Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Google Exam Professional Cloud DevOps Engineer Topic 1 Question 88 Discussion

Actual exam question for Google's Professional Cloud DevOps Engineer exam
Question #: 88
Topic #: 1
[All Professional Cloud DevOps Engineer Questions]

Your company's security team needs to have read-only access to Data Access audit logs in the _Required bucket You want to provide your security team with the necessary permissions following the principle of least privilege and Google-recommended practices. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: B, E

The correct answers are B and E

A good postmortem should include what caused the incident, how the incident could have been worse, and how to prevent a future occurrence of the incident1. This helps to identify the root cause of the problem, the impact of the incident, and the actions to take to mitigate or eliminate the risk of recurrence.

A good postmortem should also include all incident participants in postmortem authoring and share postmortems as widely as possible2. This helps to foster a culture of learning and collaboration, as well as to increase the visibility and accountability of the incident response process.

Answer A is incorrect because it assigns blame to a person or team, which goes against the principle of blameless postmortems2. Blameless postmortems focus on finding solutions rather than pointing fingers, and encourage honest and constructive feedback without fear of punishment.

Answer C is incorrect because it omits how the incident could have been worse, which is an important factor to consider when evaluating the severity and impact of the incident1. It also avoids naming internal system components, which makes it harder to understand the technical details and root cause of the problem.

Answer D is incorrect because it omits how to prevent a future occurrence of the incident, which is the main goal of a postmortem1. It also avoids naming customer information, which may be relevant for understanding the impact and scope of the incident.


by Dorethea at Mar 09, 2025, 09:34 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud DevOps Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Franchesca
1 months ago
Wait, is this a trick question? What's with all these 'logging' and 'privateLogViewer' roles? I thought we were just supposed to give them read-only access. *scratches head*
upvoted 0 times
Shawna
3 days ago
It's not a trick question, just make sure to follow the principle of least privilege and give them only the necessary permissions.
upvoted 0 times
...
Richelle
10 days ago
You can also consider using the 'roles/logging.privateLogViewer' role for more restricted access to the logs.
upvoted 0 times
...
Rikki
16 days ago
You can assign the 'roles/logging.viewer' role to the security team for read-only access to Data Access audit logs.
upvoted 0 times
...
...
Laurel
2 months ago
I'm going with option D. Assigning the role to a group is more efficient, and the privateLogViewer role sounds like it's the right one for the task.
upvoted 0 times
Gary
16 days ago
Let's go with that option then.
upvoted 0 times
...
Bo
18 days ago
PrivateLogViewer role seems like the right one for the task.
upvoted 0 times
...
Stacey
22 days ago
Option D sounds good. Assigning the role to a group is efficient.
upvoted 0 times
...
...
Rosenda
2 months ago
Option A is the way to go! Assigning the roles/logging.viewer role to each team member is the simplest and most straightforward approach.
upvoted 0 times
...
Kizzy
2 months ago
Hmm, I'm not sure about this one. Shouldn't we be using the roles/logging.viewer role instead of the privateLogViewer role? I'm a bit confused.
upvoted 0 times
Abraham
2 months ago
B) Assign the roles/logging.viewer role to a group with all the security team members
upvoted 0 times
...
Chan
2 months ago
A) Assign the roles/logging.viewer role to each member of the security team
upvoted 0 times
...
...
Gene
2 months ago
Option D seems like the correct answer to me. Assigning the privateLogViewer role to a group ensures that the security team has the necessary read-only access.
upvoted 0 times
...
Maryann
2 months ago
I think option B is the way to go. Assigning the role to a group makes it easier to manage permissions and follows the principle of least privilege.
upvoted 0 times
Chauncey
20 days ago
Assigning roles to a group with all security team members is a good way to ensure consistency and ease of management.
upvoted 0 times
...
Peggie
24 days ago
It's important to follow Google-recommended practices when setting up permissions for security teams.
upvoted 0 times
...
Jennifer
25 days ago
Assigning the role to a group simplifies the process and ensures least privilege access.
upvoted 0 times
...
Cecil
1 months ago
I agree, option B is definitely the best choice for managing permissions efficiently.
upvoted 0 times
...
...
Peggie
2 months ago
I prefer assigning the roles/logging.viewer role to a group with all the security team members. It's more efficient.
upvoted 0 times
...
Yolando
3 months ago
I agree with Davida. It's important to follow the principle of least privilege.
upvoted 0 times
...
Davida
3 months ago
I think we should assign the roles/logging.viewer role to each member of the security team.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77