🔒 Configuring Access and Security - ACE Practice Questions

Understand IAM custom roles, service accounts, VPC firewall rules, audit logs, and managing access to GCP resources securely.

5Questions Available
1Exam Domains

Practice Access & Security Questions Now

Start a timed practice session focusing on Configuring Access and Security topics from the ACE question bank.

Start ACE Practice Quiz →

ACE Access & Security Question Bank (5 Questions)

Browse all 5 practice questions covering Configuring Access and Security for the ACE certification exam. Answers are intentionally hidden on this page so you can self-test first before checking results in quiz mode.

  1. Question 1Configuring Access and Security

    What is the difference between basic roles, predefined roles, and custom roles in Google Cloud IAM?

    AThey are all the same
    BBasic roles (Owner/Editor/Viewer) are broad; predefined roles are service-specific with fine-grained permissions; custom roles let you define exact permissions
    CCustom roles are less secure
    DOnly basic roles exist

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start ACE Quiz
  2. Question 2Configuring Access and Security

    How do you allow HTTP traffic to VMs tagged 'web-server' in a VPC?

    AOpen all ports
    BCreate an ingress firewall rule: gcloud compute firewall-rules create allow-http --network=VPC --allow=tcp:80 --target-tags=web-server --source-ranges=0.0.0.0/0
    CDisable the firewall
    DUse Cloud NAT

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start ACE Quiz
  3. Question 3Configuring Access and Security

    What is the purpose of VPC firewall rules?

    AEncrypt data in transit
    BControl ingress and egress traffic to/from VM instances based on IP, protocol, and port
    CManage DNS records
    DConfigure load balancers

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start ACE Quiz
  4. Question 4Configuring Access and Security

    What are predefined roles vs. custom roles in IAM?

    ANo difference
    BPredefined roles are Google-maintained collections of permissions for common tasks; custom roles are user-defined with specific permissions
    CPredefined are more secure
    DCustom roles can't be used in production

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start ACE Quiz
  5. Question 5Configuring Access and Security

    What are VPC firewall rules?

    APhysical firewalls
    BDistributed, stateful firewall rules that control ingress and egress traffic to VM instances based on IP ranges, protocols, ports, tags, and service accounts
    CWAF rules
    DDNS rules

    Answer hidden for practice.

    Use the interactive quiz to reveal the correct answer and explanation.

    Start ACE Quiz

Key Access & Security Concepts for ACE

iamcustom roleservice accountfirewallaudit logvpcsecurityencryption

ACE Access & Security Exam Tips

Configuring Access and Security questions in ACE are typically scenario-based. Focus on service-level decision making aligned to official exam objectives. Priority concepts: iam, custom role, service account, firewall, audit log, vpc.

What ACE Expects

  • Anchor your answer in select the most practical, secure, and scalable answer for the stated scenario.
  • Access & Security scenarios for ACE are frequently mapped to Domain 5 (~15%), so read the objective carefully before picking controls or architecture.
  • Expect multi-topic scenarios where Access & Security interacts with IAM, networking, data, or operations patterns rather than appearing as an isolated question.
  • When two options are both technically valid, prefer the choice that best aligns with the exam's operational scope (Associate) and vendor best practices.

High-Value Access & Security Concepts

  • Know the core Access & Security building blocks cold: iam, custom role, service account, firewall.
  • Review the edge-case features and limits for audit log, vpc; these details are commonly used to differentiate answer choices.
  • Practice service-integration reasoning: how Access & Security pairs with Cloud Environment, Operations in real deployment patterns.
  • For ACE, explain why the chosen Access & Security design meets reliability, security, and cost expectations better than the alternatives.

Common ACE Traps

  • Watch for answers that partially solve the requirement but miss operational constraints.
  • Questions in Configuring Access and Security often include distractors that look correct for Access & Security but violate least-privilege, reliability, or scalability requirements.
  • Avoid picking options purely by feature name; validate data path, failure handling, and governance impact before answering.
  • If the prompt hints at automation or repeatability, eliminate manual-only operational answers first.

Fast Review Checklist

  • Can you compare at least two Access & Security implementation paths and justify which one best fits the scenario?
  • Can you map the chosen answer back to Configuring Access and Security (~15%) outcomes for ACE?
  • Can you explain security and access boundaries for Access & Security without relying on default-open assumptions?
  • Can you describe how Access & Security integrates with Cloud Environment and Operations during failure, scaling, and monitoring events?

Exam Domains Covering Access & Security

Domain 5Configuring Access and Security~15%

Related Resources

🎯 Free ACE Mock Exam Cloud Environment Questions Operations Questions

More ACE Study Resources

← ACE Study Hub30-Day Study PlanFull Practice Exam