
Explanation:
The question specifically asks about monitoring API calls that read configuration or metadata of resources. According to Google Cloud documentation and the community discussion consensus (with D receiving 100% of votes and multiple references to official documentation), Data Access audit logs are designed for this purpose. Data Access logs contain API calls that read configuration/metadata as well as user-driven API calls that create, modify, or read user-provided resource data. Admin Activity logs (A) focus on actions that modify configurations, not read operations. System Event logs (B) record Google-initiated system operations. Access Transparency logs (C) provide logs of Google support access to customer data, not general API call monitoring for resource configuration reads.
Ultimate access to all questions.
No comments yet.
A database administrator has detected malicious activity in their Cloud SQL instance and needs to monitor API calls that read resource configurations or metadata. Which logging type should they examine?
A
Admin Activity
B
System Event
C
Access Transparency
D
Data Access