ExamGecko
Search Search Login
Home Home / Google / Professional Cloud Architect

Google Professional Cloud Architect Practice Test - Questions Answers, Page 9

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?
Your company has a Google Cloud project that uses BigQuery for data warehousing on a pay-per-use basis. You want to monitor queries in real time to discover the most costly queries and which users spend the most. What should you do?
Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?
You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process. What should you do?
For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?
Your company has an application running as a Deployment in a Google Kubernetes Engine (GKE) cluster When releasing new versions of the application via a rolling deployment, the team has been causing outages The root cause of the outages is misconfigurations with parameters that are only used in production You want to put preventive measures for this in the platform to prevent outages What should you do?
A development manager is building a new application. He asks you to review his requirements and identify what cloud technologies he can use to meet them. The application must:
Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load. What should you do?
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

Question 81

Report
Export
Collapse

You have created several pre-emptible Linux virtual machine instances using Google Compute Engine. You want to properly shut down your application before the virtual machines are preempted.

What should you do?

A.
Create a shutdown script named k99.shutdown in the /etc/rc.6.d/ directory
A.
Create a shutdown script named k99.shutdown in the /etc/rc.6.d/ directory
Answers
B.
Create a shutdown script registered as a xinetd service in Linux and configure a Stackdriver endpoint check to call the service
B.
Create a shutdown script registered as a xinetd service in Linux and configure a Stackdriver endpoint check to call the service
Answers
C.
Create a shutdown script and use it as the value for a new metadata entry with the key shutdown-script in the Cloud Platform Console when you create the new virtual machine instance
C.
Create a shutdown script and use it as the value for a new metadata entry with the key shutdown-script in the Cloud Platform Console when you create the new virtual machine instance
Answers
D.
Create a shutdown script, registered as a xinetd service in Linux, and use the gcloud compute instances add-metadata command to specify the service URL as the value for a new metadata entry with the key shutdownscript-url
D.
Create a shutdown script, registered as a xinetd service in Linux, and use the gcloud compute instances add-metadata command to specify the service URL as the value for a new metadata entry with the key shutdownscript-url
Answers
Suggested answer: C

Explanation:

A startup script, or a shutdown script, is specified through the metadata server, using startup script metadata keys. Reference: https://cloud.google.com/compute/docs/startupscript

Question 82

Report
Export
Collapse

Your organization has a 3-tier web application deployed in the same network on Google Cloud Platform. Each tier (web, API, and database) scales independently of the others. Network traffic should flow through the web to the API tier and then on to the database tier. Traffic should not flow between the web and the database tier.

How should you configure the network?

A.
Add each tier to a different subnetwork
A.
Add each tier to a different subnetwork
Answers
B.
Set up software based firewalls on individual VMs
B.
Set up software based firewalls on individual VMs
Answers
C.
Add tags to each tier and set up routes to allow the desired traffic flow
C.
Add tags to each tier and set up routes to allow the desired traffic flow
Answers
D.
Add tags to each tier and set up firewall rules to allow the desired traffic flow
D.
Add tags to each tier and set up firewall rules to allow the desired traffic flow
Answers
Suggested answer: D

Explanation:

Google Cloud Platform(GCP) enforces firewall rules through rules and tags. GCP rules and tags can be defined once and used across all regions.

References: https://cloud.google.com/docs/compare/openstack/

https://aws.amazon.com/it/blogs/aws/building-three-tier-architectures-with-security-groups/

Question 83

Report
Export
Collapse

Your development team has installed a new Linux kernel module on the batch servers in Google Compute Engine (GCE) virtual machines (VMs) to speed up the nightly batch process. Two days after the installation, 50% of the batch servers failed the nightly batch run. You want to collect details on the failure to pass back to the development team.

Which three actions should you take? Choose 3 answers.

A.
Use Stackdriver Logging to search for the module log entries
A.
Use Stackdriver Logging to search for the module log entries
Answers
B.
Read the debug GCE Activity log using the API or Cloud Console
B.
Read the debug GCE Activity log using the API or Cloud Console
Answers
C.
Use gcloud or Cloud Console to connect to the serial console and observe the logs
C.
Use gcloud or Cloud Console to connect to the serial console and observe the logs
Answers
D.
Identify whether a live migration event of the failed server occurred, using in the activity log
D.
Identify whether a live migration event of the failed server occurred, using in the activity log
Answers
E.
Adjust the Google Stackdriver timeline to match the failure time, and observe the batch server metrics
E.
Adjust the Google Stackdriver timeline to match the failure time, and observe the batch server metrics
Answers
F.
Export a debug VM into an image, and run the image on a local server where kernel log messages will be displayed on the native screen
F.
Export a debug VM into an image, and run the image on a local server where kernel log messages will be displayed on the native screen
Answers
Suggested answer: A, C, E

Question 84

Report
Export
Collapse

Your company wants to try out the cloud with low risk. They want to archive approximately 100 TB of their log data to the cloud and test the analytics features available to them there, while also retaining that data as a long-term disaster recovery backup.

Which two steps should you take? Choose 2 answers.

