Conquer the Google Professional Cloud Architect Exam with Comprehensive Study Materials

Question #1

You are creating an App Engine application that uses Cloud Datastore as its persistence layer. You need to retrieve several root entities for which you have the identifiers. You want to minimize the overhead in operations performed by Cloud Datastore. What should you do?

A. reate the Key object for each Entity and run a batch get operation

B. reate the Key object for each Entity and run multiple get operations, one operation for each entity

C. se the identifiers to create a query filter and run a batch query operation

D. se the identifiers to create a query filter and run multiple query operations, one operation for each entity

View answer

Correct Answer: A

Question #2

As part of their new application experience, Dress4Wm allows customers to upload images of themselves. The customer has exclusive control over who may view these images.Customers should be able to upload images with minimal latency and also be shown their images quickly on the main application page when they log in.Which configuration should Dress4Win use?

A. tore image files in a Google Cloud Storage bucket

B. tore image files in a Google Cloud Storage bucket

C. se a distributed file system to store customers' images

D. se a distributed file system to store customers' images

View answer

Correct Answer: A

Question #3

Your solution is producing performance bugs in production that you did not see in staging and test environments. You want to adjust your test and deployment procedures to avoid this problem in the future.What should you do?

A. et timeouts on your application so that you can fail requests faster

B. end custom metrics for each of your requests to Stackdriver Monitoring

C. se Stackdriver Monitoring to look for insights that show when your API latencies are high

D. nstrument your application with Stackdriver Trace in order to break down the request latencies at each microservice

View answer

Correct Answer: D

Question #4

The JencoMart security team requires that all Google Cloud Platform infrastructure is deployed using a least privilege model with separation of duties for administration between production and development resources.What Google domain and project structure should you recommend?

A. reate two G Suite accounts to manage users: one for development/test/staging and one for production

B. reate two G Suite accounts to manage users: one with a single project for all development applications and one with a single project for all production applications

C. reate a single G Suite account to manage users with each stage of each application in its own project

D. reate a single G Suite account to manage users with one project for the development/test/staging environment and one project for the production environment

View answer

Correct Answer: D

Question #5

You are designing a large distributed application with 30 microservices. Each of your distributed microservices needs to connect to a database back-end. You want to store the credentials securely.Where should you store the credentials?

A. n the source code

B. n an environment variable

C. n a secret management system

D. n a config file that has restricted access through ACLs

View answer

Correct Answer: C

Question #6

The current Dress4Win system architecture has high latency to some customers because it is located in one data center.As of a future evaluation and optimizing for performance in the cloud, Dresss4Win wants to distribute its system architecture to multiple locations when Google cloud platform.Which approach should they use?

A. se regional managed instance groups and a global load balancer to increase performance because the regional managed instance group can grow instances in each region separately based on traffic

B. se a global load balancer with a set of virtual machines that forward the requests to a closer group of virtual machines managed by your operations team

C. se regional managed instance groups and a global load balancer to increase reliability by providing automatic failover between zones in different regions

D. se a global load balancer with a set of virtual machines that forward the requests to a closer group of virtual machines as part of a separate managed instance groups

View answer

Correct Answer: A

Question #7

You are designing a mobile chat application. You want to ensure people cannot spoof chat messages, by providing a message were sent by a specific user.What should you do?

A. ag messages client side with the originating user identifier and the destination user

B. ncrypt the message client side using block-based encryption with a shared key

C. se public key infrastructure (PKI) to encrypt the message client side using the originating user's private key

D. se a trusted certificate authority to enable SSL connectivity between the client application and the server

View answer

Correct Answer: C

Question #8

The operations manager asks you for a list of recommended practices that she should consider when migrating a J2EE application to the cloud.Which three practices should you recommend? (Choose three.)

A. he session variable is local to just a single instance

B. he session variable is being overwritten in Cloud Datastore

C. he URL of the API needs to be modified to prevent caching

D. he HTTP Expires header needs to be set to -1 stop caching

View answer

Correct Answer: ADE

Question #9

Company overview -Helicopter Racing League (HRL) is a global sports league for competitive helicopter racing. Each year HRL holds the world championship and several regional league competitions where teams compete to earn a spot in the world championship. HRL offers a paid service to stream the races all over the world with live telemetry and predictions throughout each race.Solution concept -HRL wants to migrate their existing service to a new platform to expand their use of managed AI and ML services to f

A. Use Explainable AI

B. Use Vision AI

C. Use Google Cloud?€?s operations suite

D. Use Jupyter Notebooks

View answer

Correct Answer: A

Question #10

For this question, refer to the Dress4Win case study. Which of the compute services should be migrated as-is and would still be an optimized architecture for performance in the cloud?

A. eb applications deployed using App Engine standard environment

B. abbitMQ deployed using an unmanaged instance group

C. adoop/Spark deployed using Cloud Dataproc Regional in High Availability mode

D. enkins, monitoring, bastion hosts, security scanners services deployed on custom machine types

View answer

Correct Answer: A

Question #11

You are analyzing and defining business processes to support your startup’s trial usage of GCP, and you don’t yet know what consumer demand for your product will be. Your manager requires you to minimize GCP service costs and adhere to Google best practices. What should you do?

A. tilize free tier and sustained use discounts

B. tilize free tier and sustained use discounts

C. tilize free tier and committed use discounts

D. tilize free tier and committed use discounts

View answer

Correct Answer: B

Question #12

For this question, refer to the TerramEarth case study. A new architecture that writes all incoming data to BigQuery has been introduced. You notice that the data is dirty, and want to ensure data quality on an automated daily basis while managing cost.What should you do?

A. et up a streaming Cloud Dataflow job, receiving data by the ingestion process

B. reate a Cloud Function that reads data from BigQuery and cleans it

C. reate a SQL statement on the data in BigQuery, and save it as a view

D. se Cloud Dataprep and configure the BigQuery tables as the source

View answer

Correct Answer: D

Question #13

You analyzed TerramEarth’s business requirement to reduce downtime, and found that they can achieve a majority of time saving by reducing customer’s wait time for parts. You decided to focus on reduction of the 3 weeks aggregate reporting time.Which modifications to the company’s processes should you recommend?

A. igrate from CSV to binary format, migrate from FTP to SFTP transport, and develop machine learning analysis of metrics

B. igrate from FTP to streaming transport, migrate from CSV to binary format, and develop machine learning analysis of metrics

C. ncrease fleet cellular connectivity to 80%, migrate from FTP to streaming transport, and develop machine learning analysis of metrics

D. igrate from FTP to SFTP transport, develop machine learning analysis of metrics, and increase dealer local inventory by a fixed factor

View answer

Correct Answer: C

Question #14

Mountkirk Games wants to set up a real-time analytics platform for their new game. The new platform must meet their technical requirements.Which combination of Google technologies will meet all of their requirements?

A. ubernetes Engine, Cloud Pub/Sub, and Cloud SQL

B. loud Dataflow, Cloud Storage, Cloud Pub/Sub, and BigQuery

C. loud SQL, Cloud Storage, Cloud Pub/Sub, and Cloud Dataflow

D. loud Dataproc, Cloud Pub/Sub, Cloud SQL, and Cloud Dataflow

E. loud Pub/Sub, Compute Engine, Cloud Storage, and Cloud Dataproc

View answer

Correct Answer: B

Question #15

You need to optimize batch file transfers into Cloud Storage for Mountkirk Games’ new Google Cloud solution. The batch files contain game statistics that need to be staged in Cloud Storage and be processed by an extract transform load (ETL) tool. What should you do?

A. se gsutil to batch move files in sequence

B. se gsutil to batch copy the files in parallel

C. se gsutil to extract the files as the first part of ETL

D. se gsutil to load the files as the last part of ETL

View answer

Correct Answer: B

Question #16

For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?

A. reate a token and pass it in as an environment variable to func_display

B. ake func_query 'Require authentication

C. ake func_query 'Require authentication' and only accept internal traffic

D. reate those two functions in the same project and VPC

View answer

Correct Answer: B

Question #17

Mountkirk Games wants to set up a continuous delivery pipeline. Their architecture includes many small services that they want to be able to update and roll back quickly. Mountkirk Games has the following requirements:•Services are deployed redundantly across multiple regions in the US and Europe•Only frontend services are exposed on the public internet •They can provide a single frontend IP for their fleet of services •Deployment artifacts are immutableWhich set of products should they use?

A. oogle Cloud Storage, Google Cloud Dataflow, Google Compute Engine

B. oogle Cloud Storage, Google App Engine, Google Network Load Balancer

C. oogle Kubernetes Registry, Google Container Engine, Google HTTP(S) Load Balancer

D. oogle Cloud Functions, Google Cloud Pub/Sub, Google Cloud Deployment Manager

View answer

Correct Answer: C

Question #18

You need to set up Microsoft SQL Server on GCP. Management requires that there’s no downtime in case of a data center outage in any of the zones within a GCP region. What should you do?

A. onfigure a Cloud SQL instance with high availability enabled

B. onfigure a Cloud Spanner instance with a regional instance configuration

C. et up SQL Server on Compute Engine, using Always On Availability Groups using Windows Failover Clustering

D. et up SQL Server Always On Availability Groups using Windows Failover Clustering

View answer

Correct Answer: D

Question #19

Mountkirk Games wants you to design their new testing strategy. How should the test coverage differ from their existing backends on the other platforms?

A. reate a scalable environment in GCP for simulating production load

B. se the existing infrastructure to test the GCP-based backend at scale

C. uild stress tests into each component of your application using resources internal to GCP to simulate load

D. reate a set of static environments in GCP to test different levels of load – for example, high, medium, and low

View answer

Correct Answer: A

Question #20

JencoMart wants to move their User Profiles database to Google Cloud Platform. Which Google Database should they use?

A. ests should scale well beyond the prior approaches

B. nit tests are no longer required, only end-to-end tests

C. ests should be applied after the release is in the production environment

D. ests should include directly testing the Google Cloud Platform (GCP) infrastructure

View answer

Correct Answer: D

Question #21

You have found an error in your App Engine application caused by missing Cloud Datastore indexes. You have created a YAML file with the required indexes and want to deploy these new indexes to Cloud Datastore. What should you do?

A. oint gcloud datastore create-indexes to your configuration file

B. pload the configuration file to App Engine’s default Cloud Storage bucket, and have App Engine detect the new indexes

C. n the GCP Console, use Datastore Admin to delete the current indexes and upload the new configuration file

D. reate an HTTP request to the built-in python module to send the index configuration file to your application

View answer

Correct Answer: A

Question #22

TerramEarth’s 20 million vehicles are scattered around the world. Based on the vehicle’s location, its telemetry data is stored in a Google Cloud Storage (GCS) regional bucket (US, Europe, or Asia). The CTO has asked you to run a report on the raw telemetry data to determine why vehicles are breaking down after 100 K miles. You want to run this job on all the data.What is the most cost-effective way to run this job?

A. ove all the data into 1 zone, then launch a Cloud Dataproc cluster to run the job

B. ove all the data into 1 region, then launch a Google Cloud Dataproc cluster to run the job

C. aunch a cluster in each region to preprocess and compress the raw data, then move the data into a multi- region bucket and use a Dataproc cluster to finish the job

D. aunch a cluster in each region to preprocess and compress the raw data, then move the data into a region bucket and use a Cloud Dataproc cluster to finish the job

View answer

Correct Answer: D

Question #23

Mountkirk Games wants to set up a continuous delivery pipeline. Their architecture includes many small services that they want to be able to update and roll back quickly. Mountkirk Games has the following requirements:•Services are deployed redundantly across multiple regions in the US and Europe•Only frontend services are exposed on the public internet •They can provide a single frontend IP for their fleet of services •Deployment artifacts are immutableWhich set of products should they use?

A. oogle Cloud Storage, Google Cloud Dataflow, Google Compute Engine

B. oogle Cloud Storage, Google App Engine, Google Network Load Balancer

C. oogle Kubernetes Registry, Google Container Engine, Google HTTP(S) Load Balancer

D. oogle Cloud Functions, Google Cloud Pub/Sub, Google Cloud Deployment Manager

View answer

Correct Answer: C

Question #24

One of the developers on your team deployed their application in Google Container Engine with the Dockerfile below. They report that their application deployments are taking too long.You want to optimize this Dockerfile for faster deployment times without adversely affecting the app’s functionality.Which two actions should you take? (Choose two.)

A. eploy fewer changes to production

B. eploy smaller changes to production

C. ncrease the load on your test and staging environments

D. eploy changes to a small subset of users before rolling out to production

View answer

Correct Answer: CE

Question #25

Your development team has created a mobile game app. You want to test the new mobile app on Android and iOS devices with a variety of configurations. You need to ensure that testing is efficient and cost-effective.What should you do?

A. pload your mobile app to the Firebase Test Lab, and test the mobile app on Android and iOS devices

B. reate Android and iOS VMs on Google Cloud, install the mobile app on the VMs, and test the mobile app

C. reate Android and iOS containers on Google Kubernetes Engine (GKE), install the mobile app on the containers, and test the mobile app

D. pload your mobile app with different configurations to Firebase Hosting and test each configuration

View answer

Correct Answer: C

Question #26

For this question, refer to the TerramEarth case study. You are asked to design a new architecture for the ingestion of the data of the 200,000 vehicles that are connected to a cellular network. You want to follow Google-recommended practices.Considering the technical requirements, which components should you use for the ingestion of the data?

A. oogle Kubernetes Engine with an SSL Ingress

B. loud IoT Core with public/private key pairs

C. ompute Engine with project-wide SSH keys

D. ompute Engine with specific SSH keys

View answer

Correct Answer: B

Question #27

You need to optimize batch file transfers into Cloud Storage for Mountkirk Games’ new Google Cloud solution. The batch files contain game statistics that need to be staged in Cloud Storage and be processed by an extract transform load (ETL) tool. What should you do?

A. se gsutil to batch move files in sequence

B. se gsutil to batch copy the files in parallel

C. se gsutil to extract the files as the first part of ETL

D. se gsutil to load the files as the last part of ETL

View answer

Correct Answer: B

Question #28

Your development team has created a mobile game app. You want to test the new mobile app on Android and iOS devices with a variety of configurations. You need to ensure that testing is efficient and cost-effective.What should you do?

A. pload your mobile app to the Firebase Test Lab, and test the mobile app on Android and iOS devices

B. reate Android and iOS VMs on Google Cloud, install the mobile app on the VMs, and test the mobile app

C. reate Android and iOS containers on Google Kubernetes Engine (GKE), install the mobile app on the containers, and test the mobile app

D. pload your mobile app with different configurations to Firebase Hosting and test each configuration

View answer

Correct Answer: C

Question #29

For this question, refer to the Helicopter Racing League (HRL) case study. Your team is in charge of creating a payment card data vault for card numbers used to bill tens of thousands of viewers, merchandise consumers, and season ticket holders. You need to implement a custom card tokenization service that meets the following requirements:•It must provide low latency at minimal cost.•It must be able to identify duplicate credit cards and must not store plaintext card numbers.•It should support annual key ro

A. tore the card data in Secret Manager after running a query to identify duplicates

B. ncrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode

C. ncrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances

D. se column-level encryption to store the data in Cloud SQL

View answer

Correct Answer: D

Question #30

For this question, refer to the Helicopter Racing League (HRL) case study. Recently HRL started a new regional racing league in Cape Town, South Africa. In an effort to give customers in Cape Town a better user experience, HRL has partnered with the Content Delivery Network provider, Fastly. HRL needs to allow traffic coming from all of the Fastly IP address ranges into their Virtual Private Cloud network (VPC network). You are a member of the HRL security team and you need to configure the update that will

A. cloud compute security-policies rules update 1000 \\--security-policy from-fastly \\--src-ip-ranges * \\--action “allow”

B. cloud compute firewall rules update sourceiplist-fastly \\--priority 100 \\--allow tcp:443

C. cloud compute firewall rules update hir-policy \\--priority 100 \\--target-tags=sourceiplist-fastly \\--allow tcp:443

D. cloud compute security-policies rules update 1000 \\--security-policy hir-policy \\--expression “evaluatePreconfiguredExpr(‘sourceiplist-fastly’)” \\--action “allow”

View answer

Correct Answer: A

Question #31

You need to upload files from your on-premises environment to Cloud Storage. You want the files to be encrypted on Cloud Storage using customer-supplied encryption keys. What should you do?

A. upply the encryption key in a

B. upply the encryption key using gcloud config

C. se gsutil to upload the files, and use the flag --encryption-key to supply the encryption key

D. se gsutil to create a bucket, and use the flag --encryption-key to supply the encryption key

View answer

Correct Answer: A

Question #32

Mountkirk Games needs to create a repeatable and configurable mechanism for deploying isolated application environments. Developers and testers can access each other’s environments and resources, but they cannot access staging or production resources. The staging environment needs access to some services from production.What should you do to isolate development environments from staging and production?

A. reate a project for development and test and another for staging and production

B. reate a network for development and test and another for staging and production

C. reate one subnetwork for development and another for staging and production

D. reate one project for development, a second for staging and a third for production

View answer

Correct Answer: D

Question #33

For this question, refer to the TerramEarth case study. You need to implement a reliable, scalable GCP solution for the data warehouse for your company, TerramEarth.Considering the TerramEarth business and technical requirements, what should you do?

A. eplace the existing data warehouse with BigQuery

B. eplace the existing data warehouse with a Compute Engine instance with 96 CPUs

C. eplace the existing data warehouse with BigQuery

D. eplace the existing data warehouse with a Compute Engine instance with 96 CPUs

View answer

Correct Answer: A

Question #34

Your company has multiple on-premises systems that serve as sources for reporting. The data has not been maintained well and has become degraded over time. You want to use Google-recommended practices to detect anomalies in your company data. What should you do?

A. pload your files into Cloud Storage

B. pload your files into Cloud Storage

C. onnect Cloud Datalab to your on-premises systems

D. onnect Cloud Dataprep to your on-premises systems

View answer

Correct Answer: B

Question #35

You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery.What should you do to fix the script?

A. nstall the latest BigQuery API client library for Python

B. un your script on a new virtual machine with the BigQuery access scope enabled

C. reate a new service account with BigQuery access and execute your script with that user

D. nstall the bq component for gcloud with the command gcloud components install bq

View answer

Correct Answer: B

Question #36

Mountkirk Games wants to set up a real-time analytics platform for their new game. The new platform must meet their technical requirements.Which combination of Google technologies will meet all of their requirements?

A. ubernetes Engine, Cloud Pub/Sub, and Cloud SQL

B. loud Dataflow, Cloud Storage, Cloud Pub/Sub, and BigQuery

C. loud SQL, Cloud Storage, Cloud Pub/Sub, and Cloud Dataflow

D. loud Dataproc, Cloud Pub/Sub, Cloud SQL, and Cloud Dataflow

E. loud Pub/Sub, Compute Engine, Cloud Storage, and Cloud Dataproc

View answer

Correct Answer: B

Question #37

The Dress4Win security team has disabled external SSH access into production virtual machines (VMs) on Google Cloud Platform (GCP).The operations team needs to remotely manage the VMs, build and push Docker containers, and manage Google Cloud Storage objects.What can they do?

A. rant the operations engineer access to use Google Cloud Shell

B. onfigure a VPN connection to GCP to allow SSH access to the cloud VMs

C. evelop a new access request process that grants temporary SSH access to cloud VMs when an operations engineer needs to perform a task

D. ave the development team build an API service that allows the operations team to execute specific remote procedure calls to accomplish their tasks

View answer

Correct Answer: A

Question #38

You need to upload files from your on-premises environment to Cloud Storage. You want the files to be encrypted on Cloud Storage using customer-supplied encryption keys. What should you do?

A. upply the encryption key in a

B. upply the encryption key using gcloud config

C. se gsutil to upload the files, and use the flag --encryption-key to supply the encryption key

D. se gsutil to create a bucket, and use the flag --encryption-key to supply the encryption key

View answer

Correct Answer: A

Question #39

For this question, refer to the TerramEarth case study. You have broken down a legacy monolithic application into a few containerized RESTful microservices. You want to run those microservices on Cloud Run. You also want to make sure the services are highly available with low latency to your customers. What should you do?

A. eploy Cloud Run services to multiple availability zones

B. eploy Cloud Run services to multiple regions

C. eploy Cloud Run services to multiple regions

D. eploy Cloud Run services to multiple availability zones

View answer

Correct Answer: C

Question #40

You are designing the network infrastructure for two application servers: appserver-1 and appserver-2 running in two different subnets inside the same VirtualCloud Network (VCN) in Oracle Cloud Infrastructure (OCI). You have a requirement where your end users will access appserver-1 from the internet and appserver-2 from the on-premises network. The on-premises network is connected to your VCN over a FastConnect virtual circuit.How should you design your routing configuration to meet these requirements? (Ch

A. Configure a single routing table (Route Table-1) that has two sets of rules: one that has route to internet via the Internet Gateway and another that propagates specific routes for the on-premise network via Dynamic Routing Gateway (DRG)

B. Configure two routing tables: Route Table-1 that has a route to internet via the Internet gateway

C. Configure a single routing table (Route Table-1) that has two sets of rules

D. Configure two routing tables (Route Table-1 & Route Table-2) that have rule to route all traffic via the Dynamic Routing Gateway (DRG)

View answer

Correct Answer: C

Question #41

For this question, refer to the EHR Healthcare case study. You need to define the technical architecture for securely deploying workloads to Google Cloud. You also need to ensure that only verified containers are deployed using Google Cloud services. What should you do? (Choose two.)

A. onfigure two Partner Interconnect connections in one metro (City), and make sure the Interconnect connections are placed in different metro zones

B. onfigure two VPN connections from on-premises to Google Cloud, and make sure the VPN devices on- premises are in separate racks

C. onfigure Direct Peering between EHR Healthcare and Google Cloud, and make sure you are peering at least two Google locations

D. onfigure two Dedicated Interconnect connections in one metro (City) and two connections in another metro, and make sure the Interconnect connections are placed in different metro zones

View answer

Correct Answer: AB

Question #42

A news feed web service has the following code running on Google App Engine. During peak load, users report that they can see news articles they already viewed.What is the most likely cause of this problem?

A. irect them to download and install the Google StackDriver logging agent

B. end them a list of online resources about logging best practices

C. elp them define their requirements and assess viable logging tools

D. elp them upgrade their current tool to take advantage of any new features

View answer

Correct Answer: A

Question #43

Mountkirk Games needs to create a repeatable and configurable mechanism for deploying isolated application environments. Developers and testers can access each other’s environments and resources, but they cannot access staging or production resources. The staging environment needs access to some services from production.What should you do to isolate development environments from staging and production?

A. reate a project for development and test and another for staging and production

B. reate a network for development and test and another for staging and production

C. reate one subnetwork for development and another for staging and production

D. reate one project for development, a second for staging and a third for production

View answer

Correct Answer: D

Question #44

Your company is using BigQuery as its enterprise data warehouse. Data is distributed over several Google Cloud projects. All queries on BigQuery need to be billed on a single project. You want to make sure that no query costs are incurred on the projects that contain the data. Users should be able to query the datasets, but not edit them.How should you configure users’ access roles?

A. dd all users to a group

B. dd all users to a group

C. dd all users to a group

D. dd all users to a group

View answer

Correct Answer: C

Question #45

For this question, refer to the Mountkirk Games case study. Mountkirk Games wants to migrate from their current analytics and statistics reporting model to one that meets their technical requirements on Google Cloud Platform.Which two steps should be part of their migration plan? (Choose two.)

A. reate network load balancers

B. reate network load balancers

C. reate a global load balancer with managed instance groups and autoscaling policies

D. reate a global load balancer with managed instance groups and autoscaling policies

View answer

Correct Answer: AB

Question #46

You need to optimize batch file transfers into Cloud Storage for Mountkirk Games’ new Google Cloud solution. The batch files contain game statistics that need to be staged in Cloud Storage and be processed by an extract transform load (ETL) tool. What should you do?

A. se gsutil to batch move files in sequence

B. se gsutil to batch copy the files in parallel

C. se gsutil to extract the files as the first part of ETL

D. se gsutil to load the files as the last part of ETL

View answer

Correct Answer: B

Question #47

Dress4Win has asked you for advice on how to migrate their on-premises MySQL deployment to the cloud. They want to minimize downtime and performance impact to their on-premises solution during the migration.Which approach should you recommend?

A. reate a dump of the on-premises MySQL master server, and then shut it down, upload it to the cloud environment, and load into a new MySQL cluster

B. etup a MySQL replica server/slave in the cloud environment, and configure it for asynchronous replication from the MySQL master server on-premises until cutover

C. reate a new MySQL cluster in the cloud, configure applications to begin writing to both on premises and cloud MySQL masters, and destroy the original cluster at cutover

D. reate a dump of the MySQL replica server into the cloud environment, load it into: Google Cloud Datastore, and configure applications to read/write to Cloud Datastore at cutover

View answer

Correct Answer: B

Question #48

The TerramEarth development team wants to create an API to meet the company’s business requirements. You want the development team to focus their development effort on business value versus creating a custom framework.Which method should they use?

A. se Google App Engine with Google Cloud Endpoints

B. se Google App Engine with a JAX-RS Jersey Java-based framework

C. se Google App Engine with the Swagger (Open API Specification) framework

D. se Google Container Engine with a Django Python container

E. se Google Container Engine with a Tomcat container with the Swagger (Open API Specification) framework

View answer

Correct Answer: A

Question #49

You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?

A. reate a service account (SA) in the legacy game’s Google Cloud project, add a second SA in the new game’s IAM page, and then give the Organization Admin role to both SAs

B. reate a service account (SA) in the legacy game’s Google Cloud project, give the SA the Organization Admin role, and then give it the Firebase Admin role in both projects

C. reate a service account (SA) in the legacy game’s Google Cloud project, add this SA in the new game’s IAM page, and then give it the Firebase Admin role in both projects

D. reate a service account (SA) in the legacy game’s Google Cloud project, give it the Firebase Admin role, and then migrate the new game to the legacy game’s project

View answer

Correct Answer: C

Question #50

For this question, refer to the Helicopter Racing League (HRL) case study. A recent finance audit of cloud infrastructure noted an exceptionally high number of Compute Engine instances are allocated to do video encoding and transcoding. You suspect that these Virtual Machines are zombie machines that were not deleted after their workloads completed. You need to quickly get a list of which VM instances are idle. What should you do?

A. og into each Compute Engine instance and collect disk, CPU, memory, and network usage statistics for analysis

B. se the gcloud compute instances list to list the virtual machine instances that have the idle: true label set

C. se the gcloud recommender command to list the idle virtual machine instances

D. rom the Google Console, identify which Compute Engine instances in the managed instance groups are no longer responding to health check probes

View answer

Correct Answer: A

Question #51

You have an application that will run on Compute Engine. You need to design an architecture that takes into account a disaster recovery plan that requires your application to fail over to another region in case of a regional outage. What should you do?

A. eploy the application on two Compute Engine instances in the same project but in a different region

B. eploy the application on a Compute Engine instance

C. eploy the application on two Compute Engine instance groups, each in the same project but in a different region

D. eploy the application on two Compute Engine instance groups, each in a separate project and a different region

View answer

Correct Answer: C

Question #52

You analyzed TerramEarth’s business requirement to reduce downtime, and found that they can achieve a majority of time saving by reducing customer’s wait time for parts. You decided to focus on reduction of the 3 weeks aggregate reporting time.Which modifications to the company’s processes should you recommend?

A. igrate from CSV to binary format, migrate from FTP to SFTP transport, and develop machine learning analysis of metrics

B. igrate from FTP to streaming transport, migrate from CSV to binary format, and develop machine learning analysis of metrics

C. ncrease fleet cellular connectivity to 80%, migrate from FTP to streaming transport, and develop machine learning analysis of metrics

D. igrate from FTP to SFTP transport, develop machine learning analysis of metrics, and increase dealer local inventory by a fixed factor

View answer

Correct Answer: C

Question #53

Your development team has created a structured API to retrieve vehicle data. They want to allow third parties to develop tools for dealerships that use this vehicle event data. You want to support delegated authorization against this data.What should you do?

A. uild or leverage an OAuth-compatible access control system

B. uild SAML 2

C. estrict data access based on the source IP address of the partner systems

D. reate secondary credentials for each dealer that can be given to the trusted third party

View answer

Correct Answer: A

Question #54

You are building a continuous deployment pipeline for a project stored in a Git source repository and want to ensure that code changes can be verified before deploying to production. What should you do?

A. se Spinnaker to deploy builds to production using the red/black deployment strategy so that changes can easily be rolled back

B. se Spinnaker to deploy builds to production and run tests on production deployments

C. se Jenkins to build the staging branches and the master branch

D. se Jenkins to monitor tags in the repository

View answer

Correct Answer: C

Question #55

The migration of JencoMart’s application to Google Cloud Platform (GCP) is progressing too slowly. The infrastructure is shown in the diagram. You want to maximize throughput.What are three potential bottlenecks? (Choose three.)

A. loud Spanner

B. oogle BigQuery

C. oogle Cloud SQL

D. oogle Cloud Datastore

View answer

Correct Answer: ACE

Question #56

For this question, refer to the EHR Healthcare case study. In the past, configuration errors put public IP addresses on backend servers that should not have been accessible from the Internet. You need to ensure that no one can put external IP addresses on backend Compute Engine instances and that external IP addresses can only be configured on frontend Compute Engine instances. What should you do?

A. reate an Organizational Policy with a constraint to allow external IP addresses only on the frontend Compute Engine instances

B. evoke the compute

C. reate an Identity and Access Management (IAM) policy that maps the IT staff to thecompute

D. reate a custom Identity and Access Management (IAM) role named GCE_FRONTEND with the compute

View answer

Correct Answer: D

Question #57

For this question, refer to the Dress4Win case study. You want to ensure that your on-premises architecture meets business requirements before you migrate your solution.What change in the on-premises architecture should you make?

A. eplace RabbitMQ with Google Pub/Sub

B. owngrade MySQL to v5

C. esize compute resources to match predefined Compute Engine machine types

D. ontainerize the micro-services and host them in Google Kubernetes Engine

View answer

Correct Answer: C

Question #58

You have a Python web application with many dependencies that requires 0.1 CPU cores and 128 MB of memory to operate in production. You want to monitor and maximize machine utilization. You also want to reliably deploy new versions of the application. Which set of steps should you take?

A. erform the following:1

B. erform the following:1

C. erform the following:1

D. erform the following:1

View answer

Correct Answer: B

Question #59

Mountkirk Games wants to set up a continuous delivery pipeline. Their architecture includes many small services that they want to be able to update and roll back quickly. Mountkirk Games has the following requirements:•Services are deployed redundantly across multiple regions in the US and Europe•Only frontend services are exposed on the public internet •They can provide a single frontend IP for their fleet of services •Deployment artifacts are immutableWhich set of products should they use?

A. oogle Cloud Storage, Google Cloud Dataflow, Google Compute Engine

B. oogle Cloud Storage, Google App Engine, Google Network Load Balancer

C. oogle Kubernetes Registry, Google Container Engine, Google HTTP(S) Load Balancer

D. oogle Cloud Functions, Google Cloud Pub/Sub, Google Cloud Deployment Manager

View answer

Correct Answer: C

Question #60

For this question, refer to the TerramEarth case study. You have broken down a legacy monolithic application into a few containerized RESTful microservices. You want to run those microservices on Cloud Run. You also want to make sure the services are highly available with low latency to your customers. What should you do?

A. eploy Cloud Run services to multiple availability zones

B. eploy Cloud Run services to multiple regions

C. eploy Cloud Run services to multiple regions

D. eploy Cloud Run services to multiple availability zones

View answer

Correct Answer: C

Question #61

Company overview -Helicopter Racing League (HRL) is a global sports league for competitive helicopter racing. Each year HRL holds the world championship and several regional league competitions where teams compete to earn a spot in the world championship. HRL offers a paid service to stream the races all over the world with live telemetry and predictions throughout each race.Solution concept -HRL wants to migrate their existing service to a new platform to expand their use of managed AI and ML services to f

A. Log into each Compute Engine instance and collect disk, CPU, memory, and network usage statistics for analysis

B. Use the gcloud compute instances list to list the virtual machine instances that have the idle: true label set

C. Use the gcloud recommender command to list the idle virtual machine instances

D. From the Google Console, identify which Compute Engine instances in the managed instance groups are no longer responding to health check probes

View answer

Correct Answer: C

Question #62

You want to create a private connection between your instances on Compute Engine and your on-premises data center. You require a connection of at least 20 Gbps. You want to follow Google-recommended practices. How should you set up the connection?

A. reate a VPC and connect it to your on-premises data center using Dedicated Interconnect

B. reate a VPC and connect it to your on-premises data center using a single Cloud VPN

C. reate a Cloud Content Delivery Network (Cloud CDN) and connect it to your on-premises data center using Dedicated Interconnect

D. reate a Cloud Content Delivery Network (Cloud CDN) and connect it to your on-premises datacenter using a single Cloud VPN

View answer

Correct Answer: A

Question #63

Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication.Which networking approach should you use?

A. oogle Cloud Dedicated Interconnect

B. oogle Cloud VPN connected to the data center network

C. NAT and TLS translation gateway installed on-premises

D. Google Compute Engine instance with a VPN server installed connected to the data center network

View answer

Correct Answer: A

Question #64

Your web application must comply with the requirements of the European Union’s General Data Protection Regulation (GDPR). You are responsible for the technical architecture of your web application. What should you do?

A. nsure that your web application only uses native features and services of Google Cloud Platform, because Google already has various certifications and provides “pass-on” compliance when you use native features

B. nable the relevant GDPR compliance setting within the GCPConsole for each of the services in use within your application

C. nsure that Cloud Security Scanner is part of your test planning strategy in order to pick up any compliance gaps

D. efine a design for the security of data in your web application that meets GDPR requirements

View answer

Correct Answer: D

Question #65

For this question, refer to the Helicopter Racing League (HRL) case study. Recently HRL started a new regional racing league in Cape Town, South Africa. In an effort to give customers in Cape Town a better user experience, HRL has partnered with the Content Delivery Network provider, Fastly. HRL needs to allow traffic coming from all of the Fastly IP address ranges into their Virtual Private Cloud network (VPC network). You are a member of the HRL security team and you need to configure the update that will

A. cloud compute security-policies rules update 1000 \\--security-policy from-fastly \\--src-ip-ranges * \\--action “allow”

B. cloud compute firewall rules update sourceiplist-fastly \\--priority 100 \\--allow tcp:443

C. cloud compute firewall rules update hir-policy \\--priority 100 \\--target-tags=sourceiplist-fastly \\--allow tcp:443

D. cloud compute security-policies rules update 1000 \\--security-policy hir-policy \\--expression “evaluatePreconfiguredExpr(‘sourceiplist-fastly’)” \\--action “allow”

View answer

Correct Answer: A

Question #66

Mountkirk Games wants to set up a real-time analytics platform for their new game. The new platform must meet their technical requirements.Which combination of Google technologies will meet all of their requirements?

A. ubernetes Engine, Cloud Pub/Sub, and Cloud SQL

B. loud Dataflow, Cloud Storage, Cloud Pub/Sub, and BigQuery

C. loud SQL, Cloud Storage, Cloud Pub/Sub, and Cloud Dataflow

D. loud Dataproc, Cloud Pub/Sub, Cloud SQL, and Cloud Dataflow

E. loud Pub/Sub, Compute Engine, Cloud Storage, and Cloud Dataproc

View answer

Correct Answer: B

Question #67

Company Overview -Dress4Win is a web-based company that helps their users organize and manage their personal wardrobe using a web app and mobile application. The company also cultivates an active social network that connects their users with designers and retailers. They monetize their services through advertising, e-commerce, referrals, and a freemium app model. The application has grown from a few servers in the founder?€?s garage to several hundred servers and appliances in a colocated data center. Howev

A. Deploy Nginx and Tomcat using Cloud Deployment Manager to Compute Engine

B. Deploy Nginx and Tomcat using Cloud Launcher

C. Migrate Nginx and Tomcat to App Engine

D. Migrate Nginx and Tomcat to App Engine

View answer

Correct Answer: A

Question #68

You need to set up Microsoft SQL Server on GCP. Management requires that there’s no downtime in case of a data center outage in any of the zones within a GCP region. What should you do?

A. onfigure a Cloud SQL instance with high availability enabled

B. onfigure a Cloud Spanner instance with a regional instance configuration

C. et up SQL Server on Compute Engine, using Always On Availability Groups using Windows Failover Clustering

D. et up SQL Server Always On Availability Groups using Windows Failover Clustering

View answer

Correct Answer: D

Question #69

You want to optimize the performance of an accurate, real-time, weather-charting application. The data comes from 50,000 sensors sending 10 readings a second, in the format of a timestamp and sensor reading.Where should you store the data?

A. oogle BigQuery

B. oogle Cloud SQL

C. oogle Cloud Bigtable

D. oogle Cloud Storage

View answer

Correct Answer: C

Question #70

All three Data Guard configurations are fully supported on Oracle Cloud Infrastructure (OCI). You want to deploy a maximum availability architecture (MAA) for database workload.Which option should you consider while designing your Data Guard configuration to ensure best RTO and RPO without causing any data loss? (Choose the best answer.)

A. Configure "Maximum Availability" mode in SYNC mode between two availability domains (same region), and use the Maximum Availability mode in ASYNC mode between two regions

B. Configure "Maximum Protection" mode which provides zero data loss if the primary database fails

C. Configure "Maximum Scalability" mode which provides the highest level of scalability without compromising the availability of the primary database

D. Configure "Maximum Performance" mode in SYNC mode between two availability domains (same region) which provides the highest level of data protection that is possible without affecting the performance of the primary database

View answer

Correct Answer: A

Question #71

For this question, refer to the Mountkirk Games case study. Which managed storage option meets Mountkirk’s technical requirement for storing game activity in a time series database service?

A. loud Bigtable

B. loud Spanner

C. igQuery

D. loud Datastore

View answer

Correct Answer: A

Question #72

Given this compartment structure:

A. The move will be successful

B. The move will fail and you will be prompted to move the VCN first

C. After moving the compute instance, you must move the compute instance VNIC as a separate action

D. The move will be successful

View answer

Correct Answer: C

Question #73

Company Overview -Dress4Win is a web-based company that helps their users organize and manage their personal wardrobe using a web app and mobile application. The company also cultivates an active social network that connects their users with designers and retailers. They monetize their services through advertising, e-commerce, referrals, and a freemium app model. The application has grown from a few servers in the founder?€?s garage to several hundred servers and appliances in a colocated data center. Howev

A. Migrate the web application layer to App Engine, and MySQL to Cloud Datastore, and NAS to Cloud Storage

B. Migrate RabbitMQ to Cloud Pub/Sub, Hadoop to BigQuery, and NAS to Compute Engine with Persistent Disk storage

C. Implement managed instance groups for Tomcat and Nginx

D. Implement managed instance groups for the Tomcat and Nginx

View answer

Correct Answer: D

Question #74

You are analyzing and defining business processes to support your startup’s trial usage of GCP, and you don’t yet know what consumer demand for your product will be. Your manager requires you to minimize GCP service costs and adhere to Google best practices. What should you do?

A. tilize free tier and sustained use discounts

B. tilize free tier and sustained use discounts

C. tilize free tier and committed use discounts

D. tilize free tier and committed use discounts

View answer

Correct Answer: B

Question #75

A production database virtual machine on Google Compute Engine has an ext4-formatted persistent disk for data files. The database is about to run out of storage space.How can you remediate the problem with the least amount of downtime?

A. n the Cloud Platform Console, increase the size of the persistent disk and use the resize2fs command in Linux

B. hut down the virtual machine, use the Cloud Platform Console to increase the persistent disk size, then restart the virtual machine

C. n the Cloud Platform Console, increase the size of the persistent disk and verify the new space is ready to use with the fdisk command in Linux

D. n the Cloud Platform Console, create a new persistent disk attached to the virtual machine, format and mount it, and configure the database service to move the files to the new disk

E. n the Cloud Platform Console, create a snapshot of the persistent disk restore the snapshot to a new larger disk, unmount the old disk, mount the new disk and restart the database service

View answer

Correct Answer: A

Question #76

Your organization requires that metrics from all applications be retained for 5 years for future analysis in possible legal proceedings.Which approach should you use?

A. rant the security team access to the logs in each Project

B. onfigure Stackdriver Monitoring for all Projects, and export to BigQuery

C. onfigure Stackdriver Monitoring for all Projects with the default retention policies

D. onfigure Stackdriver Monitoring for all Projects, and export to Google Cloud Storage

View answer

Correct Answer: B

Question #77

You are tasked with building a highly available, fault tolerant web application for your current employer. The security team is concerned about an increase in malicious web-based attacks across the internet and asked what you can do to add a higher level of security to the website.How should you architect the solution on Oracle Cloud Infrastructure (OCI) to meet all requirements defined by your organization? (Choose the best answer.)

A. Deploy at least 3 web application servers, each in a different fault domain, using a regional private subnet

B. Deploy at least 3 web application servers, each in a different fault domain, using a regional private subnet

C. Deploy at least 3 web application servers, each in a different fault domain, using a regional public subnet

D. Deploy at least 3 web application servers, each in a different fault domain, using a regional public subnet

View answer

Correct Answer: D

Question #78

A retail company has recently adopted a hybrid architecture. They have the following requirements for their end-to-end connectivity model between their on- premises data center and Oracle Cloud Infrastructure (OCI) region.-> Highly available connection with service level redundancy-> Dedicated network bandwidth with low latencyWhich connectivity setup is the most cost-effective solution for this scenario? (Choose the best answer.)

A. Setup FastConnect virtual circuit as your primary connection, and an IPSec VPN as a backup connection

B. Setup IPSec VPN as your primary connection, and a FastConnect virtual circuit as a backup connection

C. Setup FastConnect virtual circuit as your primary connection, and a second FastConnect virtual circuit as a backup connection

D. Setup IPSec VPN as your primary connection, and a second IPSec VPN as a backup connection

View answer

Correct Answer: A

Question #79

Your company is moving 75 TB of data into Google Cloud. You want to use Cloud Storage and follow Google- recommended practices. What should you do?

A. ove your data onto a Transfer Appliance

B. ove your data onto a Transfer Appliance

C. nstall gsutil on each server that contains data

D. nstall gsutil on each server containing data

View answer

Correct Answer: A

Question #80

Your customer is receiving reports that their recently updated Google App Engine application is taking approximately 30 seconds to load for some of their users. This behavior was not reported before the update.What strategy should you take?

A. ork with your ISP to diagnose the problem

B. pen a support ticket to ask for network capture and flow data to diagnose the problem, then roll back your application

C. oll back to an earlier known good release initially, then use Stackdriver Trace and Logging to diagnose the problem in a development/test/staging environment

D. oll back to an earlier known good release, then push the release again at a quieter period to investigate

View answer

Correct Answer: C

Question #81

Mountkirk Games wants you to secure the connectivity from the new gaming application platform to Google Cloud. You want to streamline the process and follow Google-recommended practices. What should you do?

A. onfigure Workload Identity and service accounts to be used by the application platform

B. se Kubernetes Secrets, which are obfuscated by default

C. onfigure Kubernetes Secrets to store the secret, enable Application-Layer Secrets Encryption, and use Cloud Key Management Service (Cloud KMS) to manage the encryption keys

D. onfigure HashiCorp Vault on Compute Engine, and use customer managed encryption keys and Cloud Key Management Service (Cloud KMS) to manage the encryption keys

View answer

Correct Answer: A

Question #82

Your development team has created a structured API to retrieve vehicle data. They want to allow third parties to develop tools for dealerships that use this vehicle event data. You want to support delegated authorization against this data.What should you do?

A. uild or leverage an OAuth-compatible access control system

B. uild SAML 2

C. estrict data access based on the source IP address of the partner systems

D. reate secondary credentials for each dealer that can be given to the trusted third party

View answer

Correct Answer: A

Question #83

For this question, refer to the EHR Healthcare case study. You are responsible for ensuring that EHR's use of Google Cloud will pass an upcoming privacy compliance audit. What should you do? (Choose two.)

A. dd a new Dedicated Interconnect connection

B. pgrade the bandwidth on the Dedicated Interconnect connection to 100 G

C. dd three new Cloud VPN connections

D. dd a new Carrier Peering connection

View answer

Correct Answer: BD

Question #84

Operational parameters such as oil pressure are adjustable on each of TerramEarth’s vehicles to increase their efficiency, depending on their environmental conditions. Your primary goal is to increase the operating efficiency of all 20 million cellular and unconnected vehicles in the field.How can you accomplish this goal?

A. ave you engineers inspect the data for patterns, and then create an algorithm with rules that make operational adjustments automatically

B. apture all operating data, train machine learning models that identify ideal operations, and run locally to make operational adjustments automatically

C. mplement a Google Cloud Dataflow streaming job with a sliding window, and use Google Cloud Messaging (GCM) to make operational adjustments automatically

D. apture all operating data, train machine learning models that identify ideal operations, and host in Google Cloud Machine Learning (ML) Platform to make operational adjustments automatically

View answer

Correct Answer: B

Question #85

For this question, refer to the TerramEarth case study. To be compliant with European GDPR regulation, TerramEarth is required to delete data generated from its European customers after a period of 36 months when it contains personal data. In the new architecture, this data will be stored in both Cloud Storage and BigQuery. What should you do?

A. reate a BigQuery table for the European data, and set the table retention period to 36 months

B. reate a BigQuery table for the European data, and set the table retention period to 36 months

C. reate a BigQuery time-partitioned table for the European data, and set the partition expiration period to 36 months

D. reate a BigQuery time-partitioned table for the European data, and set the partition expiration period to 36 months

View answer

Correct Answer: C

Question #86

For this question, refer to the Dress4Win case study. Which of the compute services should be migrated as-is and would still be an optimized architecture for performance in the cloud?

A. eb applications deployed using App Engine standard environment

B. abbitMQ deployed using an unmanaged instance group

C. adoop/Spark deployed using Cloud Dataproc Regional in High Availability mode

D. enkins, monitoring, bastion hosts, security scanners services deployed on custom machine types

View answer

Correct Answer: A

Question #87

For this question, refer to the Helicopter Racing League (HRL) case study. The HRL development team releases a new version of their predictive capability application every Tuesday evening at 3 a.m. UTC to a repository. The security team at HRL has developed an in-house penetration test Cloud Function called Airwolf. The security team wants to run Airwolf against the predictive capability application as soon as it is released every Tuesday. You need to set up Airwolf to run at the recurring weekly cadence. W

A. et up Cloud Tasks and a Cloud Storage bucket that triggers a Cloud Function

B. et up a Cloud Logging sink and a Cloud Storage bucket that triggers a Cloud Function

C. onfigure the deployment job to notify a Pub/Sub queue that triggers a Cloud Function

D. et up Identity and Access Management (IAM) and Confidential Computing to trigger a Cloud Function

View answer

Correct Answer: A

Question #88

A production database virtual machine on Google Compute Engine has an ext4-formatted persistent disk for data files. The database is about to run out of storage space.How can you remediate the problem with the least amount of downtime?

A. n the Cloud Platform Console, increase the size of the persistent disk and use the resize2fs command in Linux

B. hut down the virtual machine, use the Cloud Platform Console to increase the persistent disk size, then restart the virtual machine

C. n the Cloud Platform Console, increase the size of the persistent disk and verify the new space is ready to use with the fdisk command in Linux

D. n the Cloud Platform Console, create a new persistent disk attached to the virtual machine, format and mount it, and configure the database service to move the files to the new disk

E. n the Cloud Platform Console, create a snapshot of the persistent disk restore the snapshot to a new larger disk, unmount the old disk, mount the new disk and restart the database service

View answer

Correct Answer: A

Question #89

Your company has successfully migrated to the cloud and wants to analyze their data stream to optimize operations. They do not have any existing code for this analysis, so they are exploring all their options. These options include a mix of batch and stream processing, as they are running some hourly jobs and live- processing some data as it comes in.Which technology should they use for this?

A. oogle Cloud Dataproc

B. oogle Cloud Dataflow

C. oogle Container Engine with Bigtable

D. oogle Compute Engine with Google BigQuery

View answer

Correct Answer: B

Question #90

JencoMart wants to move their User Profiles database to Google Cloud Platform. Which Google Database should they use?

A. ests should scale well beyond the prior approaches

B. nit tests are no longer required, only end-to-end tests

C. ests should be applied after the release is in the production environment

D. ests should include directly testing the Google Cloud Platform (GCP) infrastructure

View answer

Correct Answer: D

Question #91

For this question, refer to the Dress4Win case study. Dress4Win is expected to grow to 10 times its size in 1 year with a corresponding growth in data and traffic that mirrors the existing patterns of usage. The CIO has set the target of migrating production infrastructure to the cloud within the next 6 months. How will you configure the solution to scale for this growth without making major application changes and still maximize the ROI?

