Essential Cloud Infrastructure: Foundation
What is one benefit of applying firewall rules by tag rather than by address? []Tags on firewall rules control which ephemeral IP addresses VMs will receive. []When a VM is created with a matching tag, the firewall rules apply irrespective of the IP address it is assigned. []Tags in network traffic help with network sniffing. []Tags help organizations track firewall billing.
When a VM is created with a matching tag, the firewall rules apply irrespective of the IP address it is assigned. When a VM is created the ephemeral external IP address is assigned from a pool. There is no way to predict which address will be assigned, so there is no way to write a rule that will match that VM's IP address before it is assigned. Tags allow a symbolic assignment that does not depend on order in the IP addresses. It makes for simpler, more general, and easier to maintain, firewall rules.
Cloud Shell provides you with which of the following? (Select all that apply). []A command-line tool that requires you to install Cloud SDK []5 GB of persistent storage (/home) []Command-line access to a free temporary Compute Engine VM []Built-in authorization for access to resources and instances
-5 GB of persistent storage (/home) -Command-line access to a free temporary Compute Engine VM -Built-in authorization for access to resources and instances
To create a persistent state in Cloud Shell, which file would you configure? [].config [].my_variables [].bashrc [].profile
.profile
What are sustained use discounts? []Discounts you receive by using preemptible VM instances []Automatic discounts that you get for running specific Compute Engine resources for a significant portion of the billing month []Per-second billing that starts after a 1 minute minimum []Purchase commitments for specific resources you know you will use
Automatic discounts that you get for running specific Compute Engine resources for a significant portion of the billing month Sustained use discounts are automatic discounts that you get for running specific Compute Engine resources (vCPUs, memory, GPU devices) for a significant portion of the billing month. To take advantage of the full 30% discount, create your VM instances on the first day of the month, because discounts reset at the beginning of each month.
Which of the following __**does not**__ allow you to interact with GCP? []Cloud Explorer []Cloud Shell []REST-based API []GCP Console
Cloud Explorer There are four ways you can interact with GCP: There's the GCP Console, Cloud Shell and the Cloud SDK, the APIs, and the Cloud Mobile App. The Cloud Explorer is not a Google Cloud tool.
What is the difference between GCP Console and Cloud Shell? []There is no difference as these tools are 100% identical. []Cloud Shell is a command-line tool, while GCP Console is a graphical user interface []Cloud Shell is a locally installed tool, while GCP Console is a temporary virtual machine. []GCP Console is a command-line tool, while Cloud Shell is a graphical user interface
Cloud Shell is a command-line tool, while GCP Console is a graphical user interface The GCP Console is a graphical user interface and Cloud Shell is a command-line tool. Both tools allow you to interact with GCP. Even though GCP Console can do things Cloud Shell can't do and vice-versa, don't think of them as alternatives, but think of them as one extremely flexible and powerful interface.
What are the three types of networks offered in the Google Cloud Platform? []Default network, auto network, and custom network. []IPv4 unicast network, IPv4 multicast network, IPv6 network []Gigabit network, 10 gigabit network, and 100 gigabit network []Zonal, regional, and global
Default network, auto network, and custom network. "The three network types offered by GCP are: default, auto and custom. Each project starts with a default network. The auto-type network uses the same subnet IP ranges as the default-type, with a network name other than default. A custom-type allows you to specify the IP ranges of subnets."
Google Cloud Marketplace lets you quickly deploy functional software packages by providing pre-defined templates with which Google Cloud service? []Template Manager []Firestore []Deployment Manager []Terraform
Deployment Manager
Which statement is true of Virtual Machine Instances in Compute Engine? []In Compute Engine, a VM is a networked service that simulates the features of a computer. []A VM in Compute Engine always maps to a single hardware computer in a rack. []All Compute Engine VMs are single tenancy and do not share CPU hardware. []Compute Engine uses VMware to create Virtual Machine Instances.
In Compute Engine, a VM is a networked service that simulates the features of a computer. VMs in Compute Engine are a collection of networked services. This includes disks (persistent disks) which are network-attached. In some cases the GCP VM behaves unlike hardware or other kinds of virtual machines, for example, when a multi-tenant virtual CPU ""bursts"", using excess capacity beyond the VM spec.
In GCP, what is the minimum number of IP addresses that a VM instance needs? []Three: One internal, one external and one alias IP address []Two: One internal and one external IP address []One: Only an internal IP address
One: Only an internal IP address In GCP, each virtual machine needs to have an internal IP address. The external IP address is optional; therefore, a VM instance only needs one IP address.
Which statement is true of persistent disks? []Persistent disks are always HDDs (magnetic spinning disks). []Persistent disks are encrypted by default. []Once created, a persistent disk cannot be resized. []Persistent disks are physical hardware devices connected directly to VMs.
Persistent disks are encrypted by default. Persistent Disks are not physical disks, they are a virtual-networked service. Each persistent disk remains encrypted either with system-defined keys or with customer-supplied keys.
Without a VPC network, you cannot create VM instances, containers, or App Engine applications. []True []False
True
Which instances should you be able to ping from mynet-us-vm using internal IP addresses? []mynet-eu-vm []managementnet-us-vm []privatenet-us-vm
mynet-eu-vm
Which firewall rule allows the ping to mynet-eu-vm's external IP address? []mynetwork-allow-internal []mynetwork-allow-ssh []mynetwork-allow-icmp []mynetwork-allow-rdp
mynetwork-allow-icmp