Google Cloud

Google Cloud Certified – Professional Cloud Security Engineer

PR000224
Popular Trending

Get certified as a Professional Cloud Security Engineer with exam code PR000224 to validate your security skills in Google Cloud.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 151–160 of 483

Q151

Which service helps to manage access to Google Cloud resources?

  • A Identity and Access Management (IAM)
  • B Cloud Functions
  • C Cloud Storage
  • D Cloud Pub/Sub
Explanation IAM is specifically designed for managing access controls, while the others serve different purposes.
Q152

A company needs to secure its Google Cloud Storage buckets against public access. What feature should they use?

  • A Bucket Policies
  • B Uniform Bucket-Level Access
  • C Object Versioning
  • D Coldline Storage
Explanation Uniform Bucket-Level Access restricts access at the bucket level, while bucket policies offer more granular control.
Q153

You are configuring a Virtual Private Cloud (VPC) network in Google Cloud. What happens when you enable Private Google Access?

  • A Instances can access Google services privately
  • B Enable public IPs for all instances
  • C Increase network latency significantly
  • D Disable all outbound traffic
Explanation Enabling Private Google Access allows instances without public IPs to reach Google services securely, not affecting latency or outbound rules.
Q154

Which service would you use for VM instance firewall management?

  • A Cloud Armor
  • B VPC Firewall
  • C Cloud Identity
  • D Cloud NAT
Explanation VPC Firewall manages traffic rules, while others do not.
Q155

A company needs to ensure secure access to its GCP environment from third-party vendors. What is the best approach?

  • A Use service accounts for API access
  • B Implement IAM roles for vendors
  • C Share personal credentials securely
  • D Enable public access to services
Explanation IAM roles are secure ways to delegate permissions to vendors.
Q156

What happens when you assign a more permissive IAM role to a service account without examining existing policies?

  • A Increased audit logs will be generated
  • B No impact on existing permissions
  • C Potential security vulnerabilities arise
  • D Service account becomes inactive
Explanation More permissive roles can expose sensitive resources if not reviewed carefully.
Q157

Which service allows for centralized identity management in Google Cloud?

  • A Cloud Identity
  • B Cloud Functions
  • C Cloud Pub/Sub
  • D Cloud Build
Explanation Cloud Identity helps manage users and permissions, while others serve different functions.
Q158

A company needs to ensure that their data is encrypted both at rest and in transit. Which service would best help evaluate this?

  • A Cloud Data Loss Prevention
  • B Cloud Resource Manager
  • C Cloud Armor
  • D Cloud Storage
Explanation Cloud Data Loss Prevention specifically assesses data security, while others focus on resource management or protection against attacks.
Q159

You are configuring IAM roles in Google Cloud and want to grant access only for viewing VM instances. Which role should you assign?

  • A Compute Viewer
  • B Compute Admin
  • C Editor
  • D Owner
Explanation Compute Viewer allows read access, while the others grant higher access levels than necessary.
Q160

Which service provides threat detection in Google Cloud?

  • A Security Command Center
  • B Cloud Spanner
  • C BigQuery
  • D Cloud Pub/Sub
Explanation Security Command Center offers comprehensive threat detection, while others are for databases or messaging.