Your compliance team requires that all Data Access audit logs be retained for 3 years for forensic analysis. Cloud Logging only retains these logs for 30 days by default.

Which TWO actions should you take to meet this requirement? (Select TWO)

Answer options:

Create a Log Sink in Cloud Logging.

Increase the retention period of the _Default log bucket to 3 years.

Set the destination of the Log Sink to a Cloud Storage bucket with an Archive storage class.

Set the destination of the Log Sink to Cloud SQL.

Configure a Cloud Function to download logs daily.

How to approach this question

Identify the mechanism for exporting logs and the most cost-effective storage for long-term retention.

Full Answer

To retain logs beyond the default period cost-effectively, you should create a Log Router Sink. The sink filters the logs you want and routes them to a destination. For 3-year compliance retention where data is rarely accessed, a Cloud Storage bucket (specifically the Archive class) is the best practice.

Common mistakes

Trying to store years of logs directly in Cloud Logging, which is expensive.

Question 46 All questions Question 48

Practice the full GCP Associate Cloud Engineer Practice Exam 2

50 questions · hints · full answers · grading

More questions from this exam

Q01Your company is migrating to Google Cloud and needs to establish a resource hierarchy. You have t...Easy Q02You are managing access to a GCP project. You need to grant 15 developers the ability to view Com...Medium Q03You have created a new GCP project using the Cloud Console. You want to deploy a Cloud Function u...Easy Q04Your startup has a strict monthly cloud budget of $500. You want to be notified immediately if yo...Easy Q05Your finance team wants to perform complex SQL analysis on your GCP billing data to understand co...Medium

View all 50 questions →