A cloud service provider requires its customer organizations to enable maximum audit logging for its data storage service and to retain the logs for the period of three months. The audit logging gene has extremely high amount of logs. What is the MOST appropriate strategy for the log retention?
The most appropriate strategy for log retention, given the need to balance accessibility and cost, is to keep the last week's logs in an online storage and the rest in a near-line storage. Online storage ensures immediate access to recent logs which are more likely to be needed quickly for recent incidents. Near-line storage is a cost-effective solution that allows relatively quick access to older logs as well, without incurring the higher costs associated with both online and offline storage retrievals. This approach offers a good compromise between cost and accessibility for a three-month log retention period.
B is right Near line is ideal if you want to access the data (at least once a month) but for pure retention purpose, off-line is cost-effective option
B is correct
This option is the most balanced. Logs from the last week (which are the most likely to be immediately accessed for recent incidents or issues) are kept readily available online. The older logs, which might be accessed less frequently but still within a reasonable time frame, are kept in near-line storage, which offers a compromise between accessibility and cost.
Agree with C
This is a strange question. Cost of storage types matters a lot, very hard to say what is most appropriate without more information. Must know the frequency of log reviews as well.
B sounds good
D. The question doesn't say anything about needing to access the logs, just to retain. Keep them all in offline. What significance does the past week play? In my experience none.
B. Keep last week's logs in an online storage and the rest in an offline storage.
i prefer to C. "last week" is not far away from now, due to business purpose you may need these data frequently, Repeated calls of offline data are instead a cost!
As it gives access to recent logs while keeping older offline, log availability is not demanded, just preservation is must to follow.
For cloud storage, there are two things to keep in mind : - Offline storage is cheap, but it can become costly if you need to access it, also for offline, 3 months is short, so there might be penalties there if you access or delete the data before one year - on the other hand, nearline allows you to retrieve the data with very little or no additional costs when it is in a short period like 3 months. 3 months is an appropriate period for a nearline storage, so C is my choice
Nearline for 30 days, coldline for 90 days https://cloud.google.com/storage/docs/storage-classes https://cloud.google.com/storage/docs/storage-classes?hl=zh-cn