ExamGecko
Search Search Login
Home Home / Google / Associate Cloud Engineer

Google Associate Cloud Engineer Practice Test - Questions Answers, Page 25

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You are building an archival solution for your data warehouse and have selected Cloud Storage to archive your dat
You need to create a copy of a custom Compute Engine virtual machine (VM) to facilitate an expected increase in application traffic due to a business acquisition. What should you do?
Users of your application are complaining of slowness when loading the application. You realize the slowness is because the App Engine deployment serving the application is deployed in us-central whereas all users of this application are closest to europe-west3. You want to change the region of the App Engine application to europe-west3 to minimize latency. What's the best way to change the App Engine region?
You are developing a new application and are looking for a Jenkins installation to build and deploy your source code. You want to automate the installation as quickly and easily as possible. What should you do?
You have one GCP account running in your default region and zone and another account running in a non-default region and zone. You want to start a new Compute Engine instance in these two Google Cloud Platform accounts using the command line interface. What should you do?
You create a Deployment with 2 replicas in a Google Kubernetes Engine cluster that has a single preemptible node pool. After a few minutes, you use kubectl to examine the status of your Pod and observe that one of them is still in Pending status: What is the most likely cause?
You have production and test workloads that you want to deploy on Compute Engine. Production VMs need to be in a different subnet than the test VMs. All the VMs must be able to reach each other over internal IP without creating additional routes. You need to set up VPC and the 2 subnets. Which configuration meets these requirements?
You have a development project with appropriate IAM roles defined. You are creating a production project and want to have the same IAM roles on the new project, using the fewest possible steps. What should you do?
You want to configure autohealing for network load balancing for a group of Compute Engine instances that run in multiple zones, using the fewest possible steps. You need to configure re-creation of VMs if they are unresponsive after 3 attempts of 10 seconds each. What should you do?
You are creating a Google Kubernetes Engine (GKE) cluster with a cluster autoscaler feature enabled. You need to make sure that each node of the cluster will run a monitoring pod that sends container metrics to a third-party monitoring solution. What should you do?

Question 241

Report
Export
Collapse

You have a Linux VM that must connect to Cloud SQL. You created a service account with the appropriate access rights. You want to make sure that the VM uses this service account instead of the default Compute Engine service account. What should you do?

A.
When creating the VM via the web console, specify the service account under the 'Identity and API Access' section.
A.
When creating the VM via the web console, specify the service account under the 'Identity and API Access' section.
Answers
B.
Download a JSON Private Key for the service account. On the Project Metadata, add that JSON as the value for the key compute-engine-service-account.
B.
Download a JSON Private Key for the service account. On the Project Metadata, add that JSON as the value for the key compute-engine-service-account.
Answers
C.
Download a JSON Private Key for the service account. On the Custom Metadata of the VM, add that JSON as the value for the key compute-engine-service-account.
C.
Download a JSON Private Key for the service account. On the Custom Metadata of the VM, add that JSON as the value for the key compute-engine-service-account.
Answers
D.
Download a JSON Private Key for the service account. After creating the VM, ssh into the VM and save the JSON under ~/.gcloud/compute-engine-service-account.json.
D.
Download a JSON Private Key for the service account. After creating the VM, ssh into the VM and save the JSON under ~/.gcloud/compute-engine-service-account.json.
Answers
Suggested answer: A

Explanation:

https://cloud.google.com/compute/docs/access/create-enable-service-accounts-for-instances

Changing the service account and access scopes for an instance If you want to run the VM as a different identity, or you determine that the instance needs a different set of scopes to call the required APIs, you can change the service account and the access scopes of an existing instance. For example, you can change access scopes to grant access to a new API, or change an instance so that it runs as a service account that you created, instead of the Compute Engine default service account. However, Google recommends that you use the fine-grained IAM policies instead of relying on access scopes to control resource access for the service account. To change an instance's service account and access scopes, the instance must be temporarily stopped. To stop your instance, read the documentation for Stopping an instance. After changing the service account or access scopes, remember to restart the instance. Use one of the following methods to the change service account or access scopes of the stopped instance.

Question 242

Report
Export
Collapse

You want to verify the IAM users and roles assigned within a GCP project named my-project. What should you do?

A.
Run gcloud iam roles list. Review the output section.
A.
Run gcloud iam roles list. Review the output section.
Answers
B.
Run gcloud iam service-accounts list. Review the output section.
B.
Run gcloud iam service-accounts list. Review the output section.
Answers
C.
Navigate to the project and then to the IAM section in the GCP Console. Review the members and roles.
C.
Navigate to the project and then to the IAM section in the GCP Console. Review the members and roles.
Answers
D.
Navigate to the project and then to the Roles section in the GCP Console. Review the roles and status.
D.
Navigate to the project and then to the Roles section in the GCP Console. Review the roles and status.
Answers
Suggested answer: C

Explanation:

Logged onto console and followed the steps and was able to see all the assigned users and roles.

