Exam Associate Cloud Engineer topic 1 question 27 discussion

A is correct. As mentioned in the question, data access logging is enabled. I tried to download a file from a bucket and was able to view this information in Activity tab in console

Answer is A. Activity log does indeed show information about metadata. I agree with Eshkrkrkr based on https://cloud.google.com/storage/docs/audit-logs Admin Activity logs: Entries for operations that modify the configuration or metadata of a project, bucket, or object.

The correct answer is A. The Activity Log is the place where Data Access Logs (including file views) and Admin Activity Logs (like metadata label changes) are stored. Explanation: The Activity Log captures both Admin Activity (e.g., adding metadata labels) and Data Access Logs (e.g., file viewing activity in Cloud Storage). The Activity Log is where you find Cloud Storage Data Access Logs, which is exactly what you need to track who viewed files and modified labels in your buckets. You can filter by user, resource (bucket), and activity type to find both the metadata changes and file viewing activities. Conclusion: Correct Answer — The Activity Log is the correct place for both administrative actions and data access, so you can query the detailed information directly.

The correct answer is: B. Using the GCP Console, filter the Stackdriver log to view the information. Explanation: The Activity log in the GCP Console is limited to Admin Activity Logs, which show administrative actions like adding metadata labels. It does not include Data Access Logs, which are required to verify file viewing activity. The Stackdriver log (now referred to as Cloud Logging) provides access to both Admin Activity Logs and Data Access Logs, allowing you to view both types of actions (adding metadata labels and viewing files). By filtering the logs in Cloud Logging, you can get the required information for the user efficiently. Answers provided by ChatGPT

Stackdriver Logging (now called Google Cloud Logging) captures detailed logs for activities within Google Cloud, including bucket metadata changes and file access activities for Cloud Storage bucket

The reason why A is not an answer. The Activity log in the GCP Console is part of the Cloud Audit Logs but focuses on high-level admin activities, not specific data access or detailed operations like viewing files or adding metadata labels

The correct answer is: B. Using the GCP Console, filter the Stackdriver log to view the information. Explanation: Stackdriver Logging (now called Cloud Logging): Logs detailed activities, including data access, metadata changes, and file viewing events for GCP resources, including Cloud Storage buckets. Allows filtering logs by specific users, resource types, and actions, making it easy to verify activities for a particular user.

The correct answer is B. Using the GCP Console, filter the Stackdriver log to view the information. Explanation: Stackdriver logs (now part of Cloud Logging in GCP) capture activity logs related to interactions with resources, including Cloud Storage buckets. To verify activities like metadata label additions and file views in Cloud Storage buckets, you would need to filter and examine the logs for specific actions in the Cloud Storage logs (which are stored in Cloud Logging, formerly Stackdriver). Cloud Storage access logs record operations like viewing files, adding metadata labels, and other bucket activities, which can be filtered and reviewed using the Cloud Logging interface in the GCP Console

B. Using the GCP Console, filter the Stackdriver log to view the information. Explanation: To verify activities related to sensitive data stored in Cloud Storage buckets, including metadata labels and which files have been viewed, the Stackdriver logs (now called Cloud Logging) are the best tool. Specifically, you can filter the logs for data access events, which include details like metadata additions and file access information. A. The Activity log in the GCP Console typically logs changes to resources such as bucket creation, IAM policy changes, etc. It does not provide detailed data access logs or events such as metadata changes or file views. C. Viewing the bucket in the Storage section of the GCP Console will only show the current state of the bucket and its contents, not detailed logs about data access or metadata changes. D. Stackdriver Trace is used to track request latencies and performance issues within your applications, not for logging detailed activities like file access or metadata changes

B is for performance monitoring

The correct answer is B. Stackdriver is now called "Cloud log" B. Using the GCP Console, filter the Stackdriver log to view the information. A -(Activity log) does not capture detailed data access logs for Cloud Storage.

"and which files have been viewed from those buckets" - that would be logged in data_access log, not (admin) activity log. So use Cloud Logging / Log Explorer (Stackdriver is the old name for Cloud Monitoring + Cloud Logging) to filter for the relevant information.

Correct answer is "B" Cause they asked for metadata too on the question.

A is the correct answer.

Stackdriver (Cloud logging) contains both admin activity logs and data access logs.

Option B is the correct Answer

The correct answer is A. Using the GCP Console, filter the Activity log to view the information. Data access logs for Cloud Storage buckets are not stored in Stackdriver Logging (formerly Stackdriver). They are stored in the Activity Log, a centralized log for all GCP activity. The Activity Log allows filtering by resource (the specific buckets), user, and activity type (adding metadata labels, viewing files). Options B, C, and D won't show this detailed access information. Therefore, directly querying the Activity Log provides the most efficient and accurate way to find the required information.