Google Cloud

Google Cloud Certified – Professional Security Operations Engineer

PR000330

Get certified as a Professional Security Operations Engineer with exam code PR000330 to validate your security operations skills in Google Cloud.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 301–310 of 486

Q301

Which service provides real-time data streaming for analytics?

  • A Cloud Pub/Sub
  • B Cloud Storage
  • C BigQuery
  • D Cloud Functions
Explanation Cloud Pub/Sub enables real-time data streaming, while others are for storage or processing.
Q302

A company needs to comply with GDPR by controlling data access. What should they implement?

  • A Cloud Key Management
  • B IAM roles and permissions
  • C Cloud Armor
  • D Cloud VPN
Explanation IAM roles and permissions control data access; others address security but do not manage access.
Q303

What happens when you enable VPC Flow Logs on a subnet?

  • A Improves Network Speed
  • B Captures traffic data
  • C Encrypts all traffic
  • D Limits API requests
Explanation VPC Flow Logs capture and store traffic data for monitoring; others present incorrect functionalities.
Q304

Which Google Cloud service provides real-time monitoring and logging?

  • A Cloud Logging
  • B Cloud Storage
  • C Cloud Functions
  • D Cloud Spanner
Explanation Cloud Logging captures and stores logs, enabling real-time monitoring, while others serve different purposes.
Q305

What happens when a service account reaches its quota limits?

  • A It gets automatically deleted
  • B New requests are denied
  • C Existing requests are halted
  • D Monitoring is disabled
Explanation When quota limits are reached, new requests are denied, but existing operations continue until completion.
Q306

You are configuring IAM roles for a research project. Which approach grants minimum privilege?

  • A Use pre-defined roles only
  • B Create custom roles for research
  • C Assign admin roles for ease
  • D Grant all users the same roles
Explanation Creating custom roles allows for precise privilege management, while the other options over-provision access.
Q307

Which Google Cloud service provides DDoS protection?

  • A Google Cloud Armor
  • B Google Firewall
  • C Cloud CDN
  • D Cloud Pub/Sub
Explanation Google Cloud Armor is specifically designed for DDoS protection, while the others serve different functions.
Q308

A company needs to effectively monitor its security logs. Which Google Cloud service should they use?

  • A Cloud Monitoring
  • B Cloud Logging
  • C Cloud Trace
  • D Cloud Security Scanner
Explanation Cloud Logging is for aggregating and reviewing security logs, whereas the others are used for different monitoring tasks.
Q309

What happens when you configure a VPC subnet without specifying an IP range?

  • A Subnet defaults to the global IP range
  • B Subnet creation fails
  • C Subnet uses a private IP range
  • D Subnet becomes publicly accessible
Explanation A VPC subnet must have a specified IP range, or the creation will fail due to configuration requirements.
Q310

Which service in Google Cloud manages container orchestration?

  • A Google Kubernetes Engine
  • B Cloud Functions
  • C App Engine
  • D Compute Engine
Explanation Google Kubernetes Engine is specifically designed for container orchestration, unlike the other options which have different focuses.