Q: 5
Applications often require access to “secrets” - small pieces of sensitive data at build or run time. The
administrator managing these secrets on GCP wants to keep a track of “who did what, where, and
when?” within their GCP projects.
Which two log streams would provide the information that the administrator is looking for? (Choose
two.)
Options
Discussion
Yeah makes sense, I'd probably pick B and C for this one.
I get why everyone says AC, but I'm thinking BC. System Event logs (B) feel relevant for tracking certain infrastructure changes, and Data Access logs (C) should show who accessed secrets. Maybe I'm missing something with Admin Activity though.
AC is correct here. B is tempting but System Event logs focus on GCP infra events, not user/admin actions. For tracking access to secrets and admin changes, only Admin Activity (A) and Data Access (C) give the full picture of exactly "who did what." Happy to hear another take if anyone disagrees.
AC tbh, Admin Activity and Data Access logs are both designed to track user and service actions in detail. Admin Activity gives the "who and what" for changes, while Data Access tracks usage of resources like secrets. System Event logs (B) aren't focused on user-level actions as much. Pretty sure on this but open to correction.
Its B and C for me. Had something like this in a mock, and System Event logs plus Data Access logs seemed most related to tracking changes and access. Pretty sure Admin Activity logs are more about admin-side config, not direct secret accesses-correct me if that's off.
Honestly tired of Google log naming, it’s confusing. Still, I’d go with B and C for this since System Event and Data Access seem most related to tracking resource usage. Not fully sure if Admin Activity logs matter here.
Why not A and C? System Event logs (B) don't show user actions tied to secrets like Admin Activity does.
I don’t think it’s A and C. B and C are more about the actual usage of data and system actions, so they seem closer to tracking secret access. Maybe missing something about Admin Activity logs though, not 100% sure.
AC for sure. Admin Activity logs catch all config changes, Data Access logs track who accessed secrets. System Event logs (B) won’t show user-level actions for secrets. Pretty sure AC matches GCP audit best practices, but open if someone found B useful.
Its A and C. Had something like this in a mock, Admin Activity logs show admin actions on resources so you get the 'who did what', and Data Access logs cover access to sensitive data like secrets. Pretty sure B is more about platform-level/system changes, not user-level tracking. Disagree?
Be respectful. No spam.
