ExamGecko
Search Search Login
Home Home / Google / Associate Cloud Engineer

Google Associate Cloud Engineer Practice Test - Questions Answers, Page 11

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You are building an archival solution for your data warehouse and have selected Cloud Storage to archive your dat
You need to create a copy of a custom Compute Engine virtual machine (VM) to facilitate an expected increase in application traffic due to a business acquisition. What should you do?
Users of your application are complaining of slowness when loading the application. You realize the slowness is because the App Engine deployment serving the application is deployed in us-central whereas all users of this application are closest to europe-west3. You want to change the region of the App Engine application to europe-west3 to minimize latency. What's the best way to change the App Engine region?
You are developing a new application and are looking for a Jenkins installation to build and deploy your source code. You want to automate the installation as quickly and easily as possible. What should you do?
You have one GCP account running in your default region and zone and another account running in a non-default region and zone. You want to start a new Compute Engine instance in these two Google Cloud Platform accounts using the command line interface. What should you do?
You have production and test workloads that you want to deploy on Compute Engine. Production VMs need to be in a different subnet than the test VMs. All the VMs must be able to reach each other over internal IP without creating additional routes. You need to set up VPC and the 2 subnets. Which configuration meets these requirements?
You create a Deployment with 2 replicas in a Google Kubernetes Engine cluster that has a single preemptible node pool. After a few minutes, you use kubectl to examine the status of your Pod and observe that one of them is still in Pending status: What is the most likely cause?
You have a development project with appropriate IAM roles defined. You are creating a production project and want to have the same IAM roles on the new project, using the fewest possible steps. What should you do?
You want to configure autohealing for network load balancing for a group of Compute Engine instances that run in multiple zones, using the fewest possible steps. You need to configure re-creation of VMs if they are unresponsive after 3 attempts of 10 seconds each. What should you do?
Your company uses BigQuery to store and analyze data. Upon submitting your query in BigQuery, the query fails with a quotaExceeded error. You need to diagnose the issue causing the error. What should you do? Choose 2 answers

Question 101

Report
Export
Collapse

You need to host an application on a Compute Engine instance in a project shared with other teams. You want to prevent the other teams from accidentally causing downtime on that application. Which feature should you use?

A.
Use a Shielded VM.
A.
Use a Shielded VM.
Answers
B.
Use a Preemptible VM.
B.
Use a Preemptible VM.
Answers
C.
Use a sole-tenant node.
C.
Use a sole-tenant node.
Answers
D.
Enable deletion protection on the instance.
D.
Enable deletion protection on the instance.
Answers
Suggested answer: D

Explanation:

As part of your workload, there might be certain VM instances that are critical to running your application or services, such as an instance running a SQL server, a server used as a license manager, and so on. These VM instances might need to stay running indefinitely so you need a way to protect these VMs from being deleted. By setting the deletionProtection flag, a VM instance can be protected from accidental deletion. If a user attempts to delete a VM instance for which you have set the deletionProtection flag, the request fails. Only a user that has been granted a role with compute.instances.create permission can reset the flag to allow the resource to be deleted. Ref:https://cloud.google.com/compute/docs/instances/preventing-accidental-vm-deletion

Question 102

Report
Export
Collapse

Your organization needs to grant users access to query datasets in BigQuery but prevent them from accidentally deleting the datasets. You want a solution that follows Google-recommended practices. What should you do?

A.
Add users to roles/bigquery user role only, instead of roles/bigquery dataOwner.
A.
Add users to roles/bigquery user role only, instead of roles/bigquery dataOwner.
Answers
B.
Add users to roles/bigquery dataEditor role only, instead of roles/bigquery dataOwner.
B.
Add users to roles/bigquery dataEditor role only, instead of roles/bigquery dataOwner.
Answers
C.
Create a custom role by removing delete permissions, and add users to that role only.
C.
Create a custom role by removing delete permissions, and add users to that role only.
Answers
D.
Create a custom role by removing delete permissions. Add users to the group, and then add the group to the custom role.
D.
Create a custom role by removing delete permissions. Add users to the group, and then add the group to the custom role.
Answers
Suggested answer: D

Explanation:

https://cloud.google.com/bigquery/docs/access-control#custom_roles

Custom roles enable you to enforce the principle of least privilege, ensuring that the user and service accounts in your organization have only the permissions essential to performing their intended functions.

Question 103

Report
Export
Collapse

You have a developer laptop with the Cloud SDK installed on Ubuntu. The Cloud SDK was installed from the Google Cloud Ubuntu package repository. You want to test your application locally on your laptop with Cloud Datastore. What should you do?

A.
Export Cloud Datastore data using gcloud datastore export.
A.
Export Cloud Datastore data using gcloud datastore export.
Answers
B.
Create a Cloud Datastore index using gcloud datastore indexes create.
B.
Create a Cloud Datastore index using gcloud datastore indexes create.
Answers
C.
Install the google-cloud-sdk-datastore-emulator component using the apt get install command.
C.
Install the google-cloud-sdk-datastore-emulator component using the apt get install command.
Answers
D.
Install the cloud-datastore-emulator component using the gcloud components install command.
D.
Install the cloud-datastore-emulator component using the gcloud components install command.
Answers
Suggested answer: D

Explanation:

The Datastore emulator provides local emulation of the production Datastore environment. You can use the emulator to develop and test your application locally Ref:https://cloud.google.com/datastore/docs/tools/datastore-emulator

Question 104

Report
Export
Collapse

Your company set up a complex organizational structure on Google Could Platform. The structure includes hundreds of folders and projects. Only a few team members should be able to view the hierarchical structure. You need to assign minimum permissions to these team members and you want to follow Google-recommended practices. What should you do?

A.
Add the users to roles/browser role.
A.
Add the users to roles/browser role.
Answers
B.
Add the users to roles/iam.roleViewer role.
B.
Add the users to roles/iam.roleViewer role.
Answers
C.
Add the users to a group, and add this group to roles/browser role.
C.
Add the users to a group, and add this group to roles/browser role.
Answers
D.
Add the users to a group, and add this group to roles/iam.roleViewer role.
D.
Add the users to a group, and add this group to roles/iam.roleViewer role.
Answers
Suggested answer: C

Explanation:


Question 105

Report
Export
Collapse

Your company has a single sign-on (SSO) identity provider that supports Security Assertion Markup Language (SAML) integration with service providers. Your company has users in Cloud Identity. You would like users to authenticate using your company's SSO provider. What should you do?

A.
In Cloud Identity, set up SSO with Google as an identity provider to access custom SAML apps.
A.
In Cloud Identity, set up SSO with Google as an identity provider to access custom SAML apps.
Answers
B.
In Cloud Identity, set up SSO with a third-party identity provider with Google as a service provider.
B.
In Cloud Identity, set up SSO with a third-party identity provider with Google as a service provider.
Answers
C.
Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Mobile & Desktop Apps.
C.
Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Mobile & Desktop Apps.
Answers
D.
Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Web Server Applications.
D.
Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Web Server Applications.
Answers
Suggested answer: B

Explanation:

https://support.google.com/cloudidentity/answer/6262987?hl=en&ref_topic=7558767

Question 106

Report
Export
Collapse

Your organization has a dedicated person who creates and manages all service accounts for Google Cloud projects. You need to assign this person the minimum role for projects. What should you do?

A.
Add the user to roles/iam.roleAdmin role.
A.
Add the user to roles/iam.roleAdmin role.
Answers
B.
Add the user to roles/iam.securityAdmin role.
B.
Add the user to roles/iam.securityAdmin role.
Answers
C.
Add the user to roles/iam.serviceAccountUser role.
C.
Add the user to roles/iam.serviceAccountUser role.
Answers
D.
Add the user to roles/iam.serviceAccountAdmin role.
D.
Add the user to roles/iam.serviceAccountAdmin role.
Answers
Suggested answer: D

Explanation:

Service Account User (roles/iam.serviceAccountUser): Includes permissions to list service accounts, get details about a service account, and impersonate a service account. Service Account Admin (roles/iam.serviceAccountAdmin): Includes permissions to list service accounts and get details about a service account. Also includes permissions to create, update, and delete service accounts, and to view or change the IAM policy on a service account.

Question 107

Report
Export
Collapse

You are building an archival solution for your data warehouse and have selected Cloud Storage to archive your dat

A.
Your users need to be able to access this archived data once a quarter for some regulatory requirements. You want to select a cost-efficient option. Which storage option should you use?
A.
Your users need to be able to access this archived data once a quarter for some regulatory requirements. You want to select a cost-efficient option. Which storage option should you use?
Answers
B.
Coldline Storage
B.
Coldline Storage
Answers
C.
Nearline Storage
C.
Nearline Storage
Answers
D.
Regional Storage
D.
Regional Storage
Answers
E.
Multi-Regional Storage
E.
Multi-Regional Storage
Answers
Suggested answer: A

Explanation:

Coldline Storage is a very-low-cost, highly durable storage service for storing infrequently accessed data. Coldline Storage is ideal for data you plan to read or modify at most once a quarter. Since we have a requirement to access data once a quarter and want to go with the most cost-efficient option, we should select Coldline Storage.

Ref:https://cloud.google.com/storage/docs/storage-classes#coldline

Question 108

Report
Export
Collapse

A team of data scientists infrequently needs to use a Google Kubernetes Engine (GKE) cluster that you manage. They require GPUs for some long-running, non-restartable jobs. You want to minimize cost. What should you do?

A.
Enable node auto-provisioning on the GKE cluster.
A.
Enable node auto-provisioning on the GKE cluster.
Answers
B.
Create a VerticalPodAutscaler for those workloads.
B.
Create a VerticalPodAutscaler for those workloads.
Answers
C.
Create a node pool with preemptible VMs and GPUs attached to those VMs.
C.
Create a node pool with preemptible VMs and GPUs attached to those VMs.
Answers
D.
Create a node pool of instances with GPUs, and enable autoscaling on this node pool with a minimum size of 1.
D.
Create a node pool of instances with GPUs, and enable autoscaling on this node pool with a minimum size of 1.
Answers
Suggested answer: A

Explanation:

auto-provisioning = Attaches and deletes node pools to cluster based on the requirements. Hence creating a GPU node pool, and auto-scaling would be better https://cloud.google.com/kubernetes-engine/docs/how-to/node-auto-provisioning

Question 109

Report
Export
Collapse

Your organization has user identities in Active Directory. Your organization wants to use Active Directory as their source of truth for identities. Your organization wants to have full control over the Google accounts used by employees for all Google services, including your Google Cloud Platform (GCP) organization. What should you do?

A.
Use Google Cloud Directory Sync (GCDS) to synchronize users into Cloud Identity.
A.
Use Google Cloud Directory Sync (GCDS) to synchronize users into Cloud Identity.
Answers
B.
Use the cloud Identity APIs and write a script to synchronize users to Cloud Identity.
B.
Use the cloud Identity APIs and write a script to synchronize users to Cloud Identity.
Answers
C.
Export users from Active Directory as a CSV and import them to Cloud Identity via the Admin Console.
C.
Export users from Active Directory as a CSV and import them to Cloud Identity via the Admin Console.
Answers
D.
Ask each employee to create a Google account using self signup. Require that each employee use their company email address and password.
D.
Ask each employee to create a Google account using self signup. Require that each employee use their company email address and password.
Answers
Suggested answer: A

Explanation:

Directory Sync Google Cloud Directory Sync enables administrators to synchronize users, groups and other data from an Active Directory/LDAP service to their Google Cloud domain directory https://tools.google.com/dlpage/dirsync/

Question 110

Report
Export
Collapse

You have successfully created a development environment in a project for an application. This application uses Compute Engine and Cloud SQL. Now, you need to create a production environment for this application.

The security team has forbidden the existence of network routes between these 2 environments, and asks you to follow Google-recommended practices. What should you do?

A.
Create a new project, enable the Compute Engine and Cloud SQL APIs in that project, and replicate the setup you have created in the development environment.
A.
Create a new project, enable the Compute Engine and Cloud SQL APIs in that project, and replicate the setup you have created in the development environment.
Answers
B.
Create a new production subnet in the existing VPC and a new production Cloud SQL instance in your existing project, and deploy your application using those resources.
B.
Create a new production subnet in the existing VPC and a new production Cloud SQL instance in your existing project, and deploy your application using those resources.
Answers
C.
Create a new project, modify your existing VPC to be a Shared VPC, share that VPC with your new project, and replicate the setup you have in the development environment in that new project, in the Shared VPC.
C.
Create a new project, modify your existing VPC to be a Shared VPC, share that VPC with your new project, and replicate the setup you have in the development environment in that new project, in the Shared VPC.
Answers
D.
Ask the security team to grant you the Project Editor role in an existing production project used by another division of your company. Once they grant you that role, replicate the setup you have in the development environment in that project.
D.
Ask the security team to grant you the Project Editor role in an existing production project used by another division of your company. Once they grant you that role, replicate the setup you have in the development environment in that project.
Answers
Suggested answer: A

Explanation:

This aligns with Googles recommended practices. By creating a new project, we achieve complete isolation between development and production environments; as well as isolate this production application from production applications of other departments.

Ref:https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#define-hierarchy

Total 289 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms