Google Cloud Professional Cloud Security Engineer — Question 30
Applications often require access to `secrets` - small pieces of sensitive data at build or run time. The administrator managing these secrets on GCP wants to keep a track of `who did what, where, and when?` within their GCP projects.
Which two log streams would provide the information that the administrator is looking for? (Choose two.)
Answer options
- A. Admin Activity logs
- B. System Event logs
- C. Data Access logs
- D. VPC Flow logs
- E. Agent logs
Correct answer: A, C
Explanation
Admin Activity logs capture administrative actions taken by users, making them essential for tracking changes and access to sensitive data. Data Access logs provide insights into data interactions, which is critical for understanding access to `secrets`. The other log types, such as System Event logs, VPC Flow logs, and Agent logs, do not specifically focus on user actions related to sensitive data management.