Google Cloud

Google Cloud Certified – Professional Security Operations Engineer

PR000330

Get certified as a Professional Security Operations Engineer with exam code PR000330 to validate your security operations skills in Google Cloud.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 101–110 of 486

Q101

A company needs to monitor API usage and practices good security hygiene. What should they enable?

  • A Cloud Audit Logs
  • B IAM Policies
  • C Cloud Load Balancing
  • D Data Loss Prevention
Explanation Cloud Audit Logs track API usage, while others serve different purposes.
Q102

What happens when you enable Public Access on a Google Cloud Storage bucket?

  • A Files are openly accessible online
  • B Files are encrypted automatically
  • C Bucket can only be accessed by IAM
  • D Public access is restricted by default
Explanation Public access allows anyone to access files, unlike options B, C, and D.
Q103

Which Google Cloud service is primarily used for real-time data analytics?

  • A BigQuery
  • B Cloud Spanner
  • C Cloud Firestore
  • D Google Drive
Explanation BigQuery is optimized for real-time analytics, while the others serve different purposes.
Q104

A company needs to manage user access to its GCP resources securely. What should they implement?

  • A Public IP addresses
  • B Role-Based Access Control (RBAC)
  • C Static Firewall Rules
  • D Google Cloud Storage
Explanation RBAC effectively controls user permissions, unlike public IPs and firewall rules that don't manage user access.
Q105

You are configuring Cloud Armor for a web application. What happens when you enable security policies?

  • A All traffic is blocked immediately
  • B Only malicious traffic is routed to GCP
  • C Traffic is filtered based on defined rules
  • D Web traffic is redirected to storage buckets
Explanation Security policies filter traffic based on specified rules, while the other options do not reflect correct functionality.
Q106

Which service provides DDoS protection for users?

  • A Cloud Armor
  • B Cloud Run
  • C Cloud Functions
  • D Cloud Pub/Sub
Explanation Cloud Armor is specifically designed for DDoS protection; the others do not offer this functionality.
Q107

A company needs to manage user permissions across multiple GCP services. What should they implement?

  • A Service Accounts
  • B IAM Roles
  • C Cloud Functions
  • D Stackdriver Logging
Explanation IAM Roles help manage permissions across services; Service Accounts just manage identities.
Q108

You are configuring a Cloud Storage bucket. What happens when you set the uniform bucket-level access?

  • A IAM policies apply only to objects
  • B Only owners can access the bucket
  • C Bucket-level policies override object-level policies
  • D Objects rights cannot be set individually
Explanation Uniform access means bucket policies govern all access; individual object policies are ignored.
Q109

Which GCP service is specifically designed for managing secrets?

  • A Cloud Secret Manager
  • B Cloud Storage
  • C Cloud Functions
  • D Cloud Firestore
Explanation Cloud Secret Manager is designed for managing and accessing secrets securely, unlike the other options.
Q110

A company needs to analyze logs to detect potential security threats. Which GCP service provides advanced log analysis capabilities?

  • A Cloud Logging
  • B Cloud Monitoring
  • C Cloud Pub/Sub
  • D BigQuery
Explanation BigQuery's powerful querying capabilities facilitate advanced log analysis beyond basic logging.