ExamGecko
Login
Home / Google / Associate Cloud Engineer / List of questions
Ask Question

Google Associate Cloud Engineer Practice Test - Questions Answers, Page 20

List of questions

Question 191

Report
Export
Collapse

You are performing a monthly security check of your Google Cloud environment and want to know who has access to view data stored in your Google Cloud

Project. What should you do?

Enable Audit Logs for all APIs that are related to data storage.
Enable Audit Logs for all APIs that are related to data storage.
Review the IAM permissions for any role that allows for data access. Most Voted
Review the IAM permissions for any role that allows for data access. Most Voted
Review the Identity-Aware Proxy settings for each resource.
Review the Identity-Aware Proxy settings for each resource.
Create a Data Loss Prevention job.
Create a Data Loss Prevention job.
Suggested answer: B

Explanation:

https://cloud.google.com/logging/docs/audit

asked 18/09/2024
Youssef El Akhal
39 questions

Question 192

Report
Export
Collapse

Your company has embraced a hybrid cloud strategy where some of the applications are deployed on Google Cloud. A Virtual Private Network (VPN) tunnel connects your Virtual Private Cloud (VPC) in Google Cloud with your company's on-premises network. Multiple applications in Google Cloud need to connect to an on-premises database server, and you want to avoid having to change the IP configuration in all of your applications when the IP of the database changes.

What should you do?

Configure Cloud NAT for all subnets of your VPC to be used when egressing from the VM instances.
Configure Cloud NAT for all subnets of your VPC to be used when egressing from the VM instances.
Create a private zone on Cloud DNS, and configure the applications with the DNS name.
Create a private zone on Cloud DNS, and configure the applications with the DNS name.
Configure the IP of the database as custom metadata for each instance, and query the metadata server.
Configure the IP of the database as custom metadata for each instance, and query the metadata server.
Query the Compute Engine internal DNS from the applications to retrieve the IP of the database.
Query the Compute Engine internal DNS from the applications to retrieve the IP of the database.
Suggested answer: B

Explanation:

Forwarding zones Cloud DNS forwarding zones let you configure target name servers for specific private zones. Using a forwarding zone is one way to implement outbound DNS forwarding from your VPC network. A Cloud DNS forwarding zone is a special type of Cloud DNS private zone. Instead of creating records within the zone, you specify a set of forwarding targets. Each forwarding target is an IP address of a DNS server, located in your VPC network, or in an on-premises network connected to your VPC network by Cloud VPN or Cloud Interconnect.

https://cloud.google.com/nat/docs/overview

DNS configuration Your on-premises network must have DNS zones and records configured so that Google domain names resolve to the set of IP addresses for either private.googleapis.com or restricted.googleapis.com. You can create Cloud DNS managed private zones and use a Cloud DNS inbound server policy, or you can configure on-premises name servers. For example, you can use BIND or Microsoft Active Directory DNS. https://cloud.google.com/vpc/docs/configure-private-google-access-hybrid#config-domain

asked 18/09/2024
Maria Gervasi
37 questions

Question 193

Report
Export
Collapse

You have experimented with Google Cloud using your own credit card and expensed the costs to your company. Your company wants to streamline the billing process and charge the costs of your projects to their monthly invoice. What should you do?

Grant the financial team the IAM role of Billing Account User on the billing account linked to your credit card.
Grant the financial team the IAM role of Billing Account User on the billing account linked to your credit card.
Set up BigQuery billing export and grant your financial department IAM access to query the data.
Set up BigQuery billing export and grant your financial department IAM access to query the data.
Create a ticket with Google Billing Support to ask them to send the invoice to your company.
Create a ticket with Google Billing Support to ask them to send the invoice to your company.
Change the billing account of your projects to the billing account of your company.
Change the billing account of your projects to the billing account of your company.
Suggested answer: D
asked 18/09/2024
Johan Benavides
42 questions

Question 194

Report
Export
Collapse

Your web application has been running successfully on Cloud Run for Anthos. You want to evaluate an updated version of the application with a specific percentage of your production users (canary deployment). What should you do?

Create a new service with the new version of the application. Split traffic between this version and the version that is currently running.
Create a new service with the new version of the application. Split traffic between this version and the version that is currently running.
Create a new revision with the new version of the application. Split traffic between this version and the version that is currently running.
Create a new revision with the new version of the application. Split traffic between this version and the version that is currently running.
Create a new service with the new version of the application. Add an HTTP Load Balancer in front of both services.
Create a new service with the new version of the application. Add an HTTP Load Balancer in front of both services.
Create a new revision with the new version of the application. Add an HTTP Load Balancer in front of both revisions.
Create a new revision with the new version of the application. Add an HTTP Load Balancer in front of both revisions.
Suggested answer: B

Explanation:

https://cloud.google.com/kuberun/docs/rollouts-rollbacks-traffic-migration

asked 18/09/2024
Zdenek Kugler
32 questions

Question 195

Report
Export
Collapse

Your company developed a mobile game that is deployed on Google Cloud. Gamers are connecting to the game with their personal phones over the Internet. The game sends UDP packets to update the servers about the gamers' actions while they are playing in multiplayer mode. Your game backend can scale over multiple virtual machines (VMs), and you want to expose the VMs over a single IP address. What should you do?

Configure an SSL Proxy load balancer in front of the application servers.
Configure an SSL Proxy load balancer in front of the application servers.
Configure an Internal UDP load balancer in front of the application servers.
Configure an Internal UDP load balancer in front of the application servers.
Configure an External HTTP(s) load balancer in front of the application servers.
Configure an External HTTP(s) load balancer in front of the application servers.
Configure an External Network load balancer in front of the application servers.
Configure an External Network load balancer in front of the application servers.
Suggested answer: D

Explanation:


asked 18/09/2024
Kinzonji Tavares
42 questions

Question 196

Report
Export
Collapse

You are monitoring an application and receive user feedback that a specific error is spiking. You notice that the error is caused by a Service Account having insufficient permissions. You are able to solve the problem but want to be notified if the problem recurs. What should you do?

In the Log Viewer, filter the logs on severity 'Error' and the name of the Service Account.
In the Log Viewer, filter the logs on severity 'Error' and the name of the Service Account.
Create a sink to BigQuery to export all the logs. Create a Data Studio dashboard on the exported logs.
Create a sink to BigQuery to export all the logs. Create a Data Studio dashboard on the exported logs.
Create a custom log-based metric for the specific error to be used in an Alerting Policy.
Create a custom log-based metric for the specific error to be used in an Alerting Policy.
Grant Project Owner access to the Service Account.
Grant Project Owner access to the Service Account.
Suggested answer: C
asked 18/09/2024
Dmitry Balikhin
24 questions

Question 197

Report
Export
Collapse

You are developing a financial trading application that will be used globally. Data is stored and queried using a relational structure, and clients from all over the world should get the exact identical state of the data. The application will be deployed in multiple regions to provide the lowest latency to end users. You need to select a storage option for the application data while minimizing latency. What should you do?


Use Cloud Bigtable for data storage.
Use Cloud Bigtable for data storage.
Use Cloud SQL for data storage.
Use Cloud SQL for data storage.
Use Cloud Spanner for data storage.
Use Cloud Spanner for data storage.
Use Firestore for data storage.
Use Firestore for data storage.
Suggested answer: C

Explanation:

Keywords, Financial data (large data) used globally, data stored and queried using relational structure (SQL), clients should get exact identical copies(Strong Consistency), Multiple region, low latency to end user, select storage option to minimize latency.

asked 18/09/2024
Yan Nguyen
32 questions

Question 198

Report
Export
Collapse

You are about to deploy a new Enterprise Resource Planning (ERP) system on Google Cloud. The application holds the full database in-memory for fast data access, and you need to configure the most appropriate resources on Google Cloud for this application. What should you do?

Provision preemptible Compute Engine instances.
Provision preemptible Compute Engine instances.
Provision Compute Engine instances with GPUs attached.
Provision Compute Engine instances with GPUs attached.
Provision Compute Engine instances with local SSDs attached.
Provision Compute Engine instances with local SSDs attached.
Provision Compute Engine instances with M1 machine type.
Provision Compute Engine instances with M1 machine type.
Suggested answer: D

Explanation:

M1 machine series Medium in-memory databases such as SAP HANA Tasks that require intensive use of memory with higher memory-to-vCPU ratios than the general-purpose high-memory machine types. In-memory databases and in-memory analytics, business warehousing (BW) workloads, genomics analysis, SQL analysis services. Microsoft SQL Server and similar databases.

https://cloud.google.com/compute/docs/machine-types

https://cloud.google.com/compute/docs/machine-types#:~:text=databases%20such%20as-,SAP%20HANA,-In%2Dmemory%20databases

https://www.sap.com/india/products/hana.html#:~:text=is%20SAP%20HANA-,in%2Dmemory,-database%3F

asked 18/09/2024
Fathy Refay
42 questions

Question 199

Report
Export
Collapse

You have developed an application that consists of multiple microservices, with each microservice packaged in its own Docker container image. You want to deploy the entire application on Google Kubernetes Engine so that each microservice can be scaled individually. What should you do?

Create and deploy a Custom Resource Definition per microservice.
Create and deploy a Custom Resource Definition per microservice.
Create and deploy a Docker Compose File.
Create and deploy a Docker Compose File.
Create and deploy a Job per microservice.
Create and deploy a Job per microservice.
Create and deploy a Deployment per microservice.
Create and deploy a Deployment per microservice.
Suggested answer: A

Explanation:


asked 18/09/2024
Olusola Adebayo
44 questions

Question 200

Report
Export
Collapse

You are managing a project for the Business Intelligence (BI) department in your company. A data pipeline ingests data into BigQuery via streaming. You want the users in the BI department to be able to run the custom SQL queries against the latest data in BigQuery. What should you do?

Create a Data Studio dashboard that uses the related BigQuery tables as a source and give the BI team view access to the Data Studio dashboard.
Create a Data Studio dashboard that uses the related BigQuery tables as a source and give the BI team view access to the Data Studio dashboard.
Create a Service Account for the BI team and distribute a new private key to each member of the BI team.
Create a Service Account for the BI team and distribute a new private key to each member of the BI team.
Use Cloud Scheduler to schedule a batch Dataflow job to copy the data from BigQuery to the BI team's internal data warehouse.
Use Cloud Scheduler to schedule a batch Dataflow job to copy the data from BigQuery to the BI team's internal data warehouse.
Assign the IAM role of BigQuery User to a Google Group that contains the members of the BI team.
Assign the IAM role of BigQuery User to a Google Group that contains the members of the BI team.
Suggested answer: D

Explanation:

When applied to a dataset, this role provides the ability to read the dataset's metadata and list tables in the dataset. When applied to a project, this role also provides the ability to run jobs, including queries, within the project. A member with this role can enumerate their own jobs, cancel their own jobs, and enumerate datasets within a project. Additionally, allows the creation of new datasets within the project; the creator is granted the BigQuery Data Owner role (roles/bigquery.dataOwner) on these new datasets.

https://cloud.google.com/bigquery/docs/access-control

asked 18/09/2024
Louis Flink
43 questions
Total 296 questions
Go to page: of 30
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You've deployed a microservice called myapp1 to a Google Kubernetes Engine cluster using the YAML file specified below: You need to refactor this configuration so that the database password is not stored in plain text. You want to follow Google-recommended practices. What should you do?
You create a Deployment with 2 replicas in a Google Kubernetes Engine cluster that has a single preemptible node pool. After a few minutes, you use kubectl to examine the status of your Pod and observe that one of them is still in Pending status: What is the most likely cause?
You need to create a copy of a custom Compute Engine virtual machine (VM) to facilitate an expected increase in application traffic due to a business acquisition. What should you do?
Your Dataproc cluster runs in a single Virtual Private Cloud (VPC) network in a single subnet with range 172.16.20.128/25. There are no private IP addresses available in the VPC network. You want to add new VMs to communicate with your cluster using the minimum number of steps. What should you do?
You are building an archival solution for your data warehouse and have selected Cloud Storage to archive your dat
Users of your application are complaining of slowness when loading the application. You realize the slowness is because the App Engine deployment serving the application is deployed in us-central whereas all users of this application are closest to europe-west3. You want to change the region of the App Engine application to europe-west3 to minimize latency. What's the best way to change the App Engine region?
You have deployed an application on a single Compute Engine instance. The application writes logs to disk. Users start reporting errors with the application. You want to diagnose the problem. What should you do?
You want to configure 10 Compute Engine instances for availability when maintenance occurs. Your requirements state that these instances should attempt to automatically restart if they crash. Also, the instances should be highly available including during system maintenance. What should you do?
You have downloaded and installed the gcloud command line interface (CLI) and have authenticated with your Google Account. Most of your Compute Engine instances in your project run in the europe-west1-d zone. You want to avoid having to specify this zone with each CLI command when managing these instances. What should you do?
You are analyzing Google Cloud Platform service costs from three separate projects. You want to use this information to create service cost estimates by service type, daily and monthly, for the next six months using standard query syntax. What should you do?