New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Security Engineer Exam - Topic 2 Question 108 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 108
Topic #: 2
[All Professional Cloud Security Engineer Questions]

Applications often require access to ''secrets'' - small pieces of sensitive data at build or run time. The administrator managing these secrets on GCP wants to keep a track of ''who did what, where, and when?'' within their GCP projects.

Which two log streams would provide the information that the administrator is looking for? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A, C

To keep track of 'who did what, where, and when?' within GCP projects, the administrator should focus on Admin Activity logs and Data Access logs. Here's a detailed explanation of why these two log streams are essential:

Admin Activity Logs:

These logs capture administrative actions performed in your Google Cloud resources. This includes actions like creating, modifying, or deleting resources.

Admin Activity logs provide detailed information about the user who performed the action, the resource that was affected, the action performed, and the timestamp.

Data Access Logs:

These logs capture read and write operations on data within your Google Cloud services. This includes actions like accessing or modifying data stored in databases, storage buckets, etc.

Data Access logs help track the access patterns of users and services to sensitive data, providing insights into who accessed which data and when.

Steps to Enable and Access Logs:

Navigate to the Google Cloud Console.

Go to Logging in the left-hand menu.

Enable Admin Activity and Data Access logs if not already enabled.

Use Logs Explorer to filter and view specific logs based on your requirements.

By monitoring both Admin Activity and Data Access logs, administrators can gain comprehensive visibility into the actions performed on their GCP resources and data, ensuring robust security and compliance tracking.


Google Cloud Logging Documentation

Audit Logs Overview

by Ronna at Nov 23, 2025, 11:04 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Elfriede
9 hours ago
Wait, are VPC Flow logs not useful for this? Seems odd.
upvoted 0 times
...
Claribel
6 days ago
A) Admin Activity logs and C) Data Access logs are the right ones.
upvoted 0 times
...
Marjory
11 days ago
A and C, easy peasy. Although, I do wonder if the admin has a secret stash of cat videos they're trying to hide. Just a thought.
upvoted 0 times
...
Denny
16 days ago
A and C for sure. The admin activity and data access logs are the way to go. Wouldn't want any of those secrets getting out, that's for sure!
upvoted 0 times
...
Desmond
21 days ago
Hmm, I'd go with A and E. Agent logs could give you some extra insight, right? Might as well cover all your bases.
upvoted 0 times
...
Linn
26 days ago
I agree, A and C are the way to go. Gotta keep track of those secrets, you know? Can't have anyone snooping around.
upvoted 0 times
...
Deonna
1 month ago
I practiced a question similar to this, and I think both Admin Activity logs and Data Access logs were the correct choices.
upvoted 0 times
...
Elsa
1 month ago
I feel like System Event logs might not be relevant here, but I can't recall exactly why.
upvoted 0 times
...
Herschel
1 month ago
I'm not entirely sure, but I remember something about Data Access logs being useful for tracking access to sensitive data.
upvoted 0 times
...
Benedict
2 months ago
I think Admin Activity logs would definitely be one of the answers since they track changes made by users.
upvoted 0 times
...
Dahlia
2 months ago
I'm a bit confused on this one. I know we need to track the access to the secrets, but I'm not sure which specific log streams would have the most relevant information. I'll have to review the details of each log type to make the best choice.
upvoted 0 times
...
Francisca
2 months ago
I'm pretty confident that the admin activity logs and data access logs are the right answers. Those logs should provide the detailed information the administrator is looking for about who is accessing the secrets and when.
upvoted 0 times
...
Joseph
2 months ago
The admin activity logs and VPC flow logs seem like the most relevant choices here. The admin activity logs would show any administrative actions, while the VPC flow logs could potentially capture network traffic related to the secrets.
upvoted 0 times
...
Marleen
2 months ago
A and C are the correct answers. The admin activity logs and data access logs would provide the information the administrator is looking for.
upvoted 0 times
...
Irma
3 months ago
Totally agree with Claribel! Those logs are crucial for tracking.
upvoted 0 times
...
Shaunna
3 months ago
Hmm, I'm not sure about this one. I know we need to track who, what, where, and when, but I'm not sure which specific log streams would have that information. I'll have to think this through carefully.
upvoted 0 times
...
Eden
3 months ago
I think the admin activity logs and data access logs would be the best options to track who is accessing the secrets. The admin activity logs would show any changes or actions taken by administrators, while the data access logs would capture the actual usage of the secrets.
upvoted 0 times
Hui
2 months ago
I agree, admin activity logs are crucial for tracking changes.
upvoted 0 times
...
Eliz
3 months ago
Data access logs will definitely show who accessed the secrets.
upvoted 0 times
...
...

Save Cancel