DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Latest Associate Cloud Engineer Practice Materials & Exam Questions 2024, Google Associate Cloud Engineer | SPOTO

Unlock your path to Google Associate Cloud Engineer certification success with our latest 2024 practice materials and exam questions. Stay ahead of the curve with our meticulously crafted exam dumps, featuring a wealth of online exam questions and sample questions that accurately reflect the real certification exam. Immerse yourself in a realistic testing environment with our exam simulator and mock exams, designed to hone your skills in deploying applications, monitoring operations, and managing enterprise solutions on Google Cloud. Leverage our comprehensive exam answers and in-depth explanations to identify knowledge gaps and refine your understanding of the Google Cloud Console, command-line interface, and platform-based tasks. Elevate your exam preparation with our free practice tests and premium exam materials, empowering you to master Google-managed and self-managed services. Achieve certification excellence with our unrivaled 2024 Associate Cloud Engineer exam questions and practice resources.
Take other online exams

Question #1
41. Your colleague updated a deployment manager template of a production application serving live traffic. You want to deploy the update to the live environment later during the night when user traffic is at its lowest. The git diff on the pull request shows the changes are substantial and you would like to review the intended changes without applying the changes in the live environment. You want to do this as efficiently and quickly as possible. What should you do?
A. Preview the changes by applying the deployment manager template with the –preview flag
B. Add logging statements in the deployment manager template YAML file
C. Clone the GCP project and apply the deployment manager template in the new project
D. Apply the deployment manager template and review the actions in Cloud Logging
View answer
Correct Answer: A

View The Updated Associate Cloud Engineer Exam Questions

SPOTO Provides 100% Real Associate Cloud Engineer Exam Questions for You to Pass Your Associate Cloud Engineer Exam!

Question #2
24. You recently deployed a new application in Google App Engine to serve production traffic. After analyzing logs for various user flows, you uncovered several issues in your application code and have developed a fix to address the issues. Parts of your proposed fix could not be validated in the pre-production environment by your testing team as some of the scenarios can only be validated by an end-user with access to specific data in your production environment. In the company’s weekly Change Approval Boa
A. Set up a second Google App Engine service, and then update a subset of clients to hit the new service
B. Deploy the new application version temporarily, capture logs and then roll it back to the previous version
C. Deploy a new version of the application, and use traffic splitting to send a small percentage of traffic to it
D. Create a second Google App Engine project with the new application code, and onboard users gradually to the new application
View answer
Correct Answer: C
Question #3
28. Your company runs all its applications in us-central1 region in a single GCP project and single VPC. The company has recently expanded its operations to Europe, but customers in the EU are complaining about slowness accessing the application. Your manager has requested you to deploy a new instance in the same project in europe-west1 region to reduce latency to the EU customers. The newly deployed VM needs to reach a central Citrix Licensing Server in us-central-1. How should you design the network and f
A. Deploy the VM in a new subnet in europe-west1 region in a new VPC
B. Deploy the VM in a new subnet in europe-west1 region in the existing VPC
C. Deploy the VM in a new subnet in europe-west1 region in a new VPC
D. Deploy the VM in a new subnet in europe-west1 region in the existing VPC
View answer
Correct Answer: D
Question #4
34. Your company stores sensitive user information (PII) in three multi-regional buckets in US, Europe and Asia. All three buckets have data access logging enabled on them. The compliance team has received reports of fraudulent activity and has begun investigating a customer care representative. It believes the specific individual may have accessed some objects they are not authorized to and may have added labels to some files in the buckets to enable favourable discounts for their friends. The compliance t
A. Enable a Cloud Trace on the bucket and wait for the user to access objects/set metadata to capture their activities
B. Retrieve this information from Activity logs in GCP Console
C. Retrieve this information from the Cloud Storage bucket page in GCP Console
D. Apply the necessary filters in Cloud Logging Console to retrieve this information
View answer
Correct Answer: D
Question #5
30. Your company stores customer PII data in Cloud Storage buckets. A subset of this data is regularly imported into a BigQuery dataset to carry out analytics. You want to make sure the access to this bucket is strictly controlled. Your analytics team needs read access on the bucket so that they can import data in BigQuery. Your operations team needs read/write access to both the bucket and BigQuery dataset to add Customer PII data of new customers on an ongoing basis. Your Data Vigilance officers need Admi
A. At the Project level, add your Data Vigilance officers user accounts to the Owner role, add your operations team user accounts to the Editor role, and add your analytics team user accounts to the Viewer role
B. Use the appropriate predefined IAM roles for each of the access levels needed for Cloud Storage and BigQuery
C. At the Organization level, add your Data Vigilance officers user accounts to the Owner role, add your operations team user accounts to the Editor role, and add your analytics team user accounts to the Viewer role
D. Create 3 custom IAM roles with appropriate permissions for the access levels needed for Cloud Storage and BigQuery
View answer
Correct Answer: B
Question #6
42. You have asked your supplier to send you a purchase order and you want to enable them to upload the file to a cloud storage bucket within the next 4 hours. Your supplier does not have a Google account. You want to follow Google recommended practices. What should you do?
A. Create a service account with just the permissions to upload files to the bucket
B. Create a service account with just the permissions to upload files to the bucket
C. Create a service account with just the permissions to upload files to the bucket
D. Create a JSON key for the Default Compute Engine Service Account
View answer
Correct Answer: A
Question #7
26. A production application serving live traffic needs an important update deployed gradually. The application is deployed in a Managed Instance Group (MIG) in the US-Central region. The application receives millions of requests each minute, and you want to patch the application while ensuring the number of instances (capacity) in the Managed Instance Group (MIG) does not decrease. What should you do?
A. Carry out a rolling update by executing gcloud compute instance-groups rolling-action start-update –max-surge 0 -max-unavailable 1
B. Deploy the update in a new MIG and add it as a backend service to the existing production Load Balancer
C. Carry out a rolling update by executing gcloud compute instance-groups rolling-action start-update -max-surge 1 -max-unavailable 0
D. Update the existing Managed Instance Group (MIG) to point to a new instance template containing the updated version
View answer
Correct Answer: C
Question #8
14. Your finance department wants you to create a new billing account and link all development and test Google Cloud Projects to the new billing account. What should you do?
A. Ask your security administrator to grant you the Billing Account Creator role on the GCP organization and Project Billing Manager role on all the development and test projects
B. Ask your security administrator to grant you the Billing Account Creator role on the GCP organization and Project Billing Manager role on all the development and test projects
C. Ask your security administrator to grant you the Billing Account Administrator role on the existing Billing Account
D. Ask your security administrator to grant you the Billing Account Administrator a role on the existing Billing Account Link all development and test projects to the existing Billing Account
View answer
Correct Answer: B
Question #9
33. You are designing a mobile game which you hope will be used by numerous users around the world. The game backend requires a Relational DataBase Management System (RDBMS) for persisting game state and player profiles. You want to select a database that can scale to a global audience with minimal configuration updates. Which database should you choose?
A. Cloud SQL
B. Cloud Spanner
C. Cloud Datastore
D. Cloud Firestore
View answer
Correct Answer: B
Question #10
35. Your company’s new mobile game has gone live, and you have transitioned the backend application to the operations team. The mobile game uses Cloud Spanner to persist game state, leaderboard and player profile. All operations engineers require access to view and edit table data to support runtime issues. What should you do?
A. Grant roles/spanner
B. Grant roles/spanner
C. Grant roles/spanner
D. Grant roles/spanner
View answer
Correct Answer: A
Question #11
32. You created an update for your application on App Engine. You want to deploy the update without impacting your users. You want to be able to roll back as quickly as possible if it fails. What should you do?
A. Deploy the update as the same version that is currently running
B. Deploy the update as a new version
C. Deploy the update as the same version that is currently running
D. Notify your users of an upcoming maintenance window and ask them not to use your application during this window
View answer
Correct Answer: B
Question #12
15. You have annual audits every year and you need to provide external auditors access to the last 10 years of audit logs. You want to minimize the cost and operational overhead while following Google recommended practices. What should you do?
A. Set a custom retention of 10 years in Stackdriver logging and provide external auditors view access to Stackdriver Logs
B. Export audit logs to Cloud Filestore via a Pub/Sub export sink
C. Export audit logs to Cloud Storage via an audit log export sink
D. Export audit logs to BigQuery via an audit log export sink
E. Grant external auditors Storage Object Viewer role on the logs storage bucket
F. Configure a lifecycle management policy on the logs bucket to delete objects older than 10 years
View answer
Correct Answer: CEF
Question #13
38. You developed a web application that lets users upload and share images. You deployed this application in Google Compute Engine and you have configured Stackdriver Logging. Your application sometimes times out while uploading large images, and your application generates relevant error log entries that are ingested to Stackdriver Logging. You would now like to create alerts based on these metrics. You intend to add more compute resources manually when the number of failures exceeds a threshold. What shou
A. Add the Stackdriver monitoring and logging agent to the instances running the code
B. In Stackdriver logging, create a new logging metric with the required filters, edit the application code to set the metric value when needed, and create an alert in Stackdriver based on the new metric
C. In Stackdriver Logging, create a custom monitoring metric from log data and create an alert in Stackdriver based on the new metric
D. Create a custom monitoring metric in code, edit the application code to set the metric value when needed, create an alert in Stackdriver based on the new metric
View answer
Correct Answer: C
Question #14
40. You have two compute instances in the same VPC but in different regions. You can SSH from one instance to another instance using their internal IP address but not their external IP address. What could be the reason for SSH failing on external IP address?
A. The external IP address is disabled
B. The compute instances are not using the right cross-region SSH IAM permissions
C. The compute instances have a static IP for their external IP
D. The combination of compute instance network tags and VPC firewall rules only allow SSH from the subnets IP range
View answer
Correct Answer: D
Question #15
21. You have a web application deployed as a managed instance group based on an instance template. You modified the startup script used in the instance template and would like the existing instances to pick up changes from the new startup scripts. Your web application is currently serving live web traffic. You want to propagate the startup script changes to all instances in the managed instances group while minimizing effort, minimizing cost and ensuring that the available capacity does not decrease. What w
A. Create a new managed instance group (MIG) based on a new template
B. Delete instances in the managed instance group (MIG) one at a time and rely on auto-healing to provision an additional instance
C. Perform a rolling-action start-update with max-unavailable set to 1 and max – surge set to 0
D. Perform a rolling-action replace with max-unavailable set to 0 and max-surge set to 1
View answer
Correct Answer: D
Question #16
36. You have one GCP project with default region and zone set to us-east1 and us-east1-b respectively. You have another GCP project with default region and zone set to us-west1 and us-west1-a respectively. You want to provision a VM in each of these projects efficiently using gcloud CLI. What should you do?
A. Execute gcloud config configuration create [config name] to create two configurations, one for each project
B. Execute gcloud config configuration create [config name] to create two configurations, one for each project
C. Execute gcloud configurations activate [config name] to activate the configuration for each project and execute gcloud configurations list to create and start the VM
D. Execute gcloud configurations activate [config name] to activate the configurationfor each project and execute gcloud config list to create and start the VM
View answer
Correct Answer: B
Question #17
25. You want to list all the compute instances in zones us-central1-b and europe-west1-d. Which of the commands below should you run to retrieve this information?
A. gcloud compute instances list–filter=”zone:(us-central1-b europe-west1-d)”
B. gcloud compute instances get–filter=”zone:(us-central1-b)” and gcloud compute instances list -filter= “zone:( europe-west1-d)” and combine the results
C. gcloud compute instances list –filter=”zone:(us-central1-b)” and gcloud compute instances list -filter=”zone:(europe-west1-d)” and combine the results
D. gcloud compute instances get –filter=”zone:(us-central1-b europe-west1-d)”
View answer
Correct Answer: A
Question #18
29. Your company runs all its applications in us-central1 region in a single GCP project and single VPC. The company has recently expanded its operations to Europe, but customers in the EU are complaining about slowness accessing the application. Your manager has requested you to deploy a new instance in the same project in europe-west1 region to reduce latency to the EU customers. The newly deployed VM needs to reach a central Citrix Licensing Server in us-central-1. How should you design the network and f
A. Deploy the VM in a new subnet in europe-west1 region in a new VPC
B. Deploy the VM in a new subnet in europe-west1 region in the existing VPC
C. Deploy the VM in a new subnet in europe-west1 region in a new VPC
D. Deploy the VM in a new subnet in europe-west1 region in the existing VPC
View answer
Correct Answer: D
Question #19
39. Your company stores sensitive PII data in a cloud storage bucket. The objects are currently encrypted by Google-managed keys. Your compliance department has asked you to ensure all current and future objects in this bucket are encrypted by customer-managed encryption keys. You want to minimize effort. What should you do?
A. 1
B. 1
C. 1
D. 1 Rewrite all existing objects using gsutil rewrite to encrypt them with the new Customer-managed key
View answer
Correct Answer: B
Question #20
19. You are developing a mobile game that uses Cloud Datastore for gaming leaderboards and player profiles. You want to test an aspect of this solution locally on your Ubuntu workstation which already has Cloud SDK installed. What should you do?
A. Install Datastore emulator to provide local emulation of the production datastore environment in your local workstation by running gcloud components install
B. Install Datastore emulator to provide local emulation of the production datastore a environment in your local workstation by running apt get install
C. Add a new index to Cloud Datastore instance in the development project by running gcloud datastore indexes create and modify your application on your workstation to retrieve the data from Cloud Datastore using the index
D. Initiate an export of Cloud Datastore instance from development GCP project by executing gcloud datastore export
View answer
Correct Answer: A
Question #21
27. You want to create a new role and grant it to the SME team. The new role should provide your SME team BigQuery Job User and Cloud Bigtable User roles on all projects in the organization. You want to minimize operational overhead. You want to follow Google recommended practices. How should you create the new role?
A. Execute command gcloud iam combineroles –global to combine the 2 roles into a new custom role and grant them globally to SME team group
B. In GCP Console under IAM Roles, select both roles and combine them into a new custom role
C. In GCP Console under IAM Roles, select both roles and combine them into a new custom role
D. In GCP Console under IAM Roles, select both roles and combine them into a new custom role
View answer
Correct Answer: D
Question #22
16. You have been asked to create a new Kubernetes Cluster on Google Kubernetes Engine that can autoscale the number of worker nodes as well as pods. What should you do? (Select 2)
A. Create Compute Engine instances for the workers and the master and install Kubernetes
B. Enable Horizontal Pod Autoscaling for the Kubernetes deployment
C. Create a GKE cluster and enable autoscaling on the instance group of the cluster
D. Configure a Compute Engine instance as a worker and add it to an unmanaged instance group
E. Create a GKE cluster and enable autoscaling on Kubernetes Engine
View answer
Correct Answer: BE
Question #23
31. Your company has deployed a wide range of application across several Google Cloud projects in the organization. You are a security engineer within the Cloud Security team, and an apprentice has recently joined your team. To gain a better understanding of your company’s Google cloud estate, the apprentice has asked you to provide them access which lets them have detailed visibility of all projects In the organization. Your manager has approved the request but has asked you to ensure the access does not l
A. Grant oles/resourcemanager
B. Grant roles/resourcemanager
C. Grant roles/resourcemanager
D. Grant roles/owner and roles/networkmanagement
View answer
Correct Answer: A
Question #24
18. Users of your application are complaining of slowness when loading the application. You realize the slowness is because the App Engine deployment serving the application is deployed in us-central whereas all users of this application are closest to europe-west3. You want to change the region of the App Engine application to europe-west3 to minimize latency. What’s the best way to change the App Engine region?
A. Create a new project and create an App Engine instance in europe-west3
B. Use the gcloud app region set command and supply the name of the new region
C. From the console, under the App Engine page, click edit, and change the region drop-down
D. Contact Google Cloud Support and request the change
View answer
Correct Answer: A
Question #25
44. Your organization is planning the infrastructure for a new large-scale application that will need to store anything between 200 TB to a petabyte of data in NoSQL format for Low-latency read/write and High-throughput analytics. Which storage option should you use?
A. Cloud Spanner
B. Cloud Bigtable
C. Cloud Datastore
D. Cloud SQL
View answer
Correct Answer: B
Question #26
45. You have a collection of audio/video files over 80GB each that you need to migrate to Google Cloud Storage. The files are in your on-premises data center. What migration method can you use to help speed up the transfer process?
A. Start a recursive upload
B. Use parallel uploads to break the file into smaller chunks then transfer it simultaneously
C. Use the Cloud Transfer Service to transfer
D. Use multithreaded uploads using the -m option
View answer
Correct Answer: B
Question #27
23. To facilitate disaster recovery, your company wants to save database backup tar files in Cloud Storage bucket. You want to minimize the cost. Which GCP Cloud Storage class should you use?
A. Use Coldline Storage Class
B. Use Multi-Regional Storage Class
C. Use Regional Storage Class
D. Use Nearline Storage Class
View answer
Correct Answer: A
Question #28
37. You want to create a Google Cloud Storage regional bucket logs-archive in the Los Angeles region (us-west2). You want to use Coldline storage class to minimize costs and you want to retain files for 10 years. Which of the following commands should you run to create this bucket?
A. gsutil mb t us-west2 -S nearline -retention 10y gs://logs-archive
B. gsutil mb -l los-angeles -S coldline -retention 10m gs://logs-archive
C. gsutil mb – us-west2 -S coldline – -retention 10m gs://logs-archive
D. gsutil mb – us-west2 -S coldline -retention 10y gs://logs-archive
View answer
Correct Answer: D
Question #29
20. You deployed a number of services to Google App Engine Standard. The services are designed as microservices with several interdependencies between them. Most services have few version upgrades but some key services have over 20 version upgrades. You identified an issue with the service pt-createOrder and deployed a new version v3 for this service. You are confident this works and want this new version to receive all traffic for the service. You want to minimize effort and ensure the availability of serv
A. Execute gcloud app versions stop v2 –service=”pt-createOrder” and gcloud app versions start v3 –service=”pt-createOrder”
B. Execute gcloud app versions migrate v3
C. Execute gcloud app versions stop v2 and gcloud app versions start v3
D. Execute gcloud app versions migrate v3 -service – “pt-createOrder”
View answer
Correct Answer: D
Question #30
17. Your company wants to move all documents from a secure internal NAS drive to a Google Cloud Storage (GCS) bucket. The data contains personally identifiable information (PII) and sensitive customer information. Your company tax auditors need access to some of these documents. What security strategy would you recommend on GCS?
A. Create randomized bucket and object names
B. Use signed URLs to generate time-bound access to objects
C. Grant no Google Cloud Identity and Access Management (Cloud IAM) roles to users, and use granular ACLs on the bucket
D. Grant IAM read-only access to users, and use default ACLs on the bucket
View answer
Correct Answer: C

View The Updated GOOGLE Exam Questions

SPOTO Provides 100% Real GOOGLE Exam Questions for You to Pass Your GOOGLE Exam!

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: