0
0
GCPcloud~20 mins

Service account keys management in GCP - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Service Account Key Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
Understanding service account key rotation

Why is it important to rotate service account keys regularly in Google Cloud Platform?

ATo automatically upgrade the service account permissions
BTo increase the number of active keys for better performance
CTo permanently disable the service account
DTo reduce the risk of unauthorized access if a key is compromised
Attempts:
2 left
💡 Hint

Think about what happens if a key is leaked or stolen.

Configuration
intermediate
2:00remaining
Identifying valid service account key creation command

Which gcloud command correctly creates a new JSON key for a service account named my-service-account@my-project.iam.gserviceaccount.com?

Agcloud iam keys create key.json --service-account=my-service-account@my-project.iam.gserviceaccount.com
Bgcloud iam service-accounts keys create key.json --iam-account=my-service-account@my-project.iam.gserviceaccount.com
Cgcloud iam service-accounts create key.json --account=my-service-account@my-project.iam.gserviceaccount.com
Dgcloud service-accounts keys create key.json --account=my-service-account@my-project.iam.gserviceaccount.com
Attempts:
2 left
💡 Hint

Check the correct gcloud subcommand and flag names for key creation.

security
advanced
2:00remaining
Impact of leaked service account keys

If a service account key is leaked publicly, what is the immediate risk?

AAnyone with the key can authenticate as the service account and access resources allowed by its permissions
BThe service account will be automatically disabled by Google Cloud
CThe key will expire immediately and become unusable
DThe service account's permissions will be revoked automatically
Attempts:
2 left
💡 Hint

Consider what a key allows in terms of authentication and access.

Best Practice
advanced
2:00remaining
Recommended practice for service account key storage

What is the best practice for storing service account keys to minimize security risks?

AEmail keys to team members for backup
BStore keys in plain text files on developer machines for easy access
CStore keys in a secure secret manager and avoid embedding them in code or public repositories
DUpload keys to public cloud storage buckets for sharing
Attempts:
2 left
💡 Hint

Think about how to keep keys safe and prevent accidental exposure.

service_behavior
expert
2:00remaining
Effect of deleting a service account key on running workloads

What happens to running workloads that use a service account key if that key is deleted from Google Cloud?

AWorkloads using the deleted key will lose authentication and fail to access Google Cloud resources immediately
BWorkloads continue to run normally because keys are cached indefinitely
CGoogle Cloud automatically issues a new key to running workloads
DWorkloads switch to using the service account's default credentials automatically
Attempts:
2 left
💡 Hint

Consider how authentication tokens depend on keys and their validity.