ExamGecko
Search Search Login
Home Home / Google / Professional Cloud Architect

Google Professional Cloud Architect Practice Test - Questions Answers, Page 21

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?
Your company has a Google Cloud project that uses BigQuery for data warehousing on a pay-per-use basis. You want to monitor queries in real time to discover the most costly queries and which users spend the most. What should you do?
Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?
You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process. What should you do?
For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?
Your company has an application running as a Deployment in a Google Kubernetes Engine (GKE) cluster When releasing new versions of the application via a rolling deployment, the team has been causing outages The root cause of the outages is misconfigurations with parameters that are only used in production You want to put preventive measures for this in the platform to prevent outages What should you do?
A development manager is building a new application. He asks you to review his requirements and identify what cloud technologies he can use to meet them. The application must:
Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load. What should you do?
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

Question 201

Report
Export
Collapse

Your company is planning to upload several important files to Cloud Storage. After the upload is completed, they want to verify that the uploaded content is identical to what they have on-premises. You want to minimize the cost and effort of performing this check. What should you do?

A.
1. Use Linux shasum to compute a digest of files you want to upload.
A.
1. Use Linux shasum to compute a digest of files you want to upload.
Answers
B.
Use gsutil -m to upload all the files to Cloud Storage.
B.
Use gsutil -m to upload all the files to Cloud Storage.
Answers
C.
Use gsutil cp to download the uploaded files.
C.
Use gsutil cp to download the uploaded files.
Answers
D.
Use Linux shasum to compute a digest of the downloaded files.
D.
Use Linux shasum to compute a digest of the downloaded files.
Answers
E.
Compare the hashes.
E.
Compare the hashes.
Answers
F.
1. Use gsutil -m to upload the files to Cloud Storage.
F.
1. Use gsutil -m to upload the files to Cloud Storage.
Answers
G.
Develop a custom Java application that computes CRC32C hashes.
G.
Develop a custom Java application that computes CRC32C hashes.
Answers
H.
Use gsutil ls -L gs://[YOUR_BUCKET_NAME] to collect CRC32C hashes of the uploaded files.
H.
Use gsutil ls -L gs://[YOUR_BUCKET_NAME] to collect CRC32C hashes of the uploaded files.
Answers
I.
Compare the hashes.
I.
Compare the hashes.
Answers
J.
1. Use gsutil -m to upload all the files to Cloud Storage.
J.
1. Use gsutil -m to upload all the files to Cloud Storage.
Answers
K.
Use gsutil cp to download the uploaded files.
K.
Use gsutil cp to download the uploaded files.
Answers
L.
Use Linux diff to compare the content of the files.
L.
Use Linux diff to compare the content of the files.
Answers
M.
1. Use gsutil -m to upload the files to Cloud Storage.
M.
1. Use gsutil -m to upload the files to Cloud Storage.
Answers
N.
Use gsutil hash -c FILE_NAME to generate CRC32C hashes of all on-premises files.
N.
Use gsutil hash -c FILE_NAME to generate CRC32C hashes of all on-premises files.
Answers
O.
Use gsutil ls -L gs://[YOUR_BUCKET_NAME] to collect CRC32C hashes of the uploaded files.
O.
Use gsutil ls -L gs://[YOUR_BUCKET_NAME] to collect CRC32C hashes of the uploaded files.
Answers
P.
Compare the hashes.
P.
Compare the hashes.
Answers
Suggested answer: C

Question 202

Report
Export
Collapse

You have deployed an application on Anthos clusters (formerly Anthos GKE). According to the SRE practices at your company, you need to be alerted if request latency is above a certain threshold for a specified amount of time. What should you do?

A.
Install Anthos Service Mesh on your cluster. Use the Google Cloud Console to define a Service Level Objective (SLO), and create an alerting policy based on this SLO.
A.
Install Anthos Service Mesh on your cluster. Use the Google Cloud Console to define a Service Level Objective (SLO), and create an alerting policy based on this SLO.
Answers
B.
Enable the Cloud Trace API on your project, and use Cloud Monitoring Alerts to send an alert based on the Cloud Trace metrics.
B.
Enable the Cloud Trace API on your project, and use Cloud Monitoring Alerts to send an alert based on the Cloud Trace metrics.
Answers
C.
Use Cloud Profiler to follow up the request latency. Create a custom metric in Cloud Monitoring based on the results of Cloud Profiler, and create an Alerting policy in case this metric exceeds the threshold.
C.
Use Cloud Profiler to follow up the request latency. Create a custom metric in Cloud Monitoring based on the results of Cloud Profiler, and create an Alerting policy in case this metric exceeds the threshold.
Answers
D.
Configure Anthos Config Management on your cluster, and create a yaml file that defines the SLO and alerting policy you want to deploy in your cluster.
D.
Configure Anthos Config Management on your cluster, and create a yaml file that defines the SLO and alerting policy you want to deploy in your cluster.
Answers
Suggested answer: A

Explanation:

Reference: https://cloud.google.com/anthos/docs/tutorials/manage-slos

Question 203

Report
Export
Collapse

Your company has a stateless web API that performs scientific calculations. The web API runs on a single Google Kubernetes Engine (GKE) cluster. The cluster is currently deployed in us-central1. Your company has expanded to offer your API to customers in Asia. You want to reduce the latency for users in Asia. What should you do?

A.
Create a second GKE cluster in asia-southeast1, and expose both APIs using a Service of type LoadBalancer. Add the public IPs to the Cloud DNS zone.
A.
Create a second GKE cluster in asia-southeast1, and expose both APIs using a Service of type LoadBalancer. Add the public IPs to the Cloud DNS zone.
Answers
B.
Use a global HTTP(s) load balancer with Cloud CDN enabled.
B.
Use a global HTTP(s) load balancer with Cloud CDN enabled.
Answers
C.
Create a second GKE cluster in asia-southeast1, and use kubemci to create a global HTTP(s) load balancer.
C.
Create a second GKE cluster in asia-southeast1, and use kubemci to create a global HTTP(s) load balancer.
Answers
D.
Increase the memory and CPU allocated to the application in the cluster.
D.
Increase the memory and CPU allocated to the application in the cluster.
Answers
Suggested answer: B

Question 204

Report
Export
Collapse

You are migrating third-party applications from optimized on-premises virtual machines to Google Cloud. You are unsure about the optimum CPU and memory options. The applications have a consistent usage pattern across multiple weeks. You want to optimize resource usage for the lowest cost. What should you do?

A.
Create an instance template with the smallest available machine type, and use an image of the third-party application taken from a current on-premises virtual machine. Create a managed instance group that uses average CPU utilization to autoscale the number of instances in the group. Modify the average CPU utilization threshold to optimize the number of instances running.
A.
Create an instance template with the smallest available machine type, and use an image of the third-party application taken from a current on-premises virtual machine. Create a managed instance group that uses average CPU utilization to autoscale the number of instances in the group. Modify the average CPU utilization threshold to optimize the number of instances running.
Answers
B.
Create an App Engine flexible environment, and deploy the third-party application using a Dockerfile and a custom runtime. Set CPU and memory options similar to your application's current on-premises virtual machine in the app.yaml file.
B.
Create an App Engine flexible environment, and deploy the third-party application using a Dockerfile and a custom runtime. Set CPU and memory options similar to your application's current on-premises virtual machine in the app.yaml file.
Answers
C.
Create multiple Compute Engine instances with varying CPU and memory options. Install the Cloud Monitoring agent, and deploy the third-party application on each of them. Run a load test with high traffic levels on the application, and use the results to determine the optimal settings.
C.
Create multiple Compute Engine instances with varying CPU and memory options. Install the Cloud Monitoring agent, and deploy the third-party application on each of them. Run a load test with high traffic levels on the application, and use the results to determine the optimal settings.
Answers
D.
Create a Compute Engine instance with CPU and memory options similar to your application's current on-premises virtual machine. Install the Cloud Monitoring agent, and deploy the third-party application. Run a load test with normal traffic levels on the application, and follow the Rightsizing Recommendations in the Cloud Console.
D.
Create a Compute Engine instance with CPU and memory options similar to your application's current on-premises virtual machine. Install the Cloud Monitoring agent, and deploy the third-party application. Run a load test with normal traffic levels on the application, and follow the Rightsizing Recommendations in the Cloud Console.
Answers
Suggested answer: A

