Google Cloud

Google Cloud Certified – Professional Cloud Security Engineer

PR000224
Popular Trending

Get certified as a Professional Cloud Security Engineer with exam code PR000224 to validate your security skills in Google Cloud.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 451–460 of 483

Q451

Which service allows encrypted communication between Google Cloud services?

  • A Cloud Armor
  • B VPC Service Controls
  • C Google Cloud Load Balancing
  • D Cloud Logging
Explanation Cloud Load Balancing provides SSL offloading for encrypted traffic; the others focus on different aspects of security or service management.
Q452

A company needs to store sensitive data but also comply with GDPR. Which Google Cloud service should they utilize for data access control?

  • A BigQuery
  • B Cloud Storage
  • C Cloud IAM
  • D Cloud Pub/Sub
Explanation Cloud IAM controls access to resources and is essential for compliance; the others are data storage or messaging services that do not govern access by themselves.
Q453

What happens when a firewall rule is defined but not applied to any VPC in Google Cloud?

  • A It affects all VPCs automatically
  • B It serves no purpose
  • C It is applied to all egress traffic
  • D It logs all denied connections
Explanation An unassigned firewall rule has no effect, while others misinterpret its usage across VPCs or assumed logging capabilities.
Q454

Which service manages user identities in GCP?

  • A Cloud Identity
  • B Cloud Functions
  • C Cloud SQL
  • D Cloud Firestore
Explanation Cloud Identity manages user identities, while others serve different purposes.
Q455

A company needs to encrypt its data in transit. What should they implement?

  • A VPC Peering
  • B TLS/SSL
  • C Cloud Storage
  • D IAM Roles
Explanation TLS/SSL provides encryption in transit, while others do not specifically address this need.
Q456

What happens when you apply a security policy to a project?

  • A Access is granted to all users
  • B Existing policies are overridden
  • C No effect on resources
  • D Access is restricted to specified roles
Explanation The security policy restricts access to roles defined.
Q457

Which service provides centralized control over permissions in Google Cloud?

  • A Cloud IAM
  • B Cloud Functions
  • C Cloud Run
  • D Cloud CDN
Explanation Cloud IAM manages user permissions across Google Cloud, while the others serve different purposes.
Q458

A company needs to ensure data encryption at rest in Cloud Storage. What should they enable?

  • A Customer-managed encryption keys
  • B Network security group
  • C Cloud Pub/Sub
  • D Cloud Load Balancer
Explanation Customer-managed encryption keys provide control over data encryption, while other options don't address data encryption directly.
Q459

You are configuring a VPC firewall rule. What happens if you set the action to 'allow' and the direction to 'ingress'?

  • A Blocks incoming traffic
  • B Allows incoming traffic
  • C Allows all types of traffic
  • D Blocks all outgoing traffic
Explanation Setting 'allow' with 'ingress' permits incoming traffic; the other options are incorrect interpretations of the settings.
Q460

Which Google Cloud service provides a unified security management platform?

  • A Google Cloud Security Command Center
  • B Google Kubernetes Engine
  • C BigQuery
  • D Cloud Pub/Sub
Explanation The Security Command Center provides a comprehensive view of security across Google Cloud resources, while the others serve different purposes.