A. igrate the web application layer to App Engine, and MySQL to Cloud Datastore, and NAS to Cloud Storage

B. igrate RabbitMQ to Cloud Pub/Sub, Hadoop to BigQuery, and NAS to Compute Engine with Persistent Disk storage

C. mplement managed instance groups for Tomcat and Nginx

D. mplement managed instance groups for the Tomcat and Nginx

View answer

Correct Answer: D

Question #92

For this question, refer to the TerramEarth case study. You are migrating a Linux-based application from your private data center to Google Cloud. The TerramEarth security team sent you several recent Linux vulnerabilities published by Common Vulnerabilities and Exposures (CVE). You need assistance in understanding how these vulnerabilities could impact your migration. What should you do? (Choose two.)

A. reate a scheduled job in Cloud Run to invoke a container every minute

B. reate a cron job on a Compute Engine VM that runs every minute

C. reate a Cloud Monitoring uptime check to validate the application URL

D. se Cloud Error Reporting to check the application URL

View answer

Correct Answer: AD

Question #93

For this question, refer to the Mountkirk Games case study. You are in charge of the new Game Backend Platform architecture. The game communicates with the backend over a REST API.You want to follow Google-recommended practices. How should you design the backend?

A. reate an instance template for the backend

B. reate an instance template for the backend

C. reate an instance template for the backend

D. reate an instance template for the backend

View answer

Correct Answer: A

Question #94

Your customer support tool logs all email and chat conversations to Cloud Bigtable for retention and analysis. What is the recommended approach for sanitizing this data of personally identifiable information or payment card information before initial storage?

A. ash all data using SHA256

B. ncrypt all data using elliptic curve cryptography

C. e-identify the data with the Cloud Data Loss Prevention API

D. se regular expressions to find and redact phone numbers, email addresses, and credit card numbers

View answer

Correct Answer: C

Question #95

Dress4Win would like to become familiar with deploying applications to the cloud by successfully deploying some applications quickly, as is. They have asked for your recommendation.What should you advise?

A. dentify self-contained applications with external dependencies as a first move to the cloud

B. dentify enterprise applications with internal dependencies and recommend these as a first move to the cloud

C. uggest moving their in-house databases to the cloud and continue serving requests to on-premise applications

D. ecommend moving their message queuing servers to the cloud and continue handling requests to on- premise applications

View answer

Correct Answer: C

Question #96

JencoMart has decided to migrate user profile storage to Google Cloud Datastore and the application servers to Google Compute Engine (GCE). During the migration, the existing infrastructure will need access to Datastore to upload the data.What service account key-management strategy should you recommend?

A. rror rates for requests from Asia

B. atency difference between US and Asia

C. otal visits, error rates, and latency from Asia

D. otal visits and average latency for users from Asia

E. he number of character sets present in the database

View answer

Correct Answer: C

Question #97

You have created several pre-emptible Linux virtual machine instances using Google Compute Engine. You want to properly shut down your application before the virtual machines are preempted.What should you do?

A. dd each tier to a different subnetwork

B. et up software based firewalls on individual VMs

C. dd tags to each tier and set up routes to allow the desired traffic flow

D. dd tags to each tier and set up firewall rules to allow the desired traffic flow

View answer

Correct Answer: C

Question #98

A few days after JencoMart migrates the user credentials database to Google Cloud Platform and shuts down the old server, the new database server stops responding to SSH connections. It is still serving database requests to the application servers correctly.What three steps should you take to diagnose the problem? (Choose three.)

A. rovision service account keys for the on-premises infrastructure and for the GCE virtual machines (VMs)

B. uthenticate the on-premises infrastructure with a user account and provision service account keys for the VMs

C. rovision service account keys for the on-premises infrastructure and use Google Cloud Platform (GCP) managed keys for the VMs

D. eploy a custom authentication service on GCE/Google Kubernetes Engine (GKE) for the on-premises infrastructure and use GCP managed keys for the VMs

View answer

Correct Answer: CDF

Question #99

Your company is migrating its on-premises data center into the cloud. As part of the migration, you want to integrate Google Kubernetes Engine (GKE) for workload orchestration. Parts of your architecture must also be PCI DSS-compliant. Which of the following is most accurate?

A. pp Engine is the only compute platform on GCP that is certified for PCI DSS hosting

B. KE cannot be used under PCI DSS because it is considered shared hosting

C. KE and GCP provide the tools you need to build a PCI DSS-compliant environment

D. ll Google Cloud services are usable because Google Cloud Platform is certified PCI-compliant

View answer

Correct Answer: C

Question #100

For this question, refer to the TerramEarth case study. A new architecture that writes all incoming data to BigQuery has been introduced. You notice that the data is dirty, and want to ensure data quality on an automated daily basis while managing cost.What should you do?

A. et up a streaming Cloud Dataflow job, receiving data by the ingestion process

B. reate a Cloud Function that reads data from BigQuery and cleans it

C. reate a SQL statement on the data in BigQuery, and save it as a view

D. se Cloud Dataprep and configure the BigQuery tables as the source

View answer

Correct Answer: D

Question #101

Which of TerramEarth’s legacy enterprise processes will experience significant change as a result of increased Google Cloud Platform adoption?

A. pex/capex allocation, LAN changes, capacity planning

B. apacity planning, TCO calculations, opex/capex allocation

C. apacity planning, utilization measurement, data center expansion

D. ata Center expansion, TCO calculations, utilization measurement

View answer

Correct Answer: B

Question #102

Your customer went through a recent departmental re-structure. As part of this change, they are organizing their Oracle Cloud Infrastructure (OCI) compartment structure to align with the company"?s new organizational structure.They made the following change:Compartment x is moved, and its parent compartment is now compartment c.

A. Define a policy in the root compartment as follows: Allow group admins to manage subnets in compartment Finance:A:X

B. Define a policy in compartment HR as follows: Allow group networkadmins to manage subnets in compartment C:X

C. Define a policy in the root compartment as follows: Allow group admins to read subnets in compartment HR:C:X

D. Define a policy in compartment C as follows: Allow group networkadmins to read subnets in compartment X

View answer

Correct Answer: BC

Question #103

You are designing an application for use only during business hours. For the minimum viable product release, you’d like to use a managed product that automatically “scales to zero” so you don’t incur costs when there is no activity.Which primary compute resource should you choose?

A. loud Functions

B. ompute Engine

C. oogle Kubernetes Engine

D. ppEngine flexible environment

View answer

Correct Answer: A

Question #104

For this question, refer to the Helicopter Racing League (HRL) case study. The HRL development team releases a new version of their predictive capability application every Tuesday evening at 3 a.m. UTC to a repository. The security team at HRL has developed an in-house penetration test Cloud Function called Airwolf. The security team wants to run Airwolf against the predictive capability application as soon as it is released every Tuesday. You need to set up Airwolf to run at the recurring weekly cadence. W

A. et up Cloud Tasks and a Cloud Storage bucket that triggers a Cloud Function

B. et up a Cloud Logging sink and a Cloud Storage bucket that triggers a Cloud Function

C. onfigure the deployment job to notify a Pub/Sub queue that triggers a Cloud Function

D. et up Identity and Access Management (IAM) and Confidential Computing to trigger a Cloud Function

View answer

Correct Answer: A

Question #105

Your company has multiple on-premises systems that serve as sources for reporting. The data has not been maintained well and has become degraded over time. You want to use Google-recommended practices to detect anomalies in your company data. What should you do?

A. pload your files into Cloud Storage

B. pload your files into Cloud Storage

C. onnect Cloud Datalab to your on-premises systems

D. onnect Cloud Dataprep to your on-premises systems

View answer

Correct Answer: B

Question #106

You have found an error in your App Engine application caused by missing Cloud Datastore indexes. You have created a YAML file with the required indexes and want to deploy these new indexes to Cloud Datastore. What should you do?

A. oint gcloud datastore create-indexes to your configuration file

B. pload the configuration file to App Engine’s default Cloud Storage bucket, and have App Engine detect the new indexes

C. n the GCP Console, use Datastore Admin to delete the current indexes and upload the new configuration file

D. reate an HTTP request to the built-in python module to send the index configuration file to your application

View answer

Correct Answer: A

Question #107

You are designing an application for use only during business hours. For the minimum viable product release, you’d like to use a managed product that automatically “scales to zero” so you don’t incur costs when there is no activity.Which primary compute resource should you choose?

A. loud Functions

B. ompute Engine

C. oogle Kubernetes Engine

D. ppEngine flexible environment

View answer

Correct Answer: A

Question #108

Your web application must comply with the requirements of the European Union’s General Data Protection Regulation (GDPR). You are responsible for the technical architecture of your web application. What should you do?

A. nsure that your web application only uses native features and services of Google Cloud Platform, because Google already has various certifications and provides “pass-on” compliance when you use native features

B. nable the relevant GDPR compliance setting within the GCPConsole for each of the services in use within your application

C. nsure that Cloud Security Scanner is part of your test planning strategy in order to pick up any compliance gaps

D. efine a design for the security of data in your web application that meets GDPR requirements

View answer

Correct Answer: D

Question #109

For this question, refer to the TerramEarth case study. Considering the technical requirements, how should you reduce the unplanned vehicle downtime in GCP?

A. se BigQuery as the data warehouse

B. se BigQuery as the data warehouse

C. se Cloud Dataproc Hive as the data warehouse

D. se Cloud Dataproc Hive as the data warehouse

View answer

Correct Answer: A

Question #110

Your company has decided to make a major revision of their API in order to create better experiences for their developers. They need to keep the old version of the API available and deployable, while allowing new customers and testers to try out the new API. They want to keep the same SSL and DNS records in place to serve both APIs.What should they do?

A. onfigure a new load balancer for the new version of the API

B. econfigure old clients to use a new endpoint for the new API

C. ave the old API forward traffic to the new API based on the path

D. se separate backend pools for each API path behind the load balancer

View answer

Correct Answer: D

Question #111

For this question, refer to the Helicopter Racing League (HRL) case study. The HRL development team releases a new version of their predictive capability application every Tuesday evening at 3 a.m. UTC to a repository. The security team at HRL has developed an in-house penetration test Cloud Function called Airwolf. The security team wants to run Airwolf against the predictive capability application as soon as it is released every Tuesday. You need to set up Airwolf to run at the recurring weekly cadence. W

A. et up Cloud Tasks and a Cloud Storage bucket that triggers a Cloud Function

B. et up a Cloud Logging sink and a Cloud Storage bucket that triggers a Cloud Function

C. onfigure the deployment job to notify a Pub/Sub queue that triggers a Cloud Function

D. et up Identity and Access Management (IAM) and Confidential Computing to trigger a Cloud Function

View answer

Correct Answer: A

Question #112

Your organization requires that metrics from all applications be retained for 5 years for future analysis in possible legal proceedings.Which approach should you use?

A. rant the security team access to the logs in each Project

B. onfigure Stackdriver Monitoring for all Projects, and export to BigQuery

C. onfigure Stackdriver Monitoring for all Projects with the default retention policies

D. onfigure Stackdriver Monitoring for all Projects, and export to Google Cloud Storage

View answer

Correct Answer: B

Question #113

As part of Dress4Win's plans to migrate to the cloud, they want to be able to set up a managed logging and monitoring system so they can handle spikes in their traffic load.They want to ensure that:* The infrastructure can be notified when it needs to scale up and down to handle the ebb and flow of usage throughout the day* Their administrators are notified automatically when their application reports errors.* They can filter their aggregated logs down in order to debug one piece of the application across m

A. ogging, Alerts, Insights, Debug

B. onitoring, Trace, Debug, Logging

C. onitoring, Logging, Alerts, Error Reporting

D. onitoring, Logging, Debug, Error Report

View answer

Correct Answer: D

Question #114

Your organization requires that metrics from all applications be retained for 5 years for future analysis in possible legal proceedings.Which approach should you use?

A. rant the security team access to the logs in each Project

B. onfigure Stackdriver Monitoring for all Projects, and export to BigQuery

C. onfigure Stackdriver Monitoring for all Projects with the default retention policies

D. onfigure Stackdriver Monitoring for all Projects, and export to Google Cloud Storage

View answer

Correct Answer: B

Question #115

You are migrating your on-premises solution to Google Cloud in several phases. You will use Cloud VPN to maintain a connection between your on-premises systems and Google Cloud until the migration is completed. You want to make sure all your on-premise systems remain reachable during this period. How should you organize your networking in Google Cloud?

A. se the same IP range on Google Cloud as you use on-premises

B. se the same IP range on Google Cloud as you use on-premises for your primary IP range and use a secondary range that does not overlap with the range you use on-premises

C. se an IP range on Google Cloud that does not overlap with the range you use on-premises

D. se an IP range on Google Cloud that does not overlap with the range you use on-premises for your primary IP range and use a secondary range with the same IP range as you use on-premises

View answer

Correct Answer: D

Question #116

You need to set up Microsoft SQL Server on GCP. Management requires that there’s no downtime in case of a data center outage in any of the zones within a GCP region. What should you do?

A. onfigure a Cloud SQL instance with high availability enabled

B. onfigure a Cloud Spanner instance with a regional instance configuration

C. et up SQL Server on Compute Engine, using Always On Availability Groups using Windows Failover Clustering

D. et up SQL Server Always On Availability Groups using Windows Failover Clustering

View answer

Correct Answer: D

Question #117

At Dress4Win, an operations engineer wants to create a tow-cost solution to remotely archive copies of database backup files.The database files are compressed tar files stored in their current data center. How should he proceed?

A. reate a cron script using gsutil to copy the files to a Coldline Storage bucket

B. reate a cron script using gsutil to copy the files to a Regional Storage bucket

C. reate a Cloud Storage Transfer Service Job to copy the files to a Coldline Storage bucket

D. reate a Cloud Storage Transfer Service job to copy the files to a Regional Storage bucket

View answer

Correct Answer: A

Question #118

Dress4Win has configured a new uptime check with Google Stackdriver for several of their legacy services. The Stackdriver dashboard is not reporting the services as healthy.What should they do?

A. nstall the Stackdriver agent on all of the legacy web servers

B. n the Cloud Platform Console download the list of the uptime servers' IP addresses and create an inbound firewall rule

C. onfigure their load balancer to pass through the User-Agent HTTP header when the value matches GoogleStackdriverMonitoring-UptimeChecks (https://cloud

D. onfigure their legacy web servers to allow requests that contain user-Agent HTTP header when the value matches GoogleStackdriverMonitoring-UptimeChecks (https://cloud

View answer

Correct Answer: B

Question #119

For this question, refer to the Dress4Win case study. To be legally compliant during an audit, Dress4Win must be able to give insights in all administrative actions that modify the configuration or metadata of resources on Google Cloud.What should you do?

A. se Stackdriver Trace to create a Trace list analysis

B. se Stackdriver Monitoring to create a dashboard on the project’s activity

C. nable Cloud Identity-Aware Proxy in all projects, and add the group of Administrators as a member

D. se the Activity page in the GCP Console and Stackdriver Logging to provide the required insight

View answer

Correct Answer: D

Question #120

You are using Cloud Shell and need to install a custom utility for use in a few weeks. Where can you store the file so it is in the default execution path and persists across sessions?

A. /bin

B. loud Storage

C. google/scripts

D. usr/local/bin

View answer

Correct Answer: A

Question #121

You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?

A. reate a service account (SA) in the legacy game’s Google Cloud project, add a second SA in the new game’s IAM page, and then give the Organization Admin role to both SAs

B. reate a service account (SA) in the legacy game’s Google Cloud project, give the SA the Organization Admin role, and then give it the Firebase Admin role in both projects

C. reate a service account (SA) in the legacy game’s Google Cloud project, add this SA in the new game’s IAM page, and then give it the Firebase Admin role in both projects

D. reate a service account (SA) in the legacy game’s Google Cloud project, give it the Firebase Admin role, and then migrate the new game to the legacy game’s project

View answer

Correct Answer: C

Question #122

Your web application must comply with the requirements of the European Union’s General Data Protection Regulation (GDPR). You are responsible for the technical architecture of your web application. What should you do?

A. nsure that your web application only uses native features and services of Google Cloud Platform, because Google already has various certifications and provides “pass-on” compliance when you use native features

B. nable the relevant GDPR compliance setting within the GCPConsole for each of the services in use within your application

C. nsure that Cloud Security Scanner is part of your test planning strategy in order to pick up any compliance gaps

D. efine a design for the security of data in your web application that meets GDPR requirements

View answer

Correct Answer: D

Question #123

You are designing a mobile chat application. You want to ensure people cannot spoof chat messages, by providing a message were sent by a specific user.What should you do?

A. ag messages client side with the originating user identifier and the destination user

B. ncrypt the message client side using block-based encryption with a shared key

C. se public key infrastructure (PKI) to encrypt the message client side using the originating user's private key

D. se a trusted certificate authority to enable SSL connectivity between the client application and the server

View answer

Correct Answer: C

Question #124

You need to upload files from your on-premises environment to Cloud Storage. You want the files to be encrypted on Cloud Storage using customer-supplied encryption keys. What should you do?

A. upply the encryption key in a

B. upply the encryption key using gcloud config

C. se gsutil to upload the files, and use the flag --encryption-key to supply the encryption key

D. se gsutil to create a bucket, and use the flag --encryption-key to supply the encryption key

View answer

Correct Answer: A

Question #125

You are using Cloud Shell and need to install a custom utility for use in a few weeks. Where can you store the file so it is in the default execution path and persists across sessions?

A. /bin

B. loud Storage

C. google/scripts

D. usr/local/bin

View answer

Correct Answer: A

Question #126

You deploy your custom Java application to Google App Engine. It fails to deploy and gives you the following stack trace.What should you do?

A. pload missing JAR files and redeploy your application

B. igitally sign all of your JAR files and redeploy your application

C. ecompile the CLoakedServlet class using and MD5 hash instead of SHA1

View answer

Correct Answer: B

Question #127

Dress4Win has end-to-end tests covering 100% of their endpoints.They want to ensure that the move to the cloud does not introduce any new bugs. Which additional testing methods should the developers employ to prevent an outage?

A. hey should enable Google Stackdriver Debugger on the application code to show errors in the code

B. hey should add additional unit tests and production scale load tests on their cloud staging environment

C. hey should run the end-to-end tests in the cloud staging environment to determine if the code is working as intended

D. hey should add canary tests so developers can measure how much of an impact the new release causes to latency

View answer

Correct Answer: B

Question #128

To reduce costs, the Director of Engineering has required all developers to move their development infrastructure resources from on-premises virtual machines (VMs) to Google Cloud Platform. These resources go through multiple start/stop events during the day and require state to persist. You have been asked to design the process of running a development environment in Google Cloud while providing cost visibility to the finance department.Which two steps should you take? (Choose two.)

A. nsure that a firewall rules exists to allow source traffic on HTTP/HTTPS to reach the load balancer

B. ssign a public IP to each instance and configure a firewall rule to allow the load balancer to reach the instance public IP

C. nsure that a firewall rule exists to allow load balancer health checks to reach the instances in the instance group

D. reate a tag on each instance with the name of the load balancer

View answer

Correct Answer: AD

Question #129

You are running a cluster on Kubernetes Engine (GKE) to serve a web application. Users are reporting that a specific part of the application is not responding anymore. You notice that all pods of your deployment keep restarting after 2 seconds. The application writes logs to standard output. You want to inspect the logs to find the cause of the issue. Which approach can you take?

A. eview the Stackdriver logs for each Compute Engine instance that is serving as a node in the cluster

B. eview the Stackdriver logs for the specific GKE container that is serving the unresponsive part of the application

C. onnect to the cluster using gcloud credentials and connect to a container in one of the pods to read the logs

D. eview the Serial Port logs for each Compute Engine instance that is serving as a node in the cluster

View answer

Correct Answer: B

Question #130

Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?

A. erform a mapping of the on-premises physical hardware cores and RAM to the nearest machine types in the cloud

B. ecommend that Dress4Win deploy application servers to machine types that offer the highest RAM to CPU ratio available

C. ecommend that Dress4Win deploy into production with the smallest instances available, monitor them over time, and scale the machine type up until the desired performance is reached

D. dentify the number of virtual cores and RAM associated with the application server virtual machines align them to a custom machine type in the cloud, monitor performance, and scale the machine types up until the desired performance is reached

View answer

Correct Answer: C

Question #131

Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process.What should you do?

A. reate custom Google Stackdriver alerts and send them to the auditor

B. nable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor

C. se cloud functions to transfer log entries to Google Cloud SQL and use ACLs and views to limit an auditor’s view

D. nable Google Cloud Storage (GCS) log export to audit logs into a GCS bucket and delegate access to the bucket

View answer

Correct Answer: D

Question #132

A small number of API requests to your microservices-based application take a very long time. You know that each request to the API can traverse many services. You want to know which service takes the longest in those cases.What should you do?

A. se a different database

B. hoose larger instances for your database

C. reate snapshots of your database more regularly

D. mplement routinely scheduled failovers of your databases

View answer

Correct Answer: D

Question #133

Your customer is moving an existing corporate application to Google Cloud Platform from an on-premises data center. The business owners require minimal user disruption. There are strict security team requirements for storing passwords.What authentication strategy should they use?

A. se G Suite Password Sync to replicate passwords into Google

B. ederate authentication via SAML 2

C. rovision users in Google using the Google Cloud Directory Sync tool

D. sk users to set their Google password to match their corporate password

View answer

Correct Answer: C

Question #134

Your development team has installed a new Linux kernel module on the batch servers in Google Compute Engine (GCE) virtual machines (VMs) to speed up the nightly batch process. Two days after the installation, 50% of the batch servers failed the nightly batch run. You want to collect details on the failure to pass back to the development team.Which three actions should you take? (Choose three.)

A. og in to a server, and iterate on the fox locally

B. evert the source code change, and rerun the deployment pipeline

C. og into the servers with the bad code change, and swap in the previous code

D. hange the instance group template to the previous one, and delete all instances

View answer

Correct Answer: ACE

Question #135

For this question, refer to the TerramEarth case study. TerramEarth has about 1 petabyte (PB) of vehicle testing data in a private data center. You want to move the data to Cloud Storage for your machine learning team. Currently, a 1-Gbps interconnect link is available for you. The machine learning team wants to start using the data in a month. What should you do?

A. equest Transfer Appliances from Google Cloud, export the data to appliances, and return the appliances to Google Cloud

B. onfigure the Storage Transfer service from Google Cloud to send the data from your data center to Cloud Storage

C. ake sure there are no other users consuming the 1Gbps link, and use multi-thread transfer to upload the data to Cloud Storage

D. xport files to an encrypted USB device, send the device to Google Cloud, and request an import of the data to Cloud Storage

View answer

Correct Answer: D

Question #136

You have an application deployed on Google Kubernetes Engine using a Deployment named echo- deployment. The deployment is exposed using a Service called echo-service. You need to perform an update to the application with minimal downtime to the application. What should you do?

A. se kubectl set image deployment/echo-deployment

B. se the rolling update functionality of the Instance Group behind the Kubernetes cluster

C. pdate the deployment yaml file with the new container image

D. pdate the service yaml file which the new container image

View answer

Correct Answer: A

Question #137

Company overview -EHR Healthcare is a leading provider of electronic health record software to the medical industry. EHR Healthcare provides their software as a service to multi- national medical offices, hospitals, and insurance providers.Solution concept -Due to rapid changes in the healthcare and insurance industry, EHR Healthcare's business has been growing exponentially year over year. They need to be able to scale their environment, adapt their disaster recovery plan, and roll out new continuous deplo

A. Enable Binary Authorization on GKE, and sign containers as part of a CI/CD pipeline

B. Configure Jenkins to utilize Kritis to cryptographically sign a container as part of a CI/CD pipeline

C. Configure Container Registry to only allow trusted service accounts to create and deploy containers from the registry

D. Configure Container Registry to use vulnerability scanning to confirm that there are no vulnerabilities before deploying the workload

View answer

Correct Answer: AB

Question #138

For this question, refer to the Helicopter Racing League (HRL) case study. HRL is looking for a cost-effective approach for storing their race data such as telemetry. They want to keep all historical records, train models using only the previous season's data, and plan for data growth in terms of volume and information collected. You need to propose a data solution. Considering HRL business requirements and the goals expressed by CEO S. Hawke, what should you do?

A. se Firestore for its scalable and flexible document-based database

B. se Cloud Spanner for its scalability and ability to version schemas with zero downtime

C. se BigQuery for its scalability and ability to add columns to a schema

D. se Cloud SQL for its ability to automatically manage storage increases and compatibility with MySQL

View answer

Correct Answer: C

Question #139

For this question, refer to the Dress4Win case study. You are responsible for the security of data stored in Cloud Storage for your company, Dress4Win. You have already created a set of Google Groups and assigned the appropriate users to those groups. You should use Google best practices and implement the simplest design to meet the requirements.Considering Dress4Win’s business and technical requirements, what should you do?

A. ssign custom IAM roles to the Google Groups you created in order to enforce security requirements

B. ssign custom IAM roles to the Google Groups you created in order to enforce security requirements

C. ssign predefined IAM roles to the Google Groups you created in order to enforce security requirements

D. ssign predefined IAM roles to the Google Groups you created in order to enforce security requirements

View answer

Correct Answer: C

Question #140

A lead engineer wrote a custom tool that deploys virtual machines in the legacy data center. He wants to migrate the custom tool to the new cloud environment. You want to advocate for the adoption of Google Cloud Deployment Manager.What are two business risks of migrating to Cloud Deployment Manager? (Choose two.)

A. oogle Kubernetes Engine, Jenkins, and Helm

B. oogle Kubernetes Engine and Cloud Load Balancing

C. oogle Kubernetes Engine and Cloud Deployment Manager

D. oogle Kubernetes Engine, Jenkins, and Cloud Load Balancing

View answer

Correct Answer: BF

Question #141

As part of Dress4Win's plans to migrate to the cloud, they want to be able to set up a managed logging and monitoring system so they can handle spikes in their traffic load.They want to ensure that:* The infrastructure can be notified when it needs to scale up and down to handle the ebb and flow of usage throughout the day* Their administrators are notified automatically when their application reports errors.* They can filter their aggregated logs down in order to debug one piece of the application across m

A. ogging, Alerts, Insights, Debug

B. onitoring, Trace, Debug, Logging

C. onitoring, Logging, Alerts, Error Reporting

D. onitoring, Logging, Debug, Error Report

View answer

Correct Answer: D

Question #142

You need to reduce the number of unplanned rollbacks of erroneous production deployments in your company’s web hosting platform. Improvement to the QA/Test processes accomplished an 80% reduction.Which additional two approaches can you take to further reduce the rollbacks? (Choose two.)

A. lat file

B. oSQL

C. elational

D. lobstore

View answer

Correct Answer: AC

Question #143

For this question, refer to the Dress4Win case study. You want to ensure that your on-premises architecture meets business requirements before you migrate your solution.What change in the on-premises architecture should you make?

A. eplace RabbitMQ with Google Pub/Sub

B. owngrade MySQL to v5

C. esize compute resources to match predefined Compute Engine machine types

D. ontainerize the micro-services and host them in Google Kubernetes Engine

View answer

Correct Answer: C

Question #144

For this question, refer to the Dress4Win case study. Dress4Win is expected to grow to 10 times its size in 1 year with a corresponding growth in data and traffic that mirrors the existing patterns of usage. The CIO has set the target of migrating production infrastructure to the cloud within the next 6 months. How will you configure the solution to scale for this growth without making major application changes and still maximize the ROI?

A. igrate the web application layer to App Engine, and MySQL to Cloud Datastore, and NAS to Cloud Storage

B. igrate RabbitMQ to Cloud Pub/Sub, Hadoop to BigQuery, and NAS to Compute Engine with Persistent Disk storage

C. mplement managed instance groups for Tomcat and Nginx

D. mplement managed instance groups for the Tomcat and Nginx

View answer

Correct Answer: D

Question #145

You are creating a solution to remove backup files older than 90 days from your backup Cloud Storage bucket. You want to optimize ongoing Cloud Storage spend.What should you do?

A. rite a lifecycle management rule in XML and push it to the bucket with gsutil

B. rite a lifecycle management rule in JSON and push it to the bucket with gsutil

C. chedule a cron script using gsutil ls –lr gs://backups/** to find and remove items older than 90 days

D. chedule a cron script using gsutil ls –l gs://backups/** to find and remove items older than 90 days and schedule it with cron

View answer

Correct Answer: B

Question #146

For this question, refer to the Mountkirk Games case study. You are in charge of the new Game Backend Platform architecture. The game communicates with the backend over a REST API.You want to follow Google-recommended practices. How should you design the backend?

A. reate an instance template for the backend

B. reate an instance template for the backend

C. reate an instance template for the backend

D. reate an instance template for the backend

View answer

Correct Answer: A

DON'T WANT TO MISS A THING?

100% Pass Cisco, PMP, CISA, CISM, AWS Practice test on SALE!
Get Now

Conquer the Google Professional Cloud Architect Exam with Comprehensive Study Materials

View Answers after Submission

DON'T WANT TO MISS A THING?

100% Pass Cisco, PMP, CISA, CISM, AWS Practice test on SALE! Get Now

Conquer the Google Professional Cloud Architect Exam with Comprehensive Study Materials

View Answers after Submission

100% Pass Cisco, PMP, CISA, CISM, AWS Practice test on SALE!
Get Now