Bash, the Crucial Exams Chat Bot
AI Bot
Networking and VPCs (GCP ACE) Flashcards
GCP Associate Cloud Engineer Flashcards
| Front | Back |
| Can a single VPC span multiple regions in GCP | Yes, VPCs are global resources that can span multiple regions. |
| Can you disable the default network in GCP | Yes, the default network can be deleted or disabled if not needed for greater security and customization. |
| How are custom static routes used in a VPC | Custom static routes direct traffic to specific destinations not covered by default routes, like on-premises or another VPC. |
| How are firewall rules prioritized in GCP VPCs | Rules are prioritized based on a priority value, with lower numbers being higher priority. |
| How do you set up an internal load balancer in GCP | An internal load balancer distributes traffic among VM instances within a VPC using a private IP address. |
| How is shared VPC access governed | Access is governed by IAM policies defining which projects can use the shared network. |
| What are firewall rules in a GCP VPC | Rules that allow or deny network traffic to or from VMs based on specified source, destination, and protocol criteria. |
| What are shared VPCs in GCP | Shared VPCs allow you to share a VPC across multiple GCP projects to simplify resource management. |
| What are the default firewall rules for a GCP VPC | Default rules allow internal traffic, deny all inbound traffic, and allow all outbound traffic. |
| What are the limitations of VPC peering | VPC peering does not support transitive peering; routes between two VPCs cannot traverse through a third VPC. |
| What does "peering" mean in the context of VPCs | VPC peering allows private communication between two VPCs without requiring public IPs or VPNs. |
| What happens when two firewall rules have the same priority in GCP | The rule with the most specific target (like IP range or tag) takes precedence when priorities are the same. |
| What is a Cloud VPN | A Cloud VPN establishes a secure, encrypted connection between GCP and on-premises networks. |
| What is a hierarchical firewall policy in GCP | Firewall policies that apply at the organization or folder level to enforce consistent security rules across multiple projects. |
| What is a route in the context of VPC networking | A route specifies how packets leaving a VM instance should be directed, either within the VPC or externally. |
| What is a Virtual Private Cloud (VPC) in GCP | A globally distributed private network managed by Google Cloud that allows you to define and control networking resources. |
| What is Direct Peering in GCP | Direct Peering allows privately connecting to GCP services directly through a physical connection without using a VPC. |
| What is hybrid connectivity in GCP | Hybrid connectivity enables communication between GCP and on-premises networks using VPNs or dedicated interconnects. |
| What is network address translation (NAT) in GCP | Cloud NAT allows VMs without public IPs to connect to external services securely while preventing external access to those VMs. |
| What is Partner Interconnect in GCP | Partner Interconnect allows private connectivity to GCP through a service provider rather than via a direct physical connection. |
| What is Private Google Access | Private Google Access enables instances in a subnet to reach Google services, like BigQuery or Storage, without public IPs. |
| What is the CIDR notation | CIDR (Classless Inter-Domain Routing) notation specifies IP address ranges and their subnet masks in "address/prefix-length" format. |
| What is the default propagation of routes in custom mode VPCs | In custom mode, only explicitly created routes propagate, unlike automatic propagation of subnets in auto mode VPCs. |
| What is the difference between ingress and egress rules in GCP firewalls | Ingress rules control incoming traffic to instances while egress rules control outgoing traffic from instances. |
| What is the difference between regional and global dynamic routing | Regional dynamic routing propagates routes only to routers in the same region, while global dynamic routing propagates routes to all routers in the VPC across regions. |
| What is the difference between static and dynamic routing in GCP | Static routing requires manual configuration, while dynamic routing uses Cloud Router to automatically exchange routes between networks. |
| What is the difference between subnet-level and VM-level routes | Subnet-level routes apply to all instances in the subnet, while VM-level routes override subnet-level rules for specific VMs. |
| What is the maximum number of subnets per VPC in GCP | Each VPC can have up to 300 subnets by default. |
| What is the purpose of a Cloud Router | A Cloud Router is used with Cloud VPN or Interconnect to exchange route information dynamically. |
| What is the purpose of alias IP ranges | Alias IP ranges bind multiple IP addresses to a VM instance for use in load balancing or containerized applications. |
| What is the purpose of network tags in GCP VPCs | Network tags can be applied to VM instances to apply specific firewall rules based on the assigned tags. |
| What is the purpose of secondary IP ranges in subnets | Secondary IP ranges allow allocating multiple IP ranges to a single subnet for use cases like alias IPs. |
| What is the purpose of subnets in a VPC | Subnets allow you to partition the IP address range of a VPC into smaller blocks allocated to specific regions. |
| What is VPC flow logging | Logging that captures all connections occurring within a VPC for monitoring and debugging purposes. |
| What type of IP ranges are used in GCP VPCs | RFC 1918 private IP ranges are used in GCP VPCs. |
This deck explains networking concepts, including Virtual Private Cloud (VPC) configurations, subnets, firewalls, and hybrid connectivity.