Google Cloud Platform Bonus Content
30 questions on Google Cloud Platform (GCP).
Question 1: What is a GCP Spot VM (formerly Preemptible VM) best suited for?
- A. Running critical, high-availability database servers.
- B. Deploying primary customer-facing REST APIs.
- C. Executing batch processing jobs, analytics, or fault-tolerant tasks that can handle VM interruptions. β (correct answer)
- D. Hosting web server configuration panels.
Explanation: Spot VMs offer heavy discounts but GCP can terminate them with a 30-second warning if resources are needed elsewhere.
Question 2: How do Object Lifecycle Rules help reduce Google Cloud Storage (GCS) costs?
- A. By compressing image uploads automatically.
- B. By dynamically deleting database tables after 30 days.
- C. By automatically transitioning old, rarely accessed files to cheaper storage classes (like Nearline or Coldline) or deleting them based on age. β (correct answer)
- D. By restricting bucket read access to specific regions.
Explanation: Lifecycle rules automate storage class movements based on criteria (e.g. age), optimizing long-term retention costs.
Question 3: What is the difference between GKE Standard and GKE Autopilot modes?
- A. Standard is free, while Autopilot is billed by compute minutes.
- B. In Autopilot, Google manages the cluster infrastructure (Nodes, scaling, provisioning), while Standard requires manual node pool configurations. β (correct answer)
- C. Autopilot does not support Docker containers.
- D. Standard does not support Kubernetes manifests.
Explanation: GKE Autopilot is a hands-off, serverless Kubernetes offering where Google handles scaling and node administration.
Question 4: In GCP IAM, what is the difference between a Predefined Role and a Custom Role?
- A. Predefined roles are paid, Custom roles are free.
- B. Predefined roles are created and managed by Google (e.g., Storage Admin), while Custom roles are tailored by developers to grant exact, granular permissions. β (correct answer)
- C. Custom roles are global, while Predefined roles are project-specific.
- D. Predefined roles cannot be combined with users.
Explanation: Custom roles let administrators apply the principle of least privilege, selecting specific API permissions required for workloads.
Question 5: What is the core benefit of using Google Cloud Run for containerized applications?
- A. It provides virtual GPU hardware for machine learning.
- B. It is a serverless execution environment that automatically scales containers from zero to infinity based on web traffic. β (correct answer)
- C. It automatically migrates SQL databases to GCP.
- D. It compiles Java source files in the cloud.
Explanation: Cloud Run abstracts server administration, running containers serverlessly and scaling down to zero when there is no traffic.
Question 6: What is Google Compute Engine (GCE)?
- A. A serverless database service.
- B. GCP's Infrastructure as a Service (IaaS) offering that provides scalable Virtual Machine instances. β (correct answer)
- C. An image processing framework.
- D. A network gateway manager.
Explanation: GCE provides virtual machines where you have full control over operating systems and software.
Question 7: Which GCP database service is a fully managed, globally scalable relational database with strong consistency?
- A. Cloud SQL
- B. Cloud Spanner β (correct answer)
- C. Cloud Bigtable
- D. Cloud Firestore
Explanation: Cloud Spanner combines relational structures with horizontal scale, supporting transactions globally.
Question 8: What is the difference between Cloud SQL and Cloud Spanner?
- A. Cloud SQL is NoSQL, while Cloud Spanner is SQL.
- B. Cloud SQL is managed MySQL/PostgreSQL for standard applications, while Cloud Spanner is an enterprise, globally distributed database designed for massive horizontal scaling. β (correct answer)
- C. Cloud Spanner does not support ACID transactions.
- D. Cloud SQL is serverless only.
Explanation: Spanner scales infinitely using Google's atomic clock sync architectures; SQL scales vertically.
Question 9: Which storage class is best suited for files that are accessed less than once a year (archival)?
- A. Standard
- B. Archive β (correct answer)
- C. Nearline
- D. Coldline
Explanation: Archive storage offers the lowest monthly pricing, ideal for tax or compliance backups.
Question 10: What does GCP Cloud Pub/Sub do?
- A. Compresses file folders.
- B. An asynchronous messaging service (Pub/Sub) used to decouple and integrate independent services and pipelines. β (correct answer)
- C. Configures server routing domains.
- D. Caches HTML layouts.
Explanation: Pub/Sub buffers message variables, scaling dynamically to handle millions of events.
Question 11: In GCP VPC networking, how do Shared VPCs benefit enterprises?
- A. They share database credentials.
- B. They allow an organization to connect resources from multiple projects to a common VPC network, centralizing security rules. β (correct answer)
- C. They are faster and cheaper.
- D. They do not support firewall rules.
Explanation: Shared VPCs delegate network control to net-admins, letting developers manage instances in isolated projects.
Question 12: What is 'Google Cloud Storage' (GCS)?
- A. An in-memory cache system.
- B. A REST-based service for storing and retrieving unstructured object data in buckets. β (correct answer)
- C. A virtual server compiler.
- D. A server container environment.
Explanation: GCS stores blobs (PDFs, images, backups) globally, managing access permissions.
Question 13: Which analytics data warehouse handles SQL querying on petabytes of data serverlessly?
- A. Cloud SQL
- B. BigQuery β (correct answer)
- C. Cloud Spanner
- D. Bigtable
Explanation: BigQuery is serverless, running queries using columnar data architectures.
Question 14: What is the function of Google Cloud Identity-Aware Proxy (IAP)?
- A. It compiles styles.
- B. It controls access to applications running on GCP without requiring a VPN, verifying user identity and context variables. β (correct answer)
- C. It acts as an email gateway.
- D. It encrypts database columns.
Explanation: IAP checks context (IP/login) at HTTP layers, providing zero-trust remote access.
Question 15: What is a 'Project' in GCP?
- A. A code file.
- B. The base organizing entity in GCP, grouping resources, billing accounts, and IAM access permissions. β (correct answer)
- C. A database table schema.
- D. A local folder path.
Explanation: Every resource in GCP must belong to a Project, which acts as a billing boundary.
Question 16: How do GCP VPC Firewall Rules control traffic?
- A. By applying rules dynamically based on network tags, service accounts, or IP ranges to allow/deny connections. β (correct answer)
- B. By encrypting packets.
- C. By redirecting DNS requests.
- D. By modifying local files.
Explanation: Tags allow developers to apply rules to groups of VMs (e.g. tag 'web-server' opens port 80).
Question 17: What is GCP Cloud Interconnect?
- A. A tool to bridge multiple databases.
- B. A service providing high-speed, physical direct network connections between an on-premises network and GCP's network. β (correct answer)
- C. A serverless code router.
- D. An automated VPN tunnel.
Explanation: Interconnect provides dedicated links, bypassing the public internet to maximize data speeds.
Question 18: What is the function of the Cloud SDK (gcloud CLI)?
- A. A compiler for Python.
- B. A set of command-line tools for managing GCP resources and configurations. β (correct answer)
- C. A database indexing tool.
- D. A local firewall control panel.
Explanation: The gcloud CLI manages compute instances, billing, and IAM deployments.
Question 19: What does 'Preemptible' mean in legacy GCP VM classifications?
- A. VMs that compile code automatically.
- B. VMs that Google can terminate at any time if resources are needed, offering huge cost discounts. β (correct answer)
- C. VMs that do not require network connections.
- D. VMs that are read-only.
Explanation: Preemptible VMs are limited to 24-hour lifespans, replaced by the modern Spot VM class.
Question 20: What is the difference between Cloud Bigtable and Cloud Bigquery?
- A. Bigtable is relational, Bigquery is NoSQL.
- B. Bigtable is a low-latency NoSQL wide-column database for high-throughput reads/writes, while BigQuery is a serverless column-oriented analytical warehouse. β (correct answer)
- C. BigQuery is deprecated.
- D. Bigtable does not support write operations.
Explanation: Bigtable is ideal for operational storage (IoT logs); BigQuery is for data analytics.
Question 21: What is 'Cloud Run'?
- A. A database monitoring dashboard.
- B. A fully managed serverless platform that runs containerized applications, scaling from zero dynamically. β (correct answer)
- C. A Python execution script.
- D. A server container compiler.
Explanation: Cloud Run deploys containers serverlessly, charging users only during active CPU runs.
Question 22: Which GCP service is a fully managed Redis/Memcached hosting solution?
- A. Cloud SQL
- B. Memorystore β (correct answer)
- C. Datastore
- D. Bigtable
Explanation: Memorystore provides in-memory cache clustering, speeding up database fetch times.
Question 23: How do GCP Service Accounts authorize application workloads?
- A. By requiring manual admin logins.
- B. By providing a special identity representing non-human users (services/scripts), authenticating via cryptographical JSON keys or IAM associations. β (correct answer)
- C. By checking IP addresses.
- D. By modifying settings.py files.
Explanation: Service accounts authorize VMs to access APIs (e.g. letting VMs write to S3 buckets).
Question 24: What is Google Cloud Functions?
- A. A mathematical formula package.
- B. A serverless execution environment that runs single-purpose code snippets triggered by cloud events. β (correct answer)
- C. A database backup script.
- D. A container registry.
Explanation: Cloud Functions runs event-driven code (e.g. image thumbnails on uploads).
Question 25: What does GCP Cloud NAT provide?
- A. Public DNS domain lookups.
- B. Outbound internet connectivity for private VMs without exposing them to inbound public queries. β (correct answer)
- C. Inbound load balancing capabilities.
- D. Cache synchronization across regions.
Explanation: Cloud NAT acts as an outbound gateway, securing VMs in private subnets.
Question 26: What is Google Cloud Armor?
- A. A backup server cluster.
- B. A DDoS defense and Web Application Firewall (WAF) service that protects GCP applications from layer-7 exploits. β (correct answer)
- C. An encryption key vault.
- D. A network switch interface.
Explanation: Cloud Armor integrates with load balancers, filtering requests using OWASP rules.
Question 27: What does the 'Google Cloud Console' represent?
- A. The command-line terminal interface.
- B. The web-based graphical user interface for managing all GCP resources. β (correct answer)
- C. A local network driver.
- D. A server container configuration file.
Explanation: Console provides dashboard controls for billing, monitoring, and configurations.
Question 28: What is the function of Google Cloud Deployment Manager?
- A. Storing composer vendor modules.
- B. An infrastructure deployment service that automates GCP provisioning using YAML templates (IaC). β (correct answer)
- C. Styling admin layouts.
- D. Managing developer login lists.
Explanation: Deployment Manager builds GCP resource stacks declaratively.
Question 29: In GCP, what does 'VPC Network Peering' do?
- A. It speeds up local CPU execution.
- B. It enables internal, private IP communication between two VPC networks within the same or different projects, bypassing public internet routing. β (correct answer)
- C. It encrypts database tables.
- D. It logs API endpoints.
Explanation: Peering connects networks directly, achieving high speeds and low latencies.
Question 30: What is Google App Engine (GAE)?
- A. A container registry.
- B. A Platform as a Service (PaaS) framework for building and hosting web applications without managing servers. β (correct answer)
- C. A database indexing tool.
- D. A local firewall control panel.
Explanation: App Engine manages deployment, scaling, and load balancing automatically.