Bird
Raised Fist0
GCPcloud~20 mins

Default VPC and subnets in GCP - Practice Problems & Coding Challenges

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Challenge - 5 Problems
🎖️
Default VPC Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
Default VPC Subnet Regions

In Google Cloud Platform, the Default VPC is created automatically. How many subnets does the Default VPC have and where are they located?

ANo subnets are created automatically; you must create them manually.
BOne subnet only in the us-central1 region.
CMultiple subnets only in the us-east1 and europe-west1 regions.
DOne subnet per region, covering all GCP regions by default.
Attempts:
2 left
💡 Hint

Think about how Google Cloud ensures network availability across regions by default.

service_behavior
intermediate
2:00remaining
Behavior of Default VPC Firewall Rules

Which of the following statements correctly describes the default firewall rules applied to the Default VPC in GCP?

ADefault firewall rules allow incoming SSH, RDP, and ICMP traffic from the internet.
BDefault firewall rules allow all incoming traffic from any source to all instances.
CDefault firewall rules block all incoming traffic by default.
DDefault firewall rules allow incoming HTTP and HTTPS traffic from the internet.
Attempts:
2 left
💡 Hint

Consider the security posture of default firewall rules for internal and external traffic.

Architecture
advanced
2:00remaining
Impact of Deleting a Default VPC Subnet

What happens if you delete a subnet from the Default VPC in GCP?

AGCP prevents deletion of any Default VPC subnet to protect default resources.
BOnly the deleted subnet is removed; other subnets and the VPC remain intact.
CThe entire Default VPC is deleted automatically.
DAll firewall rules associated with the Default VPC are deleted.
Attempts:
2 left
💡 Hint

Think about how GCP manages default resources and user modifications.

security
advanced
2:00remaining
Security Risks of Using Default VPC

Which security risk is most associated with using the Default VPC without modification in a production environment?

ADefault VPC firewall rules allow internal traffic but do not restrict outbound internet access, which may expose instances to external threats.
BDefault VPC has no firewall rules, exposing all instances to the internet.
CDefault VPC automatically encrypts all traffic, so there are no security risks.
DDefault VPC disables logging, making it impossible to audit network activity.
Attempts:
2 left
💡 Hint

Consider what default firewall rules allow and what they do not restrict.

Best Practice
expert
3:00remaining
Best Practice for Managing Default VPC in Large Organizations

In a large organization with multiple teams and projects, what is the best practice regarding the Default VPC and its subnets?

AKeep the Default VPC unchanged and rely on IAM roles to control access to resources.
BUse the Default VPC for all projects to simplify network management.
CDelete the Default VPC and create custom VPCs tailored to each team's needs with strict firewall rules.
DMerge all project networks into the Default VPC to reduce costs.
Attempts:
2 left
💡 Hint

Think about network isolation and security in multi-team environments.

Practice

(1/5)
1. What is the Default VPC in Google Cloud Platform?
easy
A. A virtual machine template for quick deployment
B. A custom network you must create manually before use
C. A storage bucket for default files
D. A pre-made network with one subnet per region and default IP ranges

Solution

  1. Step 1: Understand the Default VPC concept

    The Default VPC is a network automatically created by GCP to help users start quickly without manual setup.

  2. Step 2: Identify its features

    It includes one subnet in each region with default IP address ranges, ready for use.

  3. Final Answer:

    A pre-made network with one subnet per region and default IP ranges -> Option D

  4. Quick Check:

    Default VPC = Pre-made network with subnets [OK]
Hint: Default VPC is ready-made with subnets in all regions [OK]
Common Mistakes:
  • Thinking Default VPC is a VM or storage
  • Assuming you must create it manually
  • Confusing it with custom networks
2. Which gcloud command lists the subnets in the Default VPC?
easy
A. gcloud compute networks subnets list --network=default
B. gcloud compute networks list
C. gcloud compute instances list
D. gcloud storage buckets list

Solution

  1. Step 1: Identify the command to list subnets

    The command to list subnets requires 'compute networks subnets list' with a network filter.

