Bash, the Crucial Exams Chat Bot
AI Bot
Networking and VPCs (GCP ACE) Flashcards
GCP Associate Cloud Engineer Flashcards
Study our Networking and VPCs (GCP ACE) flashcards for the GCP Associate Cloud Engineer exam with 35+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| Can a single VPC span multiple regions in GCP | Yes, VPCs are global resources that can span multiple regions. |
| Can you disable the default network in GCP | Yes, the default network can be deleted or disabled if not needed for greater security and customization. |
| How are custom static routes used in a VPC | Custom static routes direct traffic to specific destinations not covered by default routes, like on-premises or another VPC. |
| How are firewall rules prioritized in GCP VPCs | Rules are prioritized based on a priority value, with lower numbers being higher priority. |
| How do you set up an internal load balancer in GCP | An internal load balancer distributes traffic among VM instances within a VPC using a private IP address. |
| How is shared VPC access governed | Access is governed by IAM policies defining which projects can use the shared network. |
| What are firewall rules in a GCP VPC | Rules that allow or deny network traffic to or from VMs based on specified source, destination, and protocol criteria. |
| What are shared VPCs in GCP | Shared VPCs allow you to share a VPC across multiple GCP projects to simplify resource management. |
| What are the default firewall rules for a GCP VPC | Default rules allow internal traffic, deny all inbound traffic, and allow all outbound traffic. |
| What are the limitations of VPC peering | VPC peering does not support transitive peering; routes between two VPCs cannot traverse through a third VPC. |
| What does "peering" mean in the context of VPCs | VPC peering allows private communication between two VPCs without requiring public IPs or VPNs. |
| What happens when two firewall rules have the same priority in GCP | The rule with the most specific target (like IP range or tag) takes precedence when priorities are the same. |
| What is a Cloud VPN | A Cloud VPN establishes a secure, encrypted connection between GCP and on-premises networks. |
| What is a hierarchical firewall policy in GCP | Firewall policies that apply at the organization or folder level to enforce consistent security rules across multiple projects. |
| What is a route in the context of VPC networking | A route specifies how packets leaving a VM instance should be directed, either within the VPC or externally. |
| What is a Virtual Private Cloud (VPC) in GCP | A globally distributed private network managed by Google Cloud that allows you to define and control networking resources. |
| What is Direct Peering in GCP | Direct Peering allows privately connecting to GCP services directly through a physical connection without using a VPC. |
| What is hybrid connectivity in GCP | Hybrid connectivity enables communication between GCP and on-premises networks using VPNs or dedicated interconnects. |
| What is network address translation (NAT) in GCP | Cloud NAT allows VMs without public IPs to connect to external services securely while preventing external access to those VMs. |
| What is Partner Interconnect in GCP | Partner Interconnect allows private connectivity to GCP through a service provider rather than via a direct physical connection. |
| What is Private Google Access | Private Google Access enables instances in a subnet to reach Google services, like BigQuery or Storage, without public IPs. |
| What is the CIDR notation | CIDR (Classless Inter-Domain Routing) notation specifies IP address ranges and their subnet masks in "address/prefix-length" format. |
| What is the default propagation of routes in custom mode VPCs | In custom mode, only explicitly created routes propagate, unlike automatic propagation of subnets in auto mode VPCs. |
| What is the difference between ingress and egress rules in GCP firewalls | Ingress rules control incoming traffic to instances while egress rules control outgoing traffic from instances. |
| What is the difference between regional and global dynamic routing | Regional dynamic routing propagates routes only to routers in the same region, while global dynamic routing propagates routes to all routers in the VPC across regions. |
| What is the difference between static and dynamic routing in GCP | Static routing requires manual configuration, while dynamic routing uses Cloud Router to automatically exchange routes between networks. |
| What is the difference between subnet-level and VM-level routes | Subnet-level routes apply to all instances in the subnet, while VM-level routes override subnet-level rules for specific VMs. |
| What is the maximum number of subnets per VPC in GCP | Each VPC can have up to 300 subnets by default. |
| What is the purpose of a Cloud Router | A Cloud Router is used with Cloud VPN or Interconnect to exchange route information dynamically. |
| What is the purpose of alias IP ranges | Alias IP ranges bind multiple IP addresses to a VM instance for use in load balancing or containerized applications. |
| What is the purpose of network tags in GCP VPCs | Network tags can be applied to VM instances to apply specific firewall rules based on the assigned tags. |
| What is the purpose of secondary IP ranges in subnets | Secondary IP ranges allow allocating multiple IP ranges to a single subnet for use cases like alias IPs. |
| What is the purpose of subnets in a VPC | Subnets allow you to partition the IP address range of a VPC into smaller blocks allocated to specific regions. |
| What is VPC flow logging | Logging that captures all connections occurring within a VPC for monitoring and debugging purposes. |
| What type of IP ranges are used in GCP VPCs | RFC 1918 private IP ranges are used in GCP VPCs. |
About the Flashcards
Flashcards for the GCP Associate Cloud Engineer exam focus on core Google Cloud networking concepts you're expected to master. The deck explains how Virtual Private Clouds span regions, how subnets divide RFC 1918 address space, and how firewall rules, tags, and hierarchical policies control ingress and egress traffic. It also clarifies CIDR notation, secondary and alias IP ranges, and the role of VPC flow logs in monitoring.
You'll review the differences between static and dynamic routing, learn when to use Cloud Router, and compare regional versus global route propagation. Hybrid connectivity topics cover Cloud VPN, Dedicated or Partner Interconnect, Direct Peering, and VPC peering. Finally, cards outline Cloud NAT, Private Google Access, and internal load balancing-giving you a well-rounded checklist for exam day.
Topics covered in this flashcard deck:
- VPC architecture & subnets
- Firewall rules & policies
- Routing & Cloud Router
- Hybrid connectivity options
- NAT, load balancing, logging