Google Cloud

Google Cloud Certified – Professional Cloud Network Engineer

PR000240

Become a certified Professional Cloud Network Engineer with exam code PR000240 to validate your networking skills in Google Cloud.

492 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 391–400 of 492

Q391

Which service provides load balancing across multiple regions?

  • A Global Load Balancer
  • B Internal Load Balancer
  • C Cloud CDN
  • D Cloud Functions
Explanation Global Load Balancer distributes traffic globally, while others serve different needs.
Q392

A company needs to securely manage API access. Which Google service should it use?

  • A Cloud IAM
  • B Google Pub/Sub
  • C Cloud NAT
  • D Cloud DNS
Explanation Cloud IAM manages access permissions; the others don't manage API access.
Q393

What happens when a VM instance exceeds its allocated quota?

  • A Instance crashes immediately
  • B New resources cannot be created
  • C Instance automatically downsizes
  • D Quota increases automatically
Explanation Exceeding a quota prevents new resource allocation, while others misrepresent expected behaviors.
Q394

Which Google Cloud service is best for event-driven architectures?

  • A Cloud Functions
  • B Compute Engine
  • C Cloud Storage
  • D Cloud SQL
Explanation Cloud Functions allows you to run code in response to events, making it ideal for event-driven architectures. The other services are not primarily designed for event-driven execution.
Q395

A company needs to establish a global, private network between its Google Cloud regions. Which service should they use?

  • A Google Cloud VPN
  • B Dedicated Interconnect
  • C Cloud CDN
  • D VPC Peering
Explanation Dedicated Interconnect provides a high-capacity link for private, low-latency connectivity across regions. The other options do not meet the requirements for a global private network.
Q396

What happens when a Google Cloud VPC firewall rule is improperly configured to allow all ingress traffic?

  • A Extra charge for use
  • B Security risk increases
  • C No traffic allowed
  • D Internal communication blocked
Explanation Allowing all ingress traffic creates a major security risk by exposing resources to outside threats. Other options do not accurately reflect the implications of this misconfiguration.
Q397

Which service is best for implementing hybrid cloud connectivity?

  • A Cloud VPN
  • B Cloud Storage
  • C Cloud Functions
  • D Cloud Firestore
Explanation Cloud VPN provides secure network connections, while the others do not facilitate hybrid connectivity.
Q398

A company needs to manage user access across multiple projects in Google Cloud. Which service should they use?

  • A IAM Service Accounts
  • B Identity-Aware Proxy
  • C Cloud Resource Manager
  • D Cloud Load Balancer
Explanation Cloud Resource Manager allows effective project access management, unlike the other services listed.
Q399

You are configuring a firewall rule to allow HTTPS traffic. What happens if you accidentally specify the protocol as FTP?

  • A HTTPS will be allowed.
  • B No traffic will be allowed.
  • C Only FTP traffic will be allowed.
  • D Both HTTPS and FTP traffic allowed.
Explanation Only FTP traffic will be allowed, as the specified protocol restricts the accepted traffic type.
Q400

Which service allows you to deploy applications in a containerized environment?

  • A Google Kubernetes Engine
  • B Compute Engine
  • C Cloud Storage
  • D Cloud Functions
Explanation Google Kubernetes Engine is specifically designed for container orchestration, while the others serve different purposes.