Google Professional Cloud Security Engineer Exam - Topic 3 Question 37 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam

Question #: 37
Topic #: 3

[All Professional Cloud Security Engineer Questions]

You are tasked with exporting and auditing security logs for login activity events for Google Cloud console and API calls that modify configurations to Google Cloud resources. Your export must meet the following requirements:

Export related logs for all projects in the Google Cloud organization.

Export logs in near real-time to an external SIEM.

What should you do? (Choose two.)

ACreate a Log Sink at the organization level with a Pub/Sub destination.

BCreate a Log Sink at the organization level with the includeChildren parameter, and set the destination to a Pub/Sub topic.

CEnable Data Access audit logs at the organization level to apply to all projects.

DEnable Google Workspace audit logs to be shared with Google Cloud in the Admin Console.

EEnsure that the SIEM processes the AuthenticationInfo field in the audit log entry to gather identity information.

Show Suggested Answer

Suggested Answer: A, E

by Youlanda at May 04, 2022, 06:36 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Joseph

4 months ago

I’m surprised they didn’t mention anything about IAM roles!

upvoted 0 times

...

Martha

4 months ago

I agree, A and B cover the requirements well.

upvoted 0 times

...

Clarinda

4 months ago

Wait, does enabling Google Workspace logs really help with this?

upvoted 0 times

...

Mammie

4 months ago

I think C is also important for comprehensive logging.

upvoted 0 times

...

Lynsey

5 months ago

A and B are definitely the way to go!

upvoted 0 times

...

Terrilyn

5 months ago

I vaguely remember something about using Pub/Sub for log exports, but I can't remember if we should include children or not. Is that what option B is about?

upvoted 0 times

...

Rose

5 months ago

I feel like we might need to ensure the SIEM processes the AuthenticationInfo field, but I can't recall if that's option E or something else.

upvoted 0 times

...

Bo

5 months ago

I remember practicing a question about exporting logs, and I think enabling Data Access audit logs is important, so maybe option C is one of the answers.

upvoted 0 times

...

Gaynell

5 months ago

I think we need to create a Log Sink at the organization level, but I'm not sure if it's option A or B.

upvoted 0 times

...

Bulah

5 months ago

The key here is the "swapping the two halves" part. That's the defining characteristic of a Feistel cipher, so I'm going with C as my answer.

upvoted 0 times

...

Leana

5 months ago

I'm pretty confident the answer is B, multi-factor authentication. The question specifically mentions using smart cards in addition to usernames and passwords, which is a classic example of multi-factor authentication.

upvoted 0 times

...

Donte

5 months ago

Hmm, I'm a bit unsure about this one. The options don't seem super clear to me. I'll need to think it through carefully and maybe refer back to my notes on MPLS configuration.

upvoted 0 times

...