Securing communications and establishing boundary protection Questions
Practice questions for Securing communications and establishing boundary protection topic in Google Professional Cloud Security Engineer. 39 questions covering this domain.
Before enforcing a new VPC Service Controls perimeter, a team wants to observe violations without denying requests. Which mode should they use?
Which statement correctly describes VPC firewall rule evaluation?
A VM has only an internal IP address and must reach Google APIs and services from its subnet. Which VPC feature is required?
A security operations team wants managed intrusion detection for mirrored network traffic but understands that remediation must be handled elsewhere. ...
Which statement about the default rule in a Cloud Armor security policy is correct?
Which statement about VPC firewall rules is correct?
A network engineer wants stricter firewall targeting for VMs and wants to avoid relying on an attribute that instance editors can freely change. What ...
An organization protects a Shared VPC environment with VPC Service Controls. Which project must be included in the service perimeter configuration?
Which Google Cloud service provides Layer 7 filtering and preconfigured WAF capabilities to help block malicious web traffic before it reaches load-ba...
If a backend service has both an edge security policy and Identity-Aware Proxy, which one evaluates first?
A team wants to see how a new Cloud Armor rule would behave in production traffic before enforcing it. Which feature should they use?
A team runs a global external Application Load Balancer with Cloud Armor. They want to protect the application from distributed denial-of-service atta...
Which VPC Service Controls feature allows you to test a proposed perimeter without blocking any actual requests?
Which VPC Service Controls configuration allows a specific external service account from outside the perimeter to access resources inside the perimete...
What type of certificate does Google Cloud Certificate Manager support for provisioning managed certificates at scale with automated lifecycle managem...
A company detects that a significant portion of their VPC traffic is being sent to an unexpected external destination. They want to investigate using ...
An organization has a VPC Service Controls perimeter protecting Cloud Storage in its data project. A Cloud Function in a separate analytics project ne...
Which Google Cloud feature restricts external IP addresses that can be assigned to Compute Engine VMs across an organization or folder using an organi...
A team wants to enforce that all HTTP requests to their global external Application Load Balancer are automatically redirected to HTTPS. Which load ba...
An organization uses Cloud Armor with a global external Application Load Balancer to protect a web application. The security team wants to block reque...
Sign in to see all 39 questions
Create a free account to browse all questions — completely free during our launch phase.