Google Cloud

Google Cloud Certified – Professional Cloud Network Engineer

PR000240

Become a certified Professional Cloud Network Engineer with exam code PR000240 to validate your networking skills in Google Cloud.

492 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 221–230 of 492

Q221

A company needs to control access between services in their GCP project. What should they use?

  • A Firewall Rules
  • B VPC Peering
  • C IAM Roles
  • D Cloud Load Balancer
Explanation IAM Roles control service access; others do not manage permissions between services directly.
Q222

What happens when a VM instance is deleted in GCP without a snapshot?

  • A All data is lost
  • B Data is backed up
  • C Instance restarts automatically
  • D Data is archived
Explanation Deleting a VM without a snapshot removes all attached data, while others imply retention or recovery inaccurately.
Q223

Which service allows virtual private cloud peering?

  • A Cloud Run
  • B Cloud Functions
  • C VPC Network
  • D Cloud Storage
Explanation VPC Network allows for private connectivity between clouds while the others do not.
Q224

A company needs to limit access to sensitive instances based on user identity. What is the best approach?

  • A Use IAM roles
  • B Use firewall rules
  • C Use network tags
  • D Use service accounts
Explanation IAM roles control permissions at the user level, unlike the other options.
Q225

What happens when a Compute Engine instance’s firewall rule is set to deny all traffic?

  • A Instance restarts automatically
  • B All inbound connections blocked
  • C DNS resolution fails
  • D SSH access still permitted
Explanation Denying all traffic blocks inbound connections, while others are incorrect consequences.
Q226

A company needs to ensure strict access control for its GCP resources. Which service should they primarily use?

  • A IAM
  • B VPC
  • C Cloud Functions
  • D Cloud Storage
Explanation IAM allows fine-grained access management for resources; others do not focus on access control.
Q227

What happens when you configure a VPC Peering connection between two GCP projects?

  • A Direct communication between VPCs is established.
  • B Firewall rules are automatically shared.
  • C Both VPCs must be in the same region.
  • D It creates a VPN between the projects.
Explanation VPC Peering enables private communication; other options describe incorrect behaviors or requirements.
Q228

You are configuring a load balancer for a web application in GCP. Which option must the backend instance groups support?

  • A Instance group auto-scaling
  • B HTTP/HTTPS health checks
  • C Only pre-defined instance types
  • D On-premise connectivity
Explanation HTTP/HTTPS health checks are mandatory for backends; others are either optional or incorrect specifications.
Q229

Which service allows for private network connections to Google Cloud?

  • A Google Cloud VPN
  • B Google Cloud Storage
  • C Google Pub/Sub
  • D Google Functions
Explanation Google Cloud VPN enables secure private network connections, while the other services do not provide VPN capabilities.
Q230

A company needs to restrict certain IP addresses from accessing its virtual machine instances. What should you implement?

  • A Firewall rules
  • B IAM policies
  • C Endpoints
  • D Load balancers
Explanation Firewall rules are specifically designed to manage access based on IP addresses, unlike the other options.