Bootstrapping and maintaining a Google Cloud organization Questions
Practice questions for Bootstrapping and maintaining a Google Cloud organization topic in Google Professional Cloud DevOps Engineer. 40 questions covering this domain.
An external CI system uses an OIDC identity provider and must access Google Cloud without storing long-lived service account keys. Which feature is de...
An external automation platform must access Google Cloud without keys. Some target services support direct federation, but other required APIs do not....
A service project administrator needs to create VM instances that use subnets from a Shared VPC host project. Which IAM permission is most directly re...
Your engineering organization standardizes development environments with Cloud Workstations. After the administrator updates the workstation configura...
A company wants secure, browser-accessible, repeatable development environments for a large engineering team. Administrators want centrally managed wo...
Which part of Cloud Shell persists across sessions by default?
A security team must control where a secret is replicated and also use customer-managed encryption keys. Which Secret Manager configuration best fits?
A platform team wants centralized control of VPC networks and subnets, while application teams deploy resources from their own Google Cloud projects. ...
Which statement about the relationship between Shared VPC host projects and service projects is correct?
A secret consumer always reads the alias named prod. You need to quickly roll back to the previous secret value after a bad deployment. What should yo...
A company provisions Cloud Workstations for all engineers. The security team requires that no engineer can access a workstation from outside the corpo...
A platform team uses Terraform to provision Google Cloud infrastructure. They want to store Terraform state files securely with version history and ac...
An administrator wants to prevent any principal in a project from deleting a Cloud Storage bucket used for compliance audit logs. Which feature is des...
A new project was granted access to a Shared VPC. The project's administrator wants to verify which subnets are available in the host project. Which I...
An organization wants to restrict which Google Cloud services can be used across all projects. Which Google Cloud policy mechanism is the correct tool...
A platform team uses Workload Identity Federation to allow a Kubernetes workload running outside Google Cloud to call Google Cloud APIs. After configu...
An organization's Security Operations team requires that all administrative actions on Google Cloud projects be logged in a centralized location and n...
Which Google Cloud feature lets you attach environment-specific configurations, such as substitution variables, to a Cloud Build trigger without modif...
A security engineer needs all Cloud Build service account keys to be automatically rotated every 90 days. Which combination of services best automates...
An organization has dozens of Google Cloud projects. The infrastructure team wants to enforce that all new VM instances must use a specific custom ser...
Sign in to see all 40 questions
Create a free account to browse all questions — completely free during our launch phase.