ExamGecko
Login
Home / Google / Associate Cloud Engineer / List of questions
Ask Question

Google Associate Cloud Engineer Practice Test - Questions Answers, Page 21

List of questions

Question 201

Report
Export
Collapse

Your company is moving its entire workload to Compute Engine. Some servers should be accessible through the Internet, and other servers should only be accessible over the internal network. All servers need to be able to talk to each other over specific ports and protocols. The current on-premises network relies on a demilitarized zone (DMZ) for the public servers and a Local Area Network (LAN) for the private servers. You need to design the networking infrastructure on

Google Cloud to match these requirements. What should you do?

1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ.
1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ.
1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public egress traffic for the DMZ.
1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public egress traffic for the DMZ.
1. Create a VPC with a subnet for the DMZ and another VPC with a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ.
1. Create a VPC with a subnet for the DMZ and another VPC with a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ.
1. Create a VPC with a subnet for the DMZ and another VPC with a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public egress traffic for the DMZ.
1. Create a VPC with a subnet for the DMZ and another VPC with a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public egress traffic for the DMZ.
Suggested answer: C

Explanation:

https://cloud.google.com/vpc/docs/vpc-peering

asked 18/09/2024
Wojciech Romaldowski
43 questions

Question 202

Report
Export
Collapse

You have created a new project in Google Cloud through the gcloud command line interface (CLI) and linked a billing account. You need to create a new Compute

Engine instance using the CLI. You need to perform the prerequisite steps. What should you do?

Create a Cloud Monitoring Workspace.
Create a Cloud Monitoring Workspace.
Create a VPC network in the project.
Create a VPC network in the project.
Enable the compute googleapis.com API.
Enable the compute googleapis.com API.
Grant yourself the IAM role of Computer Admin.
Grant yourself the IAM role of Computer Admin.
Suggested answer: D
asked 18/09/2024
Oliver Mark
36 questions

Question 203

Report
Export
Collapse

Your company has developed a new application that consists of multiple microservices. You want to deploy the application to Google Kubernetes Engine (GKE), and you want to ensure that the cluster can scale as more applications are deployed in the future. You want to avoid manual intervention when each new application is deployed. What should you do?

Deploy the application on GKE, and add a HorizontalPodAutoscaler to the deployment.
Deploy the application on GKE, and add a HorizontalPodAutoscaler to the deployment.
Deploy the application on GKE, and add a VerticalPodAutoscaler to the deployment.
Deploy the application on GKE, and add a VerticalPodAutoscaler to the deployment.
Create a GKE cluster with autoscaling enabled on the node pool. Set a minimum and maximum for the size of the node pool.
Create a GKE cluster with autoscaling enabled on the node pool. Set a minimum and maximum for the size of the node pool.
Create a separate node pool for each application, and deploy each application to its dedicated node pool.
Create a separate node pool for each application, and deploy each application to its dedicated node pool.
Suggested answer: C

Explanation:

https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-autoscaler#adding_a_node_pool_with_autoscaling

asked 18/09/2024
Adrian Chirtoc
42 questions

Question 204

Report
Export
Collapse

Your coworker has helped you set up several configurations for gcloud. You've noticed that you're running commands against the wrong project. Being new to the company, you haven't yet memorized any of the projects. With the fewest steps possible, what's the fastest way to switch to the correct configuration?

Run gcloud configurations list followed by gcloud configurations activate .
Run gcloud configurations list followed by gcloud configurations activate .
Run gcloud config list followed by gcloud config activate.
Run gcloud config list followed by gcloud config activate.
Run gcloud config configurations list followed by gcloud config configurations activate.
Run gcloud config configurations list followed by gcloud config configurations activate.
Re-authenticate with the gcloud auth login command and select the correct configurations on login.
Re-authenticate with the gcloud auth login command and select the correct configurations on login.
Suggested answer: C

Explanation:

as gcloud config configurations list can help check for the existing configurations and activate can help switch to the configuration.

gcloud config configurations list lists existing named configurations

gcloud config configurations activate activates an existing named configuration

Obtains access credentials for your user account via a web-based authorization flow. When this command completes successfully, it sets the active account in the current configuration to the account specified. If no configuration exists, it creates a configuration named default.

asked 18/09/2024
K W
25 questions

Question 205

Report
Export
Collapse

The storage costs for your application logs have far exceeded the project budget. The logs are currently being retained indefinitely in the Cloud Storage bucket myapp-gcp-ace-logs. You have been asked to remove logs older than 90 days from your Cloud Storage bucket. You want to optimize ongoing Cloud Storage spend. What should you do?

Write a script that runs gsutil Is -| -- gs://myapp-gcp-ace-logs/** to find and remove items older than 90 days. Schedule the script with cron.
Write a script that runs gsutil Is -| -- gs://myapp-gcp-ace-logs/** to find and remove items older than 90 days. Schedule the script with cron.
Write a lifecycle management rule in JSON and push it to the bucket with gsutil lifecycle set config-json-file.
Write a lifecycle management rule in JSON and push it to the bucket with gsutil lifecycle set config-json-file.
Write a lifecycle management rule in XML and push it to the bucket with gsutil lifecycle set config-xml-file.
Write a lifecycle management rule in XML and push it to the bucket with gsutil lifecycle set config-xml-file.
Write a script that runs gsutil Is -Ir gs://myapp-gcp-ace-logs/** to find and remove items older than 90 days. Repeat this process every morning.
Write a script that runs gsutil Is -Ir gs://myapp-gcp-ace-logs/** to find and remove items older than 90 days. Repeat this process every morning.
Suggested answer: B

Explanation:

You write a lifecycle management rule in XML and push it to the bucket with gsutil lifecycle set config-xml-file. is not right.

gsutil lifecycle set enables you to set the lifecycle configuration on one or more buckets based on the configuration file provided. However, XML is not a valid supported type for the configuration file.

Ref:https://cloud.google.com/storage/docs/gsutil/commands/lifecycle

Write a script that runsgsutil ls -lr gs://myapp-gcp-ace-logs/**to find and remove items older than 90 days. Repeat this process every morning. is not right.

This manual approach is error-prone, time-consuming and expensive. GCP Cloud Storage provides lifecycle management rules that let you achieve this with minimal effort.

Write a script that runsgsutil ls -l gs://myapp-gcp-ace-logs/**to find and remove items older than 90 days. Schedule the script with cron. is not right.

This manual approach is error-prone, time-consuming and expensive. GCP Cloud Storage provides lifecycle management rules that let you achieve this with minimal effort.

Write a lifecycle management rule in JSON and push it to the bucket with gsutil lifecycle set config-json-file. is the right answer.

You can assign a lifecycle management configuration to a bucket. The configuration contains a set of rules which apply to current and future objects in the bucket. When an object meets the criteria of one of the rules, Cloud Storage automatically performs a specified action on the object. One of the supported actions is to Delete objects. You can set up a lifecycle management to delete objects older than 90 days. gsutil lifecycle set enables you to set the lifecycle configuration on the bucket based on the configuration file. JSON is the only supported type for the configuration file. The config-json-file specified on the command line should be a path to a local file containing the lifecycle configuration JSON document.

Ref:https://cloud.google.com/storage/docs/gsutil/commands/lifecycle

Ref:https://cloud.google.com/storage/docs/lifecycle

asked 18/09/2024
Peter Stones
39 questions

Question 206

Report
Export
Collapse

Users of your application are complaining of slowness when loading the application. You realize the slowness is because the App Engine deployment serving the application is deployed in us-central whereas all users of this application are closest to europe-west3. You want to change the region of the App Engine application to europe-west3 to minimize latency. What's the best way to change the App Engine region?

Create a new project and create an App Engine instance in europe-west3
Create a new project and create an App Engine instance in europe-west3
Use the gcloud app region set command and supply the name of the new region.
Use the gcloud app region set command and supply the name of the new region.
From the console, under the App Engine page, click edit, and change the region drop-down.
From the console, under the App Engine page, click edit, and change the region drop-down.
Contact Google Cloud Support and request the change.
Contact Google Cloud Support and request the change.
Suggested answer: A

Explanation:

App engine is a regional service, which means the infrastructure that runs your app(s) is located in a specific region and is managed by Google to be redundantly available across all the zones within that region. Once an app engine deployment is created in a region, it cant be changed. The only way is to create a new project and create an App Engine instance in europe-west3, send all user traffic to this instance and delete the app engine instance in us-central.

