0
0
GCPcloud~20 mins

SSL certificates management in GCP - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
SSL Certificate Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
service_behavior
intermediate
2:00remaining
How does Google Cloud Load Balancer handle SSL certificates?

When you attach an SSL certificate to a Google Cloud HTTPS Load Balancer, what happens when the certificate expires?

AThe load balancer continues serving HTTPS traffic but browsers show a security warning.
BThe load balancer automatically renews the certificate without user intervention.
CThe load balancer switches to HTTP traffic automatically to avoid errors.
DThe load balancer stops serving HTTPS traffic until a new certificate is uploaded.
Attempts:
2 left
💡 Hint

Think about what happens when a browser checks a certificate that is no longer valid.

Configuration
intermediate
2:00remaining
Correct JSON format for uploading a managed SSL certificate in GCP

You want to create a managed SSL certificate resource in Google Cloud using JSON. Which JSON snippet correctly defines the domains for the certificate?

A{ "name": "my-cert", "managed": { "domains": "example.com, www.example.com" } }
B{ "name": "my-cert", "managed": { "domains": ["example.com www.example.com"] } }
C{ "name": "my-cert", "managed": { "domain": "example.com,www.example.com" } }
D{ "name": "my-cert", "managed": { "domains": ["example.com", "www.example.com"] } }
Attempts:
2 left
💡 Hint

Remember that domains should be a list of strings, not a single string.

Architecture
advanced
2:30remaining
Best architecture for automatic SSL certificate renewal in GCP

You want to design a system that automatically provisions and renews SSL certificates for multiple domains on Google Cloud. Which architecture best supports this?

AUse Cloud DNS with manual certificate uploads to App Engine, renewing certificates via scripts.
BUse Google-managed SSL certificates attached to a Cloud Load Balancer for each domain, letting Google handle renewals.
CManually upload self-managed certificates to Compute Engine instances and renew them using cron jobs.
DUse third-party certificate providers and manually update certificates in Cloud Storage buckets.
Attempts:
2 left
💡 Hint

Consider which option minimizes manual work and leverages Google Cloud's automation.

security
advanced
2:00remaining
Security risk of using self-managed SSL certificates on Google Cloud

What is a key security risk when using self-managed SSL certificates on Google Cloud compared to Google-managed certificates?

ASelf-managed certificates automatically renew, which can lead to unauthorized renewals.
BSelf-managed certificates cannot be used with HTTPS Load Balancers, reducing security.
CSelf-managed certificates may expire unnoticed, causing service interruptions and security warnings.
DGoogle-managed certificates expose private keys to users, increasing risk of key theft.
Attempts:
2 left
💡 Hint

Think about who is responsible for tracking certificate expiration.

Best Practice
expert
3:00remaining
Optimal strategy for managing SSL certificates across multiple GCP projects

You manage multiple Google Cloud projects for different teams, each with their own domains. What is the best practice for managing SSL certificates efficiently and securely across these projects?

ACentralize SSL certificate management in one project using Google-managed certificates and share them via Cloud Load Balancer across projects.
BEach project manages its own self-managed certificates independently to avoid cross-project dependencies.
CUse a single self-managed wildcard certificate uploaded to all projects to simplify management.
DStore all certificates in a shared Cloud Storage bucket accessible by all projects for manual deployment.
Attempts:
2 left
💡 Hint

Consider security, automation, and ease of management across projects.