Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

Certifications›GCDL›Objectives›Trust and security with Google Cloud
Objective 5.0

Trust and security with Google Cloud

GCDL Practice Questions

Use this page to practise Trust and security with Google Cloud questions for this certification. Focus on how the exam tests trust and security with google cloud in scenario format — understanding the why behind each answer builds more durable knowledge than memorising options.

Full Practice Test →All Objectives

What this objective tests

GCDL Trust and security with Google Cloud — Key Topics

Trust and security with Google Cloud questions on this certification test your ability to deploy and manage trust and security with google cloud concepts in scenario-based situations.

  • Core Trust and security with Google Cloud concepts and how they apply in real-world cloud scenarios.
  • How to deploy trust and security with google cloud correctly and verify the outcome.
  • Troubleshooting trust and security with google cloud issues by interpreting error output and system state.
  • Cloud best practices and Trust and security with Google Cloud design trade-offs tested by this certification.

Common exam traps

Where candidates lose marks on Trust and security with Google Cloud

  • ⚠Selecting the most expensive service when a simpler managed option meets the requirement.
  • ⚠Forgetting that cloud resources must be explicitly secured — defaults are rarely secure.
  • ⚠Choosing a global service fix when the issue is region-specific.
  • ⚠Overlooking cost implications of cross-region data transfer in architecture questions.

GCDL Trust and security with Google Cloud — Practice Questions

30 questions from this objective

Question 2easymultiple choice
Full question →

Google Cloud encrypts all customer data at rest by default without any configuration required. A customer asks: 'Do we need to do anything special to encrypt our data stored in Cloud Storage?' What is the correct answer?

Question 3mediummultiple choice
Full question →

A security architect wants to implement a 'never trust, always verify' security approach where no user or service is assumed to be trustworthy based on network location alone. Every access request must be authenticated and authorized regardless of whether it comes from inside or outside the corporate network. Which security model describes this approach?

Question 4easymultiple choice
Full question →

A company is concerned about which security responsibilities belong to Google versus which belong to them when using Google Cloud's managed database service (Cloud SQL). In the shared responsibility model, which security tasks does Google handle?

Question 5mediummultiple choice
Read the full NAT/PAT explanation →

A healthcare company needs to store patient data in Google Cloud and must comply with HIPAA (Health Insurance Portability and Accountability Act). Which statement correctly describes how Google Cloud helps them achieve HIPAA compliance?

Question 6mediummultiple choice
Full question →

An organization uses Google Cloud Identity and Access Management (IAM). A new employee is a data engineer who needs to read BigQuery datasets and run queries but should NOT be able to create new datasets, delete tables, or modify IAM policies. Which IAM role should be assigned?

Question 7hardmultiple choice
Full question →

A company wants to ensure that sensitive data (credit card numbers, SSNs) stored in BigQuery is automatically identified and protected. They also want ongoing scanning to detect if any new data violates their data governance policies. Which Google Cloud service provides these capabilities?

Question 8easymultiple choice
Full question →

When data is transmitted between a user's browser and a Google Cloud-hosted web application over HTTPS, which security protection does this provide?

Question 9mediummultiple choice
Full question →

A company is evaluating Google Cloud and wants to know: what is Access Transparency, and how does it benefit customers with stringent governance requirements?

Question 10mediummultiple choice
Full question →

A company stores its data in Google Cloud. The security team asks: can Google employees access our customer data without our knowledge or consent? What does Google's commitment ensure?

Question 11hardmultiple choice
Full question →

A regulated financial services firm must ensure that its data never leaves a specific geographic region (EU) for compliance with GDPR data residency requirements. Which Google Cloud features help enforce this requirement?

Question 12easymultiple choice
Read the full NAT/PAT explanation →

What compliance certification verifies that an organization's Information Security Management System (ISMS) meets internationally recognized standards for managing information security risks?

Question 13mediummultiple choice
Full question →

A company uses Google Workspace for identity. They want employees to use their Google Workspace credentials to access third-party applications (Salesforce, Slack, etc.) without separate passwords for each app. Which technology enables this?

Question 14easymultiple choice
Full question →

A company's security policy requires all employees to verify their identity using more than just a password when accessing Google Cloud resources. What security feature enforces this requirement?

