ExamGecko
Search Search Login
Home Home / Google / Professional Cloud Architect

Google Professional Cloud Architect Practice Test - Questions Answers, Page 13

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?
Your company has a Google Cloud project that uses BigQuery for data warehousing on a pay-per-use basis. You want to monitor queries in real time to discover the most costly queries and which users spend the most. What should you do?
Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?
You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process. What should you do?
For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?
Your company has an application running as a Deployment in a Google Kubernetes Engine (GKE) cluster When releasing new versions of the application via a rolling deployment, the team has been causing outages The root cause of the outages is misconfigurations with parameters that are only used in production You want to put preventive measures for this in the platform to prevent outages What should you do?
A development manager is building a new application. He asks you to review his requirements and identify what cloud technologies he can use to meet them. The application must:
Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load. What should you do?
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

Question 121

Report
Export
Collapse

Your web application has several VM instances running within a VPC. You want to restrict communications between instances to only the paths and ports you authorize, but you don't want to rely on static IP addresses or subnets because the app can autoscale. How should you restrict communications?

A.
Use separate VPCs to restrict traffic
A.
Use separate VPCs to restrict traffic
Answers
B.
Use firewall rules based on network tags attached to the compute instances
B.
Use firewall rules based on network tags attached to the compute instances
Answers
C.
Use Cloud DNS and only allow connections from authorized hostnames
C.
Use Cloud DNS and only allow connections from authorized hostnames
Answers
D.
Use service accounts and configure the web application particular service accounts to have access
D.
Use service accounts and configure the web application particular service accounts to have access
Answers
Suggested answer: B

Question 122

Report
Export
Collapse

You are using Cloud SQL as the database backend for a large CRM deployment. You want to scale as usage increases and ensure that you don't run out of storage, maintain 75% CPU usage cores, and keep replication lag below 60 seconds. What are the correct steps to meet your requirements?

A.
1. Enable automatic storage increase for the instance.
A.
1. Enable automatic storage increase for the instance.
Answers
B.
Create a Stackdriver alert when CPU usage exceeds 75%, and change the instance type to reduce CPU usage.
B.
Create a Stackdriver alert when CPU usage exceeds 75%, and change the instance type to reduce CPU usage.
Answers
C.
Create a Stackdriver alert for replication lag, and shard the database to reduce replication time.
C.
Create a Stackdriver alert for replication lag, and shard the database to reduce replication time.
Answers
D.
1. Enable automatic storage increase for the instance.
D.
1. Enable automatic storage increase for the instance.
Answers
E.
Change the instance type to a 32-core machine type to keep CPU usage below 75%.
E.
Change the instance type to a 32-core machine type to keep CPU usage below 75%.
Answers
F.
Create a Stackdriver alert for replication lag, and deploy memcache to reduce load on the master
F.
Create a Stackdriver alert for replication lag, and deploy memcache to reduce load on the master
Answers
G.
1. Create a Stackdriver alert when storage exceeds 75%, and increase the available storage on the instance to create more space.
G.
1. Create a Stackdriver alert when storage exceeds 75%, and increase the available storage on the instance to create more space.
Answers
H.
Deploy memcached to reduce CPU load.
H.
Deploy memcached to reduce CPU load.
Answers
I.
Change the instance type to a 32-core machine type to reduce replication lag.
I.
Change the instance type to a 32-core machine type to reduce replication lag.
Answers
J.
1. Create a Stackdriver alert when storage exceeds 75%, and increase the available storage on the instance to create more space.
J.
1. Create a Stackdriver alert when storage exceeds 75%, and increase the available storage on the instance to create more space.
Answers
K.
Deploy memcached to reduce CPU load.
K.
Deploy memcached to reduce CPU load.
Answers
L.
Create a Stackdriver alert for replication lag, and change the instance type to a 32-core machine type to reduce replication lag.
L.
Create a Stackdriver alert for replication lag, and change the instance type to a 32-core machine type to reduce replication lag.
Answers
Suggested answer: A

Question 123

Report
Export
Collapse

You are tasked with building an online analytical processing (OLAP) marketing analytics and reporting tool. This requires a relational database that can operate on hundreds of terabytes of data. What is the Google-recommended tool for such applications?

A.
Cloud Spanner, because it is globally distributed
A.
Cloud Spanner, because it is globally distributed
Answers
B.
Cloud SQL, because it is a fully managed relational database
B.
Cloud SQL, because it is a fully managed relational database
Answers
C.
Cloud Firestore, because it offers real-time synchronization across devices
C.
Cloud Firestore, because it offers real-time synchronization across devices
Answers
D.
BigQuery, because it is designed for large-scale processing of tabular data
D.
BigQuery, because it is designed for large-scale processing of tabular data
Answers
Suggested answer: D

Explanation:

Section: [none]

Reference: https://cloud.google.com/files/BigQueryTechnicalWP.pdf

Question 124

Report
Export
Collapse

You have deployed an application to Google Kubernetes Engine (GKE), and are using the Cloud SQL proxy container to make the Cloud SQL database available to the services running on Kubernetes. You are notified that the application is reporting database connection issues. Your company policies require a post-mortem. What should you do?

A.
Use gcloud sql instances restart.
A.
Use gcloud sql instances restart.
Answers
B.
Validate that the Service Account used by the Cloud SQL proxy container still has the Cloud Build Editor role.
B.
Validate that the Service Account used by the Cloud SQL proxy container still has the Cloud Build Editor role.
Answers
C.
In the GCP Console, navigate to Stackdriver Logging. Consult logs for (GKE) and Cloud SQL.
C.
In the GCP Console, navigate to Stackdriver Logging. Consult logs for (GKE) and Cloud SQL.
Answers
D.
In the GCP Console, navigate to Cloud SQL. Restore the latest backup. Use kubectl to restart all pods.
D.
In the GCP Console, navigate to Cloud SQL. Restore the latest backup. Use kubectl to restart all pods.
Answers
Suggested answer: C

Question 125

Report
Export
Collapse

Your company pushes batches of sensitive transaction data from its application server VMs to Cloud Pub/Sub for processing and storage. What is the Google-recommended way for your application to authenticate to the required Google

Cloud services?

A.
Ensure that VM service accounts are granted the appropriate Cloud Pub/Sub IAM roles.
A.
Ensure that VM service accounts are granted the appropriate Cloud Pub/Sub IAM roles.
Answers
B.
Ensure that VM service accounts do not have access to Cloud Pub/Sub, and use VM access scopes to grant the appropriate Cloud Pub/Sub IAM roles.
B.
Ensure that VM service accounts do not have access to Cloud Pub/Sub, and use VM access scopes to grant the appropriate Cloud Pub/Sub IAM roles.
Answers
C.
Generate an OAuth2 access token for accessing Cloud Pub/Sub, encrypt it, and store it in Cloud Storage for access from each VM.
C.
Generate an OAuth2 access token for accessing Cloud Pub/Sub, encrypt it, and store it in Cloud Storage for access from each VM.
Answers
D.
Create a gateway to Cloud Pub/Sub using a Cloud Function, and grant the Cloud Function service account the appropriate Cloud Pub/Sub IAM roles.
D.
Create a gateway to Cloud Pub/Sub using a Cloud Function, and grant the Cloud Function service account the appropriate Cloud Pub/Sub IAM roles.
Answers
Suggested answer: A

Question 126

Report
Export
Collapse

You want to establish a Compute Engine application in a single VPC across two regions. The application must communicate over VPN to an on-premises network. How should you deploy the VPN?

A.
Use VPC Network Peering between the VPC and the on-premises network.
A.
Use VPC Network Peering between the VPC and the on-premises network.
Answers
B.
Expose the VPC to the on-premises network using IAM and VPC Sharing.
B.
Expose the VPC to the on-premises network using IAM and VPC Sharing.
Answers
C.
Create a global Cloud VPN Gateway with VPN tunnels from each region to the on-premises peer gateway.
C.
Create a global Cloud VPN Gateway with VPN tunnels from each region to the on-premises peer gateway.
Answers
D.
Deploy Cloud VPN Gateway in each region. Ensure that each region has at least one VPN tunnel to the on-premises peer gateway.
D.
Deploy Cloud VPN Gateway in each region. Ensure that each region has at least one VPN tunnel to the on-premises peer gateway.
Answers
Suggested answer: D

Question 127

Report
Export
Collapse

Your applications will be writing their logs to BigQuery for analysis. Each application should have its own table. Any logs older than 45 days should be removed. You want to optimize storage and follow Google-recommended practices. What should you do?

A.
Configure the expiration time for your tables at 45 days
A.
Configure the expiration time for your tables at 45 days
Answers
B.
Make the tables time-partitioned, and configure the partition expiration at 45 days
B.
Make the tables time-partitioned, and configure the partition expiration at 45 days
Answers
C.
Rely on BigQuery's default behavior to prune application logs older than 45 days
C.
Rely on BigQuery's default behavior to prune application logs older than 45 days
Answers
D.
Create a script that uses the BigQuery command line tool (bq) to remove records older than 45 days
D.
Create a script that uses the BigQuery command line tool (bq) to remove records older than 45 days
Answers
Suggested answer: B

Question 128

Report
Export
Collapse

You want your Google Kubernetes Engine cluster to automatically add or remove nodes based on CPUload.

What should you do?

A.
Configure a HorizontalPodAutoscaler with a target CPU usage. Enable the Cluster Autoscaler from the GCP Console.
A.
Configure a HorizontalPodAutoscaler with a target CPU usage. Enable the Cluster Autoscaler from the GCP Console.
Answers
B.
Configure a HorizontalPodAutoscaler with a target CPU usage. Enable autoscaling on the managed instance group for the cluster using the gcloud command.
B.
Configure a HorizontalPodAutoscaler with a target CPU usage. Enable autoscaling on the managed instance group for the cluster using the gcloud command.
Answers
C.
Create a deployment and set the maxUnavailable and maxSurge properties. Enable the Cluster Autoscaler using the gcloud command.
C.
Create a deployment and set the maxUnavailable and maxSurge properties. Enable the Cluster Autoscaler using the gcloud command.
Answers
D.
Create a deployment and set the maxUnavailable and maxSurge properties. Enable autoscaling on the cluster managed instance group from the GCP Console.
D.
Create a deployment and set the maxUnavailable and maxSurge properties. Enable autoscaling on the cluster managed instance group from the GCP Console.
Answers
Suggested answer: A

Question 129

Report
Export
Collapse

You need to develop procedures to verify resilience of disaster recovery for remote recovery using GCP. Your production environment is hosted on-premises. You need to establish a secure, redundant connection between your on premises network and the GCP network.

What should you do?

A.
Verify that Dedicated Interconnect can replicate files to GCP. Verify that direct peering can establish a secure connection between your networks if Dedicated Interconnect fails.
A.
Verify that Dedicated Interconnect can replicate files to GCP. Verify that direct peering can establish a secure connection between your networks if Dedicated Interconnect fails.
Answers
B.
Verify that Dedicated Interconnect can replicate files to GCP. Verify that Cloud VPN can establish a secure connection between your networks if Dedicated Interconnect fails.
B.
Verify that Dedicated Interconnect can replicate files to GCP. Verify that Cloud VPN can establish a secure connection between your networks if Dedicated Interconnect fails.
Answers
C.
Verify that the Transfer Appliance can replicate files to GCP. Verify that direct peering can establish a secure connection between your networks if the Transfer Appliance fails.
C.
Verify that the Transfer Appliance can replicate files to GCP. Verify that direct peering can establish a secure connection between your networks if the Transfer Appliance fails.
Answers
D.
Verify that the Transfer Appliance can replicate files to GCP. Verify that Cloud VPN can establish a secure connection between your networks if the Transfer Appliance fails.
D.
Verify that the Transfer Appliance can replicate files to GCP. Verify that Cloud VPN can establish a secure connection between your networks if the Transfer Appliance fails.
Answers
Suggested answer: B

Question 130

Report
Export
Collapse

Your company operates nationally and plans to use GCP for multiple batch workloads, including some that are not time-critical. You also need to use GCP services that are HIPAA-certified and manage service costs.

How should you design to meet Google best practices?

A.
Provision preemptible VMs to reduce cost. Discontinue use of all GCP services and APIs that are not HIPAA-compliant.
A.
Provision preemptible VMs to reduce cost. Discontinue use of all GCP services and APIs that are not HIPAA-compliant.
Answers
B.
Provision preemptible VMs to reduce cost. Disable and then discontinue use of all GCP services and APIs that are not HIPAA-compliant.
B.
Provision preemptible VMs to reduce cost. Disable and then discontinue use of all GCP services and APIs that are not HIPAA-compliant.
Answers
C.
Provision standard VMs in the same region to reduce cost. Discontinue use of all GCP services and APIs that are not HIPAA-compliant.
C.
Provision standard VMs in the same region to reduce cost. Discontinue use of all GCP services and APIs that are not HIPAA-compliant.
Answers
D.
Provision standard VMs to the same region to reduce cost. Disable and then discontinue use of all GCP services and APIs that are not HIPAA-compliant.
D.
Provision standard VMs to the same region to reduce cost. Disable and then discontinue use of all GCP services and APIs that are not HIPAA-compliant.
Answers
Suggested answer: B
Total 285 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms