Google Cloud Professional Security Operations Engineer — Question 5

You work for a telecommunications company that wants to monitor their multi-region 5G network logs in Google Security Operations (SecOps). The logs are currently only available on-premises and are stored in a standalone network-attached storage (NAS) located in four different regions. You need to ingest the logs into Google SecOps and tag each NAS as a specific log source to avoid IP address aliasing. What should you do?

Answer options

• A. Configure feed management to pull data from each log's location, and configure a namespace for each log source.
• B. Configure feed management to pull data from each log's location, and configure an ingestion label for each log source.
• C. Configure a Bindplane agent that collects Syslog from each log's location, and configure a namespace for each log source.
• D. Configure a Bindplane agent that collects Syslog from each log's location and configure an ingestion label for each log source.

Correct answer: B

Explanation

The correct answer is B because configuring feed management with an ingestion label allows for effective categorization of logs from each specific NAS, thus preventing IP address aliasing. Options A and C incorrectly suggest using a namespace, which does not facilitate the tagging needed for this scenario. Option D, while similar to B, utilizes a Bindplane agent instead of feed management, which is not the required method in this case.