ExamGecko
Search Search Login
Home Home / Google / Professional Cloud Architect

Google Professional Cloud Architect Practice Test - Questions Answers, Page 17

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?
Your company has a Google Cloud project that uses BigQuery for data warehousing on a pay-per-use basis. You want to monitor queries in real time to discover the most costly queries and which users spend the most. What should you do?
Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?
You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process. What should you do?
For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?
Your company has an application running as a Deployment in a Google Kubernetes Engine (GKE) cluster When releasing new versions of the application via a rolling deployment, the team has been causing outages The root cause of the outages is misconfigurations with parameters that are only used in production You want to put preventive measures for this in the platform to prevent outages What should you do?
A development manager is building a new application. He asks you to review his requirements and identify what cloud technologies he can use to meet them. The application must:
Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load. What should you do?
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

Question 161

Report
Export
Collapse

You are moving an application that uses MySQL from on-premises to Google Cloud. The application will run on Compute Engine and will use Cloud SQL. You want to cut over to the Compute Engine deployment of the application with minimal downtime and no data loss to your customers. You want to migrate the application with minimal modification. You also need to determine the cutover strategy. What should you do?

A.
1. Set up Cloud VPN to provide private network connectivity between the Compute Engine application and the on-premises MySQL server.
A.
1. Set up Cloud VPN to provide private network connectivity between the Compute Engine application and the on-premises MySQL server.
Answers
B.
Stop the on-premises application.
B.
Stop the on-premises application.
Answers
C.
Create a mysqldump of the on-premises MySQL server.
C.
Create a mysqldump of the on-premises MySQL server.
Answers
D.
Upload the dump to a Cloud Storage bucket.
D.
Upload the dump to a Cloud Storage bucket.
Answers
E.
Import the dump into Cloud SQL.
E.
Import the dump into Cloud SQL.
Answers
F.
Modify the source code of the application to write queries to both databases and read from its local database.
F.
Modify the source code of the application to write queries to both databases and read from its local database.
Answers
G.
Start the Compute Engine application.
G.
Start the Compute Engine application.
Answers
H.
Stop the on-premises application.
H.
Stop the on-premises application.
Answers
I.
1. Set up Cloud SQL proxy and MySQL proxy.
I.
1. Set up Cloud SQL proxy and MySQL proxy.
Answers
J.
Create a mysqldump of the on-premises MySQL server.
J.
Create a mysqldump of the on-premises MySQL server.
Answers
K.
Upload the dump to a Cloud Storage bucket.
K.
Upload the dump to a Cloud Storage bucket.
Answers
L.
Import the dump into Cloud SQL.
L.
Import the dump into Cloud SQL.
Answers
M.
Stop the on-premises application.
M.
Stop the on-premises application.
Answers
N.
Start the Compute Engine application.
N.
Start the Compute Engine application.
Answers
O.
1. Set up Cloud VPN to provide private network connectivity between the Compute Engine application and the on-premises MySQL server.
O.
1. Set up Cloud VPN to provide private network connectivity between the Compute Engine application and the on-premises MySQL server.
Answers
P.
Stop the on-premises application.
P.
Stop the on-premises application.
Answers
Q.
Start the Compute Engine application, configured to read and write to the on-premises MySQL server.
Q.
Start the Compute Engine application, configured to read and write to the on-premises MySQL server.
Answers
R.
Create the replication configuration in Cloud SQL.
R.
Create the replication configuration in Cloud SQL.
Answers
S.
Configure the source database server to accept connections from the Cloud SQL replica.
S.
Configure the source database server to accept connections from the Cloud SQL replica.
Answers
T.
Finalize the Cloud SQL replica configuration.
T.
Finalize the Cloud SQL replica configuration.
Answers
U.
When replication has been completed, stop the Compute Engine application.
U.
When replication has been completed, stop the Compute Engine application.
Answers
V.
Promote the Cloud SQL replica to a standalone instance.
V.
Promote the Cloud SQL replica to a standalone instance.
Answers
W.
Restart the Compute Engine application, configured to read and write to the Cloud SQL standalone instance.
W.
Restart the Compute Engine application, configured to read and write to the Cloud SQL standalone instance.
Answers
X.
1. Stop the on-premises application.
X.
1. Stop the on-premises application.
Answers
Y.
Create a mysqldump of the on-premises MySQL server.
Y.
Create a mysqldump of the on-premises MySQL server.
Answers
Z.
Upload the dump to a Cloud Storage bucket.
Z.
Upload the dump to a Cloud Storage bucket.
Answers
[.
Import the dump into Cloud SQL.
[.
Import the dump into Cloud SQL.
Answers
\.
Start the application on Compute Engine.
\.
Start the application on Compute Engine.
Answers
Suggested answer: A

Question 162

Report
Export
Collapse

Your organization has decided to restrict the use of external IP addresses on instances to only approved instances. You want to enforce this requirement across all of your Virtual Private Clouds (VPCs). What should you do?

A.
Remove the default route on all VPCs. Move all approved instances into a new subnet that has a default route to an internet gateway.
A.
Remove the default route on all VPCs. Move all approved instances into a new subnet that has a default route to an internet gateway.
Answers
B.
Create a new VPC in custom mode. Create a new subnet for the approved instances, and set a default route to the internet gateway on this new subnet.
B.
Create a new VPC in custom mode. Create a new subnet for the approved instances, and set a default route to the internet gateway on this new subnet.
Answers
C.
Implement a Cloud NAT solution to remove the need for external IP addresses entirely.
C.
Implement a Cloud NAT solution to remove the need for external IP addresses entirely.
Answers
D.
Set an Organization Policy with a constraint on constraints/compute.vmExternalIpAccess. List the approved instances in the allowedValues list.
D.
Set an Organization Policy with a constraint on constraints/compute.vmExternalIpAccess. List the approved instances in the allowedValues list.
Answers
Suggested answer: D

Explanation:

Reference: https://cloud.google.com/compute/docs/ip-addresses/reserve-static-external-ip-address

Question 163

Report
Export
Collapse

Your company uses the Firewall Insights feature in the Google Network Intelligence Center. You have several firewall rules applied to Compute Engine instances. You need to evaluate the efficiency of the applied firewall ruleset. When you bring up the Firewall Insights page in the Google Cloud Console, you notice that there are no log rows to display. What should you do to troubleshoot the issue?

A.
Enable Virtual Private Cloud (VPC) flow logging.
A.
Enable Virtual Private Cloud (VPC) flow logging.
Answers
B.
Enable Firewall Rules Logging for the firewall rules you want to monitor.
B.
Enable Firewall Rules Logging for the firewall rules you want to monitor.
Answers
C.
Verify that your user account is assigned the compute.networkAdmin Identity and Access Management (IAM) role.
C.
Verify that your user account is assigned the compute.networkAdmin Identity and Access Management (IAM) role.
Answers
D.
Install the Google Cloud SDK, and verify that there are no Firewall logs in the command line output.
D.
Install the Google Cloud SDK, and verify that there are no Firewall logs in the command line output.
Answers
Suggested answer: B

Explanation:

Reference: https://cloud.google.com/network-intelligence-center/docs/firewall-insights/how-to/using-firewall-insights

Question 164

Report
Export
Collapse

Your company has sensitive data in Cloud Storage buckets. Data analysts have Identity Access Management (IAM) permissions to read the buckets. You want to prevent data analysts from retrieving the data in the buckets from outside the office network. What should you do?

A.
1. Create a VPC Service Controls perimeter that includes the projects with the buckets.
A.
1. Create a VPC Service Controls perimeter that includes the projects with the buckets.
Answers
B.
Create an access level with the CIDR of the office network.
B.
Create an access level with the CIDR of the office network.
Answers
C.
1. Create a firewall rule for all instances in the Virtual Private Cloud (VPC) network for source range.
C.
1. Create a firewall rule for all instances in the Virtual Private Cloud (VPC) network for source range.
Answers
D.
Use the Classless Inter-domain Routing (CIDR) of the office network.
D.
Use the Classless Inter-domain Routing (CIDR) of the office network.
Answers
E.
1. Create a Cloud Function to remove IAM permissions from the buckets, and another Cloud Function to add IAM permissions to the buckets.
E.
1. Create a Cloud Function to remove IAM permissions from the buckets, and another Cloud Function to add IAM permissions to the buckets.
Answers
F.
Schedule the Cloud Functions with Cloud Scheduler to add permissions at the start of business and remove permissions at the end of business.
F.
Schedule the Cloud Functions with Cloud Scheduler to add permissions at the start of business and remove permissions at the end of business.
Answers
G.
1. Create a Cloud VPN to the office network.
G.
1. Create a Cloud VPN to the office network.
Answers
H.
Configure Private Google Access for on-premises hosts.
H.
Configure Private Google Access for on-premises hosts.
Answers
Suggested answer: C

Question 165

Report
Export
Collapse

You have developed a non-critical update to your application that is running in a managed instance group, and have created a new instance template with the update that you want to release. To prevent any possible impact to the application, you don't want to update any running instances. You want any new instances that are created by the managed instance group to contain the new update. What should you do?

A.
Start a new rolling restart operation.
A.
Start a new rolling restart operation.
Answers
B.
Start a new rolling replace operation.
B.
Start a new rolling replace operation.
Answers
C.
Start a new rolling update. Select the Proactive update mode.
C.
Start a new rolling update. Select the Proactive update mode.
Answers
D.
Start a new rolling update. Select the Opportunistic update mode.
D.
Start a new rolling update. Select the Opportunistic update mode.
Answers
Suggested answer: C

Question 166

Report
Export
Collapse

Your company is designing its application landscape on Compute Engine. Whenever a zonal outage occurs, the application should be restored in another zone as quickly as possible with the latest application data. You need to design the solution to meet this requirement. What should you do?

A.
Create a snapshot schedule for the disk containing the application data. Whenever a zonal outage occurs, use the latest snapshot to restore the disk in the same zone.
A.
Create a snapshot schedule for the disk containing the application data. Whenever a zonal outage occurs, use the latest snapshot to restore the disk in the same zone.
Answers
B.
Configure the Compute Engine instances with an instance template for the application, and use a regional persistent disk for the application data. Whenever a zonal outage occurs, use the instance template to spin up the application inanother zone in the same region. Use the regional persistent disk for the application data.
B.
Configure the Compute Engine instances with an instance template for the application, and use a regional persistent disk for the application data. Whenever a zonal outage occurs, use the instance template to spin up the application inanother zone in the same region. Use the regional persistent disk for the application data.
Answers
C.
Create a snapshot schedule for the disk containing the application data. Whenever a zonal outage occurs, use the latest snapshot to restore the disk in another zone within the same region.
C.
Create a snapshot schedule for the disk containing the application data. Whenever a zonal outage occurs, use the latest snapshot to restore the disk in another zone within the same region.
Answers
D.
Configure the Compute Engine instances with an instance template for the application, and use a regional persistent disk for the application data. Whenever a zonal outage occurs, use the instance template to spin up the application inanother region. Use the regional persistent disk for the application data,
D.
Configure the Compute Engine instances with an instance template for the application, and use a regional persistent disk for the application data. Whenever a zonal outage occurs, use the instance template to spin up the application inanother region. Use the regional persistent disk for the application data,
Answers
Suggested answer: D

Question 167

Report
Export
Collapse

Your company has just acquired another company, and you have been asked to integrate their existing Google Cloud environment into your company's data center. Upon investigation, you discover that some of the RFC 1918 IP ranges being used in the new company's Virtual Private Cloud (VPC) overlap with your data center IP space. What should you do to enable connectivity and make sure that there are no routing conflicts when connectivity is established?

A.
Create a Cloud VPN connection from the new VPC to the data center, create a Cloud Router, and apply new IP addresses so there is no overlapping IP space.
A.
Create a Cloud VPN connection from the new VPC to the data center, create a Cloud Router, and apply new IP addresses so there is no overlapping IP space.
Answers
B.
Create a Cloud VPN connection from the new VPC to the data center, and create a Cloud NAT instance to perform NAT on the overlapping IP space.
B.
Create a Cloud VPN connection from the new VPC to the data center, and create a Cloud NAT instance to perform NAT on the overlapping IP space.
Answers
C.
Create a Cloud VPN connection from the new VPC to the data center, create a Cloud Router, and apply a custom route advertisement to block the overlapping IP space.
C.
Create a Cloud VPN connection from the new VPC to the data center, create a Cloud Router, and apply a custom route advertisement to block the overlapping IP space.
Answers
D.
Create a Cloud VPN connection from the new VPC to the data center, and apply a firewall rule that blocks the overlapping IP space.
D.
Create a Cloud VPN connection from the new VPC to the data center, and apply a firewall rule that blocks the overlapping IP space.
Answers
Suggested answer: A

Question 168

Report
Export
Collapse

You need to migrate Hadoop jobs for your company's Data Science team without modifying the underlying infrastructure. You want to minimize costs and infrastructure management effort. What should you do?

A.
Create a Dataproc cluster using standard worker instances.
A.
Create a Dataproc cluster using standard worker instances.
Answers
B.
Create a Dataproc cluster using preemptible worker instances.
B.
Create a Dataproc cluster using preemptible worker instances.
Answers
C.
Manually deploy a Hadoop cluster on Compute Engine using standard instances.
C.
Manually deploy a Hadoop cluster on Compute Engine using standard instances.
Answers
D.
Manually deploy a Hadoop cluster on Compute Engine using preemptible instances.
D.
Manually deploy a Hadoop cluster on Compute Engine using preemptible instances.
Answers
Suggested answer: A

Explanation:

Reference: https://cloud.google.com/architecture/hadoop/hadoop-gcp-migration-jobs

Question 169

Report
Export
Collapse

Your company has a project in Google Cloud with three Virtual Private Clouds (VPCs). There is a Compute Engine instance on each VPC. Network subnets do not overlap and must remain separated. The network configuration is shown below.

Instance #1 is an exception and must communicate directly with both Instance #2 and Instance #3 via internal IPs. How should you accomplish this?

A.
Create a cloud router to advertise subnet #2 and subnet #3 to subnet #1.
A.
Create a cloud router to advertise subnet #2 and subnet #3 to subnet #1.
Answers
B.
Add two additional NICs to Instance #1 with the following configuration:• NIC1? VPC: VPC #2? SUBNETWORK: subnet #2• NIC2? VPC: VPC #3? SUBNETWORK: subnet #3Update firewall rules to enable traffic between instances.
B.
Add two additional NICs to Instance #1 with the following configuration:• NIC1? VPC: VPC #2? SUBNETWORK: subnet #2• NIC2? VPC: VPC #3? SUBNETWORK: subnet #3Update firewall rules to enable traffic between instances.
Answers
C.
Create two VPN tunnels via CloudVPN:• 1 between VPC #1 and VPC #2.• 1 between VPC #2 and VPC #3.Update firewall rules to enable traffic between the instances.
C.
Create two VPN tunnels via CloudVPN:• 1 between VPC #1 and VPC #2.• 1 between VPC #2 and VPC #3.Update firewall rules to enable traffic between the instances.
Answers
D.
Peer all three VPCs:- Peer VPC #1 with VPC #2.- Peer VPC #2 with VPC #3.Update firewall rules to enable traffic between the instances.
D.
Peer all three VPCs:- Peer VPC #1 with VPC #2.- Peer VPC #2 with VPC #3.Update firewall rules to enable traffic between the instances.
Answers
Suggested answer: B

Question 170

Report
Export
Collapse

You need to deploy an application on Google Cloud that must run on a Debian Linux environment. The application requires extensive configuration in order to operate correctly. You want to ensure that you can install Debian distribution updates with minimal manual intervention whenever they become available. What should you do?

A.
Create a Compute Engine instance template using the most recent Debian image. Create an instance from this template, and install and configure the application as part of the startup script. Repeat this process whenever a new Google-managed Debian image becomes available.
A.
Create a Compute Engine instance template using the most recent Debian image. Create an instance from this template, and install and configure the application as part of the startup script. Repeat this process whenever a new Google-managed Debian image becomes available.
Answers
B.
Create a Debian-based Compute Engine instance, install and configure the application, and use OS patch management to install available updates.
B.
Create a Debian-based Compute Engine instance, install and configure the application, and use OS patch management to install available updates.
Answers
C.
Create an instance with the latest available Debian image. Connect to the instance via SSH, and install and configure the application on the instance. Repeat this process whenever a new Google-managed Debian image becomesavailable.
C.
Create an instance with the latest available Debian image. Connect to the instance via SSH, and install and configure the application on the instance. Repeat this process whenever a new Google-managed Debian image becomesavailable.
Answers
D.
Create a Docker container with Debian as the base image. Install and configure the application as part of the Docker image creation process. Host the container on Google Kubernetes Engine and restart the container whenever a newupdate is available.
D.
Create a Docker container with Debian as the base image. Install and configure the application as part of the Docker image creation process. Host the container on Google Kubernetes Engine and restart the container whenever a newupdate is available.
Answers
Suggested answer: B

Explanation:

Reference: https://cloud.google.com/compute/docs/os-patch-management

Total 285 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms