Bash, the Crucial Exams Chat Bot
AI Bot
Networking and VPCs (GCP ACE) Flashcards
GCP Associate Cloud Engineer Flashcards
| Front | Back |
| Can a single VPC span multiple regions in GCP | Yes, VPCs are global resources that can span multiple regions. |
| Can you disable the default network in GCP | Yes, the default network can be deleted or disabled if not needed for greater security and customization. |
| How are custom static routes used in a VPC | Custom static routes direct traffic to specific destinations not covered by default routes, like on-premises or another VPC. |
| How are firewall rules prioritized in GCP VPCs | Rules are prioritized based on a priority value, with lower numbers being higher priority. |
| How do you set up an internal load balancer in GCP | An internal load balancer distributes traffic among VM instances within a VPC using a private IP address. |
| How is shared VPC access governed | Access is governed by IAM policies defining which projects can use the shared network. |
| What are firewall rules in a GCP VPC | Rules that allow or deny network traffic to or from VMs based on specified source, destination, and protocol criteria. |
| What are shared VPCs in GCP | Shared VPCs allow you to share a VPC across multiple GCP projects to simplify resource management. |
| What are the default firewall rules for a GCP VPC | Default rules allow internal traffic, deny all inbound traffic, and allow all outbound traffic. |
| What are the limitations of VPC peering | VPC peering does not support transitive peering; routes between two VPCs cannot traverse through a third VPC. |
| What does "peering" mean in the context of VPCs | VPC peering allows private communication between two VPCs without requiring public IPs or VPNs. |
| What happens when two firewall rules have the same priority in GCP | The rule with the most specific target (like IP range or tag) takes precedence when priorities are the same. |
| What is a Cloud VPN | A Cloud VPN establishes a secure, encrypted connection between GCP and on-premises networks. |
| What is a hierarchical firewall policy in GCP | Firewall policies that apply at the organization or folder level to enforce consistent security rules across multiple projects. |
| What is a route in the context of VPC networking | A route specifies how packets leaving a VM instance should be directed, either within the VPC or externally. |
| What is a Virtual Private Cloud (VPC) in GCP | A globally distributed private network managed by Google Cloud that allows you to define and control networking resources. |
| What is Direct Peering in GCP | Direct Peering allows privately connecting to GCP services directly through a physical connection without using a VPC. |
| What is hybrid connectivity in GCP | Hybrid connectivity enables communication between GCP and on-premises networks using VPNs or dedicated interconnects. |
| What is network address translation (NAT) in GCP | Cloud NAT allows VMs without public IPs to connect to external services securely while preventing external access to those VMs. |
| What is Partner Interconnect in GCP | Partner Interconnect allows private connectivity to GCP through a service provider rather than via a direct physical connection. |
| What is Private Google Access | Private Google Access enables instances in a subnet to reach Google services, like BigQuery or Storage, without public IPs. |
| What is the CIDR notation | CIDR (Classless Inter-Domain Routing) notation specifies IP address ranges and their subnet masks in "address/prefix-length" format. |
| What is the default propagation of routes in custom mode VPCs | In custom mode, only explicitly created routes propagate, unlike automatic propagation of subnets in auto mode VPCs. |
| What is the difference between ingress and egress rules in GCP firewalls | Ingress rules control incoming traffic to instances while egress rules control outgoing traffic from instances. |
| What is the difference between regional and global dynamic routing | Regional dynamic routing propagates routes only to routers in the same region, while global dynamic routing propagates routes to all routers in the VPC across regions. |
| What is the difference between static and dynamic routing in GCP | Static routing requires manual configuration, while dynamic routing uses Cloud Router to automatically exchange routes between networks. |
| What is the difference between subnet-level and VM-level routes | Subnet-level routes apply to all instances in the subnet, while VM-level routes override subnet-level rules for specific VMs. |
| What is the maximum number of subnets per VPC in GCP | Each VPC can have up to 300 subnets by default. |
| What is the purpose of a Cloud Router | A Cloud Router is used with Cloud VPN or Interconnect to exchange route information dynamically. |
| What is the purpose of alias IP ranges | Alias IP ranges bind multiple IP addresses to a VM instance for use in load balancing or containerized applications. |
| What is the purpose of network tags in GCP VPCs | Network tags can be applied to VM instances to apply specific firewall rules based on the assigned tags. |
| What is the purpose of secondary IP ranges in subnets | Secondary IP ranges allow allocating multiple IP ranges to a single subnet for use cases like alias IPs. |
| What is the purpose of subnets in a VPC | Subnets allow you to partition the IP address range of a VPC into smaller blocks allocated to specific regions. |
| What is VPC flow logging | Logging that captures all connections occurring within a VPC for monitoring and debugging purposes. |
| What type of IP ranges are used in GCP VPCs | RFC 1918 private IP ranges are used in GCP VPCs. |
Front
How do you set up an internal load balancer in GCP
Click the card to flip
Back
An internal load balancer distributes traffic among VM instances within a VPC using a private IP address.
Front
What is Direct Peering in GCP
Back
Direct Peering allows privately connecting to GCP services directly through a physical connection without using a VPC.
Front
What is hybrid connectivity in GCP
Back
Hybrid connectivity enables communication between GCP and on-premises networks using VPNs or dedicated interconnects.
Front
What is a hierarchical firewall policy in GCP
Back
Firewall policies that apply at the organization or folder level to enforce consistent security rules across multiple projects.
Front
What does "peering" mean in the context of VPCs
Back
VPC peering allows private communication between two VPCs without requiring public IPs or VPNs.
Front
What is the maximum number of subnets per VPC in GCP
Back
Each VPC can have up to 300 subnets by default.
Front
What type of IP ranges are used in GCP VPCs
Back
RFC 1918 private IP ranges are used in GCP VPCs.
Front
What are the limitations of VPC peering
Back
VPC peering does not support transitive peering; routes between two VPCs cannot traverse through a third VPC.
Front
How are custom static routes used in a VPC
Back
Custom static routes direct traffic to specific destinations not covered by default routes, like on-premises or another VPC.
Front
What is the purpose of alias IP ranges
Back
Alias IP ranges bind multiple IP addresses to a VM instance for use in load balancing or containerized applications.
Front
What is the purpose of network tags in GCP VPCs
Back
Network tags can be applied to VM instances to apply specific firewall rules based on the assigned tags.
Front
Can a single VPC span multiple regions in GCP
Back
Yes, VPCs are global resources that can span multiple regions.
Front
What is the purpose of subnets in a VPC
Back
Subnets allow you to partition the IP address range of a VPC into smaller blocks allocated to specific regions.
Front
What is Private Google Access
Back
Private Google Access enables instances in a subnet to reach Google services, like BigQuery or Storage, without public IPs.
Front
What is a route in the context of VPC networking
Back
A route specifies how packets leaving a VM instance should be directed, either within the VPC or externally.
Front
What is a Virtual Private Cloud (VPC) in GCP
Back
A globally distributed private network managed by Google Cloud that allows you to define and control networking resources.
Front
What is the difference between subnet-level and VM-level routes
Back
Subnet-level routes apply to all instances in the subnet, while VM-level routes override subnet-level rules for specific VMs.
Front
What is network address translation (NAT) in GCP
Back
Cloud NAT allows VMs without public IPs to connect to external services securely while preventing external access to those VMs.
Front
What is the default propagation of routes in custom mode VPCs
Back
In custom mode, only explicitly created routes propagate, unlike automatic propagation of subnets in auto mode VPCs.
Front
What is VPC flow logging
Back
Logging that captures all connections occurring within a VPC for monitoring and debugging purposes.
Front
Can you disable the default network in GCP
Back
Yes, the default network can be deleted or disabled if not needed for greater security and customization.
Front
How is shared VPC access governed
Back
Access is governed by IAM policies defining which projects can use the shared network.
Front
What is the difference between static and dynamic routing in GCP
Back
Static routing requires manual configuration, while dynamic routing uses Cloud Router to automatically exchange routes between networks.
Front
What are shared VPCs in GCP
Back
Shared VPCs allow you to share a VPC across multiple GCP projects to simplify resource management.
Front
What are firewall rules in a GCP VPC
Back
Rules that allow or deny network traffic to or from VMs based on specified source, destination, and protocol criteria.
Front
What is Partner Interconnect in GCP
Back
Partner Interconnect allows private connectivity to GCP through a service provider rather than via a direct physical connection.
Front
What are the default firewall rules for a GCP VPC
Back
Default rules allow internal traffic, deny all inbound traffic, and allow all outbound traffic.
Front
What is the difference between ingress and egress rules in GCP firewalls
Back
Ingress rules control incoming traffic to instances while egress rules control outgoing traffic from instances.
Front
What is a Cloud VPN
Back
A Cloud VPN establishes a secure, encrypted connection between GCP and on-premises networks.
Front
What is the purpose of a Cloud Router
Back
A Cloud Router is used with Cloud VPN or Interconnect to exchange route information dynamically.
Front
What happens when two firewall rules have the same priority in GCP
Back
The rule with the most specific target (like IP range or tag) takes precedence when priorities are the same.
Front
What is the CIDR notation
Back
CIDR (Classless Inter-Domain Routing) notation specifies IP address ranges and their subnet masks in "address/prefix-length" format.
Front
What is the purpose of secondary IP ranges in subnets
Back
Secondary IP ranges allow allocating multiple IP ranges to a single subnet for use cases like alias IPs.
Front
What is the difference between regional and global dynamic routing
Back
Regional dynamic routing propagates routes only to routers in the same region, while global dynamic routing propagates routes to all routers in the VPC across regions.
Front
How are firewall rules prioritized in GCP VPCs
Back
Rules are prioritized based on a priority value, with lower numbers being higher priority.
1/35
This deck explains networking concepts, including Virtual Private Cloud (VPC) configurations, subnets, firewalls, and hybrid connectivity.