Question 243

Report
Export
Collapse

You want to set up a Google Kubernetes Engine cluster Verifiable node identity and integrity are required for the cluster, and nodes cannot be accessed from the internet. You want to reduce the operational cost of managing your cluster, and you want to follow Google-recommended practices. What should you do?

A.
Deploy a private autopilot cluster
A.
Deploy a private autopilot cluster
Answers
B.
Deploy a public autopilot cluster.
B.
Deploy a public autopilot cluster.
Answers
C.
Deploy a standard public cluster and enable shielded nodes.
C.
Deploy a standard public cluster and enable shielded nodes.
Answers
D.
Deploy a standard private cluster and enable shielded nodes.
D.
Deploy a standard private cluster and enable shielded nodes.
Answers
Suggested answer: D

Question 244

Report
Export
Collapse

An external member of your team needs list access to compute images and disks in one of your projects. You want to follow Google-recommended practices when you grant the required permissions to this user. What should you do?

A.
Create a custom role, and add all the required compute.disks.list and compute, images.list permissions as includedPermissions. Grant the custom role to the user at the project level.
A.
Create a custom role, and add all the required compute.disks.list and compute, images.list permissions as includedPermissions. Grant the custom role to the user at the project level.
Answers
B.
Create a custom role based on the Compute Image User role Add the compute.disks, list to the includedPermissions field Grant the custom role to the user at the project level
B.
Create a custom role based on the Compute Image User role Add the compute.disks, list to the includedPermissions field Grant the custom role to the user at the project level
Answers
C.
Grant the Compute Storage Admin role at the project level.
C.
Grant the Compute Storage Admin role at the project level.
Answers
D.
Create a custom role based on the Compute Storage Admin role. Exclude unnecessary permissions from the custom role. Grant the custom role to the user at the project level.
D.
Create a custom role based on the Compute Storage Admin role. Exclude unnecessary permissions from the custom role. Grant the custom role to the user at the project level.
Answers
Suggested answer: B

Question 245

Report
Export
Collapse

Your company wants to migrate their on-premises workloads to Google Cloud. The current on-premises workloads consist of:

* A Flask web application

* AbackendAPI

* A scheduled long-running background job for ETL and reporting.

You need to keep operational costs low You want to follow Google-recommended practices to migrate these workloads to serverless solutions on Google Cloud. What should you do?

A.
Migrate the web application to App Engine and the backend API to Cloud Run Use Cloud Tasks to run your background job on Compute Engine
A.
Migrate the web application to App Engine and the backend API to Cloud Run Use Cloud Tasks to run your background job on Compute Engine
Answers
B.
Migrate the web application to App Engine and the backend API to Cloud Run. Use Cloud Tasks to run your background job on Cloud Run.
B.
Migrate the web application to App Engine and the backend API to Cloud Run. Use Cloud Tasks to run your background job on Cloud Run.
Answers
C.
Run the web application on a Cloud Storage bucket and the backend API on Cloud Run Use Cloud Tasks to run your background job on Cloud Run.
C.
Run the web application on a Cloud Storage bucket and the backend API on Cloud Run Use Cloud Tasks to run your background job on Cloud Run.
Answers
D.
Run the web application on a Cloud Storage bucket and the backend API on Cloud Run. Use Cloud Tasks to run your background job on Compute Engine
D.
Run the web application on a Cloud Storage bucket and the backend API on Cloud Run. Use Cloud Tasks to run your background job on Compute Engine
Answers
Suggested answer: B

Question 246

Report
Export
Collapse

You are building a data lake on Google Cloud for your Internet of Things (loT) application. The loT application has millions of sensors that are constantly streaming structured and unstructured data to your backend in the cloud. You want to build a highly available and resilient architecture based on Google-recommended practices. What should you do?

A.
Stream data to Pub/Sub, and use Dataflow to send data to Cloud Storage
A.
Stream data to Pub/Sub, and use Dataflow to send data to Cloud Storage
Answers
B.
Stream data to Pub/Sub. and use Storage Transfer Service to send data to BigQuery.
B.
Stream data to Pub/Sub. and use Storage Transfer Service to send data to BigQuery.
Answers
C.
Stream data to Dataflow, and use Storage Transfer Service to send data to BigQuery.
C.
Stream data to Dataflow, and use Storage Transfer Service to send data to BigQuery.
Answers
D.
Stream data to Dataflow, and use Dataprep by Trifacta to send data to Bigtable.
D.
Stream data to Dataflow, and use Dataprep by Trifacta to send data to Bigtable.
Answers
Suggested answer: B

Question 247

Report
Export
Collapse

You installed the Google Cloud CLI on your workstation and set the proxy configuration. However, you are worried that your proxy credentials will be recorded in the gcloud CLI logs. You want to prevent your proxy credentials from being logged What should you do?

A.
Configure username and password by using gcloud configure set proxy/username and gcloud configure set proxy/ proxy/password commands.
A.
Configure username and password by using gcloud configure set proxy/username and gcloud configure set proxy/ proxy/password commands.
Answers
B.
Encode username and password in sha256 encoding, and save it to a text file. Use filename as a value in the gcloud configure set core/custom_ca_certs_file command.
B.
Encode username and password in sha256 encoding, and save it to a text file. Use filename as a value in the gcloud configure set core/custom_ca_certs_file command.
Answers
C.
Provide values for CLOUDSDK_USERNAME and CLOUDSDK_PASSWORD in the gcloud CLI tool configure file.
C.
Provide values for CLOUDSDK_USERNAME and CLOUDSDK_PASSWORD in the gcloud CLI tool configure file.
Answers
D.
Set the CLOUDSDK_PROXY_USERNAME and CLOUDSDK_PROXY PASSWORD properties by using environment variables in your command line tool.
D.
Set the CLOUDSDK_PROXY_USERNAME and CLOUDSDK_PROXY PASSWORD properties by using environment variables in your command line tool.
Answers
Suggested answer: D

Question 248

Report
Export
Collapse

Your company developed an application to deploy on Google Kubernetes Engine. Certain parts of the application are not fault-tolerant and are allowed to have downtime Other parts of the application are critical and must always be available. You need to configure a Goorj e Kubernfl:es Engine duster while optimizing for cost. What should you do?

A.
Create a cluster with a single node-pool by using standard VMs. Label the fault-tolerant Deployments as spot-true.
A.
Create a cluster with a single node-pool by using standard VMs. Label the fault-tolerant Deployments as spot-true.
Answers
B.
Create a cluster with a single node-pool by using Spot VMs. Label the critical Deployments as spot-false.
B.
Create a cluster with a single node-pool by using Spot VMs. Label the critical Deployments as spot-false.
Answers
C.
Create a cluster with both a Spot W node pool and a rode pool by using standard VMs Deploy the critical. deployments on the Spot VM node pool and the fault; tolerant deployments on the node pool by using standard VMs.
C.
Create a cluster with both a Spot W node pool and a rode pool by using standard VMs Deploy the critical. deployments on the Spot VM node pool and the fault; tolerant deployments on the node pool by using standard VMs.
Answers
D.
Create a cluster with both a Spot VM node pool and by using standard VMs. Deploy the critical deployments on the mode pool by using standard VMs and the fault-tolerant deployments on the Spot VM node pool.
D.
Create a cluster with both a Spot VM node pool and by using standard VMs. Deploy the critical deployments on the mode pool by using standard VMs and the fault-tolerant deployments on the Spot VM node pool.
Answers
Suggested answer: C

Question 249

Report
Export
Collapse

You need to deploy an application in Google Cloud using savorless technology. You want to test a new version of the application with a small percentage of production traffic. What should you do?

A.
Deploy the application lo Cloud. Run. Use gradual rollouts for traffic spelling.
A.
Deploy the application lo Cloud. Run. Use gradual rollouts for traffic spelling.
Answers
B.
Deploy the application lo Google Kubemetes Engine. Use Anthos Service Mesh for traffic splitting.
B.
Deploy the application lo Google Kubemetes Engine. Use Anthos Service Mesh for traffic splitting.
Answers
C.
Deploy the application to Cloud functions. Saucily the version number in the functions name.
C.
Deploy the application to Cloud functions. Saucily the version number in the functions name.
Answers
D.
Deploy the application to App Engine. For each new version, create a new service.
D.
Deploy the application to App Engine. For each new version, create a new service.
Answers
Suggested answer: A

Question 250

Report
Export
Collapse

Your company's security vulnc'ability managen->enl policy wonts 3 member of the security tearr ;o have visibility into vulnerabi ities and other OS metadata for a specific Compute Engine instance This Compute Engine instance hosts a critical application in your Gongle Cloud p'oject. You need to irrplement your company's security vulnerability management policy. What should you dc?

A.
* Ensuie that the Ops Agent Is Installed on the Compute Engine instance. * Create a custom metric in the Ctoud Monitoring dashboard. * Provide the security team menber with access to this dashboard.
A.
* Ensuie that the Ops Agent Is Installed on the Compute Engine instance. * Create a custom metric in the Ctoud Monitoring dashboard. * Provide the security team menber with access to this dashboard.
Answers
B.
* Ensure :hat the Ops Agent is installed on tie Compute Engine instance. * Provide the security team member roles/configure.inventoryViewer permission.
B.
* Ensure :hat the Ops Agent is installed on tie Compute Engine instance. * Provide the security team member roles/configure.inventoryViewer permission.
Answers
C.
* Ensure that the OS Config agent Is Installed on the Compute Engine instance. * Provide the security team member roles/configure.vulnerabilityViewer permission.
C.
* Ensure that the OS Config agent Is Installed on the Compute Engine instance. * Provide the security team member roles/configure.vulnerabilityViewer permission.
Answers
D.
* Ensure that the OS Config agent is installed on the Compute Engine instance * Create a log sink Co a BigQuery dataset. * Provide the security team member with access to this dataset.
D.
* Ensure that the OS Config agent is installed on the Compute Engine instance * Create a log sink Co a BigQuery dataset. * Provide the security team member with access to this dataset.
Answers
Suggested answer: C
Total 289 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms