Answer-first summary for fast verification
Answer: Enable Event Threat Detection and Security Health Analytics in Security Command Center. Set up detailed logging for IAM-related activity and relevant project resources by deploying Cloud Audit Logs.
Option D is the correct answer because it directly addresses all the requirements: Security Health Analytics detects misconfigurations and unauthorized changes, Event Threat Detection identifies potential security threats, and Cloud Audit Logs provide comprehensive logging of IAM-related activity and administrative actions. The community discussion shows 100% consensus on D, with users highlighting that Security Health Analytics specifically handles misconfigurations. Other options are less suitable: A focuses on general logging without specific security threat detection, B emphasizes network intrusion detection but lacks comprehensive IAM monitoring, and C provides logging capabilities but doesn't include the automated security analysis features of Security Command Center.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your organization is developing a new SaaS application on Google Cloud. Stringent compliance standards require visibility into privileged account activity, as well as the ability to detect unauthorized changes and misconfigurations to the application's infrastructure. You need to monitor administrative actions, log changes to IAM roles and permissions, and trace potentially unauthorized configuration changes. What should you do?
A
Create log sinks to Cloud Storage for long-term retention. Set up log-based alerts in Cloud Logging based on relevant log types. Enable VPC Flow Logs for network visibility.
B
Deploy Cloud IDS and activate Firewall Rules Logging. Create a custom dashboard in Security Command Center to visualize potential intrusion attempts.
C
Detect sensitive administrative actions by using Cloud Logging with custom filters. Enable VPC Flow Logs with BigQuery exports for rapid analysis of network traffic patterns.
D
Enable Event Threat Detection and Security Health Analytics in Security Command Center. Set up detailed logging for IAM-related activity and relevant project resources by deploying Cloud Audit Logs.