Module 2: Introduction to Google Cloud Observability

Looking for ‘Logging and Monitoring in Google Cloud Module 2 Answers’?

In this post, I provide complete, accurate, and detailed explanations for the answers to Module 2: Introduction to Google Cloud Observability of Course 12: Logging and Monitoring in Google Cloud – Preparing for Google Cloud Certification: Cloud Security Engineer Professional Certificate.

Whether you’re preparing for quizzes or brushing up on your knowledge, these insights will help you master the concepts effectively. Let’s dive into the correct answers and detailed explanations for each question!

Working with Audit Logs

Graded Assignment

1. Why are the Data Access audit logs off by default? Select three.

  • They are formatted incorrectly
  • May contain sensitive information ✅
  • They can be large ✅
  • They can be small
  • They cannot be filtered
  • They can be expensive to store ✅

Explanation:
Data Access audit logs are disabled by default in Google Cloud because:

  • They may include sensitive user data (e.g., content read or accessed), which raises privacy and compliance concerns.
  • These logs can be very large due to the high volume of access operations, especially in active environments.
  • Storing large logs can become expensive, leading to potential cost issues if left unmonitored.

2. If you want to provide an external auditor access to your logs, what IAM role would be best?

  • Logging Admin
  • Logging Viewer ✅
  • Project Viewer
  • Project Editor

Explanation:
The Logging Viewer role grants read-only access to view logs, which is ideal for external auditors. It ensures they can see the logs without being able to modify or delete them.
Other roles like Logging Admin or Project Editor provide edit access, which is not appropriate for auditors.

Related contents:

Module 2: Introduction to Google Cloud Observability
Module 3: Monitoring Critical Systems
Module 4: Alerting Policies
Module 5: Advanced Logging and Analysis

You might also like:

Course 1: Preparing for Your Professional Cloud Security Engineer Journey
Course 2: Google Cloud Fundamentals: Core Infrastructure
Course 3: Networking in Google Cloud: Fundamentals
Course 4: Networking in Google Cloud: Routing and Addressing
Course 5: Networking in Google Cloud: Network Architecture
Course 6: Networking in Google Cloud: Network Security
Course 7: Networking in Google Cloud: Load Balancing
Course 8: Networking in Google Cloud: Hybrid and Multicloud
Course 9: Managing Security in Google Cloud
Course 10: Security Best Practices in Google Cloud
Course 11: Mitigating Security Vulnerabilities on Google Cloud
Course 13: Observability in Google Cloud
Course 14: Hands-On Labs in Google Cloud for Security Engineers

Leave a Reply