ExamGecko
Search Search Login
Home Home / Google / Professional Cloud Architect
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?
Your company has a Google Cloud project that uses BigQuery for data warehousing on a pay-per-use basis. You want to monitor queries in real time to discover the most costly queries and which users spend the most. What should you do?
Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?
You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process. What should you do?
For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?
Your company has an application running as a Deployment in a Google Kubernetes Engine (GKE) cluster When releasing new versions of the application via a rolling deployment, the team has been causing outages The root cause of the outages is misconfigurations with parameters that are only used in production You want to put preventive measures for this in the platform to prevent outages What should you do?
A development manager is building a new application. He asks you to review his requirements and identify what cloud technologies he can use to meet them. The application must:
Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load. What should you do?
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

Question 233 - Professional Cloud Architect discussion

Report
Export

Your company has a Google Workspace account and Google Cloud Organization Some developers in the company have created Google Cloud projects outside of the Google Cloud Organization

You want to create an Organization structure that allows developers to create projects, but prevents them from modifying production projects You want to manage policies for all projects centrally and be able to set more restrictive policies for production projects

You want to minimize disruption to users and developers when business needs change in the future You want to follow Google-recommended practices How should you design the Organization structure?

A.
1 Create a second Google Workspace account and Organization 2 Grant all developers the Project Creator IAM role on the new Organization 3 Move the developer projects into the new Organization 4 Set the policies for all projects on both Organizations. 5 Additionally set the production policies on the original Organization
Answers
A.
1 Create a second Google Workspace account and Organization 2 Grant all developers the Project Creator IAM role on the new Organization 3 Move the developer projects into the new Organization 4 Set the policies for all projects on both Organizations. 5 Additionally set the production policies on the original Organization
B.
1 Create a folder under the Organization resource named 'Production ' 2 Grant all developers the Project Creator IAM role on the Organization 3. Move the developer projects into the Organization 4 Set the policies for all projects on the Organization 5 Additionally set the production policies on the 'Production' folder
Answers
B.
1 Create a folder under the Organization resource named 'Production ' 2 Grant all developers the Project Creator IAM role on the Organization 3. Move the developer projects into the Organization 4 Set the policies for all projects on the Organization 5 Additionally set the production policies on the 'Production' folder
C.
1 Create folders under the Organization resource named 'Development' and Production' 2 Grant all developers the Project Creator IAM role on the ''Development1 folder 3. Move the developer projects into the 'Development' folder 4 Set the policies for all projects on the Organization 5 Additionally set the production policies on the 'Production' folder
Answers
C.
1 Create folders under the Organization resource named 'Development' and Production' 2 Grant all developers the Project Creator IAM role on the ''Development1 folder 3. Move the developer projects into the 'Development' folder 4 Set the policies for all projects on the Organization 5 Additionally set the production policies on the 'Production' folder
D.
1 Designate the Organization for production projects only 2 Ensure that developers do not have the Project Creator IAM role on the Organization 3 Create development projects outside of the Organization using the developer Google Workspace accounts 4 Set the policies for all projects on the Organization 5 Additionally set the production policies on the individual production projects
Answers
D.
1 Designate the Organization for production projects only 2 Ensure that developers do not have the Project Creator IAM role on the Organization 3 Create development projects outside of the Organization using the developer Google Workspace accounts 4 Set the policies for all projects on the Organization 5 Additionally set the production policies on the individual production projects
Suggested answer: C

Explanation:

This option can help create an organization structure that allows developers to create projects, but prevents them from modifying production projects. Folders are containers for projects and other folders within Google Cloud organizations. Folders allow resources to be structured hierarchically and inherit policies from their parent resources. By creating folders under the organization resource named ''Development'' and ''Production'', you can organize your projects by environment and apply different policies to them. By granting all developers the Project Creator IAM role on the ''Development'' folder, you can allow them to create projects under that folder, but not under the ''Production'' folder. By moving the developer projects into the ''Development'' folder, you can ensure that they are subject to the policies set on that folder. By setting the policies for all projects on the organization, you can manage policies centrally and efficiently. By additionally setting the production policies on the ''Production'' folder, you can enforce more restrictive policies for production projects and prevent developers from modifying them. The other options are not optimal for this scenario, because they either create a second Google Workspace account and organization, which increases complexity and cost (A), or do not use folders to organize projects by environment, which makes it harder to manage policies and permissions (B, D).

Reference:

https://cloud.google.com/resource-manager/docs/creating-managing-folders

https://cloud.google.com/architecture/framework/system-design

Show Answer
asked 18/09/2024
Omar Solomon
33 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms