ExamGecko
Search Search Login
Home Home / Google / Professional Cloud Architect

Google Professional Cloud Architect Practice Test - Questions Answers, Page 19

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?
Your company has a Google Cloud project that uses BigQuery for data warehousing on a pay-per-use basis. You want to monitor queries in real time to discover the most costly queries and which users spend the most. What should you do?
Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?
You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process. What should you do?
For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?
Your company has an application running as a Deployment in a Google Kubernetes Engine (GKE) cluster When releasing new versions of the application via a rolling deployment, the team has been causing outages The root cause of the outages is misconfigurations with parameters that are only used in production You want to put preventive measures for this in the platform to prevent outages What should you do?
A development manager is building a new application. He asks you to review his requirements and identify what cloud technologies he can use to meet them. The application must:
Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load. What should you do?
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

Question 181

Report
Export
Collapse

Your company sends all Google Cloud logs to Cloud Logging. Your security team wants to monitor the logs. You want to ensure that the security team can react quickly if an anomaly such as an unwanted firewall change or server breach is detected. You want to follow Google-recommended practices. What should you do?

A.
Schedule a cron job with Cloud Scheduler. The scheduled job queries the logs every minute for the relevant events.
A.
Schedule a cron job with Cloud Scheduler. The scheduled job queries the logs every minute for the relevant events.
Answers
B.
Export logs to BigQuery, and trigger a query in BigQuery to process the log data for the relevant events.
B.
Export logs to BigQuery, and trigger a query in BigQuery to process the log data for the relevant events.
Answers
C.
Export logs to a Pub/Sub topic, and trigger Cloud Function with the relevant log events.
C.
Export logs to a Pub/Sub topic, and trigger Cloud Function with the relevant log events.
Answers
D.
Export logs to a Cloud Storage bucket, and trigger Cloud Run with the relevant log events.
D.
Export logs to a Cloud Storage bucket, and trigger Cloud Run with the relevant log events.
Answers
Suggested answer: C

Explanation:

Section: [none]

Question 182

Report
Export
Collapse

You have deployed several instances on Compute Engine. As a security requirement, instances cannot have a public IP address. There is no VPN connection between Google Cloud and your office, and you need to connect via SSH into a specific machine without violating the security requirements. What should you do?

A.
Configure Cloud NAT on the subnet where the instance is hosted. Create an SSH connection to the Cloud NAT IP address to reach the instance.
A.
Configure Cloud NAT on the subnet where the instance is hosted. Create an SSH connection to the Cloud NAT IP address to reach the instance.
Answers
B.
Add all instances to an unmanaged instance group. Configure TCP Proxy Load Balancing with the instance group as a backend. Connect to the instance using the TCP Proxy IP.
B.
Add all instances to an unmanaged instance group. Configure TCP Proxy Load Balancing with the instance group as a backend. Connect to the instance using the TCP Proxy IP.
Answers
C.
Configure Identity-Aware Proxy (IAP) for the instance and ensure that you have the role of IAP-secured Tunnel User. Use the gcloud command line tool to ssh into the instance.
C.
Configure Identity-Aware Proxy (IAP) for the instance and ensure that you have the role of IAP-secured Tunnel User. Use the gcloud command line tool to ssh into the instance.
Answers
D.
Create a bastion host in the network to SSH into the bastion host from your office location. From the bastion host, SSH into the desired instance.
D.
Create a bastion host in the network to SSH into the bastion host from your office location. From the bastion host, SSH into the desired instance.
Answers
Suggested answer: D

Explanation:

Reference: https://cloud.google.com/solutions/connecting-securely

Question 183

Report
Export
Collapse

Your company is using Google Cloud. You have two folders under the Organization: Finance and Shopping. The members of the development team are in a Google Group. The development team group has been assigned the Project Owner role on the Organization. You want to prevent the development team from creating resources in projects in the Finance folder. What should you do?

