Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

GCP Certified Google Cloud Certification > Claud Shell commands-Virtual Networks Module 1.2.5 > Flashcards

Claud Shell commands-Virtual Networks Module 1.2.5 Flashcards

(39 cards)

Start Studying
1
Q

create the privatenet

A

gcloud compute networks create privatenet –subnet-mode=custom

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

create the privatesubnet-us subnet

A

gcloud compute networks subnets create privatesubnet-us –network=privatenet –region=Lab region –range=172.16.0.0/24

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

list the available VPC networks

A

gcloud compute networks list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

To list the available VPC subnets (sorted by VPC network)

A

gcloud compute networks subnets list –sort-by=NETWORK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

create the privatenet-allow-icmp-ssh-rdp firewall rule

A

gcloud compute firewall-rules create privatenet-allow-icmp-ssh-rdp –direction=INGRESS –priority=1000 –network=privatenet –action=ALLOW –rules=icmp,tcp:22,tcp:3389 –source-ranges=0.0.0.0/0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

list all the firewall rules

A

gcloud compute firewall-rules list –sort-by=NETWORK

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

create the privatenet-us-vm instance

A

gcloud compute instances create privatenet-us-vm –zone=Lab Zone –machine-type=e2-micro –subnet=privatesubnet-us –image-family=debian-11 –image-project=debian-cloud –boot-disk-size=10GB –boot-disk-type=pd-standard –boot-disk-device-name=privatenet-us-vm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

all the VM instances (sorted by zone)

A

gcloud compute instances list –sort-by=ZONE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ssh to vm-internal through IAP tunel

A

gcloud compute ssh vm-internal –zone us-central1-c –tunnel-through-iap.

iap needs to be enabled by firewall
If instance doesn’t have external IP we can’t simple ssh to it from cloud shel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

set the project Id

A

gcloud config set project [projectID]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Copy an image from a public Cloud Storage bucket to your own bucket.

A

gsutil cp gs://cloud-training/gcpnet/private/access.svg gs://$MY_BUCKET

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

cloud bucket get the default access list that’s been assigned to setup.html

A

gsutil acl get gs://$BUCKET_NAME_1/setup.html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

cloud bucket set the access list to private

A

gsutil acl set private gs://$BUCKET_NAME_1/setup.html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

cloud bucket update the access list to make the file publicly readable

A

gsutil acl ch -u AllUsers:R gs://$BUCKET_NAME_1/setup.html

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

cloud bucket create boto file for configuring your own encryption keys

A

gsutil config -n

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

cloud bucket add own encryption keys to bucket conf

Study These Flashcards
A

add key generated by

python3 -c ‘import base64; import os; print(base64.encodebytes(os.urandom(32)))’

to boto file and it is used automatically when uploading files to the bucket

17
Q

cloud bucket rewrite a file

Study These Flashcards
A

When a file is encrypted, rewriting the file decrypts it
gsutil rewrite -k gs://$BUCKET_NAME_1/setup.html
Co

18
Q

cloud bucket view cloud lifecycle policy

Study These Flashcards
A

view the current lifecycle policy

19
Q

cloud bucket set lifecycle policy

Study These Flashcards
A

gsutil lifecycle set life.json gs://$BUCKET_NAME_1
Copie

20
Q

cloud bucket view the current versioning status

Study These Flashcards
A

gsutil versioning get gs://$BUCKET_NAME_1

21
Q

cloud bucket enable versioning

Study These Flashcards
A

gsutil versioning set on gs://$BUCKET_NAME_1

22
Q

synchronise a directory to a bucket

Study These Flashcards
A

gsutil rsync -r ./firstlevel

23
Q

authorize the VM to use the Google Cloud API

Study These Flashcards
A

gcloud auth activate-service-account –key-file credentials.json

24
Q

deploy the application to App Engine using yaml file

Study These Flashcards
A

gcloud app deploy app.yaml

25
create a VPC network called vpc-demo
gcloud compute networks create vpc-demo --subnet-mode custom
26
create subnet vpc-demo-subnet1 in the region
gcloud compute networks subnets create vpc-demo-subnet1 \ --network vpc-demo --range 10.1.1.0/24 --region "filled at lab start"
27
Create a firewall rule to allow all custom traffic within the network:
gcloud compute firewall-rules create vpc-demo-allow-custom \ --network vpc-demo \ --allow tcp:0-65535,udp:0-65535,icmp \ --source-ranges 10.0.0.0/8
28
Create a firewall rule to allow SSH, ICMP traffic from anywhere:
gcloud compute firewall-rules create vpc-demo-allow-ssh-icmp \ --network vpc-demo \ --allow tcp:22,icmp
29
Create a VM instance vpc-demo-instance1 in zone
gcloud compute instances create vpc-demo-instance1 --machine-type=e2-medium --zone "filled at lab start" --subnet vpc-demo-subnet1
30
create an HA VPN in the vpc-demo network:
gcloud compute vpn-gateways create vpc-demo-vpn-gw1 --network vpc-demo --region "filled at lab start"
31
View details of the vpc-demo-vpn-gw1 gateway to verify its settings:
gcloud compute vpn-gateways describe vpc-demo-vpn-gw1 --region "filled at lab start"
32
Create a cloud router in the vpc-demo network
gcloud compute routers create vpc-demo-router1 \ --region "filled at lab start" \ --network vpc-demo \ --asn 65001
33
Create the first VPN tunnel in the vpc-demo network:
gcloud compute vpn-tunnels create vpc-demo-tunnel0 \ --peer-gcp-gateway on-prem-vpn-gw1 \ --region "filled at lab start" \ --ike-version 2 \ --shared-secret [SHARED_SECRET] \ --router vpc-demo-router1 \ --vpn-gateway vpc-demo-vpn-gw1 \ --interface 0
34
Create the second VPN tunnel in the vpc-demo network
gcloud compute vpn-tunnels create vpc-demo-tunnel1 \ --peer-gcp-gateway on-prem-vpn-gw1 \ --region "filled at lab start" \ --ike-version 2 \ --shared-secret [SHARED_SECRET] \ --router vpc-demo-router1 \ --vpn-gateway vpc-demo-vpn-gw1 \ --interface 1
35
Create the router interface for tunnel0 in network vpc-demo
gcloud compute routers add-interface vpc-demo-router1 \ --interface-name if-tunnel0-to-on-prem \ --ip-address 169.254.0.1 \ --mask-length 30 \ --vpn-tunnel vpc-demo-tunnel0 \ --region "filled at lab start"
36
Create the BGP peer for tunnel0 in network vpc-demo:
gcloud compute routers add-bgp-peer vpc-demo-router1 \ --peer-name bgp-on-prem-tunnel0 \ --interface if-tunnel0-to-on-prem \ --peer-ip-address 169.254.0.2 \ --peer-asn 65002 \ --region "filled at lab start"
37
Allow traffic from network VPC on-prem to vpc-demo:
gcloud compute firewall-rules create vpc-demo-allow-subnets-from-on-prem \ --network vpc-demo \ --allow tcp,udp,icmp \ --source-ranges 192.168.1.0/24
38
List the VPN tunnels you just created
gcloud compute vpn-tunnels list
39

GCP Certified Google Cloud Certification (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions