SIEM system. Enabling Data Read, Data Write, and Admin Read logs for the Bigtable instance ensures that you capture all relevant operations, including read and write operations, as well as administrative reads, in the audit logs. Creating a Pub/Sub topic as a Cloud Logging sink destination allows you to export the logs from Cloud Logging to Pub/Sub, and by adding your SIEM as a subscriber to the Pub/Sub topic, the logs are forwarded to your SIEM system. This setup allows you to monitor and analyze the logs for security and compliance purposes.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You manage a Bigtable instance composed of three nodes that contain personally identifiable information (PII) data. Your objective is to log every read or write operation, as well as any metadata or configuration reads related to this database table, into your company’s Security Information and Event Management (SIEM) system. How should you proceed to achieve this?
A
• Navigate to Cloud Monitoring in the Google Cloud console, and create a custom monitoring job for the Bigtable instance to track all changes. • Create an alert by using webhook endpoints, with the SIEM endpoint as a receiver.
B
• Navigate to the Audit Logs page in the Google Cloud console, and enable Admin Write logs for the Bigtable instance. • Create a Cloud Functions instance to export logs from Cloud Logging to your SIEM.
C
• Navigate to the Audit Logs page in the Google Cloud console, and enable Data Read, Data Write and Admin Read logs for the Bigtable instance. • Create a Pub/Sub topic as a Cloud Logging sink destination, and add your SIEM as a subscriber to the topic.
D
• Install the Ops Agent on the Bigtable instance during configuration. • Create a service account with read permissions for the Bigtable instance. • Create a custom Dataflow job with this service account to export logs to the company’s SIEM system.