Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Managing Operations in a Cloud Solution Environment practice sets

PCSE Managing Operations in a Cloud Solution Environment • Complete Question Bank

PCSE Managing Operations in a Cloud Solution Environment — All Questions With Answers

Complete PCSE Managing Operations in a Cloud Solution Environment question bank — all 0 questions with answers and detailed explanations.

80
Questions
Free
No signup
Certifications/PCSE/Practice Test/Managing Operations in a Cloud Solution Environment/All Questions
Question 1mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer needs to ensure that all Google Cloud API calls in the organization are logged and retained for 7 years for compliance. Admin Activity logs are enabled by default but retention is limited. Which combination of actions should the engineer take?

Question 2mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company wants to receive real-time notifications when Security Command Center (SCC) detects a high-severity vulnerability in their Google Cloud projects. They need to integrate with their existing SIEM. Which approach should they use?

Question 3hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A DevOps team is implementing Binary Authorization for a GKE cluster. They want to ensure that only container images signed by a specific attestor can be deployed. They have created the attestor and configured Cloud KMS for signing. Which additional step is required to enforce the policy?

Question 4easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security analyst needs to investigate a potential breach in a Compute Engine instance. They want to create an offline forensic copy of the disk without affecting the running instance. Which action should they take?

Question 5mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company is using Security Command Center (SCC) Standard tier and wants to detect threats like crypto mining attacks and anomalous IAM activity in their GCP environment. Which built-in service should they enable?

Question 6hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization uses Chronicle SIEM to ingest logs from multiple GCP projects and on-premises firewalls. They need to write a detection rule that triggers when an IP address makes more than 100 failed login attempts across different GCP projects within 10 minutes. Which Chronicle feature should they use?

Question 7easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company wants to scan all container images stored in Artifact Registry for vulnerabilities before deployment. Which Google Cloud service should they use?

Question 8mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team needs to detect and respond to a potential data exfiltration via VPC Flow Logs. They want to identify traffic to known malicious IP addresses in real-time. Which architecture should they use?

Question 9mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company wants to enforce that all GKE clusters in their organization use Binary Authorization with a specific attestor. They have multiple projects and want to set this policy centrally. Which approach should they use?

Question 10easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Which Security Command Center (SCC) tier provides built-in compliance monitoring for standards like CIS and PCI DSS?

Question 11mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company needs to archive their VPC Flow Logs for 10 years for compliance. They also need to run occasional queries on the logs. What is the most cost-effective approach?

Question 12hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

During an incident response, a security engineer needs to analyze a Pub/Sub message that was produced by a Cloud Function triggered by a SCC finding. The message has been acknowledged and deleted from the subscription. How can the engineer retrieve the message again?

Question 13mediummulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company is using Security Command Center (SCC) Premium tier and wants to automatically remediate certain high-severity findings. Which two services can be used together to achieve this? (Choose two.)

Question 14hardmulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team needs to detect anomalous outbound traffic from Compute Engine instances. They want to enable logging and analyze the data. Which three steps should they take? (Choose three.)

Question 15mediummulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company wants to implement a vulnerability management program for their Google Cloud environment. They need to scan Compute Engine instances for OS vulnerabilities and container images for known vulnerabilities. Which two services should they use? (Choose two.)

Question 16easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Your organization wants to monitor and audit IAM permission changes in real time. Which type of Cloud Audit Log is enabled by default and cannot be disabled?

Question 17mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer wants to export Cloud Audit Logs to a third-party SIEM in real time. Which log sink destination should they configure?

Question 18mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization uses Security Command Center Premium tier. They want to receive notifications when a finding of type 'Cryptomining' is detected in their Compute Engine instances. What should they configure?

Question 19hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company enforces Binary Authorization on a GKE cluster. They want to require that all container images be signed by a specific attestor located in a different project. What must be configured?

Question 20easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Which Security Command Center tier includes Event Threat Detection and Container Threat Detection?

Question 21mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team wants to analyze VPC Flow Logs to investigate a potential data exfiltration incident. The logs are currently stored in Cloud Logging. What is the MOST efficient method to query and visualize the network traffic patterns?

