Google Cloud

Google Cloud Certified – Professional Cloud Security Engineer

PR000224
Popular Trending

Get certified as a Professional Cloud Security Engineer with exam code PR000224 to validate your security skills in Google Cloud.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 171–180 of 483

Q171

You are configuring a Google Cloud VPC. What happens when you enable Private Google Access?

  • A Enables public IPs for VMs
  • B Allows VMs to reach Google services privately
  • C Disables access to the internet
  • D Increases costs for egress traffic
Explanation Private Google Access lets VMs access Google APIs without external IPs; others misinterpret its function.
Q172

Which Google Cloud service provides data encryption at rest by default?

  • A Cloud Storage
  • B Cloud Pub/Sub
  • C Cloud Functions
  • D Cloud Monitoring
Explanation Cloud Storage encrypts data at rest automatically, while others do not focus primarily on data encryption.
Q173

A company needs to implement a secure certificate management solution. What should they use?

  • A Cloud Pub/Sub
  • B Cloud DNS
  • C Certificate Manager
  • D Cloud Functions
Explanation Certificate Manager is specifically designed for managing SSL/TLS certificates, while the other options do not serve this purpose.
Q174

What happens when you enable VPC Service Controls?

  • A Permits all public internet access
  • B Restricts data access based on policies
  • C Disables all API calls
  • D Automatically encrypts all VMs
Explanation VPC Service Controls restrict data access based on configured security policies, unlike the other options which are incorrect scenarios.
Q175

Which service provides process management for containerized applications on Google Cloud?

  • A Cloud Run
  • B Compute Engine
  • C Cloud Functions
  • D App Engine
Explanation Cloud Run automatically manages containers while scaling.
Q176

A company needs to control who can access resources based on user attributes. Which feature should they use?

  • A Resource hierarchy
  • B IAM roles
  • C Attribute-Based Access Control
  • D Service accounts
Explanation Attribute-Based Access Control uses user attributes for access control.
Q177

What happens when you disable a VM instance in Google Cloud?

  • A Data is deleted permanently
  • B Billing stops for the instance
  • C Instance cannot be recovered
  • D The VM is temporarily halted
Explanation Disabling a VM halts it but allows recovery.
Q178

Which service provides a unified view for security events?

  • A Google Cloud Security Command Center
  • B Google Cloud Logging
  • C Google Identity-Aware Proxy
  • D Google Cloud Armor
Explanation Google Cloud Security Command Center aggregates security data, while the others serve different purposes.
Q179

A company needs to encrypt data at rest. What should they use?

  • A Google Cloud KMS
  • B Identity-Aware Proxy
  • C Cloud Pub/Sub
  • D Firestore
Explanation Google Cloud KMS handles encryption; the other options do not provide encryption features.
Q180

You are configuring IAM roles. What happens when granting 'Viewer' access?

  • A Can read resources only
  • B Can modify resources
  • C Can delete resources
  • D Can create new resources
Explanation Viewer access allows reading only, whereas the others permit editing or deleting resources.