Ref:https://cloud.google.com/appengine/docs/locations

asked 18/09/2024
sailakshmi KM
41 questions

Question 207

Report
Export
Collapse

A company wants to build an application that stores images in a Cloud Storage bucket and wants to generate thumbnails as well as resize the images. They want to use a google managed service that can scale up and scale down to zero automatically with minimal effort. You have been asked to recommend a service. Which GCP service would you suggest?

Google Compute Engine
Google Compute Engine
Google App Engine
Google App Engine
Cloud Functions
Cloud Functions
Google Kubernetes Engine
Google Kubernetes Engine
Suggested answer: C

Explanation:

Google Associate Cloud Engineer image Question 207 explanation 27722 09182024191153000000

Cloud Functions is Google Cloud's event-driven serverless compute platform. It automatically scales based on the load and requires no additional configuration. You pay only for the resources used.

Ref:https://cloud.google.com/functions

While all other options i.e. Google Compute Engine, Google Kubernetes Engine, Google App Engine support autoscaling, it needs to be configured explicitly based on the load and is not as trivial as the scale up or scale down offered by Google's cloud functions.

asked 18/09/2024
jing xue
37 questions

Question 208

Report
Export
Collapse

You are designing an application that lets users upload and share photos. You expect your application to grow really fast and you are targeting a worldwide audience. You want to delete uploaded photos after 30 days. You want to minimize costs while ensuring your application is highly available. Which GCP storage solution should you choose?

Persistent SSD on VM instances.
Persistent SSD on VM instances.
Cloud Filestore.
Cloud Filestore.
Multiregional Cloud Storage bucket.
Multiregional Cloud Storage bucket.
Cloud Datastore database.
Cloud Datastore database.
Suggested answer: C

Explanation:

Cloud Storage allows world-wide storage and retrieval of any amount of data at any time. We dont need to set up auto-scaling ourselves. Cloud Storage autoscaling is managed by GCP. Cloud Storage is an object store so it is suitable for storing photos. Cloud Storage allows world-wide storage and retrieval so cater well to our worldwide audience. Cloud storage provides us lifecycle rules that can be configured to automatically delete objects older than 30 days. This also fits our requirements. Finally, Google Cloud Storage offers several storage classes such as Nearline Storage ($0.01 per GB per Month) Coldline Storage ($0.007 per GB per Month) and Archive Storage ($0.004 per GB per month) which are significantly cheaper than any of the options above.

Ref:https://cloud.google.com/storage/docs

Ref:https://cloud.google.com/storage/pricing

Google Associate Cloud Engineer image Question 208 explanation 27723 09182024191153000000

asked 18/09/2024
Shadi Akou
35 questions

Question 209

Report
Export
Collapse

You are designing an application that uses WebSockets and HTTP sessions that are not distributed across the web servers. You want to ensure the application runs properly on Google Cloud Platform. What should you do?

Meet with the cloud enablement team to discuss load balancer options.
Meet with the cloud enablement team to discuss load balancer options.
Redesign the application to use a distributed user session service that does not rely on WebSockets and HTTP sessions.
Redesign the application to use a distributed user session service that does not rely on WebSockets and HTTP sessions.
Review the encryption requirements for WebSocket connections with the security team.
Review the encryption requirements for WebSocket connections with the security team.
Convert the WebSocket code to use HTTP streaming.
Convert the WebSocket code to use HTTP streaming.
Suggested answer: A

Explanation:

Google HTTP(S) Load Balancing has native support for the WebSocket protocol when you use HTTP or HTTPS, not HTTP/2, as the protocol to the backend.

Ref:https://cloud.google.com/load-balancing/docs/https#websocket_proxy_support

So the next possible step is to Meet with the cloud enablement team to discuss load balancer options.

We dont need to convert WebSocket code to use HTTP streaming or Redesign the application, as WebSocket support is offered by Google HTTP(S) Load Balancing. Reviewing the encryption requirements is a good idea but it has nothing to do with WebSockets.

asked 18/09/2024
Grégory CALIX
35 questions

Question 210

Report
Export
Collapse

You have a number of compute instances belonging to an unmanaged instances group. You need to SSH to one of the Compute Engine instances to run an ad hoc script. You've already authenticated gcloud, however, you don't have an SSH key deployed yet. In the fewest steps possible, what's the easiest way to SSH to the instance?

Run gcloud compute instances list to get the IP address of the instance, then use the ssh command.
Run gcloud compute instances list to get the IP address of the instance, then use the ssh command.
Use the gcloud compute ssh command.
Use the gcloud compute ssh command.
Create a key with the ssh-keygen command. Then use the gcloud compute ssh command.
Create a key with the ssh-keygen command. Then use the gcloud compute ssh command.
Create a key with the ssh-keygen command. Upload the key to the instance. Run gcloud compute instances list to get the IP address of the instance, then use the ssh command.
Create a key with the ssh-keygen command. Upload the key to the instance. Run gcloud compute instances list to get the IP address of the instance, then use the ssh command.
Suggested answer: B

Explanation:

gcloud compute ssh ensures that the user's public SSH key is present in the project's metadata. If the user does not have a public SSH key, one is generated using ssh-keygen and added to the project's metadata. This is similar to the other option where we copy the key explicitly to the project's metadata but here it is done automatically for us. There are also security benefits with this approach. When we use gcloud compute ssh to connect to Linux instances, we are adding a layer of security by storing your host keys as guest attributes. Storing SSH host keys as guest attributes improve the security of your connections by helping to protect against vulnerabilities such as man-in-the-middle (MITM) attacks. On the initial boot of a VM instance, if guest attributes are enabled, Compute Engine stores your generated host keys as guest attributes.

Compute Engine then uses these host keys that were stored during the initial boot to verify all subsequent connections to the VM instance.

Ref:https://cloud.google.com/compute/docs/instances/connecting-to-instance Ref:https://cloud.google.com/sdk/gcloud/reference/compute/ssh

asked 18/09/2024
Hassene SAADI
39 questions
Total 296 questions
Go to page: of 30
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You've deployed a microservice called myapp1 to a Google Kubernetes Engine cluster using the YAML file specified below: You need to refactor this configuration so that the database password is not stored in plain text. You want to follow Google-recommended practices. What should you do?
You create a Deployment with 2 replicas in a Google Kubernetes Engine cluster that has a single preemptible node pool. After a few minutes, you use kubectl to examine the status of your Pod and observe that one of them is still in Pending status: What is the most likely cause?
You need to create a copy of a custom Compute Engine virtual machine (VM) to facilitate an expected increase in application traffic due to a business acquisition. What should you do?
Your Dataproc cluster runs in a single Virtual Private Cloud (VPC) network in a single subnet with range 172.16.20.128/25. There are no private IP addresses available in the VPC network. You want to add new VMs to communicate with your cluster using the minimum number of steps. What should you do?
You are building an archival solution for your data warehouse and have selected Cloud Storage to archive your dat
Users of your application are complaining of slowness when loading the application. You realize the slowness is because the App Engine deployment serving the application is deployed in us-central whereas all users of this application are closest to europe-west3. You want to change the region of the App Engine application to europe-west3 to minimize latency. What's the best way to change the App Engine region?
You have deployed an application on a single Compute Engine instance. The application writes logs to disk. Users start reporting errors with the application. You want to diagnose the problem. What should you do?
You want to configure 10 Compute Engine instances for availability when maintenance occurs. Your requirements state that these instances should attempt to automatically restart if they crash. Also, the instances should be highly available including during system maintenance. What should you do?
You have downloaded and installed the gcloud command line interface (CLI) and have authenticated with your Google Account. Most of your Compute Engine instances in your project run in the europe-west1-d zone. You want to avoid having to specify this zone with each CLI command when managing these instances. What should you do?
You are analyzing Google Cloud Platform service costs from three separate projects. You want to use this information to create service cost estimates by service type, daily and monthly, for the next six months using standard query syntax. What should you do?