Google Cloud

Google Cloud Certified – Professional Cloud Developer

PR000266

Validate your skills as a Professional Cloud Developer with exam code PR000266 in Google Cloud.

495 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 21–30 of 495

Q21

What happens when IAM policies are conflicting?

  • A The deny policy takes precedence
  • B All policies are ignored.
  • C Access is granted blindly.
  • D The allow policy takes precedence.
Explanation In IAM, deny policies always take precedence over allow policies, ensuring tighter security.
Q22

Which service is best for serverless application deployment?

  • A Cloud Functions
  • B Compute Engine
  • C App Engine
  • D Cloud Storage
Explanation Cloud Functions is specifically designed for serverless functions, while others require more management or are not serverless.
Q23

A company needs low-latency access to its databases across multiple regions. Which option fulfills this requirement?

  • A Cloud Spanner
  • B Cloud SQL
  • C Firestore
  • D BigQuery
Explanation Cloud Spanner is designed for global distribution and low-latency access, unlike the others which are better for specific use cases.
Q24

What happens when you set IAM roles on a project but not on any individual resources?

  • A Roles apply to all resources
  • B No roles are recognized
  • C Only some roles apply
  • D Roles conflict with service accounts
Explanation IAM roles granted at the project level apply to all resources within that project by default.
Q25

Which service should a developer use for managing event-driven applications?

  • A Cloud Functions
  • B Cloud Storage
  • C Cloud App Engine
  • D Cloud Run
Explanation Cloud Functions is designed for event-driven architectures, while others aren't.
Q26

You are configuring a VPC and need to control access to your APIs. Which feature should you enable?

  • A Cloud Deployment Manager
  • B VPC Service Controls
  • C Cloud Pub/Sub
  • D Stackdriver Monitoring
Explanation VPC Service Controls enhance security by defining perimeter boundaries.
Q27

What happens when you set a Cloud Storage object's ACL to 'private'?

  • A Public access granted for everyone
  • B Only owner can access object
  • C All project members gain access
  • D Object is deleted permanently
Explanation A 'private' ACL restricts access only to the owner.
Q28

Which service is best for serverless application deployment?

  • A Google Cloud Functions
  • B Google Kubernetes Engine
  • C Google Compute Engine
  • D Google App Engine
Explanation Google Cloud Functions is designed for event-driven, serverless applications; GKE and GCE are more for containerized and VM deployments respectively.
Q29

You are configuring Cloud Pub/Sub. What happens when a subscriber is too slow to process messages?

  • A Messages are deleted immediately.
  • B Messages are stored forever.
  • C Messages are temporarily stored.
  • D Messages are sent to other subscribers.
Explanation Messages are temporarily retained until acknowledged or the retention duration expires; they are not deleted nor sent elsewhere.
Q30

A company needs to ensure its Compute Engine instance can access Google Cloud Storage securely. What should they use?

  • A OAuth 2.0 tokens
  • B Service accounts
  • C IAM roles
  • D VPC Peering
Explanation Service accounts grant the instance authorized access to GCS resources, while IAM roles define what actions can be done.