Home / Google / Professional Cloud Architect

Google Professional Cloud Architect Practice Test - Questions Answers, Page 23

Question list

List of questions

Question 221

(0)

You want to allow your operations learn to store togs from all the production protects in your Organization, without during logs from other projects All of the production projects are contained in a

Question 222

(0)

You are configuring the cloud network architecture for a newly created project m Google Cloud that will host applications in Compote Engine Compute Engine virtual machine instances will be created i

Question 223

(0)

Your company has just recently activated Cloud Identity to manage users. The Google Cloud Organization has been configured as wed. The security learn needs to secure protects that will be part of th

Question 224

(0)

Your company has just recently activated Cloud Identity to manage users. The Google Cloud Organization has been configured as wed. The security learn needs to secure protects that will be part of th

Question 225

(0)

You want to store critical business information in Cloud Storage buckets. The information is regularly changed but previous versions need to be referenced on a regular basis. You want to ensure that

Question 226

(0)

You are working with a data warehousing team that performs data analysis. The team needs to process data from external partners, but the data contains personally identifiable information (PlI). You

Question 227

(0)

Your company wants to migrate their 10-TB on-premises database export into Cloud Storage You want to minimize the time it takes to complete this activity, the overall cost and database load The band

Question 228

(0)

You are responsible for the Google Cloud environment in your company Multiple departments need access to their own projects and the members within each department will have the same project responsi

Question 229

(0)

You are managing several projects on Google Cloud and need to interact on a daily basis with BigQuery, Bigtable and Kubernetes Engine using the gcloud CLI tool You are travelling a lot and work on d

Question 230

(0)

The operations team in your company wants to save Cloud VPN log events (or one year You need to configure the cloud infrastructure to save the logs What should you do?

Related questions

Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?

Your company has a Google Cloud project that uses BigQuery for data warehousing on a pay-per-use basis. You want to monitor queries in real time to discover the most costly queries and which users spend the most. What should you do?

Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?

You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?

Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process. What should you do?

For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?

Your company has an application running as a Deployment in a Google Kubernetes Engine (GKE) cluster When releasing new versions of the application via a rolling deployment, the team has been causing outages The root cause of the outages is misconfigurations with parameters that are only used in production You want to put preventive measures for this in the platform to prevent outages What should you do?

A development manager is building a new application. He asks you to review his requirements and identify what cloud technologies he can use to meet them. The application must:

Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load. What should you do?

You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

Question 221

You want to allow your operations learn to store togs from all the production protects in your Organization, without during logs from other projects All of the production projects are contained in a folder. You want to ensure that all logs for existing and new production projects are captured automatically. What should you do?

Create an aggregated export on the Production folder. Set the log sink to be a Cloud Storage bucket in an operations project

Create an aggregated export on the Organization resource. Set the tog sink to be a Cloud Storage bucket in an operations project.

Create log exports in the production projects. Set the log sinks to be a Cloud Storage bucket in an operations project.

Create tog exports in the production projects. Set the tog sinks to be BigQuery datasets in the production projects and grant IAM access to the operations team to run queries on the datasets

Show Answer Comment (0)

Question 222

You are configuring the cloud network architecture for a newly created project m Google Cloud that will host applications in Compote Engine Compute Engine virtual machine instances will be created in two different subnets (sub-a and sub-b) within a single region

• Instances in sub-a win have public IP addresses

• Instances in sub-b will have only private IP addresses

To download updated packages, instances must connect to a public repository outside the boundaries of Google Cloud You need to allow sub-b to access the external repository. What should you do?

Enable Private Google Access on sub-b

Configure Cloud NAT and select sub b m the NAT mapping section

Configure a bastion host instance in sub a to connect to instances in sub-b

Enable Identity Aware Proxy for TCP forwarding for instances in sub-b

Show Answer Comment (0)

Question 223

Your company has just recently activated Cloud Identity to manage users. The Google Cloud Organization has been configured as wed. The security learn needs to secure protects that will be part of the Organization. They want to prohibit IAM users outside the domain from gaining permissions from now on. What should they do?

Configure an organization policy to restrict identities by domain

Configure an organization policy to block creation of service accounts

Configure Cloud Scheduler to trigger a Cloud Function every hour that removes all users that don't belong to the Cloud identity domain from all projects.

Show Answer Comment (0)

Question 224

Configure an organization policy to restrict identities by domain

Configure an organization policy to block creation of service accounts

Configure Cloud Scheduler o trigger a Cloud Function every hour that removes all users that don't belong to the Cloud identity domain from all projects.

Create a technical user (e g . crawler@yourdomain com), and give it the protect owner rote at root organization level Write a bash script that• Lists all me IAM rules of all projects within the organization• Deletes all users that do not belong to the company domain Create a Compute Engine instance m a project within the Organization and configure gcloud to be executed with technical user credentials Configure a cron job that executes the bash script every hour.

Show Answer Comment (0)

Question 225

You want to store critical business information in Cloud Storage buckets. The information is regularly changed but previous versions need to be referenced on a regular basis. You want to ensure that there is a record of all changes to any information in these buckets. You want to ensure that accidental edits or deletions can be easily roiled back. Which feature should you enable?

Bucket Lock

Object Versioning

Object change notification

Object Lifecycle Management

Show Answer Comment (0)

Question 226

You are working with a data warehousing team that performs data analysis. The team needs to process data from external partners, but the data contains personally identifiable information (PlI).

You need to process and store the data without storing any of the Pll data. What should you do?

Create a Dataflow pipeline to retrieve the data from the external sources. As part of the pipeline use the Cloud Data Loss Prevention (Cloud DLP) API to remove any Pll data Store the result in BigQuery

Create a Dataflow pipeline to retrieve the data from the external sources. As part of the pipeline store all non-PII data in BigQuery and store all Pll data in a Cloud Storage bucket that has a retention policy set.

Ask the external partners to upload an data on Cloud Storage Configure Bucket Lock for the bucket Create a Dataflow pipeline to read the data from the bucket As part of the pipeline, use the Cloud Data Loss Prevention (Cloud DIP) API to remove any Pll data Store the result in BigQuery

Ask the external partners to import ail data in your BigQuery dataset Create a dataflow pipeline to copy the data into a new table As part of the Dataflow bucket skip all data in columns that have Pll data

Show Answer Comment (0)

Question 227

Your company wants to migrate their 10-TB on-premises database export into Cloud Storage You want to minimize the time it takes to complete this activity, the overall cost and database load The bandwidth between the on-premises environment and Google Cloud is 1 Gbps You want to follow Google-recommended practices What should you do?

Use the Data Transfer appliance to perform an offline migration

Use a commercial partner ETL solution to extract the data from the on-premises database and upload it into Cloud Storage

Develop a Dataflow job to read data directly from the database and write it into Cloud Storage

Compress the data and upload it with gsutii -m to enable multi-threaded copy

Show Answer Comment (0)

Question 228

You are responsible for the Google Cloud environment in your company Multiple departments need access to their own projects and the members within each department will have the same project responsibilities You want to structure your Google Cloud environment for minimal maintenance and maximum overview of 1AM permissions as each department's projects start and end You want to follow Google-recommended practices What should you do?

Create a Google Group per department and add all department members to their respective groups Create a folder per department and grant the respective group the required 1AM permissions at the folder level Add the projects under the respective folders

Grant all department members the required 1AM permissions for their respective projects

Create a Google Group per department and add all department members to their respective groups Grant each group the required I AM permissions for their respective projects

Create a folder per department and grant the respective members of the department the required 1AM permissions at the folder level. Structure all projects for each department under the respective folders

Show Answer Comment (0)

Question 229

You are managing several projects on Google Cloud and need to interact on a daily basis with BigQuery, Bigtable and Kubernetes Engine using the gcloud CLI tool You are travelling a lot and work on different workstations during the week You want to avoid having to manage the gcloud CLI manually What should you do?

Use a package manager to install gcloud on your workstations instead of installing it manually

Create a Compute Engine instance and install gcloud on the instance Connect to this instance via SSH to always use the same gcloud installation when interacting with Google Cloud

Install gcloud on all of your workstations Run the command gcloud components auto-update on each workstation

Use Google Cloud Shell in the Google Cloud Console to interact with Google Cloud

Show Answer Comment (0)

Question 230

The operations team in your company wants to save Cloud VPN log events (or one year You need to configure the cloud infrastructure to save the logs What should you do?

Set up a filter in Cloud Logging and a topic in Pub/Sub to publish the logs

Set up a Cloud Logging Dashboard titled Cloud VPN Logs, and then add a chart that queries for the VPN metrics over a one-year time period

Enable the Compute Engine API and then enable logging on the firewall rules that match the traffic you want to save

Set up a filter in Cloud Logging and a Cloud Storage bucket as an export target for the logs you want to save

Show Answer Comment (0)

Total 285 questions

21 22 23 24 25

Go to page: of 29