DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Latest 2024 Associate Cloud Engineer Certification Questions & Mock Tests, Google Associate Cloud Engineer | SPOTO

Elevate your Google Associate Cloud Engineer certification preparation with our latest 2024 exam questions and mock tests. Stay ahead of the curve with our meticulously crafted exam materials, featuring regularly updated exam dumps and online exam questions that accurately mirror the real certification exam. Immerse yourself in a realistic testing environment with our exam simulator, designed to hone your skills in deploying applications, monitoring operations, and managing enterprise solutions on Google Cloud. Leverage our comprehensive sample questions, exam answers, and in-depth explanations to identify knowledge gaps and refine your understanding of the Google Cloud Console, command-line interface, and platform-based tasks. Unlock your full potential with our free practice tests and premium exam preparation resources, empowering you to master Google-managed and self-managed services. Achieve certification excellence with our unrivaled 2024 Associate Cloud Engineer mock exams and study materials.
Take other online exams

Question #1
17. The deployment team currently spends a lot of time creating and configuring VMs in Google Cloud Console, and feel they could be more productive and consistent if the same can be automated using Infrastructure as Code. You want to help them identify a suitable service. What should you recommend?
A. Managed Instance Group (MIG)
B. Unmanaged Instance Group
C. Deployment Manager
D. Cloud Build
View answer
Correct Answer: C
Question #2
40. You are in the process of migrating a mission-critical application from your on- premises data centre to Google Kubernetes Engine (GKE). Your operations team do not want to take on the overhead for upgrading the GKE cluster and have asked you to ensure the Kubernetes version is always stable and supported. What should you do?
A. When provisioning the GKE cluster, ensure you use the latest stable and supported version
B. Update your GKE cluster to turn on GKE’s node auto-upgrade feature
C. When provisioning the GKE cluster, use Container Optimized os node images
D. Update your GKE cluster to turn on GKE’s node auto-repair feature
View answer
Correct Answer: B
Question #3
43. Your manager asked you to write a script to upload objects to a Cloud Storage bucket. How should you set up the IAM access to enable the script running in a Google Compute VM upload objects to Cloud Storage?
A. Create a new IAM service account with the access scope cloud-platform and configure the script to use this service account
B. Grant roles/storage
C. Grant roles/storage
D. Create a new IAM service account with the access scope devstorage
View answer
Correct Answer: B
Question #4
49. You have three gcloud configurations – one for each of development, test and production projects. You want to list all the configurations and switch to a new configuration. With the fewest steps possible, what’s the fastest way to switch to the correct configuration?
A. To list configurations gcloud config configurations list To activate a configuration – gcloud config configurations activate
B. To list configurations gcloud config list To activate a configuration – gcloud config activate
C. To list configurations – gcloud configurations list To activate a configuration gcloud config activate
D. To list configurations – gcloud configurations list To activate a configuration goloud configurations activate
View answer
Correct Answer: A
Question #5
9. You are the Cloud Security Manager at your company, and you want to review IAM users and their assigned roles in the production GCP project. You want to follow Google recommended practices. What should you do?
A. Review the information in the Roles section for the production GCP project in Google Cloud Console
B. Check the output of gcloud iam roles list command
C. Check the output of gcloud iam service-accounts list command
D. Review the information in the IAM section for the production GCP project in Google Cloud Console
View answer
Correct Answer: D
Question #6
41. You have two workloads on GKE (Google Kubernetes Engine) – create-order and dispatch-order. create-order handles the creation of customer orders, and dispatch- order handles dispatching orders to your shipping partner. Both create-order and dispatch-order workloads have cluster autoscaling enabled. The create-order deployment needs to access (i.e. invoke web service of) dispatch-order deployment. dispatch-order deployment cannot be exposed publicly. How should you define the services?
A. Create a Service of type ClusterlP for dispatch-order
B. Create a Service of type LoadBalancer for dispatch-order and an Ingress S Resource for that Service
C. Create a Service of type LoadBalancer for dispatch-order
D. Create a Service of type NodePort for dispatch-order and an Ingress Resource for that Service
View answer
Correct Answer: A
Question #7
39. You want to persist logs for 10 years to comply with regulatory requirements. You want to follow Google recommended practices. Which Google Cloud Storage class should you use?
A. Coldline storage class
B. Archive storage class
C. Nearline storage class
D. Standard storage class
View answer
Correct Answer: B
Question #8
10. Your organization is planning to deploy a Python web application to Google Cloud. The web application uses a custom Linux distribution and you want to minimize rework. The web application underpins an important website that is accessible to the customers globally. You have been asked to design a solution that scales to meet demand. What would you recommend to fulfill this requirement? (Select Two)
A. Cloud Functions
B. App Engine Standard environment
C. HTTP(S) Load Balancer
D. Managed Instance Group on Compute Engine
E. Network Load Balance
View answer
Correct Answer: CD
Question #9
45. Your compliance team requested all audit logs are stored for 10 years and to allow access for external auditors to view. You want to follow Google recommended practices. What should you do?(Choose two)
A. Create an account for auditors to have view access to Stackdriver Logging
B. Export audit logs to Cloud Storage via an export sink
C. Export audit logs to Splunk via a Pub/Sub export sink
D. Generate a signed URL to the Stackdriver export destination for auditors to access
E. Export audit logs to BigQuery via an export sink
View answer
Correct Answer: BD
Question #10
8. Your team manages the game backend for a popular game with users all over the world. The game backend APIs runs on a fleet of VMs behind a Managed Instance Group (MIG) with autoscaling enabled. You have configured the scaling policy on the MIG to add more instances if the CPU utilization is consistently over 85%, and to scale down when the CPU utilization is consistently lower than 65%. You noticed the autoscaler adds more VMs than is necessary during the scale-up, and you suspect this might be down to a
A. Update the Managed Instances template to set the maximum instances to 5
B. Update the Managed Instances template to set the maximum instances to 1
C. Update the autoscaling health check from HTTP to TCP
D. Update the autoscaling health check to increase the initial delay to 200 seconds
View answer
Correct Answer: D
Question #11
48. Your compliance department has asked you to share a compressed zip of sensitive audit logs with an external auditor. The external auditor does not have a Google account, and you want to
remove the access after 4 hours. How can you do this securely with the least number of steps?
A. Configure Static Website hosting on the Cloud Storage bucket, make the zip file public and ask the auditor to download the file from the website
B. Delete the zip file after 4 hours
C. Delete the new bucket after 4 hours
D. Make the zip file public and securely share the URL with the external auditor
View answer
Correct Answer: C
Question #12
4. A GKE cluster (test environment) in your test GCP project is experiencing issues with a sidecar container connecting to Cloud SQL. This issue has resulted in a massive amount of log entries in Cloud Logging and shot up your bill by 25%. Your manager has asked you to disable these logs as quickly as possible and using the least number of steps. You want to follow Google recommended practices. What should you do?
A. In Cloud Logging, disable the log source for GKE Cluster Operations resource in the Logs ingestion window
B. Recreate the GKE cluster and disable Cloud Logging
C. Recreate the GKE cluster and disable Cloud Monitoring
D. In Cloud Logging, disable the log source for GKE container resource in the Logs ingestion window
View answer
Correct Answer: D
Question #13
16. Your organization processes a very high volume of timestamped loT data. The total volume can be several petabytes. The data needs to be written and changed at a high speed. You want to use the most performant storage option for your data. Which product should you use?
A. Cloud Bigtable
B. Cloud Datastore
C. BigQuery
D. Cloud Storage
View answer
Correct Answer: A
Question #14
38. Your company runs several internal applications on bare metal Kubernetes servers in your on-premises data centre. One of the applications deployed in the Kubernetes cluster uses a NAS share to save files. In preparation for the upcoming migration to Google Cloud, you want to update the application to use Google Cloud Storage instead; however, security policies prevent virtual machines from having public IP addresses. What should you do?
A. Configure a VPN tunnel between the on-premises data centre and the GCP VPC
B. Make an exception and assign public IP addresses to the servers
C. Create a new VPC in GCP and deploy a proxy server like HAProxy/Squid to forward requests to Cloud Storage
D. Migrate all VMs from the data centre to Google Compute Engine
View answer
Correct Answer: A
Question #15
6. You are developing a simple application in App Engine Standard service. Unit testing and user acceptance testing has succeeded, and you want to build a new App Engine application to serve as your performance testing environment. What should you do?
A. Use gcloud to deploy the application to a new performance testing GCP project by specifying the –project parameter
B. Create a new GCP project for the performance testing environment using gcloud and deploy your App Engine application to the new GCP project
C. Configure a Deployment Manager YAML template to copy the application from the development GCP project into the performance testing GCP project
D. Create a new GCP project for the performance testing environment using gcloud and copy the application from the development GCP project into the performance testing GCP project
View answer
Correct Answer: B
Question #16
33. Your company recently acquired a startup that lets its developers pay for their projects using their company credit cards. You want to consolidate the billing of all GCP projects into a new billing account. You want to follow Google recommended practices. How should you do this?
A. Send an email to billing
B. Raise a support request with Google Billing Support and request them to create a new billing account and link all the projects to the billing account
C. In the GCP Console, move all projects to the root organization in the Resource Manager
D. Ensure you have the Billing Account Creator Role
View answer
Correct Answer: C
Question #17
15. Your company is migrating all applications from the on-premises data centre to Google Cloud, and one of the applications is dependent on Websockets protocol and session affinity. You want to ensure this application can be migrated to Google Cloud platform and continue serving requests without issues. What should you do?
A. Modify application code to not depend on session affinity
B. Review the design with the security team
C. Modify application code to use HTTP streaming
D. Discuss load balancer options with the relevant teams
View answer
Correct Answer: D
Question #18
42. Your company runs a very successful web platform and has accumulated 3 petabytes of customer activity data in sharded MySQL database located in your datacenter. Due to storage limitations in your on-premise data center, your company has decided to move this data to GCP. The data must be available all through the day. Your business analysts, who have experience of using a SQL Interface, have asked for a seamless transition. How should you store the data so that availability is ensured while optimizing th
A. Import data into Google BigQuery
B. Import flat files into Google Cloud Storage
C. Import data into Google Cloud Datastore
D. Import data into Google Cloud SQL
View answer
Correct Answer: A
Question #19
7. Your company has a number of GCP projects that are managed by the respective project teams. Your expenditure of all GCP projects combined has exceeded your operational expenditure budget. At a review meeting, it has been agreed that your finance team should be able to set budgets and view the current charges for all projects in the organization but not view the project resources; and your developers should be able to see the Google Cloud Platform billing charges for only their own projects as well as vie
A. Add the finance team to the Billing Account Administrator role for each of the billing accounts that they need to manage
B. Add the finance team to the Viewer role for the Project
C. Add the finance team to the default IAM Owner role
D. Add the developers and finance managers to the Viewer role for the Project
View answer
Correct Answer: A
Question #20
47. You have a number of compute instances belonging to an unmanaged instances group. You need to SSH to one of the Compute Engine instances to run an ad hoc script. You’ve already authenticated gcloud, however, you don’t have an SSH key deployed yet. In the fewest steps possible, what’s the easiest way to SSH to the instance?
A. Run gcloud compute instances list to get the IP address of the instance, then use the ssh command
B. Use the gcloud compute ssh command
C. Create a key with the ssh-keygen command
D. Create a key with the ssh-keygen command
View answer
Correct Answer: B
Question #21
1. You deployed a workload to your GKE cluster by running the command kubectl apply -f app.yaml. You also enabled a LoadBalancer service to expose the deployment by running kubectl apply – f service.yaml. Your pods are struggling due to increased load so you decided to enable horizontal pod autoscaler by running kubectl autoscale deployment [YOUR DEPLOYMENT] –cpu-percent=5t -min= 1 max=10. You noticed the autoscaler has launched several new pods but the new pods have failed with the message “Insufficient cp
A. Use “kubectl container clusters resize” to add more nodes to the node pool
B. Use “gcloud container clusters resize” to add more nodes to the node pool
C. Edit the managed instance group of the cluster and enable autoscaling
D. Edit the managed instance group of the cluster and increase the number of VMs by 1
View answer
Correct Answer: B
Question #22
12. The application development team at your company wants to use the biggest CIDR range possible for a VPC and has asked for your suggestion. Your operations team is averse to using any beta features. What should you suggest?
A. Use 0
B. Use 10
C. Use 172
D. Use 192
View answer
Correct Answer: B
Question #23
37. Your team is responsible for the migration of all legacy on-premises applications to Google Cloud. Your team is a big admirer of serverless and has chosen App Engine Standard as the preferred choice for compute workloads. Your manager asked you to migrate a legacy accounting application built in C++, but you realized App Engine Standard doesn’t support C++. What GCP compute services should you use instead to maintain the serverless aspect?(Choose two answers)
A. Deploy the containerized version of the application in Cloud Run
B. Deploy the containerized version of the application in Cloud Run on GKE
C. Deploy the containerized version of the application in Google Kubernetes Engine (GKE)
D. Deploy the containerized version of the application in App Engine Flex
E. Convert the application into a set of functions and deploy them in Google Cloud Functions
View answer
Correct Answer: AB
Question #24
34. You are enhancing a production application currently running on an Ubuntu Linux VM on Google Compute Engine. The new enhancements require a connection to SQL Server instance to persist user appointments. Your colleague has provisioned an SQL Server instance in a Google Compute Engine VM in US-Central region and has asked for your assistance to RDP to the VM in the least number of steps. What should you suggest?
A. Add a firewall rule to allow TCP traffic on port 3389
B. In the GCP console, add a username and password for the Windows 0 VM instance
C. Add a firewall rule to allow TCP traffic on port 3389
D. Add a firewall rule to allow TCP traffic on port 22
View answer
Correct Answer: B
Question #25
46. Your company plans to migrate all applications from its on-premises data centre to Google Cloud Platform. The DevOps team currently use Jenkins extensively to automate configuration updates in applications. How should you provision Jenkins in Google Cloud with the least number of steps?
A. Download Jenkins binary from https://www
B. Create a Kubernetes Deployment YAML file referencing the Jenkins docker image and deploy to a new GKE cluster
C. Download Jenkins binary from https://www
D. Provision Jenkins from GCP marketplace
View answer
Correct Answer: D
Question #26
50. You are exploring the possibility of migrating a mission-critical application from your on-premises data centre to Google Cloud Platform. You want to host this on a GKE cluster with autoscaling enabled, and you need to ensure each node can run a pod to push the application logs to a third-party logging platform. How should you deploy the pod?
A. Initialize the logging pod during the GKE Cluster creation
B. Add the logging pod in the Deployment YAML file
C. Deploy the logging pod in a DaemonSet Kubernetes object
D. Deploy the logging pod in a StatefulSet Kubernetes object
View answer
Correct Answer: C
Question #27
36. You have two compute instances in the same VPC but in different regions. You can SSH from one instance to another instance using their external IP address but not their internal IP address. What could be the reason for SSH failing on the internal IP address?
A. The compute instances have a static IP for their internal IP
B. The combination of compute instance network tags and VPC firewall rules allow SSH from 0
C. The internal IP address is disabled
D. The compute instances are not using the right cross-region SSH IAM permissions
View answer
Correct Answer: B
Question #28
14. Your company wants to migrate a mission-critical application to Google Cloud Platform. The application is currently hosted in your on-premises data centre and runs off several VMs. Your migration manager has suggested a “lift and shift” to Google Compute Engine Virtual Machines and has asked you to ensure the application scales quickly, automatically and efficiently based on the CPU utilization. You want to follow Google recommended practices. What should you do?
A. Deploy the application to Google Compute Engine Managed Instance Group (MIG) with autoscaling enabled based on CPU utilization
B. Deploy the application to GKE cluster with Horizontal Pod Autoscaling (HPA) enabled based on CPU utilization
C. Deploy the application to Google Compute Engine Managed Instance Group (MIG) with time-based autoscaling based on last months traffic patterns
D. Deploy the application to Google Compute Engine Managed Instance Group (MIG)
View answer
Correct Answer: A
Question #29
13. The storage costs for your application logs have far exceeded the project budget. The logs are currently being retained indefinitely in the Cloud Storage bucket myapp-gcp-ace-logs. You have been asked to remove logs older than 90 days from your Cloud Storage bucket. You want to optimize ongoing Cloud Storage spend. What should you do?
A. Write a script that runs gsutil Is -| – gs://myapp-gcp-ace-logs/** to find and remove items older than 90 days
B. Write a lifecycle management rule in JSON and push it to the bucket with gsutil lifecycle set config-json-file
C. Write a lifecycle management rule in XML and push it to the bucket with gsutil lifecycle set config-xml-file
D. Write a script that runs gsutil Is -Ir gs://myapp-gcp-ace-logs/** to find and remove items older than 90 days
View answer
Correct Answer: B
Question #30
44. You are migrating your on-premises workloads to GCP VPC, and you want to use Compute Engine virtual machines. You want to separate the Finance team VMs and the Procurement team VMs into separate subnets. You need all VMs to communicate with each other over their internal IP addresses without adding routes. What should you do?
A. Use Deployment Manager to create a new VPC with 2 subnets in 2 different regions
B. Use Deployment Manager to create a new VPC with 2 subnets in the same region
C. Use Deployment Manager to create two VPCs, each with a subnet in a different region
D. Use Deployment Manager to create two VPCs, each with a subnet in the same 0 region
View answer
Correct Answer: A

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: