




























































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This exam focuses on Google Cloud Platform (GCP) fundamentals, including core services such as compute, networking, storage, and databases. It covers the basics of cloud architecture, security, and deployment practices, preparing candidates for cloud-related roles in IT infrastructure management.
Typology: Exams
1 / 116
This page cannot be seen from the preview
Don't miss anything!





























































































Question 1. Which GCP service provides a globally distributed, highly durable object storage solution? A) Cloud Filestore B) Cloud Storage C) Persistent Disk D) Cloud SQL Answer: B Explanation: Cloud Storage is GCP’s object storage service, offering high durability, availability, and global access. Question 2. In the GCP resource hierarchy, which level directly contains projects? A) Organization B) Folder C) Billing Account D) VPC Network Answer: B Explanation: Folders are optional containers that sit under an organization and can contain multiple projects. Question 3. Which IAM role grants read‑only access to all resources in a project?
A) roles/editor B) roles/viewer C) roles/owner D) roles/compute.admin Answer: B Explanation: The Viewer role (roles/viewer) provides read‑only permissions across all resources. Question 4. What does the “shared responsibility model” in GCP primarily define? A) How costs are split between Google and the customer B) Which security controls are managed by Google vs. the customer C) The division of network traffic between regions D) The allocation of compute resources among users Answer: B Explanation: The shared responsibility model delineates security responsibilities: Google manages infrastructure security, while customers secure their data, applications, and access. Question 5. Which of the following is a regional service, not a global one? A) Cloud DNS B) Cloud Load Balancing (global)
Answer: C Explanation: Autoscaling adjusts the number of VM instances in a managed instance group according to defined policies. Question 8. What is the primary purpose of a Service Account in GCP? A) To grant human users admin rights to a project B) To provide an identity for applications and services to authenticate to GCP APIs C) To store billing information for a project D) To define network firewall rules Answer: B Explanation: Service accounts are non‑human identities used by applications to call GCP services securely. Question 9. Which GCP product is a fully managed, serverless environment for running containerized applications? A) Google Kubernetes Engine (GKE) B) Cloud Run C) Compute Engine D) App Engine Flexible Answer: B Explanation: Cloud Run runs stateless containers without requiring you to manage servers or clusters.
Question 10. Which of the following is NOT a valid Cloud SQL database engine? A) MySQL B) PostgreSQL C) Oracle D) SQL Server Answer: C Explanation: Cloud SQL supports MySQL, PostgreSQL, and SQL Server, but not Oracle. Question 11. In a VPC network, what does a subnet’s primary IP range define? A) The DNS servers used by the subnet B) The CIDR block from which VM internal IPs are allocated C) The external IP addresses assigned to the subnet D) The firewall rule priority for the subnet Answer: B Explanation: The primary IP range of a subnet determines the internal IP address space for resources within that subnet.
A) Custom Mode VPC B) Auto‑mode VPC C) Classic Network D) Shared VPC Answer: B Explanation: An auto‑mode VPC is automatically created with pre‑configured subnets in each region. Question 15. Which GCP product enables you to run arbitrary code in response to events without provisioning servers? A) Cloud Functions B) App Engine Standard C) Cloud Run D) Compute Engine Answer: A Explanation: Cloud Functions is a Functions‑as‑a‑Service (FaaS) offering that executes code triggered by events. Question 16. Which of the following best describes “preemptible VMs”? A) VMs that can be stopped by the user at any time B) Low‑cost VMs that may be terminated by Google after a maximum of 24 hours
C) VMs that automatically scale based on CPU usage D) VMs that run only in selected zones Answer: B Explanation: Preemptible VMs are short‑lived, discounted compute instances that can be reclaimed by Google at any time. Question 17. Which GCP service is designed for real‑time streaming analytics and event ingestion? A) Cloud Dataflow B) Cloud Pub/Sub C) Cloud Composer D) Cloud Dataproc Answer: B Explanation: Cloud Pub/Sub is a messaging service for building event‑driven architectures and streaming pipelines. Question 18. What does the “network tag” feature in Compute Engine enable? A) Assigning a DNS name to a VM B) Grouping VMs for applying firewall rules or routes C) Encrypting traffic between VMs D) Defining a VM’s service account
Explanation: Global External HTTP(S) Load Balancing uses Anycast IPs and latency‑based routing to direct users to the nearest backend. Question 21. Which GCP service provides a managed environment for running Node.js, Python, Java, and Go applications without managing servers? A) App Engine Standard B) Compute Engine C) Cloud Run D) Kubernetes Engine Answer: A Explanation: App Engine Standard offers a fully managed PaaS environment with automatic scaling for supported runtimes. Question 22. In IAM, what does a “policy binding” consist of? A) A list of service accounts only B) A role, a member, and an optional condition C) A firewall rule and a network tag D) A billing account and a project ID Answer: B Explanation: A binding associates a role with one or more members (users, groups, or service accounts) and can include a condition.
Question 23. Which GCP product is specifically built for low‑latency, high‑throughput workloads such as time‑series data? A) Cloud Bigtable B) Cloud SQL C) Firestore in Datastore mode D) Cloud Storage Answer: A Explanation: Cloud Bigtable is a NoSQL wide‑column store optimized for massive throughput and low latency. Question 24. What is the purpose of Cloud DNS? A) To provide managed SSL certificates for load balancers B) To translate domain names into IP addresses for resources on GCP and the internet C) To store static website files D) To monitor application performance metrics Answer: B Explanation: Cloud DNS is a scalable, authoritative DNS service that resolves domain names to IP addresses. Question 25. Which of the following is a key benefit of using a “Custom Mode VPC” over an “Auto‑mode VPC”?
C) Cloud Scheduler D) Cloud Functions Answer: A Explanation: Deployment Manager allows you to declaratively configure resources via configuration files. Question 28. What is the maximum size of a single object that can be stored in Cloud Storage? A) 5 TB B) 1 TB C) 10 GB D) 100 GB Answer: A Explanation: Cloud Storage supports objects up to 5 TB in size. Question 29. Which of the following best describes “Coldline” storage? A) Frequently accessed data with low latency B) Data accessed less than once a month, with lower storage cost than Nearline C) Data accessed less than once a year, with higher retrieval cost than Nearline D) Archival data with the lowest storage cost and longest retrieval times Answer: C
Explanation: Coldline is intended for data accessed less than once a year, offering lower storage cost but higher retrieval fees compared to Nearline. Question 30. In GKE, what does a “node pool” represent? A) A set of pods that share the same network policy B) A group of identical VM instances that run Kubernetes nodes C) A collection of persistent disks attached to a cluster D) A set of service accounts used by the cluster Answer: B Explanation: A node pool is a group of homogeneous Compute Engine VMs that act as Kubernetes worker nodes. Question 31. Which GCP service provides a managed workflow orchestration platform based on Apache Airflow? A) Cloud Composer B) Dataflow C) Cloud Functions D) Cloud Scheduler Answer: A Explanation: Cloud Composer offers a fully managed Airflow environment for authoring, scheduling, and monitoring workflows.
A) Open all ports to the internet for ease of access B) Use firewall rules with least‑privilege principle C) Disable VPC Flow Logs to reduce storage costs D) Assign the same service account to all VMs Answer: B Explanation: Applying least‑privilege firewall rules limits exposure and follows security best practices. Question 35. Which GCP service is purpose‑built for building and deploying machine learning models at scale? A) AI Platform (now Vertex AI) B) Cloud AutoML C) Cloud Dataflow D) Cloud Dataproc Answer: A Explanation: Vertex AI (formerly AI Platform) provides end‑to‑end ML lifecycle management. Question 36. What is the primary advantage of using “Regional” Cloud Storage buckets over “Multi‑regional” buckets? A) Lower latency for worldwide users B) Higher durability guarantees
C) Reduced storage cost for data that does not need global redundancy D) Automatic replication across continents Answer: C Explanation: Regional buckets store data in a single region, offering lower costs when global redundancy is unnecessary. Question 37. Which of the following is a valid reason to use a “Dedicated Interconnect” connection? A) To connect a single VM directly to the internet B) To achieve a private, high‑throughput link between on‑premises data center and GCP C) To provide public IP addresses to all VMs automatically D) To enable serverless functions to call Cloud APIs Answer: B Explanation: Dedicated Interconnect provides a private, high‑bandwidth, low‑latency connection between on‑premises infrastructure and Google’s network. Question 38. Which GCP product provides a managed, serverless environment for running event‑driven code written in Python, Go, or Node.js? A) Cloud Run B) Cloud Functions C) App Engine Flexible
Explanation: Internal TCP/UDP Load Balancing distributes traffic among internal backend VMs without exposing an external IP. Question 41. Which command creates a new GCP project using the gcloud CLI? A) gcloud projects create PROJECT_ID B) gcloud init --create-project C) gcloud compute project new PROJECT_ID D) gcloud resource-manager projects create PROJECT_ID Answer: D Explanation: The correct command is gcloud resource-manager projects create PROJECT_ID. Question 42. What is the maximum number of VPC networks you can have per GCP project by default? A) 5 B) 10 C) 25 D) Unlimited Answer: B Explanation: By default, a project can have up to 10 VPC networks; this limit can be increased via a quota request.
Question 43. Which of the following best describes “Cloud NAT”? A) A firewall that blocks inbound traffic B) A service that provides outbound internet access for resources without external IPs C) A VPN tunnel between two VPCs D) A load balancer for NAT‑based applications Answer: B Explanation: Cloud NAT enables VMs without external IP addresses to initiate outbound connections to the internet. Question 44. Which GCP service allows you to run containerized workloads without managing any cluster infrastructure? A) Google Kubernetes Engine B) Cloud Run C) Compute Engine D) App Engine Flexible Answer: B Explanation: Cloud Run abstracts away the underlying cluster, handling provisioning and scaling automatically. Question 45. What is the purpose of “labels” on GCP resources?