Practice Test 2 | Google Cloud Certified Professional Data Engineer | Dumps | Mock Test
Your data team is using BigQuery as their main data warehouse. There is no formal security policy implemented to track users activity on the data warehouse. A new security policy to be implemented which states any activity on cloud resources should be tracked and logged and BigQuery is one of these resources.
What action should be taken to log the data warehouse’s activities?
A. Restrict users access to BigQuery’s tables using Identity & Access Management (IAM).
B. You can list all query history from BigQuery UI.
C. Use Google Stackdriver Audit Logs to log and review data warehouse access.
D. Enable caching on BigQuery to allow auditing users activity.
Answer: C.
Cloud Audit Logs are a collection of logs provided by Google Cloud Platform that provide insight into operational concerns related to your use of Google Cloud services. BigQuery automatically sends audit logs to Stackdriver Logging.
All remaining activities and events are reported as part of the main activity stream. Events such as job insertions and completions are reported in this stream, as are other resource events such as dataset creation. Those are called “Admin activity.”
Answer A is incorrect: You cannot restrict BigQuery access by table level. The lowest level is the dataset.
Answer B is incorrect: BigQuery UI’s query history has a limit of 1,000 cumulative jobs.
Answer D is incorrect: Enabling cache has nothing to do with audit logging in BigQuery.
Source(s):
Audit Logs: https://cloud.google.com/bigquery/docs/reference/auditlogs/
Comments are closed, but trackbacks and pingbacks are open.