Google Professional Cloud Security Engineer

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Collect all logs into an organization-level aggregated log sink and send the logs to a Pub/Sub topic. Implement a primary Dataflow pipeline that consumes logs from this Pub/Sub topic and delivers the logs to the SIEM. Implement a secondary Dataflow pipeline that replays failed messages.

Option B is the optimal solution because it meets all requirements: it uses a push-based, near real-time approach via Pub/Sub and Dataflow, which auto-scales and ensures fault tolerance with a secondary pipeline for replaying failed messages. It leverages Google Cloud's native services for security and scalability. Option A is unsuitable due to periodic polling (not near real-time) and manual scripting. Option C relies on a single Compute Engine instance, lacking auto-scaling and robust fault tolerance. Option D uses direct querying, which is not push-based and lacks the reliability of managed services like Dataflow.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

You need to export Google Cloud logs to an on-premises SIEM in near real-time using a push-based method. The solution must be fault-tolerant, secure, and auto-scaling, guaranteeing that failed log deliveries are retried. What is the recommended approach?

Exam-Like

Create a Pub/Sub topic for log aggregation. Write a custom Python script on a Cloud Function Leverage the Cloud Logging API to periodically pull logs from Google Cloud and forward the logs to the SIEM. Schedule the Cloud Function to run twice per day.

Collect all logs into an organization-level aggregated log sink and send the logs to a Pub/Sub topic. Implement a primary Dataflow pipeline that consumes logs from this Pub/Sub topic and delivers the logs to the SIEM. Implement a secondary Dataflow pipeline that replays failed messages.

Deploy a Cloud Logging sink with a filter that routes all logs directly to a syslog endpoint. The endpoint is based on a single Compute Engine hosted on Google Cloud that routes all logs to the on-premises SIEM. Implement a Cloud Function that triggers a retry action in case of failure.

Utilize custom firewall rules to allow your SIEM to directly query Google Cloud logs. Implement a Cloud Function that notifies the SIEM of a failed delivery and triggers a retry action.