Scribd
Upload
34 views10 pages

Compute Engine & VPC - 20 - PCA 24239

Uploaded by

Marlon Moreno
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
34 views10 pages

Compute Engine & VPC - 20 - PCA 24239

Uploaded by

Marlon Moreno
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

5/24/24, 1:06 PM Copy of Compute Engine & VPC - 20 - PCA 24239

Copy of Compute Engine & VPC - 20 -


PCA 24239
Total points 15/20

Use __________to block traffic that should never be allowed at an 0/1


organization or folder level.

Firewall Rules

Firewall Policies

Organization Policies

Service Accounts

Correct answer

Firewall Policies

Feedback

https://cloud.google.com/vpc/docs/firewalls

Each firewall rule applies to incoming (ingress) or outgoing (egress) 1/1


connection, not both.

True

False

https://docs.google.com/forms/d/e/1FAIpQLScmT9lMF3Glk306K2X2r-GQutL8XSRSemJy1-rsUOBlni0H8g/viewscore?viewscore=AE0zAgBdMsZkpu… 1/10
5/24/24, 1:06 PM Copy of Compute Engine & VPC - 20 - PCA 24239

VPC Firewall Rules are stateless 1/1

True

False

___________ connect projects within the same organization. Linked projects 0/1
can be in the same or different folders

VPN

Peering

Dedicated Interconnect

Shared VPC

Correct answer

Shared VPC

You customer wants to know if he can apply firewall rules to multiple VPC 0/1
networks in an organization at the same time, What option would you
recommend?

Firewall Rules

Organization Policies

Firewall Policies

VPC Controls

Correct answer

Firewall Policies

https://docs.google.com/forms/d/e/1FAIpQLScmT9lMF3Glk306K2X2r-GQutL8XSRSemJy1-rsUOBlni0H8g/viewscore?viewscore=AE0zAgBdMsZkpu… 2/10
5/24/24, 1:06 PM Copy of Compute Engine & VPC - 20 - PCA 24239

What is one benefit of applying firewall rules by tag rather than by address? 1/1

Tags help organizations track firewall billing

Tags in network traffic help with network sniffing

Tags on firewall rules control which ephemeral IP addresses VMs will receive

When a VM is created with a matching tag, the firewall rules apply irrespective
of the IP address it is assigned

Tags enable you to make _______ and ______ applicable to specific VM 1/1
instances.( Select 2)

Routes

Subnets

Firewalls

Peerings

Feedback

A tag is simply a character string added to a tags field in a resource, such as Compute
Engine virtual machine (VM) instances or instance templates. A tag is not a separate
resource, so you cannot create it separately. All resources with that string are considered
to have that tag. Tags enable you to make firewall rules and routes applicable to specific
VM instances.

You can assign network tags to new VMs at creation time, or you can edit the set of
assigned tags at any time later. You can edit network tags without stopping a VM.

https://docs.google.com/forms/d/e/1FAIpQLScmT9lMF3Glk306K2X2r-GQutL8XSRSemJy1-rsUOBlni0H8g/viewscore?viewscore=AE0zAgBdMsZkpu… 3/10
5/24/24, 1:06 PM Copy of Compute Engine & VPC - 20 - PCA 24239

Our customer cannot meet Google’s peering requirements, which network 1/1
connection service should you choose to connect to Google Workspace
and YouTube?

Dedicated Interconnect

Partner Interconnect

Carrier Peering

Direct Peering

Multiple ______________ are also useful when applications running in an 1/1


instance require traffic separation, such as separation of data plane traffic
from management plane traffic.

Peerings

Network Interfaces

VPN

Load Balancers

Feedback

Typically, you might require multiple interfaces if you want to configure an instance as a
network appliance that does load balancing, Intrusion Detection and Prevention (IDS/IPS),
Web Application Firewall (WAF), or WAN optimization between networks. Multiple network
interfaces are also useful when applications running in an instance require traffic
separation, such as separation of data plane traffic from management plane traffic.

https://docs.google.com/forms/d/e/1FAIpQLScmT9lMF3Glk306K2X2r-GQutL8XSRSemJy1-rsUOBlni0H8g/viewscore?viewscore=AE0zAgBdMsZkpu… 4/10
5/24/24, 1:06 PM Copy of Compute Engine & VPC - 20 - PCA 24239

_____________allows an organization to connect resources from multiple 1/1


projects to a common Virtual Private Cloud (VPC) network, so that they can
communicate with each other securely and efficiently using internal IPs
from that network.

VPC Peering

VPN

Dedicated Interconnect

Shared VPC

___________________ supports request routing by using URL maps to select 1/1


a backend service based on the requested host name, request path, or
both.

Internal TCP/UDP load balancer

Global external HTTP(S) load balancer (classic)

SSL proxy load balancer

TCP proxy load balancer

Custom images in Compute engine support multiple disk backup 1/1

True

False

https://docs.google.com/forms/d/e/1FAIpQLScmT9lMF3Glk306K2X2r-GQutL8XSRSemJy1-rsUOBlni0H8g/viewscore?viewscore=AE0zAgBdMsZkpu… 5/10
5/24/24, 1:06 PM Copy of Compute Engine & VPC - 20 - PCA 24239

Internal TCP/UDP load balancer is a global resource 1/1

True

False

Feedback

https://cloud.google.com/load-balancing/docs/choosing-load-balancer

_____________________do not terminate client connections. Instead, load- 1/1


balanced packets are received by backend VMs with the packet's source,
destination, and, if applicable, port information unchanged. Connections
are then terminated by the backend VMs.

External load balancers

Internal load balancers

Proxy load balancers

Pass-through load balancers

___________________distribute traffic coming from the internet to your 1/1


Google Cloud Virtual Private Cloud (VPC) network. Global load balancing
requires that you use the Premium Tier of Network Service Tiers. For
regional load balancing, you can use Standard Tier.

External Load Balancers

Internal Load Balancers

Proxy Load Balancers

Pass-through Load balancers

https://docs.google.com/forms/d/e/1FAIpQLScmT9lMF3Glk306K2X2r-GQutL8XSRSemJy1-rsUOBlni0H8g/viewscore?viewscore=AE0zAgBdMsZkpu… 6/10
5/24/24, 1:06 PM Copy of Compute Engine & VPC - 20 - PCA 24239

Your client is going to implement a web based application using Managed 1/1
Instance Groups that will consist of 3 tiers: the frontend tier, a middle tier
and a backend tier. Your client wants to be sure that nothing has access to
the backend tier except for the middle tier. What do you recommend?

Use VPC Service Controls. Put the backend tier on one project, and the other two
tiers in another project. Set up a perimeter around both projects

Create a route from the frontend tier to the middle tier. Create another route
between the middle tier and the backend tier.

Use Firewall Rules based on tags. Give the middle tier systems a tag of “mt”
and the backend tier systems a tag of “be”. Create an ingress firewall rule that
allows access to systems with the “be” tag from systems with the “mt” tag.

Use Private Google Access to allow communication between the middle tier and
the backend tier, and nothing else.

Feedback

When you create ingress firewall rules, you must specify a source. You can define it using
ranges of either internal or external IP addresses or by referring to specific instances. You
specify instances using either source tags or source service accounts.

https://docs.google.com/forms/d/e/1FAIpQLScmT9lMF3Glk306K2X2r-GQutL8XSRSemJy1-rsUOBlni0H8g/viewscore?viewscore=AE0zAgBdMsZkpu… 7/10
5/24/24, 1:06 PM Copy of Compute Engine & VPC - 20 - PCA 24239

What type of storage is offered by a Cloud Storage. 0/1

File Storage

Object Storage

Block Storage

Database

Correct answer

Object Storage

Feedback

Object storage (also known as object-based storage[1]) is a computer data storage that
manages data as objects, as opposed to other storage architectures like file systems
which manages data as a file hierarchy, and block storage which manages data as blocks
within sectors and tracks.

A ________ is a special kind of identity used by an application or compute 1/1


workload, such as a Compute Engine virtual machine (VM) instance, rather
than a person

IAM Role

User Identity

Service Account

Organization

https://docs.google.com/forms/d/e/1FAIpQLScmT9lMF3Glk306K2X2r-GQutL8XSRSemJy1-rsUOBlni0H8g/viewscore?viewscore=AE0zAgBdMsZkpu… 8/10
5/24/24, 1:06 PM Copy of Compute Engine & VPC - 20 - PCA 24239

VPC's in Google Cloud are regional resources 1/1

True

False

Compute Engines in Google Cloud are regional resources 0/1

True

False

Correct answer

False

This form was created inside of itseniors. Report Abuse

Forms

https://docs.google.com/forms/d/e/1FAIpQLScmT9lMF3Glk306K2X2r-GQutL8XSRSemJy1-rsUOBlni0H8g/viewscore?viewscore=AE0zAgBdMsZkpu… 9/10
5/24/24, 1:06 PM Copy of Compute Engine & VPC - 20 - PCA 24239

https://docs.google.com/forms/d/e/1FAIpQLScmT9lMF3Glk306K2X2r-GQutL8XSRSemJy1-rsUOBlni0H8g/viewscore?viewscore=AE0zAgBdMsZkp… 10/10

You might also like