Bash, the Crucial Exams Chat Bot
AI Bot
Network Security (GCP PCSE) Flashcards
GCP Professional Cloud Security Engineer Flashcards
| Front | Back |
| How are GCP firewall rules prioritized? | By a priority number where lower values take precedence |
| How does GCP ensure hybrid connectivity security? | Using encryption and authentication mechanisms like VPNs and Interconnect |
| How does Google Cloud CDN improve security? | By caching content on the edge and protecting against web-based threats such as DDoS attacks |
| What are best practices for configuring firewall rules in GCP? | Create least privilege rules, prioritize by necessity, and log firewall activity for monitoring |
| What are firewall rules in GCP used for? | Controlling ingress and egress traffic to and from resources in a VPC network |
| What are service accounts in GCP and how are they important for network security? | Service accounts are identities used by apps and services to interact securely with GCP APIs |
| What are the benefits of using network tags in firewall rules? | They allow you to apply rules to specific resources without configuring IP addresses |
| What are the benefits of using Private Service Connect in GCP? | Securely connecting consumer VPCs to services over a private network |
| What attribute do you use to apply a firewall rule to a specific resource in GCP? | The target tags or service accounts |
| What does Shared VPC in GCP allow? | It allows multiple projects to share the same VPC network |
| What does the acronym VPC stand for in GCP? | Virtual Private Cloud |
| What feature ensures secure connectivity between GCP VPCs and an on-premises environment? | Cloud Interconnect or VPN ensures private and secure connectivity |
| What is Cloud Armor primarily used for? | Protecting applications from DDoS attacks and enforcing IP-based or region-based access controls |
| What is the default behavior of firewall rules in GCP regarding traffic? | GCP blocks all incoming traffic by default but allows all outgoing traffic |
| What is the default mode of a VPC in GCP? | Auto mode |
| What is the difference between a policy-based VPN and a route-based VPN? | Policy-based VPNs use specific IP ranges to define traffic; route-based VPNs use routes and dynamic routing protocols |
| What is the difference between static and dynamic routing in GCP hybrid connectivity? | Static routing requires manual configuration, while dynamic routing uses protocols like BGP for automatic updates |
| What is the key difference between auto mode VPC and custom mode VPC? | Auto mode VPC automatically creates one subnet per region, while custom mode VPC requires manual subnet creation |
| What is the primary difference between ingress and egress firewall rules? | Ingress rules control incoming traffic to resources, while egress rules control outgoing traffic |
| What is the primary use of a VPN in hybrid connectivity? | To establish a secure connection between on-premises networks and GCP VPC networks |
| What is the purpose of a network peering connection in GCP? | To enable resources in different VPCs to communicate privately without public IPs |
| What is the purpose of GCP Private Google Access? | Enabling instances without public IP addresses to access Google APIs and services securely |
| What is the purpose of Identity-Aware Proxy (IAP) in GCP? | To secure access to apps on GCP using user identity and context |
| What is the role of the Forseti Security tool in GCP network security? | To provide visibility and enforcement for GCP resource policies |
| What role does Cloud NAT play in network security? | It allows private instances to access the internet without external IP addresses |
| What two aspects of traffic can you filter using Cloud Armor? | Source IP address and geographical location |
| What type of compliance standard does GCP use for network security? | Standards like ISO 27001, SOC 2, and PCI DSS |
| Why is log monitoring important in network security? | To detect unusual patterns or unauthorized activity in real-time |
This deck focuses on securing networks in GCP, including VPCs, firewall rules, Cloud Armor, and best practices for hybrid connectivity.