Google Cloud

Google Cloud Certified – Professional Security Operations Engineer

PR000330

Get certified as a Professional Security Operations Engineer with exam code PR000330 to validate your security operations skills in Google Cloud.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 351–360 of 486

Q351

What happens when a VM instance in Google Cloud is terminated?

  • A Data is permanently deleted
  • B All settings are retained
  • C Instance can be restarted
  • D Binary data is saved
Explanation Terminating a VM permanently removes its data, while the others do not accurately represent VM behavior.
Q352

Which service collects and aggregates security-linked data?

  • A Cloud Logging
  • B Cloud Armor
  • C Cloud Pub/Sub
  • D Cloud Functions
Explanation Cloud Logging collects and manages security data; the others serve different purposes.
Q353

A company needs to manage access to its GCP resources based on roles. Which service should they use?

  • A Cloud Identity
  • B Cloud IAM
  • C Cloud Resource Manager
  • D Cloud Monitoring
Explanation Cloud IAM manages access roles; the others do not manage security policies effectively.
Q354

What happens when a Cloud Function exceeds its execution time limit?

  • A It automatically restarts.
  • B It returns an error.
  • C It logs the execution.
  • D It cancels the function execution.
Explanation Exceeding time limits results in an error; restarting, logging, and cancellation actions are incorrect outcomes.
Q355

Which service provides identity and access control for resources?

  • A Cloud IAM
  • B Cloud DNS
  • C Cloud Storage
  • D Cloud Functions
Explanation Cloud IAM manages identity and permissions, while others serve different purposes.
Q356

A company needs to monitor log files in real-time. Which service should they use?

  • A Cloud Pub/Sub
  • B Cloud Functions
  • C Stackdriver Logging
  • D Cloud Run
Explanation Stackdriver Logging is specifically designed for log monitoring, unlike others.
Q357

What happens when a Google Cloud Firewall rule is created with priority 1000?

  • A It has the highest enforcement
  • B It is overridden by lower priorities
  • C It will never match
  • D Specific rules are evaluated first
Explanation Lower numbered priorities are enforced first in firewall rules, causing priority 1000 to be less effective.
Q358

Which Google Cloud service provides real-time logging and monitoring?

  • A Cloud Logging
  • B Cloud Trace
  • C Cloud Debugger
  • D Cloud Profiler
Explanation Cloud Logging captures logs and allows real-time monitoring, while the others serve different purposes.
Q359

A company needs to restrict access to its Cloud Storage buckets for internal users only. What should be implemented?

  • A IAM Roles and Conditions
  • B Public Access Prevention
  • C Cloud Armor Policies
  • D VPC Service Controls
Explanation IAM Roles and Conditions allow access control tailored to internal users, unlike the other options.
Q360

You are configuring a VPC firewall rule to allow only specific IP addresses. What happens if no 'deny' action is set?

  • A All traffic is allowed
  • B No traffic is allowed
  • C Implicit deny applied
  • D Traffic is restricted to allow rules
Explanation By default, VPC applies an implicit deny for all traffic not explicitly allowed by rules.