Answer-first summary for fast verification
Answer: 1. Create one log sink at the organization level that includes all the child resources. 2. Use as destination a Pub/Sub topic to ingest the logs into the security information and event. management (SIEM) on-premises, and ensure that the right team can access the SIEM. 3. Grant the Viewer role at organization level to the security operations team.
Option B is the correct answer because it addresses the core requirements effectively: creating a single organization-level log sink with all child resources included centralizes logging across 200 projects, providing uniform visibility. Using Pub/Sub as the destination allows integration with an on-premises SIEM for analysis, which is practical for security operations. Granting the Viewer role at the organization level enables the security team to view environment configurations across all projects. Option A is inefficient due to per-project sinks and lacks direct SIEM integration. Option C fails to create log sinks, preventing centralized visibility. Option D's exclusion of child resources in one sink and the Security Reviewer role (which focuses on policy review, not log access) make it suboptimal compared to B's comprehensive approach.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company's Google Cloud organization has approximately 200 projects and 1,500 virtual machines. The lack of a uniform logs and events management strategy is reducing visibility for your security operations team. You need to design a logging solution that provides visibility and enables the security team to view the environment's configuration.
What should you do?
A
B
C
D