Google Associate Cloud Engineer
Get started today
Ultimate access to all questions.
Ultimate access to all questions.
You manage a Bigtable instance composed of three nodes that contain personally identifiable information (PII) data. Your objective is to log every read or write operation, as well as any metadata or configuration reads related to this database table, into your company’s Security Information and Event Management (SIEM) system. How should you proceed to achieve this?
Explanation:
Option C is the most appropriate choice for capturing audit and data access logs from a Bigtable instance and sending them to your SIEM system. Enabling Data Read, Data Write, and Admin Read logs for the Bigtable instance ensures that you capture all relevant operations, including read and write operations, as well as administrative reads, in the audit logs. Creating a Pub/Sub topic as a Cloud Logging sink destination allows you to export the logs from Cloud Logging to Pub/Sub, and by adding your SIEM as a subscriber to the Pub/Sub topic, the logs are forwarded to your SIEM system. This setup allows you to monitor and analyze the logs for security and compliance purposes.