Configuring, implementing and managing a cloud network security solution Questions
Practice questions for Configuring, implementing and managing a cloud network security solution topic in Google Professional Cloud Network Engineer. 28 questions covering this domain.
What is the primary security boundary that VPC Service Controls creates?
A backend service uses Cloud CDN. You want one policy to filter requests before cached content is served and another to protect the backend on cache m...
A security architect says VPC Service Controls alone is enough to govern both protected data and all metadata movement for supported services. Which r...
Which statement about Cloud VPN gateways and VPC firewall rules is correct?
Which Google Cloud service is designed to apply Layer 7 filtering and other request-based protections at Google's edge before traffic reaches load-bal...
Which statement about Secure Web Proxy is correct?
Which limitation applies to Secure Web Proxy?
A security team wants to apply a Cloud Armor security policy to deny traffic from a specific list of country codes to a global external Application Lo...
A company's VPC Service Controls perimeter is causing failures for a legitimate automated process that runs in a Compute Engine VM inside the perimete...
Which Cloud Armor security policy type can be attached to a backend service fronted by a global external Application Load Balancer and evaluated befor...
A security team needs to inspect all outbound traffic from a set of GKE workloads to external internet destinations for L7 threats, including encrypte...
A company needs to restrict outbound HTTP and HTTPS traffic from a set of GKE workloads so that only approved destination FQDNs are allowed, without r...
A VPC Service Controls perimeter is configured around Cloud Storage and BigQuery for a project. An authorized user outside the perimeter attempts to r...
Which TLS inspection feature of Cloud Next Generation Firewall allows the firewall to decrypt, inspect, and re-encrypt traffic without requiring clien...
A company wants to block traffic from known Tor exit nodes and malicious IP addresses at the Cloud Armor layer without maintaining manual IP block lis...
A security engineer is deploying Secure Web Proxy to control outbound HTTP/HTTPS traffic from developer VMs. Developers report that HTTPS traffic to a...
A company wants to implement Cloud Armor to protect against large-scale DDoS attacks using machine learning-based detection that automatically suggest...
What is the difference between VPC Service Controls dry run mode and enforced mode?
Cloud Armor pre-configured WAF rules include protection against which types of web application attacks?
An organization's security team has configured VPC Service Controls with an enforced perimeter around BigQuery and Cloud Storage. A data pipeline runn...
Sign in to see all 28 questions
Create a free account to browse all questions — completely free during our launch phase.