DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

2024 Updated Associate Cloud Engineer Exam Questions & Practice Tests, Google Associate Cloud Engineer | SPOTO

Unlock your path to Google Associate Cloud Engineer certification with our meticulously crafted 2024 updated exam questions and practice tests. Gain an edge with our comprehensive exam materials, including regularly updated exam dumps, online exam questions, and sample questions that mirror the real exam experience. Our free mock exams and exam simulator provide an immersive environment to hone your skills in deploying applications, monitoring operations, and managing enterprise solutions on Google Cloud. Leverage our exam answers and detailed explanations to identify knowledge gaps and fine-tune your exam preparation strategy. With our premium exam practice resources, you'll master the Google Cloud Console, command-line interface, and platform-based tasks essential for maintaining Google-managed and self-managed services. Elevate your confidence and unlock success with our unparalleled exam questions and answers.
Take other online exams

Question #1
A. Google group
B. Service account
C. Code account
D. Google account
49. Which of the following is not an IAM best practice?
View answer
Correct Answer: B
Question #2
A. Create a snapshot of the disk and use it to create a new disk; then attach the new disk to a new instance
B. Use netcat to try to connect to port 22
C. Access the serial console output
D. Create a startup script to collect information
66. To configure Stackdriver to monitor a web server and let you know if it goes down, what steps do you need to take? (Select 2 answers
View answer
Correct Answer: B
Question #3
A. They’re the same, only the branding is different
B. Each subnetwork controls the IP address range used for instances that are allocated to that subnetwork
C. With subnetworks IP address allocation occurs at the global network level
D. Legacy networks are the preferred way to create networks
43. Which of the following is not a valid metric for triggering autoscaling?
View answer
Correct Answer: B
Question #4
A. Block SYN floods using Cloud Router
B. Isolate your internal traffic from the external world
C. Scale to absorb the attack
D. Reduce the attack surface for your GCE deployment
52. Which is the fastest instance storage option that will still be available when an instance is stopped?
View answer
Correct Answer: D
Question #5
A. When an instance shuts down through a request to the guest operating system
B. A preemptible instance being terminated
C. An instances
D. Shutting down via the cloud console
48. Which type of account would you use in code when you want to interact with Google Cloud services?
View answer
Correct Answer: A
Question #6
A. Service accounts
B. Tags
C. Metadata
D. Labels
45. What option does Cloud SQL offer to help with high availability?
View answer
Correct Answer: A
Question #7
A. Cloud Bigtable and Cloud SQL
B. Cloud Spanner and Cloud SQL
C. Cloud SQL and Cloud Datastore
D. Cloud SQL
55. Which statement about IP addresses is false?
View answer
Correct Answer: B
Question #8
A. 2 Cloud VPN Gateways and 1 Peer Gateway
B. 1 Cloud VPN Gateway, 1 Peer Gateway, and 1 Cloud Router
C. 2 Peer Gateways and 1 Cloud Router
D. 2 Cloud VPN Gateways and 1 Cloud Router
60. Which of the following statements about encryption on GCP is not true?
View answer
Correct Answer: B
Question #9
A. Google Cloud Pub/Sub queuing
B. Average CPU utilization
C. Stackdriver Monitoring metrics
D. App Engine Task Queues
44. Which of the following features makes applying firewall settings easier?
View answer
Correct Answer: A
Question #10
A. Google Cloud Platform encrypts customer data stored at rest by default.
B. Each encryption key is itself encrypted with a set of master keys
C. If you want to manage your own encryption keys for data on Google Cloud Storage, the only option is Customer-Managed Encryption Keys (CMEK) using Cloud KMS
D. Data in Google Cloud Platform is broken into subfile chunks for storage, and each chunk is encrypted at the storage level with an individual encryption key
61. Which database service requires that you configure a failover replica to make it highly available?
View answer
Correct Answer: B
Question #11
A. Use primitive roles by default
B. Treat each component of your application as a separate trust boundary
C. Grant roles at the smallest scope needed
D. Restrict who has access to create and manage service accounts in your project
50. Which of the following would not reduce your recovery time in the event of a disaster?
View answer
Correct Answer: D
Question #12
A. Install the Stackdriver Logging Agent on the web server
B. Create an alerting policy
C. Install the Stackdriver Monitoring Agent on the web server
D. Create an uptime check
67. Which of these tools can you use to copy data from AWS S3 to Cloud Storage? (Select 2 answers
View answer
Correct Answer: C
Question #13
A. You can migrate your existing Microsoft application licenses to Compute Engine instances, but not your Microsoft Windows licenses.
B. You can migrate your existing Microsoft Windows and Microsoft application licenses to Compute Engine instances
C. You cannot migrate your existing Microsoft Windows or Microsoft application licenses to Compute Engine instances
D. You can migrate your existing Microsoft Windows licenses to Compute Engine instances, but not your Microsoft application licenses
54. Which database services support standard SQL queries?
View answer
Correct Answer: C
Question #14
A. Firewall rules and subnetworks
B. Networks and subnetworks
C. Subnetworks and projects
D. Projects and networks
65. Suppose you have a web server that is working properly, but you can’t connect to its instance VM over SSH
View answer
Correct Answer: B
Question #15
A. Increase the CPU and memory on the instance by changing the machine type.
B. Validate that your disk has a valid file system
C. Examine your virtual machine instance’s serial port output
D. Connect to your virtual machine instance using SSH
69. Which statements about application load testing are true? (Select 2 answers
View answer
Correct Answer: C
Question #16
A. A managed instance group combines existing instances of different configurations into one manageable group
B. A managed instance group uses an instance template to create identical instances
C. A managed instance group creates a firewall around instances
D. A managed instance group is a set of servers used exclusively for batch processing
41. What type of firewall rule(s) does Google Cloud’s networking support?
View answer
Correct Answer: B
Question #17
A. Use the gcloud and/or gsutil commands.
B. Request an OAuth2 access token and use it directly
C. Embed the service account’s credentials in the application’s source code
D. Use one of the Google Cloud Client Libraries
64. What are two different features that fully isolate groups of VM instances?
View answer
Correct Answer: D
Question #18
A. You should test at the maximum load that you expect to encounter.
B. You should test at 50% more than the maximum load that you expect to encounter
C. It is not necessary to test sudden increases in traffic since GCP scales seamlessly
D. Your load tests should include testing sudden increases in traffic
70. Which of these statements about resilience testing are true? (Select 2 answers
View answer
Correct Answer: C
Question #19
A. Make it as easy as possible to adjust the DNS record to cut over to your warm standby server.
B. Replace your warm standby server with a hot standby server
C. Use a highly preconfigured machine image for deploying new instances
D. Replace your active/active hybrid production environment (on-premises and GCP) with a warm standby server
51. Which of the following is not a best practice for mitigating Denial of Service attacks on your Google Cloud infrastructure?
View answer
Correct Answer: B
Question #20
A. deny
B. allow, deny & filtered
C. allow
D. allow & deny
42. How are subnetworks different than the legacy networks?
View answer
Correct Answer: D
Question #21
A. Cloud Storage Transfer Service
B. S3 Storage Transfer Service
C. Cloud Storage Console
D. gsutil
68. What are two of the actions you can take to troubleshoot a virtual machine instance that won’t start up at all? (Select 2 answers
View answer
Correct Answer: B
Question #22
A. ubuntu
B. The Google provided “gceinstance” user
C. Whatever user you specify in the console
D. root
47. Which of the follow methods will not cause a shutdown script to be executed?
View answer
Correct Answer: B
Question #23
A. Point-in-time recovery
B. The AlwaysOn setting
C. Snapshots
D. Failover replicas
46. Regarding Compute Engine: when executing a startup script on a Linux server which user does the instance execute the script as?
View answer
Correct Answer: A
Question #24
A. Don’t select the “Multizone” option when creating your managed instance group.
B. Spread your managed instance group over two zones and overprovision by 100%
C. Create a regional unmanaged instance group and spread your instances across multiple zones
D. Overprovision your regional managed instance group by at least 50%
58. If you do not grant a user named Bob permission to access a Cloud Storage bucket, but then use an ACL to grant access to an object inside that bucket to Bob, what will happen?
View answer
Correct Answer: A
Question #25
A. Bob will be able to access all of the objects inside the bucket because he was granted access to at least one object in the bucket.
B. Bob will be able to access the object because bucket and object ACLs are independent of each other
C. Bob will not be able to access the object because he does not have access to the bucket
D. It is not possible to grant access to an object when it is inside a bucket for which a user does not have access
59. To set up a virtual private network between your office network and Google Cloud Platform and have the routes automatically updated when the network topology changes, what is the minimal number of each type of component you need to implement?
View answer
Correct Answer: C
Question #26
A. Whenever possible, assign roles to groups instead of to individuals.
B. Grant users the appropriate permissions to facilitate least privilege
C. Whenever possible, assign primitive roles rather than predefined roles
D. Audit all policy changes by checking the Cloud Audit Logs
63. Which of these is not a recommended method of authenticating an application with a Google Cloud service?
View answer
Correct Answer: C
Question #27
A. You are charged for a static external IP address for every hour it is in use.
B. You are not charged for ephemeral IP addresses
C. Google Cloud Engine supports only IPv4 addresses, not IPv6
D. You are charged for a static external IP address when it is assigned but unused
56. Which Google Cloud Platform service requires the least management because it takes care of the underlying infrastructure for you?
View answer
Correct Answer: A
Question #28
A. Container Engine
B. Cloud Engine
C. App Engine
D. Docker containers running on Cloud Engine
57. To ensure that your application will handle the load even if an entire zone fails, what should you do?
View answer
Correct Answer: D
Question #29
A. Local SSD
B. Standard Persistent Disk
C. SSD Persistent Disk
D. RAM disk
53. Which of these statements about Microsoft licenses is true?
View answer
Correct Answer: D
Question #30
A. Cloud Spanner
B. Cloud SQL
C. BigQuery
D. Cloud Datastore
62. Which of these is not a principle you should apply when setting roles and permissions?
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: