Google Associate-Cloud-Engineer Exam Questions Free Practice Test

Viewing page 2 out of 10 pages

Viewing questions 11-20 out of questions

Questions # 11:

You want to add a new auditor to a Google Cloud Platform project. The auditor should be allowed to read, but not modify, all project items.

How should you configure the auditor's permissions?

Options:

Create a custom role with view-only project permissions. Add the user's account to the custom role.

Create a custom role with view-only service permissions. Add the user's account to the custom role.

Select the built-in IAM project Viewer role. Add the user's account to this role.

Select the built-in IAM service Viewer role. Add the user's account to this role.

Expert Solution

Questions # 12:

You need to set a budget alert for use of Compute Engineer services on one of the three Google Cloud Platform projects that you manage. All three projects are linked to a single billing account. What should you do?

Options:

Verify that you are the project billing administrator. Select the associated billing account and create a budget and alert for the appropriate project.

Verify that you are the project billing administrator. Select the associated billing account and create a budget and a custom alert.

Verify that you are the project administrator. Select the associated billing account and create a budget for the appropriate project.

Verify that you are project administrator. Select the associated billing account and create a budget and a custom alert.

Expert Solution

Questions # 13:

You need to create a new billing account and then link it with an existing Google Cloud Platform project. What should you do?

Options:

Verify that you are Project Billing Manager for the GCP project. Update the existing project to link it to the existing billing account.

Verify that you are Project Billing Manager for the GCP project. Create a new billing account and link the new billing account to the existing project.

Verify that you are Billing Administrator for the billing account. Create a new project and link the new project to the existing billing account.

Verify that you are Billing Administrator for the billing account. Update the existing project to link it to the existing billing account.

Expert Solution

Questions # 14:

You are the Google Cloud systems administrator for your organization. User A reports that they received an error when attempting to access the Cloud SQL database in their Google Cloud project, while User B can access the database. You need to troubleshoot the issue for User A, while following Google-recommended practices.

What should you do first?

Options:

Confirm that network firewall rules are not blocking traffic for User A.

Review recent configuration changes that may have caused unintended modifications to permissions.

Verify that User A has the Identity and Access Management (IAM) Project Owner role assigned.

Review the error message that User A received.

Expert Solution

Questions # 15:

You are designing an application that uses WebSockets and HTTP sessions that are not distributed across the web servers. You want to ensure the application runs properly on Google Cloud Platform. What should you do?

Options:

Meet with the cloud enablement team to discuss load balancer options.

Redesign the application to use a distributed user session service that does not rely on WebSockets and HTTP sessions.

Review the encryption requirements for WebSocket connections with the security team.

Convert the WebSocket code to use HTTP streaming.

Expert Solution

Questions # 16:

You need to configure optimal data storage for files stored in Cloud Storage for minimal cost. The files are used in a mission-critical analytics pipeline that is used continually. The users are in Boston, MA (United States). What should you do?

Options:

Configure regional storage for the region closest to the users Configure a Nearline storage class

Configure regional storage for the region closest to the users Configure a Standard storage class

Configure dual-regional storage for the dual region closest to the users Configure a Nearline storage class

Configure dual-regional storage for the dual region closest to the users Configure a Standard storage class

Expert Solution

Questions # 17:

(Your digital media company stores a large number of video files on-premises. Each video file ranges from 100 MB to 100 GB. You are currently storing 150 TB of video data in your on-premises network, with no room for expansion. You need to migrate all infrequently accessed video files older than one year to Cloud Storage to ensure that on-premises storage remains available for new files. You must also minimize costs and control bandwidth usage. What should you do?)

Options:

Create a Cloud Storage bucket. Establish an Identity and Access Management (IAM) role with write permissions to the bucket. Use the gsutil tool to directly copy files over the network to Cloud Storage.

Set up a Cloud Interconnect connection between the on-premises network and Google Cloud. Establish a private endpoint for Filestore access. Transfer the data from the existing Network File System (NFS) to Filestore.

Use Transfer Appliance to request an appliance. Load the data locally, and ship the appliance back to Google for ingestion into Cloud Storage.

Use Storage Transfer Service to move the data from the selected on-premises file storage systems to a Cloud Storage bucket.

Expert Solution

Answer

Explanation

Let's analyze each option:

A. Using gsutil: While gsutil can transfer data to Cloud Storage, for 150 TB of infrequently accessed data, direct transfer over the network might be slow and consume significant bandwidth, potentially impacting other network operations. It also lacks built-in mechanisms for filtering files based on age.

B. Using Cloud Interconnect and Filestore: Cloud Interconnect provides a dedicated connection, but Filestore is a fully managed NFS service primarily designed for high-performance file sharing for applications running in Google Cloud. Migrating 150 TB of infrequently accessed data to Filestore would be cost-inefficient compared to Cloud Storage and doesn't directly address the requirement of moving older than one year files.

C. Using Transfer Appliance: Transfer Appliance is suitable for very large datasets (petabytes) or when network connectivity is poor or unreliable. While it addresses bandwidth concerns, it involves a physical appliance and might be an overkill for 150 TB of data, especially if network connectivity is reasonable.

D. Using Storage Transfer Service: Storage Transfer Service is specifically designed for moving large amounts of data between online storage systems, including on-premises file systems and Cloud Storage. It offers features like filtering by file age, scheduling transfers, and bandwidth control, directly addressing all the requirements of the question: migrating infrequently accessed files older than one year to Cloud Storage, minimizing costs (by using appropriate Cloud Storage classes for infrequent access), and controlling bandwidth usage.

Google Cloud Documentation References:

Storage Transfer Service Overview: https://cloud.google.com/storage-transfer-service/docs/overview - This page details the capabilities and use cases of Storage Transfer Service, including transferring from on-premises.

Storage Transfer Service for on-premises data: https://cloud.google.com/storage-transfer-service/docs/on-prem-overview - This specifically covers transferring data from on-premises file systems.

Cloud Storage Classes: https://cloud.google.com/storage/docs/storage-classes - Understanding the different storage classes (Standard, Nearline, Coldline, Archive) is crucial for cost optimization of infrequently accessed data. Storage Transfer Service can be configured to move data to a cost-effective class like Nearline or Coldline.

===========

Questions # 18:

You need to create a copy of a custom Compute Engine virtual machine (VM) to facilitate an expected increase in application traffic due to a business acquisition. What should you do?

Options:

Create a Compute Engine snapshot of your base VM. Create your images from that snapshot.

Create a Compute Engine snapshot of your base VM. Create your instances from that snapshot.

Create a custom Compute Engine image from a snapshot. Create your images from that image.

Create a custom Compute Engine image from a snapshot. Create your instances from that image.

Expert Solution

Questions # 19:

You are building a product on top of Google Kubernetes Engine (GKE). You have a single GKE cluster. For each of your customers, a Pod is running in that cluster, and your customers can run arbitrary code inside their Pod. You want to maximize the isolation between your customers’ Pods. What should you do?

Options:

Use Binary Authorization and whitelist only the container images used by your customers’ Pods.

Use the Container Analysis API to detect vulnerabilities in the containers used by your customers’ Pods.

Create a GKE node pool with a sandbox type configured to gvisor. Add the parameter runtimeClassName: gvisor to the specification of your customers’ Pods.

Use the cos_containerd image for your GKE nodes. Add a nodeSelector with the value cloud.google.com/gke-os-distribution: cos_containerd to the specification of your customers’ Pods.

Expert Solution

Questions # 20:

You are storing sensitive information in a Cloud Storage bucket. For legal reasons, you need to be able to record all requests that read any of the stored data. You want to make sure you comply with these requirements. What should you do?

Options:

Enable the Identity Aware Proxy API on the project.

Scan the bucker using the Data Loss Prevention API.

Allow only a single Service Account access to read the data.

Enable Data Access audit logs for the Cloud Storage API.

Expert Solution

Viewing page 2 out of 10 pages

Viewing questions 11-20 out of questions

Pre-Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Pass the Google Google Cloud Certified Associate-Cloud-Engineer Questions and answers with CertsForce