A.
Load logs into Google BigQuery
A.
Load logs into Google BigQuery
Answers
B.
Load logs into Google Cloud SQL
B.
Load logs into Google Cloud SQL
Answers
C.
Import logs into Google Stackdriver
C.
Import logs into Google Stackdriver
Answers
D.
Insert logs into Google Cloud Bigtable
D.
Insert logs into Google Cloud Bigtable
Answers
E.
Upload log files into Google Cloud Storage
E.
Upload log files into Google Cloud Storage
Answers
Suggested answer: A, E

Question 85

Report
Export
Collapse

You created a pipeline that can deploy your source code changes to your infrastructure in instance groups for self-healing. One of the changes negatively affects your key performance indicator. You are not sure how to fix it, and investigation could take up to a week.

What should you do?

A.
Log in to a server, and iterate on the fox locally
A.
Log in to a server, and iterate on the fox locally
Answers
B.
Revert the source code change, and rerun the deployment pipeline
B.
Revert the source code change, and rerun the deployment pipeline
Answers
C.
Log into the servers with the bad code change, and swap in the previous code
C.
Log into the servers with the bad code change, and swap in the previous code
Answers
D.
Change the instance group template to the previous one, and delete all instances
D.
Change the instance group template to the previous one, and delete all instances
Answers
Suggested answer: B

Question 86

Report
Export
Collapse

Your organization wants to control IAM policies for different departments independently, but centrally.

Which approach should you take?

A.
Multiple Organizations with multiple Folders
A.
Multiple Organizations with multiple Folders
Answers
B.
Multiple Organizations, one for each department
B.
Multiple Organizations, one for each department
Answers
C.
A single Organization with Folders for each department
C.
A single Organization with Folders for each department
Answers
D.
A single Organization with multiple projects, each with a central owner
D.
A single Organization with multiple projects, each with a central owner
Answers
Suggested answer: C

Explanation:

Folders are nodes in the Cloud Platform Resource Hierarchy. A folder can contain projects, other folders, or a combination of both. You can use folders to group projects under an organization in a hierarchy. For example, your organization might contain multiple departments, each with its own set of GCP resources. Folders allow you to group these resources on a per-department basis. Folders are used to group resources that share common IAM policies. While a folder can contain multiple folders or resources, a given folder or resource can have exactly one parent.

References: https://cloud.google.com/resource-manager/docs/creating-managing-folders

Question 87

Report
Export
Collapse

You deploy your custom Java application to Google App Engine. It fails to deploy and gives you the following stack trace. What should you do?

A.
Upload missing JAR files and redeploy your application.
A.
Upload missing JAR files and redeploy your application.
Answers
B.
Digitally sign all of your JAR files and redeploy your application
B.
Digitally sign all of your JAR files and redeploy your application
Answers
C.
Recompile the CLoakedServlet class using and MD5 hash instead of SHA1
C.
Recompile the CLoakedServlet class using and MD5 hash instead of SHA1
Answers
Suggested answer: B

Question 88

Report
Export
Collapse

You are designing a mobile chat application. You want to ensure people cannot spoof chat messages, by providing a message were sent by a specific user.

What should you do?

A.
Tag messages client side with the originating user identifier and the destination user.
A.
Tag messages client side with the originating user identifier and the destination user.
Answers
B.
Encrypt the message client side using block-based encryption with a shared key.
B.
Encrypt the message client side using block-based encryption with a shared key.
Answers
C.
Use public key infrastructure (PKI) to encrypt the message client side using the originating user's private key.
C.
Use public key infrastructure (PKI) to encrypt the message client side using the originating user's private key.
Answers
D.
Use a trusted certificate authority to enable SSL connectivity between the client application and the server.
D.
Use a trusted certificate authority to enable SSL connectivity between the client application and the server.
Answers
Suggested answer: C

Question 89

Report
Export
Collapse

As part of implementing their disaster recovery plan, your company is trying to replicate their production MySQL database from their private data center to their GCP project using a Google Cloud VPN connection. They are experiencing latency issues and a small amount of packet loss that is disrupting the replication. What should they do?

A.
Configure their replication to use UDP.
A.
Configure their replication to use UDP.
Answers
B.
Configure a Google Cloud Dedicated Interconnect.
B.
Configure a Google Cloud Dedicated Interconnect.
Answers
C.
Restore their database daily using Google Cloud SQL.
C.
Restore their database daily using Google Cloud SQL.
Answers
D.
Add additional VPN connections and load balance them.
D.
Add additional VPN connections and load balance them.
Answers
E.
Send the replicated transaction to Google Cloud Pub/Sub.
E.
Send the replicated transaction to Google Cloud Pub/Sub.
Answers
Suggested answer: B

Question 90

Report
Export
Collapse

Your customer support tool logs all email and chat conversations to Cloud Bigtable for retention and analysis. What is the recommended approach for sanitizing this data of personally identifiable information or payment card information before initial storage?

A.
Hash all data using SHA256
A.
Hash all data using SHA256
Answers
B.
Encrypt all data using elliptic curve cryptography
B.
Encrypt all data using elliptic curve cryptography
Answers
C.
De-identify the data with the Cloud Data Loss Prevention API
C.
De-identify the data with the Cloud Data Loss Prevention API
Answers
D.
Use regular expressions to find and redact phone numbers, email addresses, and credit card numbers
D.
Use regular expressions to find and redact phone numbers, email addresses, and credit card numbers
Answers
Suggested answer: C

Explanation:

Reference: https://cloud.google.com/solutions/pci-dss-compliance-in-gcp#using_data_loss_prevention_api_to_sanitize_data

Total 285 questions
Go to page: of 29
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms