Google Cloud Professional Cloud Security Engineer — Question 147
As part of your organization's zero trust strategy, you use Identity-Aware Proxy (IAP) to protect multiple applications. You need to ingest logs into a Security Information and Event Management (SIEM) system so that you are alerted to possible intrusions.
Which logs should you analyze?
Answer options
- A. Data Access audit logs
- B. Policy Denied audit logs
- C. Cloud Identity user log events
- D. Admin Activity audit logs
Correct answer: A
Explanation
The correct choice is A, Data Access audit logs, as they provide insights into who accessed what data, crucial for identifying unauthorized access attempts. The other options, while valuable, do not focus specifically on data access, which is fundamental for detecting potential intrusions.