Compute Engine Instance Access Management
16 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary requirement for the operational team in managing instances on Compute Engine?

  • Full administrative access to the servers
  • Read-only access to the servers
  • No access to the servers
  • Administrative access to the servers (correct)
  • What is the benefit of using a configuration management tool to deploy SSH keys?

  • Increased complexity in managing instances
  • Increased security risks
  • Limited access to instances
  • Operationally efficient deployment of credentials (correct)
  • What is the role that needs to be granted to the Google group corresponding to the operational team?

  • compute.osAdmin
  • compute.osLogin
  • compute.osReadOnly
  • compute.osAdminLogin (correct)
  • What is the recommended range for a custom VPC subnet?

    <p>10.0.0.0/8</p> Signup and view all the answers

    What is the primary consideration when creating a custom VPC subnet?

    <p>Largest possible range</p> Signup and view all the answers

    What is the benefit of using SSH keys in managing instances on Compute Engine?

    <p>Improved operational efficiency</p> Signup and view all the answers

    What is the primary advantage of granting the compute.osAdminLogin role to the Google group?

    <p>Simplifying administrative tasks</p> Signup and view all the answers

    What is the relevant RFC for private network ranges?

    <p>RFC 1918</p> Signup and view all the answers

    How many IP addresses are available in the 24-bit block 10.0.0.0/8?

    <p>16777216</p> Signup and view all the answers

    What is the purpose of enabling binary logging in Cloud SQL (MySQL)?

    <p>To enable point-in-time recovery</p> Signup and view all the answers

    What does the 20-bit block 172.16.0.0/12 provide?

    <p>1048576 IP addresses</p> Signup and view all the answers

    What is the correct configuration for autohealing for network load balancing?

    <p>Create a managed instance group with an Autohealing health check</p> Signup and view all the answers

    What is the purpose of health checks for load balancing?

    <p>To detect unresponsive instances and direct traffic away from them</p> Signup and view all the answers

    How many IP addresses are available in the 16-bit block 192.168.0.0/16?

    <p>65536</p> Signup and view all the answers

    What is the purpose of health checks for auto healing?

    <p>To detect and recreate failed instances</p> Signup and view all the answers

    Why should you use separate health checks for load balancing and auto healing?

    <p>Because load balancing health checks detect unresponsive instances and direct traffic away from them, while auto healing health checks detect and recreate failed instances</p> Signup and view all the answers

    Study Notes

    CertyIQ - Managing Instances and Networking

    • To manage a large number of instances on Compute Engine, each team member needs administrative access to the servers, and security teams need to determine who accessed a given instance.
    • Solution: Ask each team member to generate a new SSH key pair and add the public key to their Google account. Grant the compute.osAdminLogin role to the Google group corresponding to the team.

    VPC and Subnet Ranges

    • To create a custom VPC with a single subnet, the subnet's range should be as large as possible.
    • Recommended range: 10.0.0.0/8 (16777216 IP Addresses), a private network range defined by IETF and adhered to by all cloud providers.

    Relational Data on Google Cloud Platform

    • For a cost-effective solution for relational data, select Cloud SQL (MySQL) and verify that the enable binary logging option is selected to support point-in-time recovery.

    Autohealing for Network Load Balancing

    • To configure autohealing for network load balancing, create a managed instance group and set the Autohealing health check to healthy (HTTP) with 3 attempts of 10 seconds each to re-create VMs if they are unresponsive.
    • Note: Use separate health checks for load balancing and autohealing.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Managing access to Compute Engine instances for team members with administrative access while ensuring secure credential deployment and tracking access.

    More Like This

    Google Cloud Compute Services Quiz
    5 questions
    Google Cloud Compute Engine Security
    61 questions
    Google ACE Practice Tests
    40 questions

    Google ACE Practice Tests

    ComplementaryCarbon avatar
    ComplementaryCarbon
    Google Cloud Services Quiz
    48 questions
    Use Quizgecko on...
    Browser
    Browser