A.
Assign the development team group the Project Viewer role on the Finance folder, and assign the development team group the Project Owner role on the Shopping folder.
A.
Assign the development team group the Project Viewer role on the Finance folder, and assign the development team group the Project Owner role on the Shopping folder.
Answers
B.
Assign the development team group only the Project Viewer role on the Finance folder.
B.
Assign the development team group only the Project Viewer role on the Finance folder.
Answers
C.
Assign the development team group the Project Owner role on the Shopping folder, and remove the development team group Project Owner role from the Organization.
C.
Assign the development team group the Project Owner role on the Shopping folder, and remove the development team group Project Owner role from the Organization.
Answers
D.
Assign the development team group only the Project Owner role on the Shopping folder.
D.
Assign the development team group only the Project Owner role on the Shopping folder.
Answers
Suggested answer: C

Explanation:

Reference: https://cloud.google.com/resource-manager/docs/creating-managing-folders

Question 184

Report
Export
Collapse

You are developing your microservices application on Google Kubernetes Engine. During testing, you want to validate the behavior of your application in case a specific microservice should suddenly crash. What should you do?

A.
Add a taint to one of the nodes of the Kubernetes cluster. For the specific microservice, configure a pod anti-affinity label that has the name of the tainted node as a value.
A.
Add a taint to one of the nodes of the Kubernetes cluster. For the specific microservice, configure a pod anti-affinity label that has the name of the tainted node as a value.
Answers
B.
Use Istio's fault injection on the particular microservice whose faulty behavior you want to simulate.
B.
Use Istio's fault injection on the particular microservice whose faulty behavior you want to simulate.
Answers
C.
Destroy one of the nodes of the Kubernetes cluster to observe the behavior.
C.
Destroy one of the nodes of the Kubernetes cluster to observe the behavior.
Answers
D.
Configure Istio's traffic management features to steer the traffic away from a crashing microservice.
D.
Configure Istio's traffic management features to steer the traffic away from a crashing microservice.
Answers
Suggested answer: C

Question 185

Report
Export
Collapse

Your company is developing a new application that will allow globally distributed users to upload pictures and share them with other selected users. The application will support millions of concurrent users. You want to allow developers to focus on just building code without having to create and maintain the underlying infrastructure. Which service should you use to deploy the application?

A.
App Engine
A.
App Engine
Answers
B.
Cloud Endpoints
B.
Cloud Endpoints
Answers
C.
Compute Engine
C.
Compute Engine
Answers
D.
Google Kubernetes Engine
D.
Google Kubernetes Engine
Answers
Suggested answer: A

Explanation:

Reference: https://cloud.google.com/terms/services

Question 186

Report
Export
Collapse

Your company provides a recommendation engine for retail customers. You are providing retail customers with an API where they can submit a user ID and the API returns a list of recommendations for that user. You are responsible for the API lifecycle and want to ensure stability for your customers in case the API makes backward-incompatible changes. You want to follow Google-recommended practices. What should you do?

A.
Create a distribution list of all customers to inform them of an upcoming backward-incompatible change at least one month before replacing the old API with the new API.
A.
Create a distribution list of all customers to inform them of an upcoming backward-incompatible change at least one month before replacing the old API with the new API.
Answers
B.
Create an automated process to generate API documentation, and update the public API documentation as part of the CI/CD process when deploying an update to the API.
B.
Create an automated process to generate API documentation, and update the public API documentation as part of the CI/CD process when deploying an update to the API.
Answers
C.
Use a versioning strategy for the APIs that increases the version number on every backward-incompatible change.
C.
Use a versioning strategy for the APIs that increases the version number on every backward-incompatible change.
Answers
D.
Use a versioning strategy for the APIs that adds the suffix "DEPRECATED" to the current API version number on every backward-incompatible change. Use the current version number for the new API.
D.
Use a versioning strategy for the APIs that adds the suffix "DEPRECATED" to the current API version number on every backward-incompatible change. Use the current version number for the new API.
Answers
Suggested answer: A

Question 187

Report
Export
Collapse

Your company has developed a monolithic, 3-tier application to allow external users to upload and share files. The solution cannot be easily enhanced and lacks reliability. The development team would like to re-architect the application to adopt microservices and a fully managed service approach, but they need to convince their leadership that the effort is worthwhile. Which advantage(s) should they highlight to leadership?

