MockRounds Logo

Google Cloud Networking: VPCs, Subnets u0026 Firewalls Quiz Quiz

Deepen your understanding of cloud networking concepts such as VPCs, subnets, and firewall rules with this focused quiz. Designed for professionals, this assessment helps reinforce key principles essential for secure and efficient network architecture in cloud environments.

  1. VPC Isolation and Connectivity

    Which statement best describes the isolation provided by default between two virtual private clouds (VPCs) within the same project?

    1. Resources in one VPC cannot directly communicate with resources in another VPC by default.
    2. All resources in the project are globally routable across VPCs by default.
    3. A default static route allows communication between all VPCs in the project.
    4. Subnet IP ranges must never overlap to allow default connectivity.

    Explanation: By default, separate VPCs provide network isolation, and resources do not have connectivity across VPC boundaries without explicit configuration like peering. Option B is incorrect because cross-VPC communication is not enabled automatically. Option C is not true because there are no default static routes provided for inter-VPC communication. Option D references subnet design but does not address how default connectivity works across VPCs.

  2. Subnet IP Address Ranges

    When creating a new subnet, which consideration is most important to ensure successful deployment of resources within it?

    1. All subnets within the same VPC must have identical CIDR blocks.
    2. Each subnet must use a unique region-independent IP range.
    3. The IP range of the subnet must fit entirely within the parent VPC's private IP range.
    4. Subnetworks must always use public IP address ranges.

    Explanation: A subnet's IP range must be a subset of the parent VPC's IP range to avoid conflicts and ensure routability. Option B is incorrect because subnets should use private IP ranges, not public ones. Option C is invalid; subnets are tied to specific regions and should have region-specific ranges. Option D is incorrect as subnets within the same VPC must have unique, non-overlapping CIDR blocks.

  3. Firewall Rule Application

    Which factor determines whether a firewall rule in a virtual network is applied to incoming or outgoing traffic?

    1. The size of the subnet the rule applies to.
    2. The unique identifier number of the rule.
    3. The region where the firewall rule was created.
    4. The rule's direction, specified as ingress or egress.

    Explanation: Firewall rules act on traffic based on their direction: 'ingress' rules control incoming, while 'egress' rules control outgoing traffic. Subnet size does not affect firewall rule application, making option B wrong. The creation region is irrelevant because firewall rules are generally global, eliminating option C. Option D, referencing the rule's ID number, does not control its direction or effect on traffic.

  4. Custom vs. Auto Mode VPCs

    In a custom mode virtual network, what must the user manually configure during subnet creation?

    1. Dynamic routing and all firewall rules.
    2. Only the default subnet for the entire project.
    3. System-generated routes for internal connectivity.
    4. Subnets and their associated IP ranges for each region.

    Explanation: In custom mode, users define each subnet and its IP range per region, allowing precise control. Option B is partially true about firewall rules but dynamic routing is not typically part of subnet creation. Option C is only accurate for default or auto mode networks. Option D is incorrect, as system-generated routes are automatically managed.

  5. Firewall Rule Priority and Conflicts

    If two firewall rules with overlapping targets and conflicting actions both match the same network traffic, which one takes effect?

    1. All matching rules are evaluated, and the most recent one wins.
    2. Allow rules always override deny rules in conflicts.
    3. The rule with the lowest priority number is applied.
    4. The rule with the highest priority number is always enforced.

    Explanation: Firewall rules are evaluated in order of priority, with lower numbers taking precedence for matching traffic. Option B is wrong since higher priority numbers have lower precedence. Option C is incorrect, as timestamp or creation order is not considered. Option D is incorrect because whether allow or deny wins depends solely on rule priority, not type.

mockrounds.com Learn • Practice • Evaluate