An employee was terminated, but their access to Google Cloud Platform (GCP) was not removed until 2 weeks later. You need to find out this employee accessed any sensitive customer information after their termination. What should you do?
A.
View System Event Logs in Stackdriver. Search for the user’s email as the principal.
B.
View System Event Logs in Stackdriver. Search for the service account associated with the user.
C.
View Data Access audit logs in Stackdriver. Search for the user’s email as the principal.
D.
View the Admin Activity log in Stackdriver. Search for the service account associated with the user.
Data Access audit logs Data Access audit logs contain API calls that read the configuration or metadata of resources, as well as user-driven API calls that create, modify, or read user-provided resource data.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit