Google Cloud

Google Cloud Certified – Professional Security Operations Engineer

PR000330

Get certified as a Professional Security Operations Engineer with exam code PR000330 to validate your security operations skills in Google Cloud.

486 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 451–460 of 486

Q451

Which service provides automated security assessments in GCP?

  • A Cloud Security Command Center
  • B Cloud Armor
  • C Google Cloud Pub/Sub
  • D Cloud Load Balancing
Explanation Cloud Security Command Center offers automated security assessments, while the other options serve different purposes.
Q452

A company needs to restrict IAM role changes. Which GCP feature achieves this?

  • A Audit Logs
  • B Service Account
  • C Org Policy
  • D Cloud Identity
Explanation Org Policy can enforce constraints on IAM role changes, while the other options do not directly restrict such changes.
Q453

What happens when you disable a firewall rule in GCP?

  • A Traffic is still allowed
  • B Traffic is completely denied
  • C Rule can be reused
  • D Rule is permanently deleted
Explanation Disabling a firewall rule allows it to be reused without deletion, while A and B are incorrect interpretations of the action.
Q454

Which service is designed for real-time event streaming in GCP?

  • A Pub/Sub
  • B Cloud Storage
  • C Cloud Functions
  • D Cloud SQL
Explanation Pub/Sub is specifically formulated for real-time event streaming, while others serve different purposes.
Q455

A company needs to maintain security compliance for its sensitive data stored in BigQuery. What should it implement?

  • A Audit logging
  • B Dataflow pipelines
  • C Static IPs
  • D Load balancers
Explanation Audit logging is critical for tracking data access and maintaining compliance, unlike the other options.
Q456

You are configuring IAM roles for a developer. What happens if you give them 'Viewer' role on a project?

  • A Can delete resources
  • B Can view resources only
  • C Can create resources
  • D Can edit permissions
Explanation The 'Viewer' role only allows resource viewing, not modification or deletion.
Q457

Which Google Cloud service helps manage IAM roles?

  • A IAM Policy Simulator
  • B Security Scanner
  • C Cloud Armor
  • D Cloud Logging
Explanation IAM Policy Simulator tests policies, not Security Scanner or Cloud Armor.
Q458

You are configuring VPC service controls for sensitive data. What will this achieve?

  • A Increased architecture complexity
  • B Better identity verification
  • C Isolation of resources to prevent data exfiltration
  • D Enhancement of logging capabilities
Explanation VPC service controls isolate resources, preventing unauthorized access.
Q459

A company needs to analyze log data in real-time. Which Google Cloud service should they use?

  • A Cloud Pub/Sub
  • B Cloud Storage
  • C Dataflow
  • D Cloud Functions
Explanation Dataflow is designed for real-time data processing, unlike the others.
Q460

Which service can help monitor your GCP resources in real-time?

  • A Cloud Monitoring
  • B Cloud SQL
  • C Cloud Storage
  • D Cloud Functions
Explanation Cloud Monitoring provides real-time observability, while others serve different purposes.