What are two ways you should accomplish this?

Your organization has been on Google Workspace Enterprise for one year. Recently, an admin turned on public link sharing for Drive files without permission from security. Your CTO wants to get better insight into changes that are made to the Google Workspace environment. The chief security officer wants that data brought into your existing SIEM system.

What are two ways you should accomplish this? (Choose two.)
A . Use the Data Export Tool to export admin audit data to your existing SIEM system
B . Use Apps Script and the Reports API to export admin audit data to your existing SIEM system.
C . Use Apps Script and the Reports API to export drive audit data to the existing SIEM system
D . Use the BigQuery export to send admin audit data to the existing SIEM system via custom code
E . Use the BigQuery export to send drive audit data to the existing SIEM system via custom code.

Answer: B,D

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments