Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 298 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 298
Topic #: 1
[All Professional Cloud Security Engineer Questions]

A security audit uncovered several inconsistencies in your project's Identity and Access Management (IAM) configuration. Some service accounts have overly permissive roles, and a few external collaborators have more access than necessary. You need to gain detailed visibility into changes to IAM policies, user activity, service account behavior, and access to sensitive projects. What should you do?

  • A. Configure Google Cloud Functions to be triggered by changes to IAM policies. Analyze changes by using the policy simulator, send alerts upon risky modifications, and store event details.
  • B. Enable the metrics explorer in Cloud Monitoring to follow the service account authentication events and build alerts linked on it.
  • C. Use Cloud Audit Logs. Create log export sinks to send these logs to a security information and event management (SIEM) solution for correlation with other event sources.
  • D. Deploy the OS Config Management agent to your VMs. Use OS Config Management to create patch management jobs and monitor system modifications.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by abdelrahman89 at Oct. 4, 2024, 9:53 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
json4u
1 month, 1 week ago
Selected Answer: C
It's C
upvoted 1 times
...
abdelrahman89
1 month, 2 weeks ago
C - Comprehensive Logging: Cloud Audit Logs capture a wide range of activities, including IAM policy changes, user logins, API calls, and resource access. This provides a comprehensive view of your organization's IAM activity. Log Export: By creating log export sinks, you can send Cloud Audit Logs to a SIEM solution, where they can be correlated with other event sources to identify potential security threats. Detailed Analysis: SIEM solutions can provide advanced analytics and reporting capabilities, allowing you to analyze IAM changes, detect anomalies, and identify potential security risks.
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel