Google Cloud Professional Cloud Architect — Question 168

The operations team in your company wants to save Cloud VPN log events for one year. You need to configure the cloud infrastructure to save the logs. What should you do?

Answer options

• A. Set up a filter in Cloud Logging and a Cloud Storage bucket as an export target for the logs you want to save.
• B. Enable the Compute Engine API, and then enable logging on the firewall rules that match the traffic you want to save.
• C. Set up a Cloud Logging Dashboard titled Cloud VPN Logs, and then add a chart that queries for the VPN metrics over a one-year time period.
• D. Set up a filter in Cloud Logging and a topic in Pub/Sub to publish the logs.

Correct answer: A

Explanation

The correct answer is A because setting up a filter in Cloud Logging and directing the logs to a Cloud Storage bucket allows for long-term retention of the logs for a specified duration, such as one year. Option B only addresses firewall logging, which does not cover the entirety of Cloud VPN logs. Option C focuses on visualizing metrics rather than saving logs, and option D does not provide a long-term storage solution since Pub/Sub is for real-time messaging rather than log retention.