Free Google Cloud-Digital-Leader Actual Exam Questions - Question 7 Discussion
able to record all requests that read any of the stored dat
a. You want to make sure you comply with these requirements. What should you do?
B, since it's the only one that actually logs read accesses comprehensively.
This one feels like B for sure, since the question is about recording all read requests. The Data Access audit logs are meant exactly for that, capturing who accessed what data. Options A, C, and D don’t really handle tracking every read. So B looks like the only choice that fits the requirement for detailed access logs.
Option B makes the most sense since Data Access audit logs are specifically designed for recording who accessed what data. The other options either limit access or scan data but don't capture read request logs.
It’s B, since audit logs track all read requests regardless of identity involved.
B/D? D limits who can read the data, but it doesn’t actually log the reads. You could have just one service account, but if you don’t enable Data Access logs, you won’t get the read request records you need. So D alone isn’t enough. B is better because it directly handles logging all read access, regardless of who accesses the data. The key here is recording *all* read requests for legal reasons, so enabling those audit logs is essential.
Makes sense to rule out scanning with DLP since that’s more for finding sensitive data, not tracking access. B is clearly the one that logs actual read requests, so I’d go with B.
B, since only enabling Data Access audit logs captures read requests properly.
B imo, since audit logs specifically track who accessed the data and when, it’s the best fit for legal compliance. The other options don’t provide that level of detailed access recording.
Makes sense to me too—only B covers detailed access logs for reads. The other options don’t really provide a full record of who accessed what. B is the way to go here.
B imo, audit logs are the standard way to track read access on Cloud Storage.