  2. Step 2: Specify the Default VPC network

    Using '--network=default' filters subnets belonging to the Default VPC.

  3. Final Answer:

    gcloud compute networks subnets list --network=default -> Option A

  4. Quick Check:

    List subnets in default network = gcloud compute networks subnets list --network=default [OK]
Hint: Use 'subnets list' with --network=default to see Default VPC subnets [OK]
Common Mistakes:
  • Using 'networks list' which shows networks, not subnets
  • Listing instances or storage buckets instead
  • Omitting the network filter
3. Given the Default VPC has a subnet in us-central1 with IP range 10.128.0.0/20, what is the total number of usable IP addresses in this subnet?
medium
A. 4096 usable IP addresses
B. 4091 usable IP addresses
C. 4094 usable IP addresses
D. 4090 usable IP addresses

Solution

  1. Step 1: Calculate total IPs in a /20 subnet

    A /20 subnet has 2^(32-20) = 4096 total IP addresses.

  2. Step 2: Subtract reserved IPs in GCP subnet

    GCP reserves 5 IPs per subnet (network, gateway, broadcast, and two reserved), so usable IPs = 4096 - 5 = 4091.

  3. Final Answer:

    4091 usable IP addresses -> Option B

  4. Quick Check:

    /20 subnet usable IPs = 4091 [OK]
Hint: Subtract 5 reserved IPs from total in subnet range [OK]
Common Mistakes:
  • Using total IPs without subtracting reserved ones
  • Confusing subnet mask with number of IPs
  • Ignoring GCP reserved IP addresses
4. You try to create a new subnet in the Default VPC with IP range 10.128.0.0/20 but get an error. What is the most likely cause?
medium
A. The IP range overlaps with an existing Default VPC subnet
B. The Default VPC does not allow adding subnets
C. The subnet name is invalid
D. The region is not specified

Solution

  1. Step 1: Identify the type of Default VPC

    The Default VPC is an auto-mode VPC network where subnets are automatically created and managed by GCP.

  2. Step 2: Understand limitations

    You cannot manually create additional subnets in an auto-mode VPC like the Default VPC.

  3. Step 3: Reason about the error cause

    Trying to create a subnet with an IP range that overlaps an existing subnet in the Default VPC causes an error.

  4. Final Answer:

    The IP range overlaps with an existing Default VPC subnet -> Option A

  5. Quick Check:

    Subnet creation error due to overlapping IP range [OK]
Hint: Subnet creation fails if IP range overlaps existing subnet [OK]
Common Mistakes:
  • Thinking IP range overlap is not the cause
  • Assuming Default VPC allows manual subnets like custom VPCs
  • Forgetting to specify region or using invalid name (different errors)
5. You want to create a custom VPC with subnets in three regions without overlapping IP ranges. Which approach best follows GCP best practices?
hard
A. Create multiple Default VPCs, one per region
B. Use the Default VPC and add subnets with overlapping IP ranges
C. Create a custom VPC and assign non-overlapping CIDR blocks for each subnet in different regions
D. Create subnets with the same IP range in different regions inside the same VPC

Solution

  1. Step 1: Understand custom VPC subnet creation

    Custom VPCs allow you to define your own IP ranges and subnets per region.

  2. Step 2: Avoid IP range overlap

    Assigning unique CIDR blocks per subnet prevents routing conflicts and follows best practices.

  3. Step 3: Evaluate other options

    Default VPC cannot have overlapping subnets; multiple Default VPCs per project are not allowed; same IP ranges in one VPC cause conflicts.

  4. Final Answer:

    Create a custom VPC and assign non-overlapping CIDR blocks for each subnet in different regions -> Option C

  5. Quick Check:

    Custom VPC + unique CIDRs = Best practice [OK]
Hint: Use custom VPC with unique subnet IP ranges per region [OK]
Common Mistakes:
  • Trying to add overlapping subnets to Default VPC
  • Assuming multiple Default VPCs per project are possible
  • Using same IP ranges in multiple subnets inside one VPC