Google Cloud

Google Cloud Certified – Professional Cloud Security Engineer

PR000224
Popular Trending

Get certified as a Professional Cloud Security Engineer with exam code PR000224 to validate your security skills in Google Cloud.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 201–210 of 483

Q201

What happens when you delete a Cloud Identity resource?

  • A Data is instantly removed
  • B Data is archived
  • C Access is revoked immediately
  • D No immediate changes occur
Explanation Access is revoked immediately when a resource is deleted; the other options inaccurately describe the process.
Q202

Which Google Cloud service is best for data analytics?

  • A BigQuery
  • B Cloud Pub/Sub
  • C Cloud Storage
  • D Cloud Functions
Explanation BigQuery specifically offers powerful data analytics capabilities, while others do not focus primarily on analytics.
Q203

A company needs to hide specific sensitive data in their logs. What should they implement?

  • A Data encryption
  • B Log redaction
  • C Access controls
  • D Network segmentation
Explanation Log redaction specifically targets sensitive information in logs unlike other options.
Q204

What happens when an IAM policy is defined more broadly than necessary?

  • A Increased security
  • B Access denial
  • C Increased risk of a breach
  • D Enhanced resource management
Explanation Broader IAM policies increase the chances of unauthorized access, making security weaker.
Q205

Which service helps manage IAM roles and permissions?

  • A Cloud Identity
  • B Cloud Storage
  • C BigQuery
  • D Compute Engine
Explanation Cloud Identity manages IAM roles effectively; others focus on storage or compute.
Q206

A company needs to ensure data is encrypted at rest and in transit. Which GCP service should they implement?

  • A Cloud Functions
  • B Cloud Storage
  • C Cloud Key Management
  • D Cloud Pub/Sub
Explanation Cloud Key Management provides encryption key management, while others do not focus specifically on encryption.
Q207

What happens when Google Cloud firewall rules are misconfigured?

  • A All traffic is blocked immediately
  • B Traffic may be allowed inadvertently
  • C Firewall rules will default to allow
  • D No impact on existing traffic
Explanation Misconfigured rules can inadvertently expose services if not properly checked; others misstate typical behavior.
Q208

Which service provides Identity and Access Management in Google Cloud?

  • A Google Cloud IAM
  • B Google Cloud Functions
  • C Google Cloud Storage
  • D Google Cloud Pub/Sub
Explanation Google Cloud IAM manages user access; others do not.
Q209

A company needs to analyze security alerts across multiple projects. Which service should they use?

  • A Cloud Security Command Center
  • B Cloud Pub/Sub
  • C VPC Service Controls
  • D Cloud Load Balancing
Explanation Cloud Security Command Center aggregates alerts; others don't specialize in this.
Q210

You are configuring data encryption. What happens when you set up a key rotation policy?

  • A Old keys are deleted instantly
  • B New keys encrypt all existing data
  • C Future data uses new keys only
  • D All data is decrypted automatically
Explanation Key rotation means new data uses new keys; others incorrectly describe key deletion or data actions.