Exam Associate Cloud Engineer topic 1 question 117 discussion

Option C is more correct

Guys, do you know which answers are the correct answers on this website? The website's answers or the most voted ones? I'm preparing for the exam and I need a quick and certain response. Thank you

The correct answer is C

C. View Data Access audit logs in Cloud Logging. Search for the user's email as the principal. Data Access audit logs provide detailed information about accesses to your Google Cloud resources. By searching for the terminated employee's email address as the principal in the Data Access audit logs, you can track their access to sensitive customer information after their termination. This approach allows you to specifically focus on data access, which is crucial for identifying any unauthorized or suspicious activities related to customer data.

Option C is more correct , as data access logs contain API , from this you can check for it

I think option C is correct : Data Access audit logs contain API calls that read the configuration or metadata of resources, as well as user-driven API calls that create, modify, or read user-provided resource data.

C. View Data Access audit logs in Cloud Logging. Search for the user's email as the principal. Data Access audit logs record all activity related to accessing or modifying data, including reading, writing, and deleting operations. By searching for the terminated employee's email as the principal, you can see if they accessed any sensitive customer information after their termination. System Event Logs and Admin Activity logs may not have the details of the data accessed, so Data Access audit logs are the most appropriate option in this scenario.

https://cloud.google.com/logging/docs/audit. Data Access audit logs are disabled by default

had this question today

View Data Access audit logs in Cloud Logging. Search for the user's email as the principal

ANSWER IS C As we want to find out whether the user has accessed the data or not , so Data Acess Logs would be correct option to view that

I will go with option C.

C. https://cloud.google.com/logging/docs/audit#data-access

C is the correct answer. We are trying to find out if any sensitive data was accessed. Data access logs are the only logs that show this. C is the only option that mentions data access logs.

Shouldn't the correct option be A here? What does service account have to do here.