0
0
GCPcloud~20 mins

Why security matters in GCP - Challenge Your Understanding

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Cloud Security Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
🧠 Conceptual
intermediate
2:00remaining
Why is it important to use Identity and Access Management (IAM) in GCP?

Which of the following best explains why using IAM is crucial for security in Google Cloud Platform?

AIAM controls who can access resources, reducing the risk of unauthorized access.
BIAM automatically backs up all data to prevent loss.
CIAM speeds up network traffic between services.
DIAM encrypts data stored in virtual machines.
Attempts:
2 left
💡 Hint

Think about how controlling user permissions helps keep your cloud safe.

service_behavior
intermediate
2:00remaining
What happens if you disable firewall rules in a GCP project?

Consider a GCP project where all firewall rules are disabled. What is the most likely result?

AFirewall rules are ignored, but default security still blocks traffic.
BAll incoming traffic is allowed, exposing resources to the internet.
COnly traffic from trusted IPs is allowed automatically.
DAll incoming and outgoing traffic is blocked, isolating the network.
Attempts:
2 left
💡 Hint

Think about what a firewall does when it is turned off or disabled.

Architecture
advanced
3:00remaining
Designing a secure multi-region GCP architecture

You need to design a GCP architecture that keeps data secure across multiple regions. Which design choice best supports this goal?

AUse Cloud Storage with uniform bucket-level access and enable CMEK (Customer-Managed Encryption Keys) in each region.
BUse Compute Engine instances with local SSDs in each region without encryption.
CUse Cloud SQL with public IPs and disable SSL connections for faster access.
DUse Cloud Storage with default encryption and allow all users to access buckets.
Attempts:
2 left
💡 Hint

Think about encryption and access control across regions.

security
advanced
2:30remaining
Identifying the risk of using overly permissive service accounts

What is the main security risk of assigning broad roles like 'Owner' to service accounts in GCP?

AIt causes the service account to run slower due to extra permissions.
BIt prevents the service account from accessing any resources.
CIt increases the chance that a compromised service account can cause widespread damage.
DIt automatically encrypts all data accessed by the service account.
Attempts:
2 left
💡 Hint

Consider what happens if someone steals the credentials of a powerful service account.

Best Practice
expert
3:00remaining
Choosing the best method to protect sensitive data in GCP

You must protect sensitive customer data stored in GCP. Which approach best follows security best practices?

ABackup data to multiple regions without encryption to ensure availability.
BStore data unencrypted for faster access and rely on network firewalls only.
CUse default encryption and allow all project members to access the data.
DEncrypt data at rest using Customer-Managed Encryption Keys and restrict access with IAM policies.
Attempts:
2 left
💡 Hint

Think about encryption control and limiting who can see the data.