Pre-Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

  1. Home
  2. Google
  3. Google Cloud Certified
  4. Associate-Cloud-Engineer
  5. Google Cloud Certified - Associate Cloud Engineer Questions and Answers

Pass the Google Google Cloud Certified Associate-Cloud-Engineer Questions and answers with CertsForce

 Google Exams      Go to Exam Detail      Get Premium Access
Viewing page 9 out of 10 pages
Viewing questions 81-90 out of questions
Questions # 81:

You deployed an LDAP server on Compute Engine that is reachable via TLS through port 636 using UDP. You want to make sure it is reachable by clients over that port. What should you do?

Options:
A.

Add the network tag allow-udp-636 to the VM instance running the LDAP server.

B.

Create a route called allow-udp-636 and set the next hop to be the VM instance running the LDAP server.

C.

Add a network tag of your choice to the instance. Create a firewall rule to allow ingress on UDP port 636 for that network tag.

D.

Add a network tag of your choice to the instance running the LDAP server. Create a firewall rule to allow egress on UDP port 636 for that network tag.

Expert Solution
Questions # 82:

You are building a pipeline to process time-series data. Which Google Cloud Platform services should you put in boxes 1,2,3, and 4?

Question # 82

Options:
A.

Cloud Pub/Sub, Cloud Dataflow, Cloud Datastore, BigQuery

B.

Firebase Messages, Cloud Pub/Sub, Cloud Spanner, BigQuery

C.

Cloud Pub/Sub, Cloud Storage, BigQuery, Cloud Bigtable

D.

Cloud Pub/Sub, Cloud Dataflow, Cloud Bigtable, BigQuery

Expert Solution
Questions # 83:

Your preview application, deployed on a single-zone Google Kubernetes Engine (GKE) cluster in us-centrall, has gained popularity. You are now ready to make the application generally available. You need to deploy the application to production while ensuring high availability and resilience. You also want to follow Google-recommended practices. What should you do?

Options:
A.

Use the gcloud container clusters create command with the options--enable-multi-networking and--enable- autoscaling to create an autoscaling zonal cluster and deploy the application to it.

B.

Use the gcloud container clusters create-auto command to create an autopilot cluster and deploy the application to it.

C.

Use the gcloud container clusters update command with the option—region us-centrall to update the cluster and deploy the application to it.

D.

Use the gcloud container clusters update command with the option—node-locations us-centrall-a,us-centrall-b to update the cluster and deploy the application to the nodes.

Expert Solution
Questions # 84:

You have successfully created a development environment in a project for an application. This application uses Compute Engine and Cloud SQL. Now, you need to create a production environment for this application.

The security team has forbidden the existence of network routes between these 2 environments, and asks you to follow Google-recommended practices. What should you do?

Options:
A.

Create a new project, enable the Compute Engine and Cloud SQL APIs in that project, and replicate the setup you have created in the development environment.

B.

Create a new production subnet in the existing VPC and a new production Cloud SQL instance in your existing project, and deploy your application using those resources.

C.

Create a new project, modify your existing VPC to be a Shared VPC, share that VPC with your new project, and replicate the setup you have in the development environment in that new project, in the Shared VPC.

D.

Ask the security team to grant you the Project Editor role in an existing production project used by another division of your company. Once they grant you that role, replicate the setup you have in the development environment in that project.

Expert Solution
Questions # 85:

You are managing a Data Warehouse on BigQuery. An external auditor will review your company's processes, and multiple external consultants will need view access to the data. You need to provide them with view access while following Google-recommended practices. What should you do?

Options:
A.

Grant each individual external consultant the role of BigQuery Editor

B.

Grant each individual external consultant the role of BigQuery Viewer

C.

Create a Google Group that contains the consultants and grant the group the role of BigQuery Editor

D.

Create a Google Group that contains the consultants, and grant the group the role of BigQuery Viewer

Expert Solution
Questions # 86:

You need to run an important query in BigQuery but expect it to return a lot of records. You want to find out how much it will cost to run the query. You are using on-demand pricing. What should you do?

Options:
A.

Arrange to switch to Flat-Rate pricing for this query, then move back to on-demand.

B.

Use the command line to run a dry run query to estimate the number of bytes read. Then convert that bytes estimate to dollars using the Pricing Calculator.

C.

Use the command line to run a dry run query to estimate the number of bytes returned. Then convert that bytes estimate to dollars using the Pricing Calculator.

D.

Run a select count (*) to get an idea of how many records your query will look through. Then convert that number of rows to dollars using the Pricing Calculator.

Expert Solution
Questions # 87:

Your company has a 3-tier solution running on Compute Engine. The configuration of the current infrastructure is shown below.

Question # 87

Each tier has a service account that is associated with all instances within it. You need to enable communication on TCP port 8080 between tiers as follows:

• Instances in tier #1 must communicate with tier #2.

• Instances in tier #2 must communicate with tier #3.

What should you do?

Options:
A.

1. Create an ingress firewall rule with the following settings:• Targets: all instances• Source filter: IP ranges (with the range set to 10.0.2.0/24)• Protocols: allow all2. Create an ingress firewall rule with the following settings:• Targets: all instances• Source filter: IP ranges (with the range set to 10.0.1.0/24)• Protocols: allow all

B.

1. Create an ingress firewall rule with the following settings:• Targets: all instances with tier #2 service account• Source filter: all instances with tier #1 service account• Protocols: allow TCP:80802. Create an ingress firewall rule with the following settings:• Targets: all instances with tier #3 service account• Source filter: all instances with tier #2 service account• Protocols: allow TCP: 8080

C.

1. Create an ingress firewall rule with the following settings:• Targets: all instances with tier #2 service account• Source filter: all instances with tier #1 service account• Protocols: allow all2. Create an ingress firewall rule with the following settings:• Targets: all instances with tier #3 service account• Source filter: all instances with tier #2 service account• Protocols: allow all

D.

1. Create an egress firewall rule with the following settings:• Targets: all instances• Source filter: IP ranges (with the range set to 10.0.2.0/24)• Protocols: allow TCP: 80802. Create an egress firewall rule with the following settings:• Targets: all instances• Source filter: IP ranges (with the range set to 10.0.1.0/24)• Protocols: allow TCP: 8080

Expert Solution
Questions # 88:

You are configuring service accounts for an application that spans multiple projects. Virtual machines (VMs) running in the web-applications project need access to BigQuery datasets in the crm-databases project. You want to follow Google-recommended practices to grant access to the service account in the web-applications project. What should you do?

Options:
A.

Grant "project owner" for web-applications appropriate roles to crm-databases.

B.

Grant "project owner" role to crm-databases and the web-applications project.

C.

Grant "project owner" role to crm-databases and roles/bigquery.dataViewer role to web-applications.

D.

Grant roles/bigquery.dataViewer role to crm-databases and appropriate roles to web-applications.

Expert Solution
Questions # 89:

You want to select and configure a cost-effective solution for relational data on Google Cloud Platform. You are working with a small set of operational data in one geographic location. You need to support point-in-time recovery. What should you do?

Options:
A.

Select Cloud SQL (MySQL). Verify that the enable binary logging option is selected.

B.

Select Cloud SQL (MySQL). Select the create failover replicas option.

C.

Select Cloud Spanner. Set up your instance with 2 nodes.

D.

Select Cloud Spanner. Set up your instance as multi-regional.

Expert Solution
Questions # 90:

The core business of your company is to rent out construction equipment at a large scale. All the equipment that is being rented out has been equipped with multiple sensors that send event information every few seconds. These signals can vary from engine status, distance traveled, fuel level, and more. Customers are billed based on the consumption monitored by these sensors. You expect high throughput – up to thousands of events per hour per device – and need to retrieve consistent databased on the time of the event. Storing and retrieving individual signals should be atomic. What should you do?

Options:
A.

Create a file in Cloud Storage per device and append new data to that file.

B.

Create a file in Cloud Filestore per device and append new data to that file.

C.

Ingest the data into Datastore. Store data in an entity group based on the device.

D.

Ingest the data into Cloud Bigtable. Create a row key based on the event timestamp.

Expert Solution
Viewing page 9 out of 10 pages
Viewing questions 81-90 out of questions