Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Google Exam Professional Cloud DevOps Engineer Topic 3 Question 77 Discussion

Actual exam question for Google's Professional Cloud DevOps Engineer exam
Question #: 77
Topic #: 3
[All Professional Cloud DevOps Engineer Questions]

Your organization stores all application logs from multiple Google Cloud projects in a central Cloud Logging project. Your security team wants to enforce a rule that each project team can only view their respective logs, and only the operations team can view all the logs. You need to design a solution that meets the security team's requirements, while minimizing costs. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: B

Create log views for each project team, and only show each project team their application logs.Grant the operations team access to the _AllLogs View in the central logging project1.

This approach aligns with the Google Cloud's recommended methodologies for Professional Cloud DevOps Engineers1. Log views allow you to create and manage access control at a finer granularity for your logs. By creating a separate log view for each project team, you can ensure that they only have access to their respective logs. The operations team, on the other hand, can be granted access to the _AllLogs view in the central logging project, allowing them to view all logs as required.

This solution not only meets the security team's requirements but also minimizes costs as it leverages built-in features of Google Cloud's logging and does not require exporting logs to another service like BigQuery (as suggested in option A), which could incur additional costs1.


by Sharen at Sep 18, 2024, 11:19 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud DevOps Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Tran
2 months ago
What do you mean, 'minimize costs'? I'm just going to choose the most secure option, which is D. Forget about the costs, this is a security exam!
upvoted 0 times
...
Elly
2 months ago
Option A seems like a lot of work with the BigQuery tables. I'd go with the simpler solution of log views in Option B.
upvoted 0 times
Erinn
29 days ago
Yeah, creating log views for each project team seems like the best option.
upvoted 0 times
...
Tamesha
1 months ago
I agree, Option B with log views sounds simpler and more efficient.
upvoted 0 times
...
Rebbecca
1 months ago
Option A seems like a lot of work with the BigQuery tables.
upvoted 0 times
...
Rupert
1 months ago
Yeah, creating log views for each project team seems like the best option here.
upvoted 0 times
...
Shasta
1 months ago
I agree, Option B with log views sounds simpler and more efficient.
upvoted 0 times
...
Janna
1 months ago
Option A seems like a lot of work with the BigQuery tables.
upvoted 0 times
...
...
Robt
2 months ago
I'm leaning towards option B, it seems like a good balance between security and accessibility.
upvoted 0 times
...
Thora
3 months ago
I disagree, I believe option D is more secure and cost-effective.
upvoted 0 times
...
Myra
3 months ago
Hmm, I'm not sure about Option C. Granting access to the default view doesn't seem like it would meet the security team's requirements.
upvoted 0 times
...
Dalene
3 months ago
I think option A is the best solution.
upvoted 0 times
...
Sheron
3 months ago
I think Option D is the way to go. Creating IAM roles and restricting access in the individual projects is a more secure approach.
upvoted 0 times
Tommy
1 months ago
Granting viewer access to the operations team in the central logging project is a smart move.
upvoted 0 times
...
Buffy
1 months ago
It's important to restrict access to the Default log view in each individual project.
upvoted 0 times
...
Ashleigh
2 months ago
I agree, creating IAM roles for each project team seems like the best way to control access.
upvoted 0 times
...
Novella
2 months ago
Option D is definitely the most secure choice.
upvoted 0 times
...
...
Mitzie
3 months ago
Option B makes the most sense. Creating log views for each project team is a clean and efficient way to control access to the logs.
upvoted 0 times
Bernadine
2 months ago
I agree, it's important to ensure that each team only has access to the logs they need.
upvoted 0 times
...
Alona
3 months ago
Option B makes the most sense. Creating log views for each project team is a clean and efficient way to control access to the logs.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77