A.
The new approach will be significantly less costly, make it easier to manage the underlying infrastructure, and automatically manage the CI/CD pipelines.
A.
The new approach will be significantly less costly, make it easier to manage the underlying infrastructure, and automatically manage the CI/CD pipelines.
Answers
B.
The monolithic solution can be converted to a container with Docker. The generated container can then be deployed into a Kubernetes cluster.
B.
The monolithic solution can be converted to a container with Docker. The generated container can then be deployed into a Kubernetes cluster.
Answers
C.
The new approach will make it easier to decouple infrastructure from application, develop and release new features, manage the underlying infrastructure, manage CI/CD pipelines and perform A/B testing, and scale the solution ifnecessary.
C.
The new approach will make it easier to decouple infrastructure from application, develop and release new features, manage the underlying infrastructure, manage CI/CD pipelines and perform A/B testing, and scale the solution ifnecessary.
Answers
D.
The process can be automated with Migrate for Compute Engine.
D.
The process can be automated with Migrate for Compute Engine.
Answers
Suggested answer: C

Question 188

Report
Export
Collapse

Your team is developing a web application that will be deployed on Google Kubernetes Engine (GKE). Your CTO expects a successful launch and you need to ensure your application can handle the expected load of tens of thousands of users. You want to test the current deployment to ensure the latency of your application stays below a certain threshold. What should you do?

A.
Use a load testing tool to simulate the expected number of concurrent users and total requests to your application, and inspect the results.
A.
Use a load testing tool to simulate the expected number of concurrent users and total requests to your application, and inspect the results.
Answers
B.
Enable autoscaling on the GKE cluster and enable horizontal pod autoscaling on your application deployments. Send curl requests to your application, and validate if the auto scaling works.
B.
Enable autoscaling on the GKE cluster and enable horizontal pod autoscaling on your application deployments. Send curl requests to your application, and validate if the auto scaling works.
Answers
C.
Replicate the application over multiple GKE clusters in every Google Cloud region. Configure a global HTTP(S) load balancer to expose the different clusters over a single global IP address.
C.
Replicate the application over multiple GKE clusters in every Google Cloud region. Configure a global HTTP(S) load balancer to expose the different clusters over a single global IP address.
Answers
D.
Use Cloud Debugger in the development environment to understand the latency between the different microservices.
D.
Use Cloud Debugger in the development environment to understand the latency between the different microservices.
Answers
Suggested answer: B

Question 189

Report
Export
Collapse

Your company has a Kubernetes application that pulls messages from Pub/Sub and stores them in Filestore. Because the application is simple, it was deployed as a single pod. The infrastructure team has analyzed Pub/Sub metrics and discovered that the application cannot process the messages in real time. Most of them wait for minutes before being processed. You need to scale the elaboration process that is I/O-intensive. What should you do?

A.
Use kubectl autoscale deployment APP_NAME --max 6 --min 2 --cpu-percent 50 to configure Kubernetes autoscaling deployment.
A.
Use kubectl autoscale deployment APP_NAME --max 6 --min 2 --cpu-percent 50 to configure Kubernetes autoscaling deployment.
Answers
B.
Configure a Kubernetes autoscaling deployment based on the subscription/push_request_latencies metric.
B.
Configure a Kubernetes autoscaling deployment based on the subscription/push_request_latencies metric.
Answers
C.
Use the --enable-autoscaling flag when you create the Kubernetes cluster.
C.
Use the --enable-autoscaling flag when you create the Kubernetes cluster.
Answers
D.
Configure a Kubernetes autoscaling deployment based on the subscription/num_undelivered_messages metric.
D.
Configure a Kubernetes autoscaling deployment based on the subscription/num_undelivered_messages metric.
Answers
Suggested answer: C

Explanation:

Reference: https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-autoscaler

Question 190

Report
Export
Collapse

Your company is developing a web-based application. You need to make sure that production deployments are linked to source code commits and are fully auditable. What should you do?

A.
Make sure a developer is tagging the code commit with the date and time of commit.
A.
Make sure a developer is tagging the code commit with the date and time of commit.
Answers
B.
Make sure a developer is adding a comment to the commit that links to the deployment.
B.
Make sure a developer is adding a comment to the commit that links to the deployment.
Answers
C.
Make the container tag match the source code commit hash.
C.
Make the container tag match the source code commit hash.
Answers
D.
Make sure the developer is tagging the commits with latest.
D.
Make sure the developer is tagging the commits with latest.
Answers
Suggested answer: A
Total 285 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms