DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Prepare Efficiently Professional Cloud Architect Exam Questions, Google Professional Cloud Architect | SPOTO

Efficiently prepare for the Professional Cloud Architect exam with our comprehensive collection of exam questions. Our resources are designed to help you streamline your study process and maximize your preparation efforts. Access a variety of practice tests, mock exams, and sample questions to reinforce your understanding of key concepts. Dive deep into exam materials for detailed explanations and answers, ensuring thorough comprehension of cloud architecture and Google Cloud technologies. Utilize our exam simulator to simulate real exam conditions and assess your readiness. With SPOTO's expertly crafted practice tests, you'll be well-equipped to tackle the exam and achieve your certification goals. Trust SPOTO for efficient and effective exam preparation resources to excel in your Professional Cloud Architect certification journey.
Take other online exams

Question #1
11. Your company has a hybrid architecture with workloads that run primarily from the data centre and failover to GCP when needed. The failover process requires moving large files from the data centre to GCP in a short period. Your IT Director has asked you to ensure the disaster recovery is resilient, and you identified the network connection between your data centre and GCP
network as a possible single point of failure. How should you design the network connection between the data centre and the GCP network to establish a secure and redundant connection?
A. Use Dedicated Interconnect to transfer the large files to Google Cloud Platform
B. Use a Transfer Appliance to transfer the large files to Google Cloud Platform
C. Use a Transfer Appliance to transfer the large files to Google Cloud Platform
D. Use Dedicated Interconnect to transfer the large files to Google Cloud Platform
View answer
Correct Answer: A
Question #2
28. Your company runs a parcel tracking application on App Engine Standard service. The application requires ACID transaction support and uses Cloud Datastore as its persistence layer. You have been asked to identify an efficient way to retrieve multiple parcels (datastore root entities) based on the relevant tracking IDs (datastore identifiers) while minimizing overhead in the calls from App Engine to Datastore. What should you do?
A. Create a Key object for each tracking ID
B. Create a Key object for each tracking ID
C. Generate a query filter for each tracking ID
D. Generate a query filter to include all tracking IDs
View answer
Correct Answer: B
Question #3
32. Your company has started its Cloud migration journey. The first phase of migration involves moving over internal (staff-only) applications to Google Cloud. These internal applications depend on Active Directory (AD) for user sign-in, but the Active Directory is not scheduled to be migrated until next year. You want to minimize the effort. What should you do?
A. Set up a new replica AD domain controller in a Google Compute Engine (GCE) instance and configure Google Cloud Directory Sync (GCDS) to replicate on-prem AD to the replica in GCE
B. Configure Google Cloud Directory Sync (GCDS) to sync AD usernames to cloud identities in GCP and configure applications to use SAML SSO with Cloud Identity as the Identity Provider (IdP)
C. Configure Admin Directory API to validate credentials against the AD domain controller
D. Configure the identity provider in Cloud Identity-Aware Proxy to use the on-prem AD domain controller
View answer
Correct Answer: B
Question #4
23. Your company recently acquired a competitor, and you have been tasked with migrating one of their legacy applications into your company’s Google Cloud project. You noticed the legacy application has several os dependencies and the scale-up is delayed due to long startup time. You want to deploy the application on compute engine and make use of managed instance group so that it can scale based on traffic. You also want to minimize the startup time so that scale up happens quicker. What should you do?
A. Create a startup script to install os dependencies and automate the creation of Managed Instance Group (MIG) using terraform
B. Use the Deployment Manager to automate the creation of Managed Instance Group (MIG)
C. Create a custom GCP VM image with all os dependencies preinstalled
D. Use Puppet to automate the creation of Managed Instance Group (MIG) and installation of os dependencies
View answer
Correct Answer: C
Question #5
19. Your company develops portable software that is used by customers all over the world. Current and previous versions of software can be downloaded from a dedicated website running on compute engine in US-Central. Some customers have complained about high latency when downloading the software. You want to minimize latency for all your customers. You want to follow Google recommended practices. How should you store the files?
A. Save current and all previous versions of portable software files in Multiple Multi-Regional Cloud Storage buckets, one bucket per multi-region
B. Save current and all previous versions of portable software files in multiple Regional Cloud Storage buckets, one bucket per zone per region
C. Save current and all previous versions of portable software files in a single Regional Cloud Storage bucket, one bucket per zone of the region
D. Save current and all previous versions of portable software files in a Multi-Regional Cloud Storage bucket
View answer
Correct Answer: A
Question #6
16. Your company runs several successful mobile games from your on-premises data centre and plans to use GCP for machine learning to identify improvements and new opportunities. The existing games generate 10 TB of analytics data each day. Your company currently stores three months analytics data (approx.: 900TB) in a highly available NAS in your data centre and needs to transfer this data to GCP as part of the initial data load and as well as transfer data generated daily. Your data centre is connected to
A. Use a transfer appliance to transfer archived analytics data
B. Compress all files and upload using the gsutil
C. Use a transfer appliance to transfer archived analytics data
D. Use a transfer appliance to transfer archived analytics data
View answer
Correct Answer: A
Question #7
25. Your company operates a very successful mobile app that lets users superimpose stock images of their favourite pets with their uploaded images. You use a combination of Google Cloud Storage and Vision AI to achieve this. Recently, the photo uploads from mobile user devices to Google Cloud storage have started throwing HTTP errors with status codes of 429 and 5xx. What should you do to fix this issue?
A. Use Cloud Storage gPRC endpoints
B. Enable Geo-redundancy by moving Cloud Storage bucket from Regional to Multi-regional
C. Make requests to Cloud Storage only if its status is healthy
D. Retry failures with exponential backoff
View answer
Correct Answer: D
Question #8
31. Your company which operates care homes country-wide has decided to migrate its batch workloads to GCP. The batch workloads are not time-critical and can be restarted if interrupted. The local regulations require you to use services that are HIPAA compliant. Which GCP services should your company use while ensuring service costs are minimized?
A. Use preemptible compute instances
B. Use standard compute instances
C. Use standard compute instances
D. Use preemptible compute instances
View answer
Correct Answer: A
Question #9
18. Your Cloud Security team has asked you to centralize the collection of all VM system logs and all admin activity logs in your project. What should you do?
A. Admin activity logs are collected automatically by Cloud Logging for most services
B. Install a Cloud Logging agent on a separate VM
C. Install a custom log forwarder on a separate VM and direct the VMs to send all logs to it
D. Cloud Logging automatically collects the two sets of logs
View answer
Correct Answer: A
Question #10
34. Your company is partway through migration to Google Cloud. All compute workloads are scheduled to be migrated to Google Compute Engine this month, but they all depend on Active Directory (AD) which is scheduled isn’t scheduled for migration until next year. How should you configure the firewall rules so that all compute engine instances can reach your data centre to connect to the Active Directory while denying all other outbound traffic from compute engine instances?
A. 1
B. 1
C. 1
D. 1
View answer
Correct Answer: D
Question #11
30. You are designing an application that handles customer PII data, and your compliance department has asked you to ensure the solution is compliant with the European Union’s GDPR. What should you do?
A. Limit your application to native GCP services & APIs that are signed off for GDPR compliance
B. Design a robust testing strategy using Cloud Security Scanner to pick up GDPR compliance gaps in GCP services
C. Google complies with the GDPR in relation processing of customer personal data in all Google Cloud Platform
D. Turn on GDPR compliance setting for each GCP service you plan to use
View answer
Correct Answer: C
Question #12
15. A critical application recently suffered a regional outage causing your company loss of valuable revenue. You have been asked for a recommendation on improving the existing testing and disaster recovery processes, and preventing such occurrences in Google Cloud. What should you recommend?
A. Automate provisioning of GCP services using custom gcloud scripts
B. Automate provisioning of GCP services using deployment manager templates
C. Automate provisioning of GCP services using custom gcloud scripts
D. Automate provisioning of GCP services using deployment manager templates
View answer
Correct Answer: D
Question #13
37. Your company’s stock market recommendations application has garnered good feedback among clients, and your CEO wants to use this as a launchpad to develop an even better machine learning-driven recommendations application. The CTO has asked you for your recommendation on how to improve the machine learning results over time. You want to follow Google recommended practices. What should you do?
A. Retain as much data as possible, including historical all recommendations and use this data to train machine learning models
B. Use Cloud Monitoring to monitor the performance of existing ML Engine, and tune as necessary
C. Deploy Machine learning models on newer & more powerful CPU architectures as they become available
D. Migrate to TPUs that offer better performance
View answer
Correct Answer: A
Question #14
13. A mission-critical application has scaling issues, and your company has decided to migrate from on-premises to GKE to fix this issue. The application, when deployed to GKE, must serve requests on HTTPS and scales up/down based traffic. What should you do?
A. Use Kubernetes Ingress Resource and enable Compute Engine Managed Instance Group (MIG) autoscaling
B. Use Kubernetes Ingress Resource and enable GKE Cluster Autoscaling as well as Horizontal Pod Autoscaling
C. Use Kubernetes Service of type LoadBalancer and enable GKE Cluster Autoscaling as well as Horizontal Pod Autoscaling
D. Use Kubernetes Service of type LoadBalancer and enable Compute Engine Managed Instance Group (MIG) autoscaling
View answer
Correct Answer: B
Question #15
40. Your company has accumulated over hundreds of terabytes of marketing analytics data, and you have been asked to identify a database for an OLAP tool that can handle this volume of data. Which database would you recommend for this analytics data?
A. BigQuery
B. Cloud Firestore in Datastore mode
C. Cloud SQL
D. Cloud Storage
E. Cloud Spanner
View answer
Correct Answer: A
Question #16
21. Regulatory requirements mandate your company to retain PII data of customers from an acquired company for at least four years. You want to put a solution in place to securely retain this data and delete when permitted by the regulations. Which should you do?
A. Import the acquired PII data to Cloud Storage and use object
B. Import the acquired PII data to Cloud Storage and use App Engine Cron Service with Cloud Functions to enable daily deletion of all expired data
C. De-Identify PII data using the Cloud Data Loss Prevention API and store it forever
D. Store PII data in Google Sheets and manually delete records daily as they expire
View answer
Correct Answer: A
Question #17
38. You are migrating an application from an on-premises network to Google Cloud. The application should be resistant to regional failures, so your team has decided to deploy the application across two regions within the same VPC and fronted by an external HTTP(s) Load balancer. The workload depends on Active Directory, which is still hosted in the on-premises network. How should you configure the VPN between GCP Network and the on-premises network?
A. Enable network peering between GCP VPC and on-prem network
B. Deploy a regional VPN Gateway and make sure both regions in use have at least one VPN tunnel to the on-prem network
C. Deploy a global VPN Gateway with redundant VPN tunnels from all regions in the VPC to the on-prem network
D. Tweak IAM rules to enable VPC sharing & expose VPC to on-prem network
View answer
Correct Answer: B
Question #18
9. Your company runs an application in compute engine for collecting users monthly subscription fees. The application pushes the logs of each user’s credit card details to Cloud Pub/Sub for subsequent payment processing. How should you configure the IAM access between Cloud Pub/Sub and Compute Engine VMs?
A. Modify VM access scopes to enable Cloud Pub/Sub IAM roles
B. Grant the required Cloud Pub/Sub IAM roles to the VM service account
C. Modify application in Compute Engine to instead call a Cloud Function that has the appropriate Cloud Pub/Sub IAM roles
D. Enable OAuth 2
View answer
Correct Answer: B
Question #19
35. All internal applications in your company depend on a legacy staff Single Sign On (SSO) solution for authentication and authorization. The SSO application is deployed in a regional managed instance group (MIG), exposes public HTTPS REST endpoints and relies on a Cloud SQL instance to validate user information. How should you test the resilience of this system?
A. Work with a third-party company specializing in web scraping to compare and detect users credentials exposed in public breaches
B. Configure Intrusion Detection Management (IDM) and Intrusion Prevention Management (IPM) to detect and prevent unauthorized and suspicious logins
C. Update the existing system to add Cloud SQL read replica in a different zone to make the system immune from GCP zone failures and work with your operations team to validate the failover works as expected
D. Work with your operations team and shut down all instances in a zone to simulate a disaster scenario and check if the failover works
View answer
Correct Answer: D
Question #20
29. You need to install a legacy software on a compute engine instance that has no access to the internet. Your networks team have not yet created a VPN connection between Google network and the on-premises network. How can you transfer the software binary from on-premises to Google Cloud so that you can install the legacy software on the VM?
A. From the on-premises network
B. From the on-premises network, upload the file to a bucket in Cloud Storage
C. From the on-premises network, upload the file to a bucket in Cloud Storage
D. From the on-premises network, upload the file to Cloud Source Repositories
the file.
View answer
Correct Answer: C
Question #21
26. Your auditors require you to supply them the number of queries run by each user in BigQuery over the last 12 months. You want to do this as efficiently as possible. What should you do?
A. In Cloud Audit Logs, apply a filter on BigQuery query operation to get the required information
B. Use Google Data Studio BigQuery connector to access data from your BigQuery tables within Google Data Studio
C. Execute bq show command to list all jobs and execute bq Is for each job
D. Execute a query on BigQuery JOBS table to get this information
View answer
Correct Answer: A
Question #22
33. Your company runs mobile gaming servers and lets individual app developers host their games. Some of the games have been hugely popular, causing the gaming servers to go offline. Your company wants to capture vast quantities of key performance indicators from the gaming servers and monitor these KPls in real-time with low latency to identify the games which are taking down the servers. What should you do?
