Home › GCP Associate Cloud Engineer › cloudcomputing › gcpoperations › An auditor needs an immutable record of who took…
An auditor needs an immutable record of who took what action against Google Cloud APIs in a project (admin activity + data access). Which log type provides this?
ACloud Profiler flame graphs
BCloud DNS query logs only
CCloud Trace spans
DCloud Audit Logs (Admin Activity, Data Access, System Event, Policy Denied)
Answer & Solution
Correct answer: D. Cloud Audit Logs (Admin Activity, Data Access, System Event, Policy Denied)
Cloud Audit Logs are the canonical "who did what" record across four categories. Trace is request latency, Profiler is CPU/heap profiles, DNS query logs are just one specific log type — none replace audit logs for compliance.
Related questions
A subnet was created with /24 (256 addresses) and is running out. Which Google Cloud operaA team needs to deploy infrastructure-as-code on Google Cloud. Which combination of tools Which Kubernetes-native autoscaler on GKE adjusts the NUMBER of replicas of a Deployment bAn organisation wants to centralise audit logs from multiple Google Cloud projects into onWhen viewing logs in Cloud Logging, what is the purpose of a 'log sink' configured to routWhich networking feature would you use to give a private (no external IP) VM outbound inteWhich Google Cloud agent (installable on Compute Engine VMs and on-prem servers) collects Where in Google Cloud do you create alerting policies based on metrics like CPU > 80% for