You are tasked with exporting and auditing security logs for login activity events for Google Cloud console and API calls that modify configurations to Google Cloud resources.
Your export must meet the following requirements:
Export related logs for all projects in the Google Cloud organization.
Export logs in near real-time to an external SIEM.
What should you do? (Choose two.)
A . Create a Log Sink at the organization level with a Pub/Sub destination.
B . Create a Log Sink at the organization level with the includeChildren parameter, and set the destination to a Pub/Sub topic.
C . Enable Data Access audit logs at the organization level to apply to all projects.
D . Enable Google Workspace audit logs to be shared with Google Cloud in the Admin Console.
E . Ensure that the SIEM processes the AuthenticationInfo field in the audit log entry to gather identity information.
Answer: A,E
Explanation:
Reference: https://www.datadoghq.com/blog/monitoring-gcp-audit-logs/
Latest Professional Cloud Security Engineer Dumps Valid Version with 93 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund