Google Cloud

Google Cloud Certified – Professional Cloud Security Engineer

PR000224
Popular Trending

Get certified as a Professional Cloud Security Engineer with exam code PR000224 to validate your security skills in Google Cloud.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 141–150 of 483

Q141

What happens when a Google Cloud bucket is set to 'Uniform Bucket-Level Access'?

  • A IAM roles apply to objects individually
  • B Permissions are evaluated at the bucket level
  • C Public access is automatically granted
  • D Only storage admins can access
Explanation Permissions are evaluated at the bucket level, simplifying management.
Q142

Which service should you use for real-time event handling?

  • A Cloud Pub/Sub
  • B Cloud Storage
  • C Google Drive
  • D Cloud SQL
Explanation Cloud Pub/Sub provides real-time messaging capabilities, while the others do not support real-time event processing.
Q143

A company needs to ensure that sensitive data is encrypted while at rest. What should they implement?

  • A Cloud IAM Roles
  • B Cloud Key Management Service
  • C Cloud Functions
  • D Google Cloud CDN
Explanation Cloud Key Management Service enables encryption of data at rest, unlike the other options.
Q144

You are configuring a load balancer for your application. What happens if health checks fail?

  • A Traffic is routed to unhealthy instances
  • B Instances are temporarily removed from service
  • C Load balancer shuts down completely
  • D No affect on traffic distribution
Explanation Failed health checks lead to removing unhealthy instances from rotation, ensuring traffic only goes to healthy ones.
Q145

Which service is primarily used for logging in GCP?

  • A Cloud Audit Logs
  • B Cloud Monitoring
  • C Cloud Data Loss Prevention
  • D Cloud Storage
Explanation Cloud Audit Logs captures all activities, whereas others have different functionalities.
Q146

A company needs to ensure compliance with data residency laws using GCP. Which feature should they use?

  • A Data Loss Prevention
  • B Resource Locations
  • C Persistent Disk Snapshots
  • D Kubernetes Locations
Explanation Resource Locations allows deployment in specific regions, ensuring data residency compliance.
Q147

You are configuring a firewall rule. What happens if you set the priority higher than 1000?

  • A Rule will be denied.
  • B Rule will be ignored.
  • C Rule has no effect.
  • D Rule is applied normally.
Explanation A rule with priority > 1000 is still valid and applies normally within the defined range.
Q148

Which Google Cloud service helps manage sensitive data encryption keys?

  • A Cloud Key Management Service
  • B Cloud Storage
  • C Cloud Pub/Sub
  • D Cloud Functions
Explanation Cloud Key Management Service is designed for managing encryption keys, while the others serve different functions.
Q149

A company needs to ensure only specific IP ranges can access its Cloud SQL instances. What should they implement?

  • A Service Accounts
  • B VPC Service Controls
  • C Authorized Networks
  • D Compute Engine Firewall
Explanation Authorized Networks directly restricts access by IP ranges, whereas the other options do not serve this specific purpose.
Q150

What happens when you enable 'Object Versioning' in Google Cloud Storage?

  • A Costs decrease significantly
  • B Deleted objects are permanently lost
  • C Previous versions of objects are retained
  • D Access controls are disabled
Explanation Enabling Object Versioning retains previous versions, while the others do not accurately represent the feature's behavior.