Google Cloud Professional Cloud DevOps Engineer — Question 116

Your company has a Google Cloud resource hierarchy with folders for production, test, and development. Your cyber security team needs to review your company's Google Cloud security posture to accelerate security issue identification and resolution. You need to centralize the logs generated by Google Cloud services from all projects only inside your production folder to allow for alerting and near-real time analysis. What should you do?

Answer options

• A. Enable the Workflows API and route all the logs to Cloud Logging.
• B. Create a central Cloud Monitoring workspace and attach all related projects.
• C. Create an aggregated log sink associated with the production folder that uses a Pub/Sub topic as the destination.
• D. Create an aggregated log sink associated with the production folder that uses a Cloud Logging bucket as the destination.

Correct answer: C

Explanation

The correct answer is C because creating an aggregated log sink with a Pub/Sub topic allows for real-time processing of logs and alerting. Option A is incorrect as the Workflows API does not directly relate to log centralization. Option B, while helpful for monitoring, does not specifically address log aggregation for security purposes. Option D uses a Cloud Logging bucket, which is less efficient for real-time analysis compared to a Pub/Sub topic.