Question 22hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization uses Binary Authorization with multiple attestors. They want to allow a deployment only if at least two attestors have signed the image. Which policy type should be used?

Question 23mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer needs to automatically remediate a high-severity finding in Security Command Center. The remediation involves restarting a Compute Engine instance. What is the recommended approach?

Question 24mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Which Google Cloud service should be used for long-term archival of Audit Logs that must be immutable and stored for 10 years for compliance?

Question 25easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security analyst wants to search for a specific IAM role change across all projects in the organization. Which tool can query Cloud Audit Logs across projects?

Question 26hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

During a forensic investigation, you need to analyze a Compute Engine instance that has been compromised. You want to preserve the disk state for analysis without affecting the running instance. Which action should you take?

Question 27mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization wants to use Chronicle for SIEM. They need to ingest logs from an on-premises firewall. Which method should they use?

Question 28mediummulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team wants to automatically detect anomalies in user behavior across Google Workspace and Google Cloud. Which TWO Security Command Center features can help?

Question 29hardmulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company runs containerized applications on GKE and uses Binary Authorization. They want to enforce that only images from a specific Artifact Registry repository can be deployed, and those images must be signed by a trusted attestor. Which THREE configurations are required?

Question 30mediummulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization wants to use Web Security Scanner to find vulnerabilities in their web application. Which TWO finding types can Web Security Scanner detect?

Question 31easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer wants to review all IAM permission changes made in the last 30 days. Which type of Cloud Audit Log should they query?

Question 32mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company uses Security Command Center (SCC) Premium tier and wants to automatically trigger a Cloud Function to remediate a threat finding. Which approach should they use?

Question 33mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer needs to archive Cloud Audit Logs for regulatory compliance for 7 years. The logs should be immutable and cost-effective. Which solution should they choose?

Question 34easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Which Security Command Center tier provides Event Threat Detection and Container Threat Detection?

Question 35hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization uses Binary Authorization with a GKE cluster that enforces attestation. A developer builds a container and pushes it to Artifact Registry. The image must be signed before it can be deployed. Which steps are required to allow this image to run on the cluster?

Question 36mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team wants to analyze VPC Flow Logs for potential data exfiltration. They need a solution that allows querying with SQL and requires minimal setup. Which approach should they take?

Question 37mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization needs to scan container images stored in Artifact Registry for vulnerabilities before deployment. They want to use a managed service that integrates with their CI/CD pipeline. Which Google Cloud service should they use?

Question 38hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer is investigating a compromised Compute Engine VM. They need to take a forensic snapshot of the disk without losing any data, including deleted files, and ensure the snapshot is not tampered with. Which steps should they take?

Question 39mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company wants to use Chronicle to ingest logs from their on-premises firewalls into Google Cloud. They need to normalize logs into a common schema for analysis. Which Chronicle capability should they use?

Question 40easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Which type of Cloud Audit Logs must be explicitly enabled and incur additional cost?

Question 41hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer needs to implement a logging pipeline that sends real-time Cloud Audit Logs to a third-party SIEM. They must ensure that if the SIEM is unavailable, logs are not lost. Which approach should they use?

Question 42mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization wants to use Security Command Center to detect misconfigurations in their Google Cloud resources. They need a service that can automatically check for common security issues like open firewall ports and IAM policy violations. Which SCC feature should they enable?

Question 43mediummulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team is setting up Binary Authorization for their GKE clusters. They want to enforce that only images signed by an approved attestor can be deployed. Which TWO of the following are required for this setup?

Question 44hardmulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

An incident responder needs to collect forensic evidence from a compromised Compute Engine instance for later analysis. They want to preserve disk state and network logs. Which THREE actions should they take?

Question 45mediummulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company wants to use Cloud Audit Logs to monitor for security incidents. They need to retain logs for 6 months for analysis and then archive them for 5 years. Which TWO steps should they take?

Question 46easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer wants to monitor all actions that create or modify resources in a Google Cloud project. Which type of audit log is enabled by default and cannot be disabled?

Question 47mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization needs to centralize audit logs from multiple Google Cloud projects into a BigQuery dataset for long-term analysis. They also want to retain raw logs in Cloud Storage for archival purposes. What is the most efficient way to accomplish this?

Question 48hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team uses Security Command Center Premium to detect threats. They want to receive real-time notifications when a finding of type 'Threat' with severity 'CRITICAL' or 'HIGH' is created. Which approach should they use?

Question 49mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization wants to enforce that all container images deployed to a GKE cluster must be signed by an approved authority. They have set up Binary Authorization with a policy that requires attestation. Where should the signing key be stored to meet security best practices?

Question 50easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Which Google Cloud SIEM solution ingests logs from various sources, normalizes them into the Unified Data Model (UDM), and allows detection using YARA-L rules?

Question 51mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team needs to automatically respond to high-severity vulnerability findings in Security Command Center. They want to trigger a Cloud Function that quarantines the affected VM. What is the recommended way to connect SCC findings to Cloud Functions?

Question 52hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

During a security incident, a forensic investigator needs to analyze a compromised Compute Engine instance without affecting the live environment. The instance has persistent disks with critical data. What is the best first step to preserve evidence?

Question 53mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization uses Binary Authorization to enforce that only images signed by an approved attestor are deployed in GKE. They want to allow a specific set of images from a trusted registry to bypass the policy. Which Binary Authorization policy type should they use?

Question 54easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Which of the following is a feature available only in Security Command Center Premium tier, not in Standard tier?

Question 55mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team wants to scan a web application hosted on Compute Engine for vulnerabilities like XSS and outdated libraries. They want the scan to be authenticated to cover areas behind login. Which Google Cloud service and configuration should they use?

Question 56hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company uses Chronicle as their SIEM. They need to ingest logs from an on-premises firewall that does not support direct integration with Chronicle. What is the recommended approach to ingest these logs?

Question 57mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company wants to automate patching of operating system vulnerabilities on their Compute Engine instances. They need a solution that supports both Windows and Linux and can schedule patch deployments with rolling updates. Which service should they use?

Question 58mediummulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

An organization wants to detect and respond to potential data exfiltration attempts via VPC Flow Logs. They plan to export VPC Flow Logs to BigQuery for analysis. Which TWO actions should they take to enable this? (Choose TWO.)

Question 59hardmulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team is designing an incident response workflow for container threats detected by Security Command Center Premium. They want to automatically capture forensic evidence from compromised GKE nodes. Which THREE steps should they include? (Choose THREE.)

Question 60mediummulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company wants to ensure compliance with PCI DSS by monitoring access to BigQuery datasets containing sensitive data. They need to log all read operations and enable real-time alerting for anomalous access. Which TWO actions should they take? (Choose TWO.)

Question 61easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer wants to export all Cloud Audit Logs from a Google Cloud project to a BigQuery dataset for long-term analysis. Which type of log sink should be configured?

Question 62mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Your company uses Security Command Center (SCC) Standard tier and wants to detect threats like cryptocurrency mining or anomalous network behavior in real-time. You need to recommend an upgrade to SCC Premium tier and configure the appropriate module. Which SCC Premium module should be enabled?

Question 63mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A DevOps team wants to enforce that only container images signed by a specific authority can be deployed in a GKE cluster. They plan to use Binary Authorization. Which configuration is required?

Question 64hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

During a security incident, a forensics team needs to capture a disk snapshot of a compromised Compute Engine instance for analysis. They want to ensure the snapshot is consistent and includes data in memory. Which step should be taken before taking the snapshot?

Question 65mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Your organization wants to use Chronicle SIEM to analyze security events from both Google Cloud and on-premises firewalls. They want to normalize firewall logs into a common schema. Which Chronicle feature should they use?

Question 66easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A company needs to archive Cloud Audit Logs for compliance purposes for 7 years. The logs are rarely accessed after the first year. Which storage option is the most cost-effective?

Question 67hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

You need to configure automated remediation for high-severity SCC findings. When a finding of type 'VULNERABILITY' with severity 'HIGH' is created, a Cloud Function should execute a script to patch the vulnerable VM. Which architecture is correct?

Question 68mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security team wants to use Web Security Scanner to find vulnerabilities in their web application hosted on Compute Engine. They need to scan the public-facing URL weekly and receive a report of findings. Which configuration is required?

Question 69mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Your organization uses VPC Flow Logs for network forensics. During an incident, you need to analyze traffic to a compromised instance for the last 72 hours. The Flow Logs are stored in Cloud Logging. Which approach allows you to query the logs most efficiently?

Question 70easymultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A developer wants to be notified when a new vulnerability is found in a container image stored in Artifact Registry. Which service should they configure?

Question 71hardmultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

Your company has hundreds of GKE clusters across multiple projects. You need to ensure that all clusters have Container Threat Detection enabled. Which approach is most scalable?

Question 72mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security analyst needs to mute a recurring false positive finding in Security Command Center so that it no longer appears in the active findings list. The analyst wants to keep the finding for historical reference. What should they do?

Question 73mediummulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

Your company needs to implement real-time monitoring of security events from Google Cloud resources. They want to ingest logs into a third-party SIEM system. Which two services should they use together? (Choose two.)

Question 74hardmulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer is investigating a potential data exfiltration incident. They suspect that a compromised VM is sending sensitive data to an external IP. Which three data sources should they examine to trace the exfiltration? (Choose three.)

Question 75easymulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

Your organization uses VM Manager for patch management. You need to configure patch deployments to run weekly on all Windows VMs. Which two resources must be configured? (Choose two.)

Question 76mediummultiple choice
Read the full Managing Operations in a Cloud Solution Environment explanation →

A security engineer needs to ensure that all container images deployed to a GKE cluster are signed by a trusted authority. The organization uses Cloud KMS for key management and wants to enforce the policy at admission time. Which two components are essential to implement this requirement? (Choose two.)

Question 77mediummulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A financial services company uses Security Command Center (SCC) Premium tier to monitor its GCP environment. The security team wants to automatically respond to high-severity threat findings, such as 'Cryptomining' from Event Threat Detection. The response should include isolating the affected VM by removing its external IP and applying a firewall rule to block egress traffic. Which two steps should the team implement? (Choose two.)

Question 78hardmulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A multinational organization uses Chronicle SIEM to aggregate and analyze security logs from multiple GCP projects and on-premises systems. The security team wants to detect a known threat pattern: a user authenticating from an anomalous geographic location followed by a large data egress from a Compute Engine instance within 10 minutes. Which three steps are necessary to create this detection? (Choose three.)

Question 79easymulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A startup uses Cloud SQL for MySQL and wants to implement automated daily backups with a 7-day retention period. The database is 50 GB and experiences moderate write traffic. The team wants to minimize cost and operational overhead. Which two actions should they take? (Choose two.)

Question 80hardmulti select
Read the full Managing Operations in a Cloud Solution Environment explanation →

A gaming company deploys a multiplayer game backend on Google Kubernetes Engine (GKE) with multiple microservices. The operations team needs to collect structured logs from containers, analyze them in real-time for anomalies, and store them for 30 days for compliance. They also need to monitor custom application metrics (e.g., player count per game server). Which three Google Cloud services should they use? (Choose three.)

Practice tests

Scored 10-question sessions with instant feedback and explanations.

PCSE Practice Test 1 — 25 Questions→PCSE Practice Test 2 — 25 Questions→PCSE Practice Test 3 — 25 Questions→PCSE Practice Test 4 — 25 Questions→PCSE Practice Test 5 — 25 Questions→PCSE Practice Exam 1 — 20 Questions→PCSE Practice Exam 2 — 20 Questions→PCSE Practice Exam 3 — 20 Questions→PCSE Practice Exam 4 — 20 Questions→Free PCSE Practice Test 1 — 30 Questions→Free PCSE Practice Test 2 — 30 Questions→Free PCSE Practice Test 3 — 30 Questions→PCSE Practice Questions 1 — 50 Questions→PCSE Practice Questions 2 — 50 Questions→PCSE Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Configuring Access Within a Cloud Solution EnvironmentEnsuring Data ProtectionManaging Operations in a Cloud Solution EnvironmentConfiguring Network SecuritySupporting Compliance Requirements

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Managing Operations in a Cloud Solution Environment setsAll Managing Operations in a Cloud Solution Environment questionsPCSE Practice Hub