Google Cloud Professional Data Engineer — Question 44

Your startup has never implemented a formal security policy. Currently, everyone in the company has access to the datasets stored in Google BigQuery. Teams have freedom to use the service as they see fit, and they have not documented their use cases. You have been asked to secure the data warehouse. You need to discover what everyone is doing. What should you do first?

Answer options

• A. Use Google Stackdriver Audit Logs to review data access.
• B. Get the identity and access management IIAM) policy of each table
• C. Use Stackdriver Monitoring to see the usage of BigQuery query slots.
• D. Use the Google Cloud Billing API to see what account the warehouse is being billed to.

Correct answer: A

Explanation

The correct answer is A because Google Stackdriver Audit Logs provide detailed records of who accessed what data and when, which is essential for understanding current usage patterns. Options B and C, while useful in their contexts, do not provide a comprehensive view of data access. Option D focuses on billing information rather than user access, making it less relevant for securing data.