Question 15mediummultiple choice
Full question →

Google's physical data center security includes multiple layers of protection. Which of the following is NOT a physical security measure Google uses at its data centers?

Question 16hardmultiple choice
Full question →

A company has a requirement from their security auditor to demonstrate that all administrative actions performed in Google Cloud (such as creating VMs, modifying IAM policies, and deleting storage buckets) are logged and tamper-evident. Which Cloud Logging log type fulfills this requirement?

Question 17mediummultiple choice
Full question →

A company wants to ensure that even if an attacker compromises an employee's password and passes MFA, the attacker cannot access sensitive Google Cloud resources from an unmanaged personal laptop. Which Google security feature enforces device trust as part of access decisions?

Question 18easymultiple choice
Full question →

A company stores customer data in Google Cloud and wants to ensure data confidentiality in the event that hardware is decommissioned and returned by Google. How does Google protect customer data when storage hardware reaches end of life?

Question 19mediummultiple choice
Full question →

A company uses Google Cloud and has a compliance requirement to store certain data only within the European Union and ensure it cannot be accessed from outside the EU, even by Google operations personnel. Which Google Cloud offering specifically addresses this level of data sovereignty?

Question 20hardmultiple choice
Full question →

A security team wants to get a comprehensive, organization-wide view of security misconfigurations (such as publicly accessible storage buckets, VMs without firewalls, and IAM overprivilege), vulnerabilities in container images, and active threats across all Google Cloud projects. Which Google Cloud service provides this unified security posture management?

Question 21mediummultiple choice
Full question →

A company wants to know: if Google Cloud experiences a data breach that exposes customer data, what are Google's notification obligations under standard Cloud service terms?

Question 22easymultiple choice
Full question →

The principle of least privilege is a fundamental security concept applied to IAM in Google Cloud. Which statement best describes this principle?

Question 23mediummultiple choice
Full question →

A company uses service accounts to allow their application running on a Compute Engine VM to access Cloud Storage. Which is the most secure way to configure this service account access?

Question 24mediummultiple choice
Full question →

A company stores encryption keys in Cloud KMS to protect sensitive data. What does Cloud KMS provide that standard application-layer encryption does not?

Question 25easymultiple choice
Full question →

A company classifies its data into four sensitivity levels: Public, Internal, Confidential, and Restricted. Which type of data would typically be classified as 'Restricted' and require the highest level of security controls?

Question 26hardmultiple choice
Full question →

A security team wants to ensure that only container images built by their approved CI/CD pipeline can run in their GKE cluster. Images built outside the approved process — even by internal engineers — should be blocked. Which Google Cloud security feature enforces this?

Question 27mediummultiple choice
Full question →

A company wants to allow a third-party security firm to conduct a penetration test against their Google Cloud environment to identify vulnerabilities. What is Google Cloud's policy on penetration testing?

Question 28easymultiple choice
Full question →

Which Google Cloud feature provides reports on how Google processes government requests for customer data and how often Google challenges overly broad requests?

Question 29mediummultiple choice
Full question →

A company's application stores user passwords. Their security team says passwords must be stored as hashes, never in plaintext. They want to ensure this requirement is met even if a database is compromised. Why is password hashing (with salt) the correct approach?

Question 30hardmultiple choice
Full question →

An organization's security team reviews their Google Cloud environment and finds that several Cloud Storage buckets have `allAuthenticatedUsers` bindings, and multiple service accounts have the Owner role. Which Google Cloud tool automatically identifies these types of high-risk IAM configurations?

Question 31mediummultiple choice
Full question →

A company's security architect wants to implement 'privacy by design' principles when building a new customer data platform on Google Cloud. What does privacy by design mean in this context?

More Trust and security with Google Cloud questions available in the full practice test.

Continue Practising →
←

Previous objective

Scaling with Google Cloud operations

All GCDL Objectives

  • 1.Why cloud technology is transforming business
  • 2.Fundamental cloud concepts
  • 3.Google Cloud products, services, and solutions
  • 4.Scaling with Google Cloud operations
  • 5.Trust and security with Google Cloud