Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Google Exam Professional-Cloud-DevOps-Engineer Topic 3 Question 77 Discussion

Actual exam question for Google's Professional Cloud DevOps Engineer exam
Question #: 77
Topic #: 3
[All Professional Cloud DevOps Engineer Questions]

Your organization stores all application logs from multiple Google Cloud projects in a central Cloud Logging project. Your security team wants to enforce a rule that each project team can only view their respective logs, and only the operations team can view all the logs. You need to design a solution that meets the security team's requirements, while minimizing costs. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: B

Create log views for each project team, and only show each project team their application logs.Grant the operations team access to the _AllLogs View in the central logging project1.

This approach aligns with the Google Cloud's recommended methodologies for Professional Cloud DevOps Engineers1. Log views allow you to create and manage access control at a finer granularity for your logs. By creating a separate log view for each project team, you can ensure that they only have access to their respective logs. The operations team, on the other hand, can be granted access to the _AllLogs view in the central logging project, allowing them to view all logs as required.

This solution not only meets the security team's requirements but also minimizes costs as it leverages built-in features of Google Cloud's logging and does not require exporting logs to another service like BigQuery (as suggested in option A), which could incur additional costs1.


by Sharen at Sep 18, 2024, 11:19 PM

Limited Time Offer

25%

Off

Get Premium Professional-Cloud-DevOps-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Robt
14 days ago
I'm leaning towards option B, it seems like a good balance between security and accessibility.
upvoted 0 times
...
Thora
17 days ago
I disagree, I believe option D is more secure and cost-effective.
upvoted 0 times
...
Myra
20 days ago
Hmm, I'm not sure about Option C. Granting access to the default view doesn't seem like it would meet the security team's requirements.
upvoted 0 times
...
Dalene
21 days ago
I think option A is the best solution.
upvoted 0 times
...
Sheron
24 days ago
I think Option D is the way to go. Creating IAM roles and restricting access in the individual projects is a more secure approach.
upvoted 0 times
Novella
9 hours ago
Option D is definitely the most secure choice.
upvoted 0 times
...
...
Mitzie
25 days ago
Option B makes the most sense. Creating log views for each project team is a clean and efficient way to control access to the logs.
upvoted 0 times
Bernadine
13 days ago
I agree, it's important to ensure that each team only has access to the logs they need.
upvoted 0 times
...
Alona
22 days ago
Option B makes the most sense. Creating log views for each project team is a clean and efficient way to control access to the logs.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77