A. Store KPIs in Google Bigtable and visualize KPIs in Google Data Studio
B. Save KPls in Cloud Datastore and visualize KPls in Cloud Datalab
C. Store KPIs as custom metrics in Cloud Monitoring, and build dashboards in Cloud Monitoring to visualize KPls
D. Push KPI files to Cloud Storage hourly, use BigQuery load jobs to ingest them and visualize KPls in Google Data Studio
View answer
Correct Answer: C
Question #23
27. An application you deployed to Google Cloud uses a single Cloud SQL for MySQL instance in us-west1-a zone. What should you do to ensure high availability?
A. Create a MySQL failover replica in us-east1 (different region)
B. Create a MySQL failover replica in us-west1-b (same region but different zone)
C. Create a MySQL read replica in us-east1 (different region)
D. Create a MySQL read replica in us-west1-b (same region but different zone)
View answer
Correct Answer: B
Question #24
36. You deployed an application on Google Compute Engine, but scaling the application is problematic because it requires a consistent set of hostnames. You plan to migrate this application to GKE to overcome the scaling issue. What GKE feature should you use to enable a consistent set of hostnames?
A. StatefulSets
B. RBAC (Role-based access control) Cluster Role and Cluster Role Binding
C. Persistent Volumes and Claims
D. Use hostname environment variable inside containers
View answer
Correct Answer: A
Question #25
10. You developed bug fixes for a mission-critical application running on App Engine standard service. Your change management board has advised caution and validate the bug fixes with live traffic on a small set of users before replacing the current version. What should you do?
A. Using Instance Group Updater (IGU), deploy a partial rollout
B. Deploy the fix as a new App Engine Application in the same project and split traffic between the two applications using HTTP(s) load balancer
C. Deploy the fix as a new App Engine Application in a new VPC and split traffic between the two applications using HTTP(s) load balancer
D. Deploy a new version in the App Engine application and use traffic splitting to distribute traffic across the old and new versions
View answer
Correct Answer: C
Question #26
12. You are deploying a GPS tracking application on App Engine Standard. The GPS tracking application uses Cloud SQL as the backend. Some of the queries are running very slow, and your Team Lead has asked you to explore setting up a caching layer to speed up the application. What should you do?
A. Use Memorystore for Memcached and set service level to dedicated
B. Use Memorystore for Memcached and set service level to shared
C. Use Memorystore for Memcached and set service level to shared
D. Use Memorystore for Memcached and set service level to dedicated
View answer
Correct Answer: A
Question #27
39. Your team would like to start using Google Kubernetes Engine (GKE) for deploying an application. A colleague has provided you with a Kubernetes deployment file. You enabled the Kubernetes Engine API, and you now need to deploy the application. What should you do?
A. Create a Kubernetes cluster by running gcloud container clusters create
B. Create a Kubernetes cluster by running kubectl container clusters create
C. Create a Kubernetes cluster by running gcloud container clusters create
D. Create a Kubernetes cluster by running kubectl container clusters create
View answer
Correct Answer: A
Question #28
22. You developed an application recognizes famous landmarks from uploaded photos. You want to run a free trial for 24 hours and open up the application to all users, including users that don’t have a Google account. What should you do?
A. Generate a signed URL on a Cloud Storage bucket with expiration set to 24 hours and have users upload their photos using this signed URL
B. Deploy the application to Google Compute Engine and terminate the instances after 24 hours
C. Deploy the application to Google Compute Engine and use Cloud Identity to authenticate users
D. Enable users to upload their photos to a public Cloud Storage bucket and set a password on the bucket after the trial
View answer
Correct Answer: A
Question #29
14. You are migrating an application to Google Cloud. The application relies on Microsoft SQL Server, and due to the mission-critical nature of the workload, the application should have no downtime in case of zonal outages with GCP. How should you configure the database?
A. Migrate to a regional Cloud Spanner instance
B. Migrate the SQL Server database onto two Google Compute Engine instances in different zones and enable SQL Server Always-On-Availability- Groups with Windows failover clustering
C. Migrate the SQL Server database onto two Google Compute Engine instances in different subnets and enable SQL Server Always-On-Availability-Groups with Windows failover clustering
D. Migrate to a high availability enabled Cloud SQL instance
View answer
Correct Answer: B
Question #30
8. A business-critical application deployed to Google Kubernetes Engine (GKE) is experiencing issues connecting to Cloud SQL database. The primary pods use a sidecar container to establish a connection to the database. You are asked you to carry out a post-mortem of incident. What should you do?
A. Ensure the sidecar container still has Container Registry Editor role
B. Check GKE & Cloud SQL logs in Cloud Logging console
C. Restart all primary pods
D. Restart the database
View answer
Correct Answer: B

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: