Google Cloud

Google Cloud Certified – Professional Cloud Security Engineer

PR000224
Popular Trending

Get certified as a Professional Cloud Security Engineer with exam code PR000224 to validate your security skills in Google Cloud.

483 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 51–60 of 483

Q51

What happens when you disable the IAM policy for a Google Cloud project?

  • A No user can access resources.
  • B All users retain their previous access.
  • C Services stop functioning immediately.
  • D Existing users are granted full access.
Explanation Disabling an IAM policy effectively removes all roles and permissions defined in it, preventing user access.
Q52

Which Google Cloud service provides a scalable object storage solution?

  • A Cloud Storage
  • B BigQuery
  • C Compute Engine
  • D Cloud Pub/Sub
Explanation Cloud Storage is specifically designed for object storage, while the others serve different purposes.
Q53

A company needs to secure its API endpoints. What should they implement?

  • A Service accounts
  • B API keys
  • C IAM roles
  • D VPC peering
Explanation API keys provide a layer of access control for securing API endpoints, unlike the other options.
Q54

What happens when you set a Cloud IAM policy with 'deny' permissions?

  • A Overrides all allow policies
  • B Grants permissions to everyone
  • C Increases user access
  • D Only affects the service account
Explanation A deny policy overrides allow policies, prohibiting access even if another policy grants it.
Q55

Which service allows for centralized IAM policies in GCP?

  • A Cloud Identity
  • B Cloud Functions
  • C Cloud Run
  • D Cloud Storage
Explanation Cloud Identity provides centralized identity management, while others do not focus on IAM policies.
Q56

A company needs to log all access to Cloud Storage buckets. Which tool should they use?

  • A Stackdriver Monitoring
  • B Cloud Audit Logs
  • C BigQuery
  • D Cloud Functions
Explanation Cloud Audit Logs automatically logs access to Cloud Storage, unlike the other options.
Q57

You are configuring a VPC Firewall rule. What happens when you set 'Allow all traffic'?

  • A Blocks all inbound traffic
  • B Permits all traffic, inbound and outbound
  • C Blocks all outbound traffic
  • D Only permits HTTP traffic
Explanation 'Allow all traffic' permits all inbound and outbound traffic, whereas other options limit traffic types.
Q58

Which service provides identity management in GCP?

  • A Cloud Identity
  • B Cloud Pub/Sub
  • C Cloud Functions
  • D Cloud Datastore
Explanation Cloud Identity is specifically designed for identity management, while the others serve different purposes.
Q59

A company needs to enable encryption at rest for stored data. Which GCP service should they configure?

  • A Cloud Storage
  • B BigQuery
  • C Cloud SQL
  • D All of the above
Explanation All listed services support encryption at rest as a fundamental feature.
Q60

You are configuring VPC Peering. What happens if you attempt to peer VPCs in different regions?

  • A Peering will succeed without issues
  • B Only specific zones will connect
  • C Peering is not allowed between regions
  • D Peering is automatically set to defaults
Explanation VPC Peering is only allowed within the same region in GCP.