Explanation:

Reference: https://avinetworks.com/docs/18.2/server-autoscaling-in-gcp/

Question 205

Report
Export
Collapse

Your company has a Google Cloud project that uses BigQuery for data warehousing. They have a VPN tunnel between the on-premises environment and Google Cloud that is configured with Cloud VPN. The security team wants to avoid data exfiltration by malicious insiders, compromised code, and accidental oversharing. What should they do?

A.
Configure Private Google Access for on-premises only.
A.
Configure Private Google Access for on-premises only.
Answers
B.
Perform the following tasks:
B.
Perform the following tasks:
Answers
C.
Create a service account.
C.
Create a service account.
Answers
D.
Give the BigQuery JobUser role and Storage Reader role to the service account.
D.
Give the BigQuery JobUser role and Storage Reader role to the service account.
Answers
E.
Remove all other IAM access from the project.
E.
Remove all other IAM access from the project.
Answers
F.
Configure VPC Service Controls and configure Private Google Access.
F.
Configure VPC Service Controls and configure Private Google Access.
Answers
G.
Configure Private Google Access.
G.
Configure Private Google Access.
Answers
Suggested answer: A

Explanation:

Reference: https://cloud.google.com/vpc-service-controls/docs/overview

Question 206

Report
Export
Collapse

You are working at an institution that processes medical data. You are migrating several workloads onto Google Cloud. Company policies require all workloads to run on physically separated hardware, and workloads from different clients must also be separated. You created a sole-tenant node group and added a node for each client. You need to deploy the workloads on these dedicated hosts. What should you do?

A.
Add the node group name as a network tag when creating Compute Engine instances in order to host each workload on the correct node group.
A.
Add the node group name as a network tag when creating Compute Engine instances in order to host each workload on the correct node group.
Answers
B.
Add the node name as a network tag when creating Compute Engine instances in order to host each workload on the correct node.
B.
Add the node name as a network tag when creating Compute Engine instances in order to host each workload on the correct node.
Answers
C.
Use node affinity labels based on the node group name when creating Compute Engine instances in order to host each workload on the correct node group.
C.
Use node affinity labels based on the node group name when creating Compute Engine instances in order to host each workload on the correct node group.
Answers
D.
Use node affinity labels based on the node name when creating Compute Engine instances in order to host each workload on the correct node.
D.
Use node affinity labels based on the node name when creating Compute Engine instances in order to host each workload on the correct node.
Answers
Suggested answer: C

Explanation:

Reference: https://cloud.google.com/compute/docs/nodes/provisioning-sole-tenant-vms

Question 207

Report
Export
Collapse

Your company has a Google Workspace account and Google Cloud Organization. Some developers in the company have created Google Cloud projects outside of the Google Cloud Organization.

You want to create an Organization structure that allows developers to create projects, but prevents them from modifying production projects. You want to manage policies for all projects centrally and be able to set more restrictive policies for production projects.

You want to minimize disruption to users and developers when business needs change in the future. You want to follow

Google-recommended practices. Now should you design the Organization structure?

A.
1. Create a second Google Workspace account and Organization.
A.
1. Create a second Google Workspace account and Organization.
Answers
B.
Grant all developers the Project Creator IAM role on the new Organization.
B.
Grant all developers the Project Creator IAM role on the new Organization.
Answers
C.
Move the developer projects into the new Organization.
C.
Move the developer projects into the new Organization.
Answers
D.
Set the policies for all projects on both Organizations.
D.
Set the policies for all projects on both Organizations.
Answers
E.
Additionally, set the production policies on the original Organization.
E.
Additionally, set the production policies on the original Organization.
Answers
F.
1. Create a folder under the Organization resource named "Production."
F.
1. Create a folder under the Organization resource named "Production."
Answers
G.
Grant all developers the Project Creator IAM role on the new Organization.
G.
Grant all developers the Project Creator IAM role on the new Organization.
Answers
H.
Move the developer projects into the new Organization.
H.
Move the developer projects into the new Organization.
Answers
I.
Set the policies for all projects on the Organization.
I.
Set the policies for all projects on the Organization.
Answers
J.
Additionally, set the production policies on the "Production" folder.
J.
Additionally, set the production policies on the "Production" folder.
Answers
K.
1. Create folders under the Organization resource named "Development" and "Production."
K.
1. Create folders under the Organization resource named "Development" and "Production."
Answers
L.
Grant all developers the Project Creator IAM role on the "Development" folder.
L.
Grant all developers the Project Creator IAM role on the "Development" folder.
Answers
M.
Move the developer projects into the "Development" folder.
M.
Move the developer projects into the "Development" folder.
Answers
N.
Set the policies for all projects on the Organization.
N.
Set the policies for all projects on the Organization.
Answers
O.
Additionally, set the production policies on the "Production" folder.
O.
Additionally, set the production policies on the "Production" folder.
Answers
P.
1. Designate the Organization for production projects only.
P.
1. Designate the Organization for production projects only.
Answers
Q.
Ensure that developers do not have the Project Creator IAM role on the Organization.
Q.
Ensure that developers do not have the Project Creator IAM role on the Organization.
Answers
R.
Create development projects outside of the Organization using the developer Google Workspace accounts.
R.
Create development projects outside of the Organization using the developer Google Workspace accounts.
Answers
S.
Set the policies for all projects on the Organization.
S.
Set the policies for all projects on the Organization.
Answers
T.
Additionally, set the production policies on the individual production projects.
T.
Additionally, set the production policies on the individual production projects.
Answers
Suggested answer: D

Explanation:

Reference: https://cloud.google.com/resource-manager/docs/creating-managing-organization

Question 208

Report
Export
Collapse

Your company has an application running on Compute Engine that allows users to play their favorite music. There are a fixed number of instances. Files are stored in Cloud Storage, and data is streamed directly to users. Users are reporting that they sometimes need to attempt to play popular songs multiple times before they are successful. You need to improve the performance of the application. What should you do?

A.
1. Mount the Cloud Storage bucket using gcsfuse on all backend Compute Engine instances.
A.
1. Mount the Cloud Storage bucket using gcsfuse on all backend Compute Engine instances.
Answers
B.
Serve music files directly from the backend Compute Engine instance.
B.
Serve music files directly from the backend Compute Engine instance.
Answers
C.
1. Create a Cloud Filestore NFS volume and attach it to the backend Compute Engine instances.
C.
1. Create a Cloud Filestore NFS volume and attach it to the backend Compute Engine instances.
Answers
D.
Download popular songs in Cloud Filestore.
D.
Download popular songs in Cloud Filestore.
Answers
E.
Serve music files directly from the backend Compute Engine instance.
E.
Serve music files directly from the backend Compute Engine instance.
Answers
F.
1. Copy popular songs into CloudSQL as a blob.
F.
1. Copy popular songs into CloudSQL as a blob.
Answers
G.
Update application code to retrieve data from CloudSQL when Cloud Storage is overloaded.
G.
Update application code to retrieve data from CloudSQL when Cloud Storage is overloaded.
Answers
H.
1. Create a managed instance group with Compute Engine instances.
H.
1. Create a managed instance group with Compute Engine instances.
Answers
I.
Create a global load balancer and configure it with two backends:Managed instance groupCloud Storage bucket
I.
Create a global load balancer and configure it with two backends:Managed instance groupCloud Storage bucket
Answers
J.
Enable Cloud CDN on the bucket backend.
J.
Enable Cloud CDN on the bucket backend.
Answers
Suggested answer: D

Explanation:

Reference: https://cloud.google.com/compute/docs/logging/usage-export

Question 209

Report
Export
Collapse

The operations team in your company wants to save Cloud VPN log events for one year. You need to configure the cloud infrastructure to save the logs. What should you do?

A.
Set up a filter in Cloud Logging and a Cloud Storage bucket as an export target for the logs you want to save.
A.
Set up a filter in Cloud Logging and a Cloud Storage bucket as an export target for the logs you want to save.
Answers
B.
Enable the Compute Engine API, and then enable logging on the firewall rules that match the traffic you want to save.
B.
Enable the Compute Engine API, and then enable logging on the firewall rules that match the traffic you want to save.
Answers
C.
Set up a Cloud Logging Dashboard titled Cloud VPN Logs, and then add a chart that queries for the VPN metrics over a one-year time period.
C.
Set up a Cloud Logging Dashboard titled Cloud VPN Logs, and then add a chart that queries for the VPN metrics over a one-year time period.
Answers
D.
Set up a filter in Cloud Logging and a topic in Pub/Sub to publish the logs.
D.
Set up a filter in Cloud Logging and a topic in Pub/Sub to publish the logs.
Answers
Suggested answer: A

Explanation:

Reference: https://cloud.google.com/network-connectivity/docs/vpn/how-to/viewing-logs-metrics

Question 210

Report
Export
Collapse

You are working with a data warehousing team that performs data analysis. The team needs to process data from external partners, but the data contains personally identifiable information (PII). You need to process and store the data without storing any of the PIIE data. What should you do?

A.
Create a Dataflow pipeline to retrieve the data from the external sources. As part of the pipeline, use the Cloud Data Loss Prevention (Cloud DLP) API to remove any PII data. Store the result in BigQuery.
A.
Create a Dataflow pipeline to retrieve the data from the external sources. As part of the pipeline, use the Cloud Data Loss Prevention (Cloud DLP) API to remove any PII data. Store the result in BigQuery.
Answers
B.
Create a Dataflow pipeline to retrieve the data from the external sources. As part of the pipeline, store all non-PII data in BigQuery and store all PII data in a Cloud Storage bucket that has a retention policy set.
B.
Create a Dataflow pipeline to retrieve the data from the external sources. As part of the pipeline, store all non-PII data in BigQuery and store all PII data in a Cloud Storage bucket that has a retention policy set.
Answers
C.
Ask the external partners to upload all data on Cloud Storage. Configure Bucket Lock for the bucket. Create a Dataflow pipeline to read the data from the bucket. As part of the pipeline, use the Cloud Data Loss Prevention (Cloud DLP)API to remove any PII data. Store the result in BigQuery.
C.
Ask the external partners to upload all data on Cloud Storage. Configure Bucket Lock for the bucket. Create a Dataflow pipeline to read the data from the bucket. As part of the pipeline, use the Cloud Data Loss Prevention (Cloud DLP)API to remove any PII data. Store the result in BigQuery.
Answers
D.
Ask the external partners to import all data in your BigQuery dataset. Create a dataflow pipeline to copy the data into a new table. As part of the Dataflow bucket, skip all data in columns that have PII data
D.
Ask the external partners to import all data in your BigQuery dataset. Create a dataflow pipeline to copy the data into a new table. As part of the Dataflow bucket, skip all data in columns that have PII data
Answers
Suggested answer: A
Total 285 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms