DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Boost Your Performance in the Google Professional Cloud Architect Exam with Practice Tests

Achieving the Google Cloud Certified Professional Cloud Architect certification is a testament to your expertise in designing, developing, and managing robust cloud solutions on the Google Cloud Platform. However, preparing for this challenging exam requires a comprehensive understanding of cloud architecture, Google technologies, and best practices. SPOTO's exam questions and answers, test questions, and mock exams provide invaluable resources for your exam preparation journey. SPOTO's exam questions cover a wide range of topics, including cloud architecture, solution design, security, scalability, and hybrid environments, ensuring that you have a comprehensive understanding of the subject matter. Additionally, their study materials and exam resources provide realistic scenarios and mock exams, allowing you to practice and identify areas that require further attention. By utilizing these resources, you can gain confidence and increase your chances of passing the exam successfully on your first attempt.
Take other online exams

Question #1
For this question, refer to the TerramEarth case study. TerramEarth has decided to store data files in Cloud Storage. You need to configure Cloud Storage lifecycle rule to store 1 year of data and minimize file storage cost.Which two actions should you take?
A. reate a Cloud Storage lifecycle rule with Age: “30”, Storage Class: “Standard”, and Action: “Set to Coldline”, and create a second GCS life-cycle rule with Age: “365”, Storage Class: “Coldline”, and Action: “Delete”
B. reate a Cloud Storage lifecycle rule with Age: “30”, Storage Class: “Coldline”, and Action: “Set to Nearline”, and create a second GCS life-cycle rule with Age: “91”, Storage Class: “Coldline”, and Action: “Set to Nearline”
C. reate a Cloud Storage lifecycle rule with Age: “90”, Storage Class: “Standard”, and Action: “Set to Nearline”, and create a second GCS life-cycle rule with Age: “91”, Storage Class: “Nearline”, and Action: “Set to Coldline”
D. reate a Cloud Storage lifecycle rule with Age: “30”, Storage Class: “Standard”, and Action: “Set to Coldline”, and create a second GCS life-cycle rule with Age: “365”, Storage Class: “Nearline”, and Action: “Delete”
View answer
Correct Answer: A

View The Updated Professional Cloud Architect Exam Questions

SPOTO Provides 100% Real Professional Cloud Architect Exam Questions for You to Pass Your Professional Cloud Architect Exam!

Question #2
Your company wants to start using Google Cloud resources but wants to retain their on-premises Active Directory domain controller for identity management. What should you do?
A. se the Admin Directory API to authenticate against the Active Directory domain controller
B. se Google Cloud Directory Sync to synchronize Active Directory usernames with cloud identities and configure SAML SSO
C. se Cloud Identity-Aware Proxy configured to use the on-premises Active Directory domain controller as an identity provider
D. se Compute Engine to create an Active Directory (AD) domain controller that is a replica of the on- premises AD domain controller using Google Cloud Directory Sync
View answer
Correct Answer: B
Question #3
Google Cloud Platform resources are managed hierarchically using organization, folders, and projects. When Cloud Identity and Access Management (IAM) policies exist at these different levels, what is the effective policy at a particular node of the hierarchy?
A. he effective policy is determined only by the policy set at the node
B. he effective policy is the policy set at the node and restricted by the policies of its ancestors
C. he effective policy is the union of the policy set at the node and policies inherited from its ancestors
D. he effective policy is the intersection of the policy set at the node and policies inherited from its ancestors
View answer
Correct Answer: C
Question #4
You have been asked to select the storage system for the click-data of your company’s large portfolio of websites. This data is streamed in from a custom website analytics package at a typical rate of 6,000 clicks per minute. With bursts of up to 8,500 clicks per second. It must have been stored for future analysis by your data science and user experience teams.Which storage infrastructure should you choose?
A. oogle Cloud SQL
B. oogle Cloud Bigtable
C. oogle Cloud Storage
D. oogle Cloud Datastore
View answer
Correct Answer: B
Question #5
Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication.Which networking approach should you use?
A. oogle Cloud Dedicated Interconnect
B. oogle Cloud VPN connected to the data center network
C. NAT and TLS translation gateway installed on-premises
D. Google Compute Engine instance with a VPN server installed connected to the data center network
View answer
Correct Answer: A
Question #6
The development team has provided you with a Kubernetes Deployment file. You have no infrastructure yet and need to deploy the application. What should you do?
A. se gcloud to create a Kubernetes cluster
B. se gcloud to create a Kubernetes cluster
C. se kubectl to create a Kubernetes cluster
D. se kubectl to create a Kubernetes cluster
View answer
Correct Answer: B
Question #7
For this question, refer to the EHR Healthcare case study. You need to define the technical architecture for securely deploying workloads to Google Cloud. You also need to ensure that only verified containers are deployed using Google Cloud services. What should you do? (Choose two.)
A. onfigure two Partner Interconnect connections in one metro (City), and make sure the Interconnect connections are placed in different metro zones
B. onfigure two VPN connections from on-premises to Google Cloud, and make sure the VPN devices on- premises are in separate racks
C. onfigure Direct Peering between EHR Healthcare and Google Cloud, and make sure you are peering at least two Google locations
D. onfigure two Dedicated Interconnect connections in one metro (City) and two connections in another metro, and make sure the Interconnect connections are placed in different metro zones
View answer
Correct Answer: AB
Question #8
Company Overview -Dress4Win is a web-based company that helps their users organize and manage their personal wardrobe using a web app and mobile application. The company also cultivates an active social network that connects their users with designers and retailers. They monetize their services through advertising, e-commerce, referrals, and a freemium app model. The application has grown from a few servers in the founder?€?s garage to several hundred servers and appliances in a colocated data center. Howev
A. Replace RabbitMQ with Google Pub/Sub
B. Downgrade MySQL to v5
C. Resize compute resources to match predefined Compute Engine machine types
D. Containerize the micro-services and host them in Google Kubernetes Engine
View answer
Correct Answer: C
Question #9
The TerramEarth development team wants to create an API to meet the company’s business requirements. You want the development team to focus their development effort on business value versus creating a custom framework.Which method should they use?
A. se Google App Engine with Google Cloud Endpoints
B. se Google App Engine with a JAX-RS Jersey Java-based framework
C. se Google App Engine with the Swagger (Open API Specification) framework
D. se Google Container Engine with a Django Python container
E. se Google Container Engine with a Tomcat container with the Swagger (Open API Specification) framework
View answer
Correct Answer: A
Question #10
You have an application deployed on Google Kubernetes Engine using a Deployment named echo- deployment. The deployment is exposed using a Service called echo-service. You need to perform an update to the application with minimal downtime to the application. What should you do?
A. se kubectl set image deployment/echo-deployment
B. se the rolling update functionality of the Instance Group behind the Kubernetes cluster
C. pdate the deployment yaml file with the new container image
D. pdate the service yaml file which the new container image
View answer
Correct Answer: A
Question #11
For this question, refer to the EHR Healthcare case study. You are responsible for ensuring that EHR's use of Google Cloud will pass an upcoming privacy compliance audit. What should you do? (Choose two.)
A. dd a new Dedicated Interconnect connection
B. pgrade the bandwidth on the Dedicated Interconnect connection to 100 G
C. dd three new Cloud VPN connections
D. dd a new Carrier Peering connection
View answer
Correct Answer: BD
Question #12
As part of Dress4Win's plans to migrate to the cloud, they want to be able to set up a managed logging and monitoring system so they can handle spikes in their traffic load.They want to ensure that:* The infrastructure can be notified when it needs to scale up and down to handle the ebb and flow of usage throughout the day* Their administrators are notified automatically when their application reports errors.* They can filter their aggregated logs down in order to debug one piece of the application across m
A. ogging, Alerts, Insights, Debug
B. onitoring, Trace, Debug, Logging
C. onitoring, Logging, Alerts, Error Reporting
D. onitoring, Logging, Debug, Error Report
View answer
Correct Answer: D
Question #13
Mountkirk Games wants you to secure the connectivity from the new gaming application platform to Google Cloud. You want to streamline the process and follow Google-recommended practices. What should you do?
A. onfigure Workload Identity and service accounts to be used by the application platform
B. se Kubernetes Secrets, which are obfuscated by default
C. onfigure Kubernetes Secrets to store the secret, enable Application-Layer Secrets Encryption, and use Cloud Key Management Service (Cloud KMS) to manage the encryption keys
D. onfigure HashiCorp Vault on Compute Engine, and use customer managed encryption keys and Cloud Key Management Service (Cloud KMS) to manage the encryption keys
View answer
Correct Answer: A
Question #14
Company overview -Helicopter Racing League (HRL) is a global sports league for competitive helicopter racing. Each year HRL holds the world championship and several regional league competitions where teams compete to earn a spot in the world championship. HRL offers a paid service to stream the races all over the world with live telemetry and predictions throughout each race.Solution concept -HRL wants to migrate their existing service to a new platform to expand their use of managed AI and ML services to f
A. Set up Cloud Tasks and a Cloud Storage bucket that triggers a Cloud Function
B. Set up a Cloud Logging sink and a Cloud Storage bucket that triggers a Cloud Function
C. Configure the deployment job to notify a Pub/Sub queue that triggers a Cloud Function
D. Set up Identity and Access Management (IAM) and Confidential Computing to trigger a Cloud Function
View answer
Correct Answer: A
Question #15
For this question, refer to the TerramEarth case study. You have broken down a legacy monolithic application into a few containerized RESTful microservices. You want to run those microservices on Cloud Run. You also want to make sure the services are highly available with low latency to your customers. What should you do?
A. eploy Cloud Run services to multiple availability zones
B. eploy Cloud Run services to multiple regions
C. eploy Cloud Run services to multiple regions
D. eploy Cloud Run services to multiple availability zones
View answer
Correct Answer: C
Question #16
Mountkirk Games wants you to design their new testing strategy. How should the test coverage differ from their existing backends on the other platforms?
A. reate a scalable environment in GCP for simulating production load
B. se the existing infrastructure to test the GCP-based backend at scale
C. uild stress tests into each component of your application using resources internal to GCP to simulate load
D. reate a set of static environments in GCP to test different levels of load – for example, high, medium, and low
View answer
Correct Answer: A
Question #17
For this question, refer to the EHR Healthcare case study. In the past, configuration errors put public IP addresses on backend servers that should not have been accessible from the Internet. You need to ensure that no one can put external IP addresses on backend Compute Engine instances and that external IP addresses can only be configured on frontend Compute Engine instances. What should you do?
A. reate an Organizational Policy with a constraint to allow external IP addresses only on the frontend Compute Engine instances
B. evoke the compute
C. reate an Identity and Access Management (IAM) policy that maps the IT staff to thecompute
D. reate a custom Identity and Access Management (IAM) role named GCE_FRONTEND with the compute
View answer
Correct Answer: D
Question #18
For this question, refer to the Helicopter Racing League (HRL) case study. HRL is looking for a cost-effective approach for storing their race data such as telemetry. They want to keep all historical records, train models using only the previous season's data, and plan for data growth in terms of volume and information collected. You need to propose a data solution. Considering HRL business requirements and the goals expressed by CEO S. Hawke, what should you do?
A. se Firestore for its scalable and flexible document-based database
B. se Cloud Spanner for its scalability and ability to version schemas with zero downtime
C. se BigQuery for its scalability and ability to add columns to a schema
D. se Cloud SQL for its ability to automatically manage storage increases and compatibility with MySQL
View answer
Correct Answer: C
Question #19
You are creating a solution to remove backup files older than 90 days from your backup Cloud Storage bucket. You want to optimize ongoing Cloud Storage spend.What should you do?
A. rite a lifecycle management rule in XML and push it to the bucket with gsutil
B. rite a lifecycle management rule in JSON and push it to the bucket with gsutil
C. chedule a cron script using gsutil ls –lr gs://backups/** to find and remove items older than 90 days
D. chedule a cron script using gsutil ls –l gs://backups/** to find and remove items older than 90 days and schedule it with cron
View answer
Correct Answer: B
Question #20
Mountkirk Games’ gaming servers are not automatically scaling properly. Last month, they rolled out a new feature, which suddenly became very popular. A record number of users are trying to use the service, but many of them are getting 503 errors and very slow response times. What should they investigate first?
A. erify that the database is online
B. erify that the project quota hasn’t been exceeded
C. erify that the new feature code did not introduce any performance bugs
D. erify that the load-testing team is not running their tool against production
View answer
Correct Answer: B
Question #21
You are working in a highly secured environment where public Internet access from the Compute Engine VMs is not allowed. You do not yet have a VPN connection to access an on-premises file server. You need to install specific software on a Compute Engine instance. How should you install the software?
A. pload the required installation files to Cloud Storage
B. pload the required installation files to Cloud Storage and use firewall rules to block all traffic except the IP address range for Cloud Storage
C. pload the required installation files to Cloud Source Repositories
D. pload the required installation files to Cloud Source Repositories and use firewall rules to block all traffic except the IP address range for Cloud Source Repositories
View answer
Correct Answer: B
Question #22
For this question, refer to the EHR Healthcare case study. You are responsible for designing the Google Cloud network architecture for Google Kubernetes Engine. You want to follow Google best practices. Considering the EHR Healthcare business and technical requirements, what should you do to reduce the attack surface?
A. se a private cluster with a private endpoint with master authorized networks configured
B. se a public cluster with firewall rules and Virtual Private Cloud (VPC) routes
C. se a private cluster with a public endpoint with master authorized networks configured
D. se a public cluster with master authorized networks enabled and firewall rules
View answer
Correct Answer: C
Question #23
For this question, refer to the EHR Healthcare case study. You are a developer on the EHR customer portal team. Your team recently migrated the customer portal application to Google Cloud. The load has increased on the application servers, and now the application is logging many timeout errors. You recently incorporated Pub/Sub into the application architecture, and the application is not logging any Pub/Sub publishing errors.You want to improve publishing latency. What should you do?
A. ncrease the Pub/Sub Total Timeout retry value
B. ove from a Pub/Sub subscriber pull model to a push model
C. urn off Pub/Sub message batching
D. reate a backup Pub/Sub message queue
View answer
Correct Answer: A
Question #24
Your company is migrating its on-premises data center into the cloud. As part of the migration, you want to integrate Google Kubernetes Engine (GKE) for workload orchestration. Parts of your architecture must also be PCI DSS-compliant. Which of the following is most accurate?
A. pp Engine is the only compute platform on GCP that is certified for PCI DSS hosting
B. KE cannot be used under PCI DSS because it is considered shared hosting
C. KE and GCP provide the tools you need to build a PCI DSS-compliant environment
D. ll Google Cloud services are usable because Google Cloud Platform is certified PCI-compliant
View answer
Correct Answer: C
Question #25
You have a Python web application with many dependencies that requires 0.1 CPU cores and 128 MB of memory to operate in production. You want to monitor and maximize machine utilization. You also want to reliably deploy new versions of the application. Which set of steps should you take?
A. erform the following:1
B. erform the following:1
C. erform the following:1
D. erform the following:1
View answer
Correct Answer: B
Question #26
The development team has provided you with a Kubernetes Deployment file. You have no infrastructure yet and need to deploy the application. What should you do?
A. se gcloud to create a Kubernetes cluster
B. se gcloud to create a Kubernetes cluster
C. se kubectl to create a Kubernetes cluster
D. se kubectl to create a Kubernetes cluster
View answer
Correct Answer: B
Question #27
You are creating an App Engine application that uses Cloud Datastore as its persistence layer. You need to retrieve several root entities for which you have the identifiers. You want to minimize the overhead in operations performed by Cloud Datastore. What should you do?
A. reate the Key object for each Entity and run a batch get operation
B. reate the Key object for each Entity and run multiple get operations, one operation for each entity
C. se the identifiers to create a query filter and run a batch query operation
D. se the identifiers to create a query filter and run multiple query operations, one operation for each entity
View answer
Correct Answer: A
Question #28
Which of TerramEarth’s legacy enterprise processes will experience significant change as a result of increased Google Cloud Platform adoption?
A. pex/capex allocation, LAN changes, capacity planning
B. apacity planning, TCO calculations, opex/capex allocation
C. apacity planning, utilization measurement, data center expansion
D. ata Center expansion, TCO calculations, utilization measurement
View answer
Correct Answer: B
Question #29
Mountkirk Games’ gaming servers are not automatically scaling properly. Last month, they rolled out a new feature, which suddenly became very popular. A record number of users are trying to use the service, but many of them are getting 503 errors and very slow response times. What should they investigate first?
A. erify that the database is online
B. erify that the project quota hasn’t been exceeded
C. erify that the new feature code did not introduce any performance bugs
D. erify that the load-testing team is not running their tool against production
View answer
Correct Answer: B
Question #30
A lead engineer wrote a custom tool that deploys virtual machines in the legacy data center. He wants to migrate the custom tool to the new cloud environment. You want to advocate for the adoption of Google Cloud Deployment Manager.What are two business risks of migrating to Cloud Deployment Manager? (Choose two.)
A. oogle Kubernetes Engine, Jenkins, and Helm
B. oogle Kubernetes Engine and Cloud Load Balancing
C. oogle Kubernetes Engine and Cloud Deployment Manager
D. oogle Kubernetes Engine, Jenkins, and Cloud Load Balancing
View answer
Correct Answer: BF
Question #31
The migration of JencoMart’s application to Google Cloud Platform (GCP) is progressing too slowly. The infrastructure is shown in the diagram. You want to maximize throughput.What are three potential bottlenecks? (Choose three.)
A. loud Spanner
B. oogle BigQuery
C. oogle Cloud SQL
D. oogle Cloud Datastore
View answer
Correct Answer: ACE
Question #32
Mountkirk Games wants you to secure the connectivity from the new gaming application platform to Google Cloud. You want to streamline the process and follow Google-recommended practices. What should you do?
A. onfigure Workload Identity and service accounts to be used by the application platform
B. se Kubernetes Secrets, which are obfuscated by default
C. onfigure Kubernetes Secrets to store the secret, enable Application-Layer Secrets Encryption, and use Cloud Key Management Service (Cloud KMS) to manage the encryption keys
D. onfigure HashiCorp Vault on Compute Engine, and use customer managed encryption keys and Cloud Key Management Service (Cloud KMS) to manage the encryption keys
View answer
Correct Answer: A
Question #33
Your development team has installed a new Linux kernel module on the batch servers in Google Compute Engine (GCE) virtual machines (VMs) to speed up the nightly batch process. Two days after the installation, 50% of the batch servers failed the nightly batch run. You want to collect details on the failure to pass back to the development team.Which three actions should you take? (Choose three.)
A. og in to a server, and iterate on the fox locally
B. evert the source code change, and rerun the deployment pipeline
C. og into the servers with the bad code change, and swap in the previous code
D. hange the instance group template to the previous one, and delete all instances
View answer
Correct Answer: ACE
Question #34
For this question, refer to the Helicopter Racing League (HRL) case study. Your team is in charge of creating a payment card data vault for card numbers used to bill tens of thousands of viewers, merchandise consumers, and season ticket holders. You need to implement a custom card tokenization service that meets the following requirements:•It must provide low latency at minimal cost.•It must be able to identify duplicate credit cards and must not store plaintext card numbers.•It should support annual key ro
A. tore the card data in Secret Manager after running a query to identify duplicates
B. ncrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode
C. ncrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances
D. se column-level encryption to store the data in Cloud SQL
View answer
Correct Answer: D
Question #35
For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?
A. reate a token and pass it in as an environment variable to func_display
B. ake func_query 'Require authentication
C. ake func_query 'Require authentication' and only accept internal traffic
D. reate those two functions in the same project and VPC
View answer
Correct Answer: B
Question #36
You analyzed TerramEarth’s business requirement to reduce downtime, and found that they can achieve a majority of time saving by reducing customer’s wait time for parts. You decided to focus on reduction of the 3 weeks aggregate reporting time.Which modifications to the company’s processes should you recommend?
A. igrate from CSV to binary format, migrate from FTP to SFTP transport, and develop machine learning analysis of metrics
B. igrate from FTP to streaming transport, migrate from CSV to binary format, and develop machine learning analysis of metrics
C. ncrease fleet cellular connectivity to 80%, migrate from FTP to streaming transport, and develop machine learning analysis of metrics
D. igrate from FTP to SFTP transport, develop machine learning analysis of metrics, and increase dealer local inventory by a fixed factor
View answer
Correct Answer: C
Question #37
For this question, refer to the Dress4Win case study. You are responsible for the security of data stored in Cloud Storage for your company, Dress4Win. You have already created a set of Google Groups and assigned the appropriate users to those groups. You should use Google best practices and implement the simplest design to meet the requirements.Considering Dress4Win’s business and technical requirements, what should you do?
A. ssign custom IAM roles to the Google Groups you created in order to enforce security requirements
B. ssign custom IAM roles to the Google Groups you created in order to enforce security requirements
C. ssign predefined IAM roles to the Google Groups you created in order to enforce security requirements
D. ssign predefined IAM roles to the Google Groups you created in order to enforce security requirements
View answer
Correct Answer: C
Question #38
For this question, refer to the EHR Healthcare case study. You are responsible for designing the Google Cloud network architecture for Google Kubernetes Engine. You want to follow Google best practices. Considering the EHR Healthcare business and technical requirements, what should you do to reduce the attack surface?
A. se a private cluster with a private endpoint with master authorized networks configured
B. se a public cluster with firewall rules and Virtual Private Cloud (VPC) routes
C. se a private cluster with a public endpoint with master authorized networks configured
D. se a public cluster with master authorized networks enabled and firewall rules
View answer
Correct Answer: C
Question #39
Company Overview -Dress4Win is a web-based company that helps their users organize and manage their personal wardrobe using a web app and mobile application. The company also cultivates an active social network that connects their users with designers and retailers. They monetize their services through advertising, e-commerce, referrals, and a freemium app model. The application has grown from a few servers in the founder?€?s garage to several hundred servers and appliances in a colocated data center. Howev
A. Web applications deployed using App Engine standard environment
B. RabbitMQ deployed using an unmanaged instance group
C. Hadoop/Spark deployed using Cloud Dataproc Regional in High Availability mode
D. Jenkins, monitoring, bastion hosts, security scanners services deployed on custom machine types
View answer
Correct Answer: A
Question #40
The database administration team has asked you to help them improve the performance of their new database server running on Google Compute Engine. The database is for importing and normalizing their performance statistics and is built with MySQL running on Debian Linux. They have an n1-standard-8 virtual machine with 80 GB of SSD persistent disk.What should they change to get better performance from this system?
A. ncrease the virtual machine’s memory to 64 GB
B. reate a new virtual machine running PostgreSQL
C. ynamically resize the SSD persistent disk to 500 GB
D. igrate their performance metrics warehouse to BigQuery
E. odify all of their batch jobs to use bulk inserts into the database
View answer
Correct Answer: C
Question #41
Your company is forecasting a sharp increase in the number and size of Apache Spark and Hadoop jobs being run on your local datacenter. You want to utilize the cloud to help you scale this upcoming demand with the least amount of operations work and code change.Which product should you use?
A. oogle Cloud Dataflow
B. oogle Cloud Dataproc
C. oogle Compute Engine
D. oogle Kubernetes Engine
View answer
Correct Answer: B
Question #42
You are building a continuous deployment pipeline for a project stored in a Git source repository and want to ensure that code changes can be verified before deploying to production. What should you do?
A. se Spinnaker to deploy builds to production using the red/black deployment strategy so that changes can easily be rolled back
B. se Spinnaker to deploy builds to production and run tests on production deployments
C. se Jenkins to build the staging branches and the master branch
D. se Jenkins to monitor tags in the repository
View answer
Correct Answer: C
Question #43
Your company is migrating its on-premises data center into the cloud. As part of the migration, you want to integrate Google Kubernetes Engine (GKE) for workload orchestration. Parts of your architecture must also be PCI DSS-compliant. Which of the following is most accurate?
A. pp Engine is the only compute platform on GCP that is certified for PCI DSS hosting
B. KE cannot be used under PCI DSS because it is considered shared hosting
C. KE and GCP provide the tools you need to build a PCI DSS-compliant environment
D. ll Google Cloud services are usable because Google Cloud Platform is certified PCI-compliant
View answer
Correct Answer: C
Question #44
You have found an error in your App Engine application caused by missing Cloud Datastore indexes. You have created a YAML file with the required indexes and want to deploy these new indexes to Cloud Datastore. What should you do?
A. oint gcloud datastore create-indexes to your configuration file
B. pload the configuration file to App Engine’s default Cloud Storage bucket, and have App Engine detect the new indexes
C. n the GCP Console, use Datastore Admin to delete the current indexes and upload the new configuration file
D. reate an HTTP request to the built-in python module to send the index configuration file to your application
View answer
Correct Answer: A
Question #45
For this question, refer to the TerramEarth case study. TerramEarth has about 1 petabyte (PB) of vehicle testing data in a private data center. You want to move the data to Cloud Storage for your machine learning team. Currently, a 1-Gbps interconnect link is available for you. The machine learning team wants to start using the data in a month. What should you do?
A. equest Transfer Appliances from Google Cloud, export the data to appliances, and return the appliances to Google Cloud
B. onfigure the Storage Transfer service from Google Cloud to send the data from your data center to Cloud Storage
C. ake sure there are no other users consuming the 1Gbps link, and use multi-thread transfer to upload the data to Cloud Storage
D. xport files to an encrypted USB device, send the device to Google Cloud, and request an import of the data to Cloud Storage
View answer
Correct Answer: D
Question #46
Your development teams release new versions of games running on Google Kubernetes Engine (GKE) daily. You want to create service level indicators (SLIs) to evaluate the quality of the new versions from the user’s perspective. What should you do?
A. reate CPU Utilization and Request Latency as service level indicators
B. reate GKE CPU Utilization and Memory Utilization as service level indicators
C. reate Request Latency and Error Rate as service level indicators
D. reate Server Uptime and Error Rate as service level indicators
View answer
Correct Answer: A
Question #47
For this question, refer to the EHR Healthcare case study. You are a developer on the EHR customer portal team. Your team recently migrated the customer portal application to Google Cloud. The load has increased on the application servers, and now the application is logging many timeout errors. You recently incorporated Pub/Sub into the application architecture, and the application is not logging any Pub/Sub publishing errors.You want to improve publishing latency. What should you do?
A. ncrease the Pub/Sub Total Timeout retry value
B. ove from a Pub/Sub subscriber pull model to a push model
C. urn off Pub/Sub message batching
D. reate a backup Pub/Sub message queue
View answer
Correct Answer: A
Question #48
For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?
A. reate a token and pass it in as an environment variable to func_display
B. ake func_query 'Require authentication
C. ake func_query 'Require authentication' and only accept internal traffic
D. reate those two functions in the same project and VPC
View answer
Correct Answer: B
Question #49
The Dress4Win security team has disabled external SSH access into production virtual machines (VMs) on Google Cloud Platform (GCP).The operations team needs to remotely manage the VMs, build and push Docker containers, and manage Google Cloud Storage objects.What can they do?
A. rant the operations engineer access to use Google Cloud Shell
B. onfigure a VPN connection to GCP to allow SSH access to the cloud VMs
C. evelop a new access request process that grants temporary SSH access to cloud VMs when an operations engineer needs to perform a task
D. ave the development team build an API service that allows the operations team to execute specific remote procedure calls to accomplish their tasks
View answer
Correct Answer: A
Question #50
TerramEarth plans to connect all 20 million vehicles in the field to the cloud. This increases the volume to 20 million 600 byte records a second for 40 TB an hour.How should you design the data ingestion?
A. ehicles write data directly to GCS
B. ehicles write data directly to Google Cloud Pub/Sub
C. ehicles stream data directly to Google BigQuery
D. ehicles continue to write data using the existing system (FTP)
View answer
Correct Answer: C
Question #51
The database administration team has asked you to help them improve the performance of their new database server running on Google Compute Engine. The database is for importing and normalizing their performance statistics and is built with MySQL running on Debian Linux. They have an n1-standard-8 virtual machine with 80 GB of SSD persistent disk.What should they change to get better performance from this system?
A. ncrease the virtual machine’s memory to 64 GB
B. reate a new virtual machine running PostgreSQL
C. ynamically resize the SSD persistent disk to 500 GB
D. igrate their performance metrics warehouse to BigQuery
E. odify all of their batch jobs to use bulk inserts into the database
View answer
Correct Answer: C
Question #52
For this question, refer to the Helicopter Racing League (HRL) case study. A recent finance audit of cloud infrastructure noted an exceptionally high number of Compute Engine instances are allocated to do video encoding and transcoding. You suspect that these Virtual Machines are zombie machines that were not deleted after their workloads completed. You need to quickly get a list of which VM instances are idle. What should you do?
A. og into each Compute Engine instance and collect disk, CPU, memory, and network usage statistics for analysis
B. se the gcloud compute instances list to list the virtual machine instances that have the idle: true label set
C. se the gcloud recommender command to list the idle virtual machine instances
D. rom the Google Console, identify which Compute Engine instances in the managed instance groups are no longer responding to health check probes
View answer
Correct Answer: A
Question #53
Mountkirk Games’ gaming servers are not automatically scaling properly. Last month, they rolled out a new feature, which suddenly became very popular. A record number of users are trying to use the service, but many of them are getting 503 errors and very slow response times. What should they investigate first?
A. erify that the database is online
B. erify that the project quota hasn’t been exceeded
C. erify that the new feature code did not introduce any performance bugs
D. erify that the load-testing team is not running their tool against production
View answer
Correct Answer: B
Question #54
The current Dress4Win system architecture has high latency to some customers because it is located in one data center.As of a future evaluation and optimizing for performance in the cloud, Dresss4Win wants to distribute its system architecture to multiple locations when Google cloud platform.Which approach should they use?
A. se regional managed instance groups and a global load balancer to increase performance because the regional managed instance group can grow instances in each region separately based on traffic
B. se a global load balancer with a set of virtual machines that forward the requests to a closer group of virtual machines managed by your operations team
C. se regional managed instance groups and a global load balancer to increase reliability by providing automatic failover between zones in different regions
D. se a global load balancer with a set of virtual machines that forward the requests to a closer group of virtual machines as part of a separate managed instance groups
View answer
Correct Answer: A
Question #55
For this question, refer to the Mountkirk Games case study. You need to analyze and define the technical architecture for the database workloads for your company, Mountkirk Games. Considering the business and technical requirements, what should you do?
A. se Cloud SQL for time series data, and use Cloud Bigtable for historical data queries
B. se Cloud SQL to replace MySQL, and use Cloud Spanner for historical data queries
C. se Cloud Bigtable to replace MySQL, and use BigQuery for historical data queries
D. se Cloud Bigtable for time series data, use Cloud Spanner for transactional data, and use BigQuery for historical data queries
View answer
Correct Answer: C
Question #56
For this question, refer to the Mountkirk Games case study. You need to analyze and define the technical architecture for the compute workloads for your company, Mountkirk Games. Considering the Mountkirk Games business and technical requirements, what should you do?
A. eploy failure injection software to the game analytics platform that can inject additional latency to mobile client analytics traffic
B. uild a test client that can be run from a mobile phone emulator on a Compute Engine virtual machine, and run multiple copies in Google Cloud Platform regions all over the world to generate realistic traffic
C. dd the ability to introduce a random amount of delay before beginning to process analytics files uploaded from mobile devices
D. reate an opt-in beta of the game that runs on players’ mobile devices and collects response times from analytics endpoints running in Google Cloud Platform regions all over the world
View answer
Correct Answer: D
Question #57
You are running a cluster on Kubernetes Engine (GKE) to serve a web application. Users are reporting that a specific part of the application is not responding anymore. You notice that all pods of your deployment keep restarting after 2 seconds. The application writes logs to standard output. You want to inspect the logs to find the cause of the issue. Which approach can you take?
A. eview the Stackdriver logs for each Compute Engine instance that is serving as a node in the cluster
B. eview the Stackdriver logs for the specific GKE container that is serving the unresponsive part of the application
C. onnect to the cluster using gcloud credentials and connect to a container in one of the pods to read the logs
D. eview the Serial Port logs for each Compute Engine instance that is serving as a node in the cluster
View answer
Correct Answer: B
Question #58
Your company wants to try out the cloud with low risk. They want to archive approximately 100 TB of their log data to the cloud and test the analytics features available to them there, while also retaining that data as a long-term disaster recovery backup.Which two steps should you take? (Choose two.)
A. ultiple Organizations with multiple Folders
B. ultiple Organizations, one for each department
C. single Organization with Folders for each department
D. single Organization with multiple projects, each with a central owner
View answer
Correct Answer: AE
Question #59
For this question, refer to the TerramEarth case study. TerramEarth has a legacy web application that you cannot migrate to cloud. However, you still want to build a cloud-native way to monitor the application. If the application goes down, you want the URL to point to a "Site is unavailable" page as soon as possible. You also want your Ops team to receive a notification for the issue. You need to build a reliable solution for minimum cost. What should you do?
A. onfigure a trigger in Cloud Build for new source changes
B. onfigure a trigger in Cloud Build for new source changes
C. reate a Scheduler job to check the repo every minute
D. onfigure a trigger in Cloud Build for new source changes
View answer
Correct Answer: A
Question #60
You need to reduce the number of unplanned rollbacks of erroneous production deployments in your company’s web hosting platform. Improvement to the QA/Test processes accomplished an 80% reduction.Which additional two approaches can you take to further reduce the rollbacks? (Choose two.)
A. lat file
B. oSQL
C. elational
D. lobstore
View answer
Correct Answer: AC
Question #61
Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication.Which networking approach should you use?
A. oogle Cloud Dedicated Interconnect
B. oogle Cloud VPN connected to the data center network
C. NAT and TLS translation gateway installed on-premises
D. Google Compute Engine instance with a VPN server installed connected to the data center network
View answer
Correct Answer: A
Question #62
Dress4Win has configured a new uptime check with Google Stackdriver for several of their legacy services. The Stackdriver dashboard is not reporting the services as healthy.What should they do?
A. nstall the Stackdriver agent on all of the legacy web servers
B. n the Cloud Platform Console download the list of the uptime servers' IP addresses and create an inbound firewall rule
C. onfigure their load balancer to pass through the User-Agent HTTP header when the value matches GoogleStackdriverMonitoring-UptimeChecks (https://cloud
D. onfigure their legacy web servers to allow requests that contain user-Agent HTTP header when the value matches GoogleStackdriverMonitoring-UptimeChecks (https://cloud
View answer
Correct Answer: B
Question #63
You need to implement a network ingress for a new game that meets the defined business and technical requirements. Mountkirk Games wants each regional game instance to be located in multiple Google Cloud regions. What should you do?
A. onfigure a global load balancer connected to a managed instance group running Compute Engine instances
B. onfigure kubemci with a global load balancer and Google Kubernetes Engine
C. onfigure a global load balancer with Google Kubernetes Engine
D. onfigure Ingress for Anthos with a global load balancer and Google Kubernetes Engine
View answer
Correct Answer: A
Question #64
You are working as a solutions architect for an online retail store in Frankfurt which uses multiple compute instance VMs spread among three availability domains in the eu-frankfurt-1 region. You noticed the website is having very high traffic, so you enabled autoscaling to suffice the needs of your application but, you observed that one of the availability domains is not receiving any traffic.What could be wrong in this situation? (Choose the best answer.)
A. Autoscaling only works with single availability domains
B. You forgot to attach a load balancer to your instance pool configuration
C. You have to manually add all three availability domains to your load balancer configuration
D. Autoscaling is using an Instance Pool configured to create instances in two availability Domains
E. Autoscaling can be enabled for multiple availability domains only in uk-london-1 region
View answer
Correct Answer: D
Question #65
Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?
A. erform a mapping of the on-premises physical hardware cores and RAM to the nearest machine types in the cloud
B. ecommend that Dress4Win deploy application servers to machine types that offer the highest RAM to CPU ratio available
C. ecommend that Dress4Win deploy into production with the smallest instances available, monitor them over time, and scale the machine type up until the desired performance is reached
D. dentify the number of virtual cores and RAM associated with the application server virtual machines align them to a custom machine type in the cloud, monitor performance, and scale the machine types up until the desired performance is reached
View answer
Correct Answer: C
Question #66
Dress4Win would like to become familiar with deploying applications to the cloud by successfully deploying some applications quickly, as is. They have asked for your recommendation.What should you advise?
A. dentify self-contained applications with external dependencies as a first move to the cloud
B. dentify enterprise applications with internal dependencies and recommend these as a first move to the cloud
C. uggest moving their in-house databases to the cloud and continue serving requests to on-premise applications
D. ecommend moving their message queuing servers to the cloud and continue handling requests to on- premise applications
View answer
Correct Answer: C
Question #67
Your customer wants to capture multiple GBs of aggregate real-time key performance indicators (KPIs) from their game servers running on Google Cloud Platform and monitor the KPIs with low latency. How should they capture the KPIs?
A. tore time-series data from the game servers in Google Bigtable, and view it using Google Data Studio
B. utput custom metrics to Stackdriver from the game servers, and create a Dashboard in Stackdriver Monitoring Console to view them
C. chedule BigQuery load jobs to ingest analytics files uploaded to Cloud Storage every ten minutes, and visualize the results in Google Data Studio
D. nsert the KPIs into Cloud Datastore entities, and run ad hoc analysis and visualizations of them in Cloud Datalab
View answer
Correct Answer: A
Question #68
Company overview -EHR Healthcare is a leading provider of electronic health record software to the medical industry. EHR Healthcare provides their software as a service to multi- national medical offices, hospitals, and insurance providers.Solution concept -Due to rapid changes in the healthcare and insurance industry, EHR Healthcare's business has been growing exponentially year over year. They need to be able to scale their environment, adapt their disaster recovery plan, and roll out new continuous deplo
A. Add a new Dedicated Interconnect connection
B. Upgrade the bandwidth on the Dedicated Interconnect connection to 100 G
C. Add three new Cloud VPN connections
D. Add a new Carrier Peering connection
View answer
Correct Answer: D
Question #69
You need to evaluate your team readiness for a new GCP project. You must perform the evaluation and create a skills gap plan which incorporates the business goal of cost optimization. Your team has deployed two GCP projects successfully to date. What should you do?
A. llocate budget for team training
B. llocate budget for team training
C. llocate budget to hire skilled external consultants
D. llocate budget to hire skilled external consultants
View answer
Correct Answer: A
Question #70
A news feed web service has the following code running on Google App Engine. During peak load, users report that they can see news articles they already viewed.What is the most likely cause of this problem?
A. irect them to download and install the Google StackDriver logging agent
B. end them a list of online resources about logging best practices
C. elp them define their requirements and assess viable logging tools
D. elp them upgrade their current tool to take advantage of any new features
View answer
Correct Answer: A
Question #71
For this question, refer to the Dress4Win case study. Which of the compute services should be migrated as-is and would still be an optimized architecture for performance in the cloud?
A. eb applications deployed using App Engine standard environment
B. abbitMQ deployed using an unmanaged instance group
C. adoop/Spark deployed using Cloud Dataproc Regional in High Availability mode
D. enkins, monitoring, bastion hosts, security scanners services deployed on custom machine types
View answer
Correct Answer: A
Question #72
To speed up data retrieval, more vehicles will be upgraded to cellular connections and be able to transmit data to the ETL process. The current FTP process is error-prone and restarts the data transfer from the start of the file when connections fail, which happens often. You want to improve the reliability of the solution and minimize data transfer time on the cellular connections.What should you do?
A. se one Google Container Engine cluster of FTP servers
B. se multiple Google Container Engine clusters running FTP servers located in different regions
C. irectly transfer the files to different Google Cloud Multi-Regional Storage bucket locations in US, EU, and Asia using Google APIs over HTTP(S)
D. irectly transfer the files to a different Google Cloud Regional Storage bucket location in US, EU, and Asia using Google APIs over HTTP(S)
View answer
Correct Answer: D
Question #73
Your company has successfully migrated to the cloud and wants to analyze their data stream to optimize operations. They do not have any existing code for this analysis, so they are exploring all their options. These options include a mix of batch and stream processing, as they are running some hourly jobs and live- processing some data as it comes in.Which technology should they use for this?
A. oogle Cloud Dataproc
B. oogle Cloud Dataflow
C. oogle Container Engine with Bigtable
D. oogle Compute Engine with Google BigQuery
View answer
Correct Answer: B
Question #74
You are deploying an application on App Engine that needs to integrate with an on-premises database. For security purposes, your on-premises database must not be accessible through the public internet. What should you do?
A. eploy your application on App Engine standard environment and use App Engine firewall rules to limit access to the open on-premises database
B. eploy your application on App Engine standard environment and use Cloud VPN to limit access to the on- premises database
C. eploy your application on App Engine flexible environment and use App Engine firewall rules to limit access to the on-premises database
D. eploy your application on App Engine flexible environment and use Cloud VPN to limit access to the on- premises database
View answer
Correct Answer: D
Question #75
Your company is using BigQuery as its enterprise data warehouse. Data is distributed over several Google Cloud projects. All queries on BigQuery need to be billed on a single project. You want to make sure that no query costs are incurred on the projects that contain the data. Users should be able to query the datasets, but not edit them.How should you configure users’ access roles?
A. dd all users to a group
B. dd all users to a group
C. dd all users to a group
D. dd all users to a group
View answer
Correct Answer: C
Question #76
Your customer support tool logs all email and chat conversations to Cloud Bigtable for retention and analysis. What is the recommended approach for sanitizing this data of personally identifiable information or payment card information before initial storage?
A. ash all data using SHA256
B. ncrypt all data using elliptic curve cryptography
C. e-identify the data with the Cloud Data Loss Prevention API
D. se regular expressions to find and redact phone numbers, email addresses, and credit card numbers
View answer
Correct Answer: C
Question #77
To reduce costs, the Director of Engineering has required all developers to move their development infrastructure resources from on-premises virtual machines (VMs) to Google Cloud Platform. These resources go through multiple start/stop events during the day and require state to persist. You have been asked to design the process of running a development environment in Google Cloud while providing cost visibility to the finance department.Which two steps should you take? (Choose two.)
A. nsure that a firewall rules exists to allow source traffic on HTTP/HTTPS to reach the load balancer
B. ssign a public IP to each instance and configure a firewall rule to allow the load balancer to reach the instance public IP
C. nsure that a firewall rule exists to allow load balancer health checks to reach the instances in the instance group
D. reate a tag on each instance with the name of the load balancer
View answer
Correct Answer: AD
Question #78
As a part of a migration exercise for an existing on-premises application to Oracle Cloud Infrastructure (OCI), you are required to transfer a 7 TB file to OCI ObjectStorage. You have decided to upload it using the multipart upload functionality of Object Storage.Which two statements are true? (Choose two.)
A. It is possible to split this file into multiple parts using rclone tool provided by Object Storage
B. Contiguous numbers need to be assigned for each part so that Object Storage constructs the object by ordering part numbers in ascending order
C. After initiating a multipart upload by making a CreateMultiPartUpload REST API Call, the upload remains active until you explicitly commit it or about it
D. It is possible to split this file into multiple parts using the APIs provided by Object Storage
E. Active multipart upload can be checked by listing all parts that have been uploaded, however it is not possible to list information for an individual object part in an active multipart upload
View answer
Correct Answer: BC
Question #79
For this question, refer to the Helicopter Racing League (HRL) case study. HRL wants better prediction accuracy from their ML prediction models. They want you to use Google’s AI Platform so HRL can understand and interpret the predictions. What should you do?
A. se Explainable AI
B. se Vision AI
C. se Google Cloud’s operations suite
D. se Jupyter Notebooks
View answer
Correct Answer: A
Question #80
Dress4Win has end-to-end tests covering 100% of their endpoints.They want to ensure that the move to the cloud does not introduce any new bugs. Which additional testing methods should the developers employ to prevent an outage?
A. hey should enable Google Stackdriver Debugger on the application code to show errors in the code
B. hey should add additional unit tests and production scale load tests on their cloud staging environment
C. hey should run the end-to-end tests in the cloud staging environment to determine if the code is working as intended
D. hey should add canary tests so developers can measure how much of an impact the new release causes to latency
View answer
Correct Answer: B
Question #81
For this question, refer to the TerramEarth case study. Considering the technical requirements, how should you reduce the unplanned vehicle downtime in GCP?
A. se BigQuery as the data warehouse
B. se BigQuery as the data warehouse
C. se Cloud Dataproc Hive as the data warehouse
D. se Cloud Dataproc Hive as the data warehouse
View answer
Correct Answer: A
Question #82
As part of their new application experience, Dress4Wm allows customers to upload images of themselves. The customer has exclusive control over who may view these images.Customers should be able to upload images with minimal latency and also be shown their images quickly on the main application page when they log in.Which configuration should Dress4Win use?
A. tore image files in a Google Cloud Storage bucket
B. tore image files in a Google Cloud Storage bucket
C. se a distributed file system to store customers' images
D. se a distributed file system to store customers' images
View answer
Correct Answer: A
Question #83
Company overview -EHR Healthcare is a leading provider of electronic health record software to the medical industry. EHR Healthcare provides their software as a service to multi- national medical offices, hospitals, and insurance providers.Solution concept -Due to rapid changes in the healthcare and insurance industry, EHR Healthcare's business has been growing exponentially year over year. They need to be able to scale their environment, adapt their disaster recovery plan, and roll out new continuous deplo
A. Verify EHR's product usage against the list of compliant products on the Google Cloud compliance page
B. Advise EHR to execute a Business Associate Agreement (BAA) with Google Cloud
C. Use Firebase Authentication for EHR's user facing applications
D. Implement Prometheus to detect and prevent security breaches on EHR's web-based applications
E. Use GKE private clusters for all Kubernetes workloads
View answer
Correct Answer: BD
Question #84
For this question, refer to the TerramEarth case study. You need to implement a reliable, scalable GCP solution for the data warehouse for your company, TerramEarth.Considering the TerramEarth business and technical requirements, what should you do?
A. eplace the existing data warehouse with BigQuery
B. eplace the existing data warehouse with a Compute Engine instance with 96 CPUs
C. eplace the existing data warehouse with BigQuery
D. eplace the existing data warehouse with a Compute Engine instance with 96 CPUs
View answer
Correct Answer: A
Question #85
A development manager is building a new application. He asks you to review his requirements and identify what cloud technologies he can use to meet them. The application must:1. Be based on open-source technology for cloud portability2. Dynamically scale compute capacity based on demand3. Support continuous software delivery4. Run multiple segregated copies of the same application stack5. Deploy application bundles using dynamic templates6. Route network traffic to specific services based on URLWhich combin
A. reate a shutdown script named k99
B. reate a shutdown script registered as a xinetd service in Linux and configure a Stackdriver endpoint check to call the service
C. reate a shutdown script and use it as the value for a new metadata entry with the key shutdown- script in the Cloud Platform Console when you create the new virtual machine instance
D. reate a shutdown script, registered as a xinetd service in Linux, and use the gcloud compute instances add-metadata command to specify the service URL as the value for a new metadata entry with the key shutdown-script-url
View answer
Correct Answer: D
Question #86
A few days after JencoMart migrates the user credentials database to Google Cloud Platform and shuts down the old server, the new database server stops responding to SSH connections. It is still serving database requests to the application servers correctly.What three steps should you take to diagnose the problem? (Choose three.)
A. rovision service account keys for the on-premises infrastructure and for the GCE virtual machines (VMs)
B. uthenticate the on-premises infrastructure with a user account and provision service account keys for the VMs
C. rovision service account keys for the on-premises infrastructure and use Google Cloud Platform (GCP) managed keys for the VMs
D. eploy a custom authentication service on GCE/Google Kubernetes Engine (GKE) for the on-premises infrastructure and use GCP managed keys for the VMs
View answer
Correct Answer: CDF
Question #87
Your development teams release new versions of games running on Google Kubernetes Engine (GKE) daily. You want to create service level indicators (SLIs) to evaluate the quality of the new versions from the user’s perspective. What should you do?
A. reate CPU Utilization and Request Latency as service level indicators
B. reate GKE CPU Utilization and Memory Utilization as service level indicators
C. reate Request Latency and Error Rate as service level indicators
D. reate Server Uptime and Error Rate as service level indicators
View answer
Correct Answer: A
Question #88
Mountkirk Games needs to create a repeatable and configurable mechanism for deploying isolated application environments. Developers and testers can access each other’s environments and resources, but they cannot access staging or production resources. The staging environment needs access to some services from production.What should you do to isolate development environments from staging and production?
A. reate a project for development and test and another for staging and production
B. reate a network for development and test and another for staging and production
C. reate one subnetwork for development and another for staging and production
D. reate one project for development, a second for staging and a third for production
View answer
Correct Answer: D
Question #89
You are designing an application for use only during business hours. For the minimum viable product release, you’d like to use a managed product that automatically “scales to zero” so you don’t incur costs when there is no activity.Which primary compute resource should you choose?
A. loud Functions
B. ompute Engine
C. oogle Kubernetes Engine
D. ppEngine flexible environment
View answer
Correct Answer: A
Question #90
For this question, refer to the Dress4Win case study. You are responsible for the security of data stored in Cloud Storage for your company, Dress4Win. You have already created a set of Google Groups and assigned the appropriate users to those groups. You should use Google best practices and implement the simplest design to meet the requirements.Considering Dress4Win’s business and technical requirements, what should you do?
A. ssign custom IAM roles to the Google Groups you created in order to enforce security requirements
B. ssign custom IAM roles to the Google Groups you created in order to enforce security requirements
C. ssign predefined IAM roles to the Google Groups you created in order to enforce security requirements
D. ssign predefined IAM roles to the Google Groups you created in order to enforce security requirements
View answer
Correct Answer: C
Question #91
You have a Python web application with many dependencies that requires 0.1 CPU cores and 128 MB of memory to operate in production. You want to monitor and maximize machine utilization. You also want to reliably deploy new versions of the application. Which set of steps should you take?
A. erform the following:1
B. erform the following:1
C. erform the following:1
D. erform the following:1
View answer
Correct Answer: B
Question #92
Your company wants to start using Google Cloud resources but wants to retain their on-premises Active Directory domain controller for identity management. What should you do?
A. se the Admin Directory API to authenticate against the Active Directory domain controller
B. se Google Cloud Directory Sync to synchronize Active Directory usernames with cloud identities and configure SAML SSO
C. se Cloud Identity-Aware Proxy configured to use the on-premises Active Directory domain controller as an identity provider
D. se Compute Engine to create an Active Directory (AD) domain controller that is a replica of the on- premises AD domain controller using Google Cloud Directory Sync
View answer
Correct Answer: B
Question #93
Your company plans to migrate a multi-petabyte data set to the cloud. The data set must be available 24hrs a day. Your business analysts have experience only with using a SQL interface.How should you store the data to optimize it for ease of analysis?
A. oad data into Google BigQuery
B. nsert data into Google Cloud SQL
C. ut flat files into Google Cloud Storage
D. tream data into Google Cloud Datastore
View answer
Correct Answer: A
Question #94
Your customer is moving an existing corporate application to Google Cloud Platform from an on-premises data center. The business owners require minimal user disruption. There are strict security team requirements for storing passwords.What authentication strategy should they use?
A. se G Suite Password Sync to replicate passwords into Google
B. ederate authentication via SAML 2
C. rovision users in Google using the Google Cloud Directory Sync tool
D. sk users to set their Google password to match their corporate password
View answer
Correct Answer: C
Question #95
Company Overview -Dress4Win is a web-based company that helps their users organize and manage their personal wardrobe using a web app and mobile application. The company also cultivates an active social network that connects their users with designers and retailers. They monetize their services through advertising, e-commerce, referrals, and a freemium app model. The application has grown from a few servers in the founder?€?s garage to several hundred servers and appliances in a colocated data center. Howev
A. Assign custom IAM roles to the Google Groups you created in order to enforce security requirements
B. Assign custom IAM roles to the Google Groups you created in order to enforce security requirements
C. Assign predefined IAM roles to the Google Groups you created in order to enforce security requirements
D. Assign predefined IAM roles to the Google Groups you created in order to enforce security requirements
View answer
Correct Answer: C
Question #96
Your company’s user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency
A. apture existing users input, and replay captured user load until autoscale is triggered on all layers
B. reate synthetic random user input, replay synthetic load until autoscale logic is triggered on at least one layer, and introduce “chaos” to the system by terminating random resources on both zones
C. xpose the new system to a larger group of users, and increase group size each day until autoscale logic is triggered on all layers
D. apture existing users input, and replay captured user load until resource utilization crosses 80%
View answer
Correct Answer: B
Question #97
Your solution is producing performance bugs in production that you did not see in staging and test environments. You want to adjust your test and deployment procedures to avoid this problem in the future.What should you do?
A. et timeouts on your application so that you can fail requests faster
B. end custom metrics for each of your requests to Stackdriver Monitoring
C. se Stackdriver Monitoring to look for insights that show when your API latencies are high
D. nstrument your application with Stackdriver Trace in order to break down the request latencies at each microservice
View answer
Correct Answer: D
Question #98
The migration of JencoMart’s application to Google Cloud Platform (GCP) is progressing too slowly. The infrastructure is shown in the diagram. You want to maximize throughput.What are three potential bottlenecks? (Choose three.)
A. loud Spanner
B. oogle BigQuery
C. oogle Cloud SQL
D. oogle Cloud Datastore
View answer
Correct Answer: ACE
Question #99
You are working in a highly secured environment where public Internet access from the Compute Engine VMs is not allowed. You do not yet have a VPN connection to access an on-premises file server. You need to install specific software on a Compute Engine instance. How should you install the software?
A. pload the required installation files to Cloud Storage
B. pload the required installation files to Cloud Storage and use firewall rules to block all traffic except the IP address range for Cloud Storage
C. pload the required installation files to Cloud Source Repositories
D. pload the required installation files to Cloud Source Repositories and use firewall rules to block all traffic except the IP address range for Cloud Source Repositories
View answer
Correct Answer: B
Question #100
You are creating a solution to remove backup files older than 90 days from your backup Cloud Storage bucket. You want to optimize ongoing Cloud Storage spend.What should you do?
A. rite a lifecycle management rule in XML and push it to the bucket with gsutil
B. rite a lifecycle management rule in JSON and push it to the bucket with gsutil
C. chedule a cron script using gsutil ls –lr gs://backups/** to find and remove items older than 90 days
D. chedule a cron script using gsutil ls –l gs://backups/** to find and remove items older than 90 days and schedule it with cron
View answer
Correct Answer: B
Question #101
For this question, refer to the EHR Healthcare case study. In the past, configuration errors put public IP addresses on backend servers that should not have been accessible from the Internet. You need to ensure that no one can put external IP addresses on backend Compute Engine instances and that external IP addresses can only be configured on frontend Compute Engine instances. What should you do?
A. reate an Organizational Policy with a constraint to allow external IP addresses only on the frontend Compute Engine instances
B. evoke the compute
C. reate an Identity and Access Management (IAM) policy that maps the IT staff to thecompute
D. reate a custom Identity and Access Management (IAM) role named GCE_FRONTEND with the compute
View answer
Correct Answer: D
Question #102
An online registration system is currently hosted on one large Oracle Cloud Infrastructure (OCI) Bare metal compute instance with attached block volumes to store all of the users"? data. The registration system accepts the information from the user, including documents and photos and then performs automated verification and processing to check is the user is eligible for registration.The registration system becomes unavailable at times, when there is a surge of users using the system. The existing architect
A. Upgrade your architecture to use a pool of Bare metal servers and configure them to use their local SSDs for faster data access
B. Change your architecture to use an OCI Object Storage standard tier bucket; replace the single bare metal instance with an Oracle Streaming Service (OSS) to ingest the incoming requests and distribute the tasks to a group of compute instances with Auto Scaling
C. Attach more Block volumes as the data volume increases, use Oracle Notification Service (ONS) to distribute tasks to a pool of compute instances working in parallel, and Auto Scaling to dynamically size the pool of instances depending on the number of notifications received from the Notification Service
D. Upgrade your architecture to use more Block volumes as the data volume increases
View answer
Correct Answer: D
Question #103
You need to reduce the number of unplanned rollbacks of erroneous production deployments in your company’s web hosting platform. Improvement to the QA/Test processes accomplished an 80% reduction.Which additional two approaches can you take to further reduce the rollbacks? (Choose two.)
A. lat file
B. oSQL
C. elational
D. lobstore
View answer
Correct Answer: AC
Question #104
The database administration team has asked you to help them improve the performance of their new database server running on Google Compute Engine. The database is for importing and normalizing their performance statistics and is built with MySQL running on Debian Linux. They have an n1-standard-8 virtual machine with 80 GB of SSD persistent disk.What should they change to get better performance from this system?
A. ncrease the virtual machine’s memory to 64 GB
B. reate a new virtual machine running PostgreSQL
C. ynamically resize the SSD persistent disk to 500 GB
D. igrate their performance metrics warehouse to BigQuery
E. odify all of their batch jobs to use bulk inserts into the database
View answer
Correct Answer: C
Question #105
You want to ensure Dress4Win's sales and tax records remain available for infrequent viewing by auditors for at least 10 years.Cost optimization is your top priority. Which cloud services should you choose?
A. oogle Cloud Storage Coldline to store the data, and gsutil to access the data
B. oogle Cloud Storage Nearline to store the data, and gsutil to access the data
C. oogle Bigtabte with US or EU as location to store the data, and gcloud to access the data
D. igQuery to store the data, and a web server cluster in a managed instance group to access the data
View answer
Correct Answer: A
Question #106
Your development team has created a structured API to retrieve vehicle data. They want to allow third parties to develop tools for dealerships that use this vehicle event data. You want to support delegated authorization against this data.What should you do?
A. uild or leverage an OAuth-compatible access control system
B. uild SAML 2
C. estrict data access based on the source IP address of the partner systems
D. reate secondary credentials for each dealer that can be given to the trusted third party
View answer
Correct Answer: A
Question #107
For this question, refer to the TerramEarth case study. TerramEarth has decided to store data files in Cloud Storage. You need to configure Cloud Storage lifecycle rule to store 1 year of data and minimize file storage cost.Which two actions should you take?
A. reate a Cloud Storage lifecycle rule with Age: “30”, Storage Class: “Standard”, and Action: “Set to Coldline”, and create a second GCS life-cycle rule with Age: “365”, Storage Class: “Coldline”, and Action: “Delete”
B. reate a Cloud Storage lifecycle rule with Age: “30”, Storage Class: “Coldline”, and Action: “Set to Nearline”, and create a second GCS life-cycle rule with Age: “91”, Storage Class: “Coldline”, and Action: “Set to Nearline”
C. reate a Cloud Storage lifecycle rule with Age: “90”, Storage Class: “Standard”, and Action: “Set to Nearline”, and create a second GCS life-cycle rule with Age: “91”, Storage Class: “Nearline”, and Action: “Set to Coldline”
D. reate a Cloud Storage lifecycle rule with Age: “30”, Storage Class: “Standard”, and Action: “Set to Coldline”, and create a second GCS life-cycle rule with Age: “365”, Storage Class: “Nearline”, and Action: “Delete”
View answer
Correct Answer: A
Question #108
For this question, refer to the TerramEarth case study. You need to implement a reliable, scalable GCP solution for the data warehouse for your company, TerramEarth.Considering the TerramEarth business and technical requirements, what should you do?
A. eplace the existing data warehouse with BigQuery
B. eplace the existing data warehouse with a Compute Engine instance with 96 CPUs
C. eplace the existing data warehouse with BigQuery
D. eplace the existing data warehouse with a Compute Engine instance with 96 CPUs
View answer
Correct Answer: A
Question #109
The development team has provided you with a Kubernetes Deployment file. You have no infrastructure yet and need to deploy the application. What should you do?
A. se gcloud to create a Kubernetes cluster
B. se gcloud to create a Kubernetes cluster
C. se kubectl to create a Kubernetes cluster
D. se kubectl to create a Kubernetes cluster
View answer
Correct Answer: B
Question #110
Your company has decided to make a major revision of their API in order to create better experiences for their developers. They need to keep the old version of the API available and deployable, while allowing new customers and testers to try out the new API. They want to keep the same SSL and DNS records in place to serve both APIs.What should they do?
A. onfigure a new load balancer for the new version of the API
B. econfigure old clients to use a new endpoint for the new API
C. ave the old API forward traffic to the new API based on the path
D. se separate backend pools for each API path behind the load balancer
View answer
Correct Answer: D
Question #111
Your customer is moving an existing corporate application to Google Cloud Platform from an on-premises data center. The business owners require minimal user disruption. There are strict security team requirements for storing passwords.What authentication strategy should they use?
A. se G Suite Password Sync to replicate passwords into Google
B. ederate authentication via SAML 2
C. rovision users in Google using the Google Cloud Directory Sync tool
D. sk users to set their Google password to match their corporate password
View answer
Correct Answer: C
Question #112
For this question, refer to the Helicopter Racing League (HRL) case study. Recently HRL started a new regional racing league in Cape Town, South Africa. In an effort to give customers in Cape Town a better user experience, HRL has partnered with the Content Delivery Network provider, Fastly. HRL needs to allow traffic coming from all of the Fastly IP address ranges into their Virtual Private Cloud network (VPC network). You are a member of the HRL security team and you need to configure the update that will
A. cloud compute security-policies rules update 1000 \\--security-policy from-fastly \\--src-ip-ranges * \\--action “allow”
B. cloud compute firewall rules update sourceiplist-fastly \\--priority 100 \\--allow tcp:443
C. cloud compute firewall rules update hir-policy \\--priority 100 \\--target-tags=sourceiplist-fastly \\--allow tcp:443
D. cloud compute security-policies rules update 1000 \\--security-policy hir-policy \\--expression “evaluatePreconfiguredExpr(‘sourceiplist-fastly’)” \\--action “allow”
View answer
Correct Answer: A
Question #113
Operational parameters such as oil pressure are adjustable on each of TerramEarth’s vehicles to increase their efficiency, depending on their environmental conditions. Your primary goal is to increase the operating efficiency of all 20 million cellular and unconnected vehicles in the field.How can you accomplish this goal?
A. ave you engineers inspect the data for patterns, and then create an algorithm with rules that make operational adjustments automatically
B. apture all operating data, train machine learning models that identify ideal operations, and run locally to make operational adjustments automatically
C. mplement a Google Cloud Dataflow streaming job with a sliding window, and use Google Cloud Messaging (GCM) to make operational adjustments automatically
D. apture all operating data, train machine learning models that identify ideal operations, and host in Google Cloud Machine Learning (ML) Platform to make operational adjustments automatically
View answer
Correct Answer: B
Question #114
An application development team believes their current logging tool will not meet their needs for their new cloud-based product. They want a better tool to capture errors and help them analyze their historical log dat
A. irect them to download and install the Google StackDriver logging agent
B. end them a list of online resources about logging best practices
C. elp them define their requirements and assess viable logging tools
D. elp them upgrade their current tool to take advantage of any new features
View answer
Correct Answer: C
Question #115
For this question, refer to the Mountkirk Games case study. Mountkirk Games wants to migrate from their current analytics and statistics reporting model to one that meets their technical requirements on Google Cloud Platform.Which two steps should be part of their migration plan? (Choose two.)
A. reate network load balancers
B. reate network load balancers
C. reate a global load balancer with managed instance groups and autoscaling policies
D. reate a global load balancer with managed instance groups and autoscaling policies
View answer
Correct Answer: AB
Question #116
For this question, refer to the Mountkirk Games case study. You need to analyze and define the technical architecture for the database workloads for your company, Mountkirk Games. Considering the business and technical requirements, what should you do?
A. se Cloud SQL for time series data, and use Cloud Bigtable for historical data queries
B. se Cloud SQL to replace MySQL, and use Cloud Spanner for historical data queries
C. se Cloud Bigtable to replace MySQL, and use BigQuery for historical data queries
D. se Cloud Bigtable for time series data, use Cloud Spanner for transactional data, and use BigQuery for historical data queries
View answer
Correct Answer: C
Question #117
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery.What should you do to fix the script?
A. nstall the latest BigQuery API client library for Python
B. un your script on a new virtual machine with the BigQuery access scope enabled
C. reate a new service account with BigQuery access and execute your script with that user
D. nstall the bq component for gcloud with the command gcloud components install bq
View answer
Correct Answer: B
Question #118
TerramEarth’s 20 million vehicles are scattered around the world. Based on the vehicle’s location, its telemetry data is stored in a Google Cloud Storage (GCS) regional bucket (US, Europe, or Asia). The CTO has asked you to run a report on the raw telemetry data to determine why vehicles are breaking down after 100 K miles. You want to run this job on all the data.What is the most cost-effective way to run this job?
A. ove all the data into 1 zone, then launch a Cloud Dataproc cluster to run the job
B. ove all the data into 1 region, then launch a Google Cloud Dataproc cluster to run the job
C. aunch a cluster in each region to preprocess and compress the raw data, then move the data into a multi- region bucket and use a Dataproc cluster to finish the job
D. aunch a cluster in each region to preprocess and compress the raw data, then move the data into a region bucket and use a Cloud Dataproc cluster to finish the job
View answer
Correct Answer: D
Question #119
You want to ensure Dress4Win's sales and tax records remain available for infrequent viewing by auditors for at least 10 years.Cost optimization is your top priority. Which cloud services should you choose?
A. oogle Cloud Storage Coldline to store the data, and gsutil to access the data
B. oogle Cloud Storage Nearline to store the data, and gsutil to access the data
C. oogle Bigtabte with US or EU as location to store the data, and gcloud to access the data
D. igQuery to store the data, and a web server cluster in a managed instance group to access the data
View answer
Correct Answer: A
Question #120
Your company is using BigQuery as its enterprise data warehouse. Data is distributed over several Google Cloud projects. All queries on BigQuery need to be billed on a single project. You want to make sure that no query costs are incurred on the projects that contain the data. Users should be able to query the datasets, but not edit them.How should you configure users’ access roles?
A. dd all users to a group
B. dd all users to a group
C. dd all users to a group
D. dd all users to a group
View answer
Correct Answer: C
Question #121
You want to optimize the performance of an accurate, real-time, weather-charting application. The data comes from 50,000 sensors sending 10 readings a second, in the format of a timestamp and sensor reading.Where should you store the data?
A. oogle BigQuery
B. oogle Cloud SQL
C. oogle Cloud Bigtable
D. oogle Cloud Storage
View answer
Correct Answer: C
Question #122
You have an application deployed on Google Kubernetes Engine using a Deployment named echo- deployment. The deployment is exposed using a Service called echo-service. You need to perform an update to the application with minimal downtime to the application. What should you do?
A. se kubectl set image deployment/echo-deployment
B. se the rolling update functionality of the Instance Group behind the Kubernetes cluster
C. pdate the deployment yaml file with the new container image
D. pdate the service yaml file which the new container image
View answer
Correct Answer: A
Question #123
For this question, refer to the Dress4Win case study. To be legally compliant during an audit, Dress4Win must be able to give insights in all administrative actions that modify the configuration or metadata of resources on Google Cloud.What should you do?
A. se Stackdriver Trace to create a Trace list analysis
B. se Stackdriver Monitoring to create a dashboard on the project’s activity
C. nable Cloud Identity-Aware Proxy in all projects, and add the group of Administrators as a member
D. se the Activity page in the GCP Console and Stackdriver Logging to provide the required insight
View answer
Correct Answer: D
Question #124
As part of implementing their disaster recovery plan, your company is trying to replicate their production MySQL database from their private data center to their GCP project using a Google Cloud VPN connection. They are experiencing latency issues and a small amount of packet loss that is disrupting the replication. What should they do?
A. onfigure their replication to use UDP
B. onfigure a Google Cloud Dedicated Interconnect
C. estore their database daily using Google Cloud SQL
D. dd additional VPN connections and load balance them
E. end the replicated transaction to Google Cloud Pub/Sub
View answer
Correct Answer: B
Question #125
You have created several pre-emptible Linux virtual machine instances using Google Compute Engine. You want to properly shut down your application before the virtual machines are preempted.What should you do?
A. dd each tier to a different subnetwork
B. et up software based firewalls on individual VMs
C. dd tags to each tier and set up routes to allow the desired traffic flow
D. dd tags to each tier and set up firewall rules to allow the desired traffic flow
View answer
Correct Answer: C
Question #126
For this question, refer to the EHR Healthcare case study. You need to define the technical architecture for securely deploying workloads to Google Cloud. You also need to ensure that only verified containers are deployed using Google Cloud services. What should you do? (Choose two.)
A. onfigure two Partner Interconnect connections in one metro (City), and make sure the Interconnect connections are placed in different metro zones
B. onfigure two VPN connections from on-premises to Google Cloud, and make sure the VPN devices on- premises are in separate racks
C. onfigure Direct Peering between EHR Healthcare and Google Cloud, and make sure you are peering at least two Google locations
D. onfigure two Dedicated Interconnect connections in one metro (City) and two connections in another metro, and make sure the Interconnect connections are placed in different metro zones
View answer
Correct Answer: AB
Question #127
At Dress4Win, an operations engineer wants to create a tow-cost solution to remotely archive copies of database backup files.The database files are compressed tar files stored in their current data center. How should he proceed?
A. reate a cron script using gsutil to copy the files to a Coldline Storage bucket
B. reate a cron script using gsutil to copy the files to a Regional Storage bucket
C. reate a Cloud Storage Transfer Service Job to copy the files to a Coldline Storage bucket
D. reate a Cloud Storage Transfer Service job to copy the files to a Regional Storage bucket
View answer
Correct Answer: A
Question #128
The JencoMart security team requires that all Google Cloud Platform infrastructure is deployed using a least privilege model with separation of duties for administration between production and development resources.What Google domain and project structure should you recommend?
A. reate two G Suite accounts to manage users: one for development/test/staging and one for production
B. reate two G Suite accounts to manage users: one with a single project for all development applications and one with a single project for all production applications
C. reate a single G Suite account to manage users with each stage of each application in its own project
D. reate a single G Suite account to manage users with one project for the development/test/staging environment and one project for the production environment
View answer
Correct Answer: D
Question #129
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process.What should you do?
A. reate custom Google Stackdriver alerts and send them to the auditor
B. nable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor
C. se cloud functions to transfer log entries to Google Cloud SQL and use ACLs and views to limit an auditor’s view
D. nable Google Cloud Storage (GCS) log export to audit logs into a GCS bucket and delegate access to the bucket
View answer
Correct Answer: D
Question #130
For this question, refer to the Helicopter Racing League (HRL) case study. HRL wants better prediction accuracy from their ML prediction models. They want you to use Google’s AI Platform so HRL can understand and interpret the predictions. What should you do?
A. se Explainable AI
B. se Vision AI
C. se Google Cloud’s operations suite
D. se Jupyter Notebooks
View answer
Correct Answer: A
Question #131
Your customer recently provisioned a 1-Gbps FastConnect connection in ap-tokyo-1 region of Oracle Cloud Infrastructure (OCI). They will use this to connect to one Virtual Cloud Network (VCN) in their production OCI tenancy compartment and another VCN in their development OCI tenancy.How should you configure the connectivity between on-premises and the two VCNs in OCI using the single FastConnect connection? (Choose the best answer.)
A. Provision a Dynamic Routing Gateway (DRG) and create a private virtual circuit for the FastConnect connection
B. Create two private virtual circuits on the FastConnect link
C. Create a hub-VCN that uses DRG to communicate with the on-premises network over FastConnect
D. Create a single private virtual circuit over FastConnect and attach Fastconnect to either of the VCN"?s DRG
View answer
Correct Answer: C
Question #132
For this question, refer to the Mountkirk Games case study. You need to analyze and define the technical architecture for the database workloads for your company, Mountkirk Games. Considering the business and technical requirements, what should you do?
A. se Cloud SQL for time series data, and use Cloud Bigtable for historical data queries
B. se Cloud SQL to replace MySQL, and use Cloud Spanner for historical data queries
C. se Cloud Bigtable to replace MySQL, and use BigQuery for historical data queries
D. se Cloud Bigtable for time series data, use Cloud Spanner for transactional data, and use BigQuery for historical data queries
View answer
Correct Answer: C
Question #133
Company overview -Helicopter Racing League (HRL) is a global sports league for competitive helicopter racing. Each year HRL holds the world championship and several regional league competitions where teams compete to earn a spot in the world championship. HRL offers a paid service to stream the races all over the world with live telemetry and predictions throughout each race.Solution concept -HRL wants to migrate their existing service to a new platform to expand their use of managed AI and ML services to f
A. Store the card data in Secret Manager after running a query to identify duplicates
B. Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode
C. Encrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances
D. Use column-level encryption to store the data in Cloud SQL
View answer
Correct Answer: D
Question #134
You need to evaluate your team readiness for a new GCP project. You must perform the evaluation and create a skills gap plan which incorporates the business goal of cost optimization. Your team has deployed two GCP projects successfully to date. What should you do?
A. llocate budget for team training
B. llocate budget for team training
C. llocate budget to hire skilled external consultants
D. llocate budget to hire skilled external consultants
View answer
Correct Answer: A
Question #135
A lead engineer wrote a custom tool that deploys virtual machines in the legacy data center. He wants to migrate the custom tool to the new cloud environment. You want to advocate for the adoption of Google Cloud Deployment Manager.What are two business risks of migrating to Cloud Deployment Manager? (Choose two.)
A. oogle Kubernetes Engine, Jenkins, and Helm
B. oogle Kubernetes Engine and Cloud Load Balancing
C. oogle Kubernetes Engine and Cloud Deployment Manager
D. oogle Kubernetes Engine, Jenkins, and Cloud Load Balancing
View answer
Correct Answer: BF
Question #136
Your application needs to process credit card transactions. You want the smallest scope of Payment Card Industry (PCI) compliance without compromising the ability to analyze transactional data and trends relating to which payment methods are used.How should you design your architecture?
A. reate a tokenizer service and store only tokenized data
B. reate separate projects that only process credit card data
C. reate separate subnetworks and isolate the components that process credit card data
D. treamline the audit discovery phase by labeling all of the virtual machines (VMs) that process PCI data
E. nable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor
View answer
Correct Answer: A
Question #137
TerramEarth’s 20 million vehicles are scattered around the world. Based on the vehicle’s location, its telemetry data is stored in a Google Cloud Storage (GCS) regional bucket (US, Europe, or Asia). The CTO has asked you to run a report on the raw telemetry data to determine why vehicles are breaking down after 100 K miles. You want to run this job on all the data.What is the most cost-effective way to run this job?
A. ove all the data into 1 zone, then launch a Cloud Dataproc cluster to run the job
B. ove all the data into 1 region, then launch a Google Cloud Dataproc cluster to run the job
C. aunch a cluster in each region to preprocess and compress the raw data, then move the data into a multi- region bucket and use a Dataproc cluster to finish the job
D. aunch a cluster in each region to preprocess and compress the raw data, then move the data into a region bucket and use a Cloud Dataproc cluster to finish the job
View answer
Correct Answer: D
Question #138
You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?
A. reate a service account (SA) in the legacy game’s Google Cloud project, add a second SA in the new game’s IAM page, and then give the Organization Admin role to both SAs
B. reate a service account (SA) in the legacy game’s Google Cloud project, give the SA the Organization Admin role, and then give it the Firebase Admin role in both projects
C. reate a service account (SA) in the legacy game’s Google Cloud project, add this SA in the new game’s IAM page, and then give it the Firebase Admin role in both projects
D. reate a service account (SA) in the legacy game’s Google Cloud project, give it the Firebase Admin role, and then migrate the new game to the legacy game’s project
View answer
Correct Answer: C
Question #139
You deploy your custom Java application to Google App Engine. It fails to deploy and gives you the following stack trace.What should you do?
A. pload missing JAR files and redeploy your application
B. igitally sign all of your JAR files and redeploy your application
C. ecompile the CLoakedServlet class using and MD5 hash instead of SHA1
View answer
Correct Answer: B
Question #140
For this question, refer to the Helicopter Racing League (HRL) case study. HRL is looking for a cost-effective approach for storing their race data such as telemetry. They want to keep all historical records, train models using only the previous season's data, and plan for data growth in terms of volume and information collected. You need to propose a data solution. Considering HRL business requirements and the goals expressed by CEO S. Hawke, what should you do?
A. se Firestore for its scalable and flexible document-based database
B. se Cloud Spanner for its scalability and ability to version schemas with zero downtime
C. se BigQuery for its scalability and ability to add columns to a schema
D. se Cloud SQL for its ability to automatically manage storage increases and compatibility with MySQL
View answer
Correct Answer: C
Question #141
You have developed an application using Cloud ML Engine that recognizes famous paintings from uploaded images. You want to test the application and allow specific people to upload images for the next 24 hours. Not all users have a Google Account. How should you have users upload images?
A. ave users upload the images to Cloud Storage
B. ave users upload the images to Cloud Storage using a signed URL that expires after 24 hours
C. reate an App Engine web application where users can upload images
D. reate an App Engine web application where users can upload images for the next 24 hours
View answer
Correct Answer: B
Question #142
You have developed an application using Cloud ML Engine that recognizes famous paintings from uploaded images. You want to test the application and allow specific people to upload images for the next 24 hours. Not all users have a Google Account. How should you have users upload images?
A. ave users upload the images to Cloud Storage
B. ave users upload the images to Cloud Storage using a signed URL that expires after 24 hours
C. reate an App Engine web application where users can upload images
D. reate an App Engine web application where users can upload images for the next 24 hours
View answer
Correct Answer: B
Question #143
Your company’s user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency
A. apture existing users input, and replay captured user load until autoscale is triggered on all layers
B. reate synthetic random user input, replay synthetic load until autoscale logic is triggered on at least one layer, and introduce “chaos” to the system by terminating random resources on both zones
C. xpose the new system to a larger group of users, and increase group size each day until autoscale logic is triggered on all layers
D. apture existing users input, and replay captured user load until resource utilization crosses 80%
View answer
Correct Answer: B

View The Updated GOOGLE Exam Questions

SPOTO Provides 100% Real GOOGLE Exam Questions for You to Pass Your GOOGLE Exam!

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: