Google Cloud

Google Cloud Certified – Professional Security Operations Engineer

PR000330

Get certified as a Professional Security Operations Engineer with exam code PR000330 to validate your security operations skills in Google Cloud.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 321–330 of 486

Q321

You are configuring a firewall rule in Google Cloud. What happens when the priority is set lower than existing rules?

  • A It will override existing rules.
  • B It will be ignored.
  • C It is evaluated first.
  • D It will have lower precedence.
Explanation Lower priority values take precedence; a rule with lower priority is evaluated after higher-priority rules.
Q322

Which Google Cloud service provides integrated security analytics?

  • A Cloud Security Command Center
  • B Cloud AI Platform
  • C Cloud Dataflow
  • D Cloud Pub/Sub
Explanation Cloud Security Command Center offers integrated security analytics, while the others serve different purposes.
Q323

A company needs to monitor container security in real time. Which Google Cloud feature should they use?

  • A VPC Service Controls
  • B Cloud Run
  • C Anthos Config Management
  • D Container Analysis
Explanation Container Analysis helps monitor container vulnerabilities, while the others do not focus on real-time container security monitoring.
Q324

What happens when a Google Cloud Function times out during execution?

  • A It continues to execute in the background
  • B The execution is terminated immediately
  • C The result is stored for next run
  • D An error log is generated only
Explanation The execution of a Google Cloud Function is terminated immediately upon timeout to prevent hanging processes, while others incorrectly suggest continued execution or logging only.
Q325

Which service can be used for incident response automation in Google Cloud?

  • A Cloud Functions
  • B Cloud Logging
  • C Cloud Pub/Sub
  • D Cloud Security Command Center
Explanation Cloud Security Command Center provides tools for security insights and incident responses, while others are more suited for application tasks or monitoring.
Q326

A company’s data needs to remain accessible but also highly secure during cloud migration. What Google Cloud feature helps achieve this?

  • A Cloud Armor
  • B Access Context Manager
  • C Cloud IAM roles
  • D VPC Service Controls
Explanation VPC Service Controls help protect Google Cloud data services from data exfiltration risks during migrations, unlike the other options which serve different purposes.
Q327

You are configuring alerts for suspicious activities in a Google Cloud project. Which tool would you primarily use?

  • A Cloud Functions
  • B Cloud Audit Logs
  • C Stackdriver Monitoring
  • D Cloud Security Scanner
Explanation Stackdriver Monitoring allows you to set up metric-based alerts and is best suited for monitoring suspicious activities, unlike the others that focus on different aspects.
Q328

Which Google Cloud service is best for creating a centralized logging solution?

  • A Cloud Logging
  • B Cloud Storage
  • C Cloud Pub/Sub
  • D Cloud Functions
Explanation Cloud Logging captures and stores logs centrally, while others do not focus on logging.
Q329

A company needs to ensure that its Kubernetes clusters are monitored for security risks. What should they implement?

  • A VPC Peering
  • B Container Analysis
  • C BigQuery
  • D IAM Policies
Explanation Container Analysis provides vulnerability scanning for images, while the other options do not focus on Kubernetes security.
Q330

What happens when a Google Cloud IAM role is assigned to a resource without the appropriate permissions?

  • A Immediate access denied
  • B Access granted based on hierarchy
  • C Access only during business hours
  • D Temporary permissions granted
Explanation Immediate access denied occurs if permissions aren't adequate; hierarchy affects access but does not grant permissions independently.