ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Associate Cloud Engineer All Questions

View all questions & answers for the Associate Cloud Engineer exam
Go to Exam

Exam Associate Cloud Engineer topic 1 question 244 discussion

Actual exam question from Google's Associate Cloud Engineer
Question #: 244
Topic #: 1
[All Associate Cloud Engineer Questions]

You have a Bigtable instance that consists of three nodes that store personally identifiable information (PII) data. You need to log all read or write operations, including any metadata or configuration reads of this database table, in your company’s Security Information and Event Management (SIEM) system. What should you do?

  • A. • Navigate to Cloud Monitoring in the Google Cloud console, and create a custom monitoring job for the Bigtable instance to track all changes.
    • Create an alert by using webhook endpoints, with the SIEM endpoint as a receiver.
  • B. • Navigate to the Audit Logs page in the Google Cloud console, and enable Admin Write logs for the Bigtable instance.
    • Create a Cloud Functions instance to export logs from Cloud Logging to your SIEM.
  • C. • Navigate to the Audit Logs page in the Google Cloud console, and enable Data Read, Data Write and Admin Read logs for the Bigtable instance.
    • Create a Pub/Sub topic as a Cloud Logging sink destination, and add your SIEM as a subscriber to the topic.
  • D. • Install the Ops Agent on the Bigtable instance during configuration.
    • Create a service account with read permissions for the Bigtable instance.
    • Create a custom Dataflow job with this service account to export logs to the company’s SIEM system.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by qannik at Aug. 5, 2023, 9 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
taylz876
Highly Voted 1 year, 4 months ago
Selected Answer: C
Option C is the most appropriate choice for capturing audit and data access logs from a Bigtable instance and sending them to your SIEM system. 1) Enabling Data Read, Data Write, and Admin Read logs for the Bigtable instance ensures that you capture the relevant operations, including read and write operations, as well as administrative reads, in the audit logs. 2) Creating a Pub/Sub topic as a Cloud Logging sink destination allows you to export the logs from Cloud Logging to Pub/Sub. This is a common approach for sending logs to external systems, including SIEMs. 3) Adding your SIEM as a subscriber to the Pub/Sub topic ensures that the logs are forwarded to your SIEM system, allowing you to monitor and analyze them for security and compliance purposes. NB:A Cloud Logging sink destination is a configuration that specifies where logs collected by Google Cloud's Cloud Logging service should be sent or exported. It allows you to control the destination of logs generated by various Google Cloud services, such as Compute Engine, Cloud Storage, BigQuery, and more.
upvoted 8 times
...
denno22
Most Recent 4 months, 1 week ago
Selected Answer: C
https://cloud.google.com/bigtable/docs/audit-logging#permission-type
upvoted 1 times
...
sinh
1 year, 1 month ago
Selected Answer: C
https://cloud.google.com/bigtable/docs/audit-logging
upvoted 2 times
...
joao_01
1 year, 5 months ago
Selected Answer: C
Its C!
upvoted 1 times
...
Captain1212
1 year, 5 months ago
Selected Answer: C
C is the correct answer, as it helps you to read and write
upvoted 2 times
...
scanner2
1 year, 5 months ago
Selected Answer: C
C is correct.
upvoted 1 times
...
[Removed]
1 year, 6 months ago
Selected Answer: C
https://cloud.google.com/bigtable/docs/audit-logging#available-logs B: Admin write logs are already enabled by default
upvoted 1 times
...
3arle
1 year, 6 months ago
Selected Answer: C
Data Access audit logs—except for BigQuery—are disabled by default and you need to enable them
upvoted 2 times
...
qannik
1 year, 6 months ago
Selected Answer: B
Enabling Admin Write logs for the Bigtable instance in Cloud Logging will capture administrative write actions on the Bigtable instance. This includes any configuration changes and metadata reads related to the Bigtable instance. Creating a Cloud Functions instance and configuring it to export logs from Cloud Logging to your SIEM allows you to take the captured logs and route them to your SIEM system in a format that your SIEM can understand. Cloud Functions can act as a serverless function to process and forward the logs to your SIEM using an appropriate method, such as sending them via an API or message queue.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago