Bash, the Crucial Exams Chat Bot
AI Bot
Network Security (GCP PCSE) Flashcards
GCP Professional Cloud Security Engineer Flashcards
| Front | Back |
| How are GCP firewall rules prioritized? | By a priority number where lower values take precedence |
| How does GCP ensure hybrid connectivity security? | Using encryption and authentication mechanisms like VPNs and Interconnect |
| How does Google Cloud CDN improve security? | By caching content on the edge and protecting against web-based threats such as DDoS attacks |
| What are best practices for configuring firewall rules in GCP? | Create least privilege rules, prioritize by necessity, and log firewall activity for monitoring |
| What are firewall rules in GCP used for? | Controlling ingress and egress traffic to and from resources in a VPC network |
| What are service accounts in GCP and how are they important for network security? | Service accounts are identities used by apps and services to interact securely with GCP APIs |
| What are the benefits of using network tags in firewall rules? | They allow you to apply rules to specific resources without configuring IP addresses |
| What are the benefits of using Private Service Connect in GCP? | Securely connecting consumer VPCs to services over a private network |
| What attribute do you use to apply a firewall rule to a specific resource in GCP? | The target tags or service accounts |
| What does Shared VPC in GCP allow? | It allows multiple projects to share the same VPC network |
| What does the acronym VPC stand for in GCP? | Virtual Private Cloud |
| What feature ensures secure connectivity between GCP VPCs and an on-premises environment? | Cloud Interconnect or VPN ensures private and secure connectivity |
| What is Cloud Armor primarily used for? | Protecting applications from DDoS attacks and enforcing IP-based or region-based access controls |
| What is the default behavior of firewall rules in GCP regarding traffic? | GCP blocks all incoming traffic by default but allows all outgoing traffic |
| What is the default mode of a VPC in GCP? | Auto mode |
| What is the difference between a policy-based VPN and a route-based VPN? | Policy-based VPNs use specific IP ranges to define traffic; route-based VPNs use routes and dynamic routing protocols |
| What is the difference between static and dynamic routing in GCP hybrid connectivity? | Static routing requires manual configuration, while dynamic routing uses protocols like BGP for automatic updates |
| What is the key difference between auto mode VPC and custom mode VPC? | Auto mode VPC automatically creates one subnet per region, while custom mode VPC requires manual subnet creation |
| What is the primary difference between ingress and egress firewall rules? | Ingress rules control incoming traffic to resources, while egress rules control outgoing traffic |
| What is the primary use of a VPN in hybrid connectivity? | To establish a secure connection between on-premises networks and GCP VPC networks |
| What is the purpose of a network peering connection in GCP? | To enable resources in different VPCs to communicate privately without public IPs |
| What is the purpose of GCP Private Google Access? | Enabling instances without public IP addresses to access Google APIs and services securely |
| What is the purpose of Identity-Aware Proxy (IAP) in GCP? | To secure access to apps on GCP using user identity and context |
| What is the role of the Forseti Security tool in GCP network security? | To provide visibility and enforcement for GCP resource policies |
| What role does Cloud NAT play in network security? | It allows private instances to access the internet without external IP addresses |
| What two aspects of traffic can you filter using Cloud Armor? | Source IP address and geographical location |
| What type of compliance standard does GCP use for network security? | Standards like ISO 27001, SOC 2, and PCI DSS |
| Why is log monitoring important in network security? | To detect unusual patterns or unauthorized activity in real-time |
Front
What does the acronym VPC stand for in GCP?
Click the card to flip
Back
Virtual Private Cloud
Front
What are firewall rules in GCP used for?
Back
Controlling ingress and egress traffic to and from resources in a VPC network
Front
What is the default behavior of firewall rules in GCP regarding traffic?
Back
GCP blocks all incoming traffic by default but allows all outgoing traffic
Front
What two aspects of traffic can you filter using Cloud Armor?
Back
Source IP address and geographical location
Front
What is the purpose of GCP Private Google Access?
Back
Enabling instances without public IP addresses to access Google APIs and services securely
Front
What is Cloud Armor primarily used for?
Back
Protecting applications from DDoS attacks and enforcing IP-based or region-based access controls
Front
How does Google Cloud CDN improve security?
Back
By caching content on the edge and protecting against web-based threats such as DDoS attacks
Front
What is the purpose of Identity-Aware Proxy (IAP) in GCP?
Back
To secure access to apps on GCP using user identity and context
Front
What are best practices for configuring firewall rules in GCP?
Back
Create least privilege rules, prioritize by necessity, and log firewall activity for monitoring
Front
Why is log monitoring important in network security?
Back
To detect unusual patterns or unauthorized activity in real-time
Front
What feature ensures secure connectivity between GCP VPCs and an on-premises environment?
Back
Cloud Interconnect or VPN ensures private and secure connectivity
Front
What is the role of the Forseti Security tool in GCP network security?
Back
To provide visibility and enforcement for GCP resource policies
Front
What is the difference between static and dynamic routing in GCP hybrid connectivity?
Back
Static routing requires manual configuration, while dynamic routing uses protocols like BGP for automatic updates
Front
What is the difference between a policy-based VPN and a route-based VPN?
Back
Policy-based VPNs use specific IP ranges to define traffic; route-based VPNs use routes and dynamic routing protocols
Front
What is the purpose of a network peering connection in GCP?
Back
To enable resources in different VPCs to communicate privately without public IPs
Front
What are the benefits of using Private Service Connect in GCP?
Back
Securely connecting consumer VPCs to services over a private network
Front
What is the primary difference between ingress and egress firewall rules?
Back
Ingress rules control incoming traffic to resources, while egress rules control outgoing traffic
Front
What is the default mode of a VPC in GCP?
Back
Auto mode
Front
What are service accounts in GCP and how are they important for network security?
Back
Service accounts are identities used by apps and services to interact securely with GCP APIs
Front
How are GCP firewall rules prioritized?
Back
By a priority number where lower values take precedence
Front
What type of compliance standard does GCP use for network security?
Back
Standards like ISO 27001, SOC 2, and PCI DSS
Front
What attribute do you use to apply a firewall rule to a specific resource in GCP?
Back
The target tags or service accounts
Front
What does Shared VPC in GCP allow?
Back
It allows multiple projects to share the same VPC network
Front
What role does Cloud NAT play in network security?
Back
It allows private instances to access the internet without external IP addresses
Front
How does GCP ensure hybrid connectivity security?
Back
Using encryption and authentication mechanisms like VPNs and Interconnect
Front
What is the key difference between auto mode VPC and custom mode VPC?
Back
Auto mode VPC automatically creates one subnet per region, while custom mode VPC requires manual subnet creation
Front
What are the benefits of using network tags in firewall rules?
Back
They allow you to apply rules to specific resources without configuring IP addresses
Front
What is the primary use of a VPN in hybrid connectivity?
Back
To establish a secure connection between on-premises networks and GCP VPC networks
1/28
This deck focuses on securing networks in GCP, including VPCs, firewall rules, Cloud Armor, and best practices for hybrid connectivity.