Google Cloud

Google Cloud Certified – Associate Cloud Engineer

PR000260
Popular Trending

Validate your skills as an Associate Cloud Engineer with exam code PR000260 in Google Cloud.

498 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 221–230 of 498

Q221

A company needs to securely connect to their Google Cloud resources from on-premises. Which approach provides the most secure connection?

  • A NAT configuration
  • B VPN gateway
  • C Public IP allocation
  • D Cloud Load Balancer
Explanation A VPN gateway creates secure connections, while others do not provide such security.
Q222

What happens when you set a Google Cloud Pub/Sub topic with no retention period?

  • A Messages persist indefinitely
  • B Messages expire after 7 days
  • C Messages are lost immediately
  • D Messages are stored for one hour
Explanation Without a custom retention period, the default is 7 days before message expiration.
Q223

Which service would you use to manage Kubernetes clusters?

  • A Cloud Functions
  • B Cloud Run
  • C Google Kubernetes Engine
  • D BigQuery
Explanation Google Kubernetes Engine is specifically designed for managing Kubernetes clusters, while the other options serve different purposes.
Q224

A company needs a lightweight, serverless orchestration solution for automated tasks. Which service do you recommend?

  • A Cloud Run
  • B App Engine
  • C Cloud Functions
  • D Compute Engine
Explanation Cloud Functions provides a lightweight, serverless environment specifically for running automated tasks in response to events.
Q225

You are configuring a Cloud Pub/Sub topic but forget to set the access control policies. What happens when a user tries to publish messages?

  • A Messages will be published successfully.
  • B Access denied error will occur.
  • C Only some users can publish.
  • D No messages will be processed.
Explanation If no access control policies are defined, the default behavior allows publishing by anyone, while other options suggest restrictive outcomes that do not occur.
Q226

Which service allows users to manage Docker containers?

  • A Google Kubernetes Engine
  • B Cloud Functions
  • C App Engine
  • D Cloud Run
Explanation Google Kubernetes Engine orchestrates Docker containers, while others handle different compute services.
Q227

A company needs to store sensitive user data securely. Which database option should they use?

  • A BigQuery
  • B Cloud SQL with encryption
  • C Firestore without rules
  • D Spanner with no IAM roles
Explanation Cloud SQL with encryption provides the necessary security for sensitive data, while the others are less secure or improper choices.
Q228

You are configuring a Virtual Private Cloud (VPC). What happens when you use a custom subnet?

  • A Resources are isolated from the internet
  • B All services are automatically allowed
  • C IP ranges cannot be defined
  • D Subnet does not support Peering
Explanation Custom subnets provide isolation, while the others present incorrect functionalities.
Q229

Which service is used for managing containerized applications?

  • A Google Kubernetes Engine
  • B Google App Engine
  • C Google Cloud Functions
  • D Google Compute Engine
Explanation Google Kubernetes Engine is specifically designed for managing containers, while the other options serve different purposes.
Q230

A company needs to store sensitive data securely. What is the best practice?

  • A Use public cloud storage
  • B Encrypt the data at rest
  • C Leave data unencrypted
  • D Use only local storage
Explanation Encrypting data at rest adds security; other options expose sensitive data.