ExamGecko
Search Search Login
Home Home / Google / Associate Cloud Engineer

Google Associate Cloud Engineer Practice Test - Questions Answers, Page 23

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You are building an archival solution for your data warehouse and have selected Cloud Storage to archive your dat
You need to create a copy of a custom Compute Engine virtual machine (VM) to facilitate an expected increase in application traffic due to a business acquisition. What should you do?
Users of your application are complaining of slowness when loading the application. You realize the slowness is because the App Engine deployment serving the application is deployed in us-central whereas all users of this application are closest to europe-west3. You want to change the region of the App Engine application to europe-west3 to minimize latency. What's the best way to change the App Engine region?
You are developing a new application and are looking for a Jenkins installation to build and deploy your source code. You want to automate the installation as quickly and easily as possible. What should you do?
You have one GCP account running in your default region and zone and another account running in a non-default region and zone. You want to start a new Compute Engine instance in these two Google Cloud Platform accounts using the command line interface. What should you do?
You have production and test workloads that you want to deploy on Compute Engine. Production VMs need to be in a different subnet than the test VMs. All the VMs must be able to reach each other over internal IP without creating additional routes. You need to set up VPC and the 2 subnets. Which configuration meets these requirements?
You create a Deployment with 2 replicas in a Google Kubernetes Engine cluster that has a single preemptible node pool. After a few minutes, you use kubectl to examine the status of your Pod and observe that one of them is still in Pending status: What is the most likely cause?
You have a development project with appropriate IAM roles defined. You are creating a production project and want to have the same IAM roles on the new project, using the fewest possible steps. What should you do?
You want to configure autohealing for network load balancing for a group of Compute Engine instances that run in multiple zones, using the fewest possible steps. You need to configure re-creation of VMs if they are unresponsive after 3 attempts of 10 seconds each. What should you do?
The storage costs for your application logs have far exceeded the project budget. The logs are currently being retained indefinitely in the Cloud Storage bucket myapp-gcp-ace-logs. You have been asked to remove logs older than 90 days from your Cloud Storage bucket. You want to optimize ongoing Cloud Storage spend. What should you do?

Question 221

Report
Export
Collapse

You have an application that runs on Compute Engine VM instances in a custom Virtual Private Cloud (VPC). Your company's security policies only allow the use to internal IP addresses on VM instances and do not let VM instances connect to the internet. You need to ensure that the application can access a file hosted in a Cloud Storage bucket within your project. What should you do?

A.
Enable Private Service Access on the Cloud Storage Bucket.
A.
Enable Private Service Access on the Cloud Storage Bucket.
Answers
B.
Add slorage.googleapis.com to the list of restricted services in a VPC Service Controls perimeter and add your project to the list to protected projects.
B.
Add slorage.googleapis.com to the list of restricted services in a VPC Service Controls perimeter and add your project to the list to protected projects.
Answers
C.
Enable Private Google Access on the subnet within the custom VPC.
C.
Enable Private Google Access on the subnet within the custom VPC.
Answers
D.
Deploy a Cloud NAT instance and route the traffic to the dedicated IP address of the Cloud Storage bucket.
D.
Deploy a Cloud NAT instance and route the traffic to the dedicated IP address of the Cloud Storage bucket.
Answers
Suggested answer: A

Question 222

Report
Export
Collapse

Your company completed the acquisition of a startup and is now merging the IT systems of both companies. The startup had a production Google Cloud project in their organization. You need to move this project into your organization and ensure that the project is billed lo your organization. You want to accomplish this task with minimal effort. What should you do?

A.
Use the projects. move method to move the project to your organization. Update the billing account of the project to that of your organization.
A.
Use the projects. move method to move the project to your organization. Update the billing account of the project to that of your organization.
Answers
B.
Ensure that you have an Organization Administrator Identity and Access Management (1AM) role assigned to you in both organizations. Navigate to the Resource Manager in the startup's Google Cloud organization, and drag the project to your company's organization.
B.
Ensure that you have an Organization Administrator Identity and Access Management (1AM) role assigned to you in both organizations. Navigate to the Resource Manager in the startup's Google Cloud organization, and drag the project to your company's organization.
Answers
C.
Create a Private Catalog tor the Google Cloud Marketplace, and upload the resources of the startup's production project to the Catalog. Share the Catalog with your organization, and deploy the resources in your company's project.
C.
Create a Private Catalog tor the Google Cloud Marketplace, and upload the resources of the startup's production project to the Catalog. Share the Catalog with your organization, and deploy the resources in your company's project.
Answers
D.
Create an infrastructure-as-code template tor all resources in the project by using Terraform. and deploy that template to a new project in your organization. Delete the protect from the startup's Google Cloud organization.
D.
Create an infrastructure-as-code template tor all resources in the project by using Terraform. and deploy that template to a new project in your organization. Delete the protect from the startup's Google Cloud organization.
Answers
Suggested answer: A

Question 223

Report
Export
Collapse

All development (dev) teams in your organization are located in the United States. Each dev team has its own Google Cloud project. You want to restrict access so that each dev team can only create cloud resources in the United States (US). What should you do?

A.
Create a folder to contain all the dev projects Create an organization policy to limit resources in US locations.
A.
Create a folder to contain all the dev projects Create an organization policy to limit resources in US locations.
Answers
B.
Create an organization to contain all the dev projects. Create an Identity and Access Management (1AM) policy to limit the resources in US regions.
B.
Create an organization to contain all the dev projects. Create an Identity and Access Management (1AM) policy to limit the resources in US regions.
Answers
C.
Create an Identity and Access Management <IAM) policy to restrict the resources locations in the US. Apply the policy to all dev projects.
C.
Create an Identity and Access Management <IAM) policy to restrict the resources locations in the US. Apply the policy to all dev projects.
Answers
D.
Create an Identity and Access Management (IAM)policy to restrict the resources locations in all dev projects. Apply the policy to all dev roles.
D.
Create an Identity and Access Management (IAM)policy to restrict the resources locations in all dev projects. Apply the policy to all dev roles.
Answers
Suggested answer: C

Question 224

Report
Export
Collapse

You are configuring Cloud DNS. You want !to create DNS records to point home.mydomain.com, mydomain.com. and www.mydomain.com to the IP address of your Google Cloud load balancer. What should you do?

A.
Create one CNAME record to point mydomain.com to the load balancer, and create two A records to point WWW and HOME lo mydomain.com respectively.
A.
Create one CNAME record to point mydomain.com to the load balancer, and create two A records to point WWW and HOME lo mydomain.com respectively.
Answers
B.
Create one CNAME record to point mydomain.com to the load balancer, and create two AAAA records to point WWW and HOME to mydomain.com respectively.
B.
Create one CNAME record to point mydomain.com to the load balancer, and create two AAAA records to point WWW and HOME to mydomain.com respectively.
Answers
C.
Create one A record to point mydomain.com to the load balancer, and create two CNAME records to point WWW and HOME to mydomain.com respectively.
C.
Create one A record to point mydomain.com to the load balancer, and create two CNAME records to point WWW and HOME to mydomain.com respectively.
Answers
D.
Create one A record to point mydomain.com lo the load balancer, and create two NS records to point WWW and HOME to mydomain.com respectively.
D.
Create one A record to point mydomain.com lo the load balancer, and create two NS records to point WWW and HOME to mydomain.com respectively.
Answers
Suggested answer: C

Question 225

Report
Export
Collapse

You have two subnets (subnet-a and subnet-b) in the default VPC. Your database servers are running in subnet-a. Your application servers and web servers are running in subnet-b. You want to configure a firewall rule that only allows database traffic from the application servers to the database servers. What should you do?


A.
* Create service accounts sa-app and sa-db. * Associate service account: sa-app with the application servers and the service account sa-db with the database servers. * Create an ingress firewall rule to allow network traffic from source service account sa-app to target service account sa-db.
A.
* Create service accounts sa-app and sa-db. * Associate service account: sa-app with the application servers and the service account sa-db with the database servers. * Create an ingress firewall rule to allow network traffic from source service account sa-app to target service account sa-db.
Answers
B.
* Create network tags app-server and db-server. * Add the app-server lag lo the application servers and the db-server lag to the database servers. * Create an egress firewall rule to allow network traffic from source network tag app-server to target network tag db-server.
B.
* Create network tags app-server and db-server. * Add the app-server lag lo the application servers and the db-server lag to the database servers. * Create an egress firewall rule to allow network traffic from source network tag app-server to target network tag db-server.
Answers
C.
* Create a service account sa-app and a network tag db-server. * Associate the service account sa-app with the application servers and the network tag db-server with the database servers. * Create an ingress firewall rule to allow network traffic from source VPC IP addresses and target the subnet-a IP addresses.
C.
* Create a service account sa-app and a network tag db-server. * Associate the service account sa-app with the application servers and the network tag db-server with the database servers. * Create an ingress firewall rule to allow network traffic from source VPC IP addresses and target the subnet-a IP addresses.
Answers
D.
* Create a network lag app-server and service account sa-db. * Add the tag to the application servers and associate the service account with the database servers. * Create an egress firewall rule to allow network traffic from source network tag app-server to target service account sa-db.
D.
* Create a network lag app-server and service account sa-db. * Add the tag to the application servers and associate the service account with the database servers. * Create an egress firewall rule to allow network traffic from source network tag app-server to target service account sa-db.
Answers
Suggested answer: C

Question 226

Report
Export
Collapse

Your learn wants to deploy a specific content management system (CMS) solution lo Google Cloud. You need a quick and easy way to deploy and install the solution. What should you do?

A.
Search for the CMS solution in Google Cloud Marketplace. Use gcloud CLI to deploy the solution.
A.
Search for the CMS solution in Google Cloud Marketplace. Use gcloud CLI to deploy the solution.
Answers
B.
Search for the CMS solution in Google Cloud Marketplace. Deploy the solution directly from Cloud Marketplace.
B.
Search for the CMS solution in Google Cloud Marketplace. Deploy the solution directly from Cloud Marketplace.
Answers
C.
Search for the CMS solution in Google Cloud Marketplace. Use Terraform and the Cloud Marketplace ID to deploy the solution with the appropriate parameters.
C.
Search for the CMS solution in Google Cloud Marketplace. Use Terraform and the Cloud Marketplace ID to deploy the solution with the appropriate parameters.
Answers
D.
Use the installation guide of the CMS provider. Perform the installation through your configuration management system.
D.
Use the installation guide of the CMS provider. Perform the installation through your configuration management system.
Answers
Suggested answer: B

Question 227

Report
Export
Collapse

You are working for a startup that was officially registered as a business 6 months ago. As your customer base grows, your use of Google Cloud increases. You want to allow all engineers to create new projects without asking them for their credit card information. What should you do?

A.
Create a Billing account, associate a payment method with it, and provide all project creators with permission to associate that billing account with their projects.
A.
Create a Billing account, associate a payment method with it, and provide all project creators with permission to associate that billing account with their projects.
Answers
B.
Grant all engineer's permission to create their own billing accounts for each new project.
B.
Grant all engineer's permission to create their own billing accounts for each new project.
Answers
C.
Apply for monthly invoiced billing, and have a single invoice tor the project paid by the finance team.
C.
Apply for monthly invoiced billing, and have a single invoice tor the project paid by the finance team.
Answers
D.
Create a billing account, associate it with a monthly purchase order (PO), and send the PO to Google Cloud.
D.
Create a billing account, associate it with a monthly purchase order (PO), and send the PO to Google Cloud.
Answers
Suggested answer: A

Question 228

Report
Export
Collapse

You recently received a new Google Cloud project with an attached billing account where you will work. You need to create instances, set firewalls, and store data in Cloud Storage. You want to follow Google-recommended practices. What should you do?

A.
Use the gcloud CLI services enable cloudresourcemanager.googleapis.com command to enable all resources.
A.
Use the gcloud CLI services enable cloudresourcemanager.googleapis.com command to enable all resources.
Answers
B.
Use the gcloud services enable compute.googleapis.com command to enable Compute Engine and the gcloud services enable storage-api.googleapis.com command to enable the Cloud Storage APIs.
B.
Use the gcloud services enable compute.googleapis.com command to enable Compute Engine and the gcloud services enable storage-api.googleapis.com command to enable the Cloud Storage APIs.
Answers
C.
Open the Google Cloud console and enable all Google Cloud APIs from the API dashboard.
C.
Open the Google Cloud console and enable all Google Cloud APIs from the API dashboard.
Answers
D.
Open the Google Cloud console and run gcloud init --project in a Cloud Shell.
D.
Open the Google Cloud console and run gcloud init --project in a Cloud Shell.
Answers
Suggested answer: B

Question 229

Report
Export
Collapse

Your company is using Google Workspace to manage employee accounts. Anticipated growth will increase the number of personnel from 100 employees to 1.000 employees within 2 years. Most employees will need access to your company's Google Cloud account. The systems and processes will need to support 10x growth without performance degradation, unnecessary complexity, or security issues. What should you do?

A.
Migrate the users to Active Directory. Connect the Human Resources system to Active Directory. Turn on Google Cloud Directory Sync (GCDS) for Cloud Identity. Turn on Identity Federation from Cloud Identity to Active Directory.
A.
Migrate the users to Active Directory. Connect the Human Resources system to Active Directory. Turn on Google Cloud Directory Sync (GCDS) for Cloud Identity. Turn on Identity Federation from Cloud Identity to Active Directory.
Answers
B.
Organize the users in Cloud Identity into groups. Enforce multi-factor authentication in Cloud Identity.
B.
Organize the users in Cloud Identity into groups. Enforce multi-factor authentication in Cloud Identity.
Answers
C.
Turn on identity federation between Cloud Identity and Google Workspace. Enforce multi-factor authentication for domain wide delegation.
C.
Turn on identity federation between Cloud Identity and Google Workspace. Enforce multi-factor authentication for domain wide delegation.
Answers
D.
Use a third-party identity provider service through federation. Synchronize the users from Google Workplace to the third-party provider in real time.
D.
Use a third-party identity provider service through federation. Synchronize the users from Google Workplace to the third-party provider in real time.
Answers
Suggested answer: B

Question 230

Report
Export
Collapse

Your application development team has created Docker images for an application that will be deployed on Google Cloud. Your team does not want to manage the infrastructure associated with this application. You need to ensure that the application can scale automatically as it gains popularity. What should you do?

A.
Create an Instance template with the container image, and deploy a Managed Instance Group with Autoscaling.
A.
Create an Instance template with the container image, and deploy a Managed Instance Group with Autoscaling.
Answers
B.
Upload Docker images to Artifact Registry, and deploy the application on Google Kubernetes Engine using Standard mode.
B.
Upload Docker images to Artifact Registry, and deploy the application on Google Kubernetes Engine using Standard mode.
Answers
C.
Upload Docker images to the Cloud Storage, and deploy the application on Google Kubernetes Engine using Standard mode.
C.
Upload Docker images to the Cloud Storage, and deploy the application on Google Kubernetes Engine using Standard mode.
Answers
D.
Upload Docker images to Artifact Registry, and deploy the application on Cloud Run.
D.
Upload Docker images to Artifact Registry, and deploy the application on Cloud Run.
Answers
Suggested answer: D
Total 289 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms