Google Cloud

Google Cloud Certified – Professional Cloud Security Engineer

PR000224
Popular Trending

Get certified as a Professional Cloud Security Engineer with exam code PR000224 to validate your security skills in Google Cloud.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 311–320 of 483

Q311

A company needs to enforce strong identity verification for all its users. Which feature should they implement?

  • A IAM Roles
  • B Cloud Identity
  • C VPC Service Controls
  • D Security Command Center
Explanation Cloud Identity provides identity and access management features; others do not primarily focus on identity verification.
Q312

What happens when a Google Cloud project reaches its 2000 quota limit for API requests?

  • A Requests are automatically approved
  • B All API requests are denied
  • C Usage is throttled
  • D Security settings are altered
Explanation Usage is throttled when the quota limit is reached; others do not accurately describe the behavior.
Q313

Which service provides identity and access management?

  • A Cloud Identity
  • B BigQuery
  • C Compute Engine
  • D Cloud Storage
Explanation Cloud Identity manages user access and identity, while the other options do not focus on IAM.
Q314

A company needs to ensure that only specific IP addresses can access its Cloud Run service. What should be configured?

  • A Firewall rules
  • B Private Google Access
  • C VPC Peering
  • D Service Account Roles
Explanation Firewall rules control access to services based on IP, while the other options do not restrict IP access.
Q315

What happens when you set a bucket policy to 'Public' in Cloud Storage?

  • A All users can read objects
  • B Only service accounts can read
  • C Anonymous users are blocked
  • D Only project owners can read
Explanation Setting a bucket policy to 'Public' allows read access to all users, while the other options misrepresent access controls.
Q316

Which service enables DDoS protection on Google Cloud?

  • A Cloud Armor
  • B Cloud CDN
  • C Cloud Functions
  • D Cloud Pub/Sub
Explanation Cloud Armor provides DDoS protection, while the others do not focus on this protection.
Q317

A company needs to manage IAM roles efficiently across multiple projects. What should they use?

  • A IAM Conditions
  • B Organization Policies
  • C Resource Hierarchy
  • D Custom Roles
Explanation Resource Hierarchy allows role management across projects, whereas others do not primarily focus on efficient role management.
Q318

You are configuring Firewall rules in Google Cloud. What happens when you set the action to 'allow'?

  • A Traffic is blocked.
  • B Traffic is permitted.
  • C Firewall doesn't affect traffic.
  • D Only egress traffic is allowed.
Explanation Setting the action to 'allow' permits incoming traffic, while the others describe incorrect behaviors.
Q319

Which service allows you to manage and automate compliance assessments in GCP?

  • A Cloud Compliance
  • B Cloud Armor
  • C Policy Intelligence
  • D Cloud Security Command Center
Explanation Cloud Security Command Center centralizes security management, including compliance.
Q320

You are configuring a Cloud Pub/Sub topic for sensitive data. What setting should you enable?

  • A Message Retention
  • B Default Acknowledge Timeout
  • C Firewall Rules
  • D Data Encryption
Explanation Data Encryption protects sensitive information at rest and in-transit.