Summer Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

Professional-Cloud-Architect Questions and Answers

Question # 6

For this question, refer to the Dress4Win case study. Considering the given business requirements, how would you automate the deployment of web and transactional data layers?

A.

Deploy Nginx and Tomcat using Cloud Deployment Manager to Compute Engine. Deploy a Cloud SQL server to replace MySQL. Deploy Jenkins using Cloud Deployment Manager.

B.

Deploy Nginx and Tomcat using Cloud Launcher. Deploy a MySQL server using Cloud Launcher. Deploy Jenkins to Compute Engine using Cloud Deployment Manager scripts.

C.

Migrate Nginx and Tomcat to App Engine. Deploy a Cloud Datastore server to replace the MySQL server in a high-availability configuration. Deploy Jenkins to Compute Engine using Cloud Launcher.

D.

Migrate Nginx and Tomcat to App Engine. Deploy a MySQL server using Cloud Launcher. Deploy Jenkins to Compute Engine using Cloud Launcher.

Full Access
Question # 7

Refer to the Altostrat Media case study for the following solution regarding the performance analysis of their media processing pipeline.

Altostrat needs to analyze the performance of its media processing pipeline running on Java-based Cloud Run function. You need to select the most effective tool for the task. What should you do?

A.

Query logs in Cloud Logging.

B.

Analyze the data via Cloud Profiler.

C.

Instrument the code to use Cloud Trace.

D.

Inspect data from Snapshot Debugger.

Full Access
Question # 8

Altostrat stores a large library of media content, including sensitive interviews and documentaries, in Cloud Storage. They are concerned about the confidentiality of this content and want to protect it from unauthorized access. You need to implement a Google-recommended solution that is easy to integrate and provides Altostrat with control and auditability of the encryption keys. What should you do?

A.

Configure Cloud Storage to use server-side encryption with Google-managed encryption keys. Create a bucket policy to restrict access to only authorized Google groups and required service accounts.

B.

Use Cloud Storage default encryption at rest. Implement fine-grained access control using IAM roles and groups to restrict access to sensitive buckets.

C.

Implement client-side encryption before uploading it to Cloud Storage. Store the encryption keys in a HashiCorp Vault instance deployed on Google Kubernetes Engine (GKE). Implement fine-grained access control to sensitive Cloud Storage buckets using IAM roles.

D.

Use customer-managed encryption keys (CMEK) for all Cloud Storage buckets storing sensitive media content. Implement fine-grained access control using IAM roles and groups to restrict access to sensitive buckets.

Full Access
Question # 9

Refer to the Altostrat Media case study for the following solution regarding API management and cost control.

Altostrat is using Apigee for API management and wants to ensure their APIs are protected from overuse and abuse. You need to implement an Apigee feature to control the total number of API calls for cost management. What should you do?

A.

Set up API key validation.

B.

Integrate OAuth 2.0 authorization.

C.

Configure Quota policies.

D.

Activate XML threat protection.

Full Access
Question # 10

Refer to the Altostrat Media case study for the following solution.

Altostrat is concerned about sophisticated, multi-vector Distributed Denial of Service (DDoS) attacks targeting various layers of their infrastructure. DDoS attacks could potentially disrupt video streaming and cause financial losses. You need to mitigate this risk. What should you do?

A.

Set up VPC Service Controls to restrict access to sensitive resources and prevent data exfiltration.

B.

Configure Cloud Next Generation Firewall (NGFW) with custom rules to filter malicious traffic at the network level.

C.

Deploy Google Cloud Armor with pre-configured and custom rules for L3/L4 and L7 protection.

D.

Activate Security Command Center to monitor security posture and detect potential threats.

Full Access
Question # 11

Altostrat ' s development team is using a microservices architecture for their application. You need to select the most suitable testing approach to ensure that individual microservices function correctly in isolation. What should you do?

A.

Run unit testing.

B.

Use load testing.

C.

Perform end-to-end testing.

D.

Execute integration testing.

Full Access
Question # 12

Refer to the Altostrat Media case study for the following solutions regarding cost optimization for batch processing and microservices testing strategies.

Altostrat is experiencing fluctuating computational demands for its batch processing jobs. These jobs are not time-critical and can tolerate occasional interruptions. You want to optimize cloud costs and address batch processing needs. What should you do?

A.

Configure reserved VM instances

B.

Deploy spot VM instances.

C.

Set up standard VM instances.

D.

Use Cloud Run functions.

Full Access
Question # 13

For this question, refer to the TerramEarth case study.

TerramEarth ' s 20 million vehicles are scattered around the world. Based on the vehicle ' s location its telemetry data is stored in a Google Cloud Storage (GCS) regional bucket (US. Europe, or Asia). The CTO has asked you to run a report on the raw telemetry data to determine why vehicles are breaking down after 100 K miles. You want to run this job on all the data. What is the most cost-effective way to run this job?

A.

Move all the data into 1 zone, then launch a Cloud Dataproc cluster to run the job.

B.

Move all the data into 1 region, then launch a Google Cloud Dataproc cluster to run the job.

C.

Launch a cluster in each region to preprocess and compress the raw data, then move the data into a multi region bucket and use a Dataproc cluster to finish the job.

D.

Launch a cluster in each region to preprocess and compress the raw data, then move the data into a region bucket and use a Cloud Dataproc cluster to finish the jo

Full Access
Question # 14

For this question, refer to the TerramEarth case study.

To speed up data retrieval, more vehicles will be upgraded to cellular connections and be able to transmit data to the ETL process. The current FTP process is error-prone and restarts the data transfer from the start of the file when connections fail, which happens often. You want to improve the reliability of the solution and minimize data transfer time on the cellular connections. What should you do?

A.

Use one Google Container Engine cluster of FTP servers. Save the data to a Multi-Regional bucket. Run the ETL process using data in the bucket.

B.

Use multiple Google Container Engine clusters running FTP servers located in different regions. Save the data to Multi-Regional buckets in us, eu, and asia. Run the ETL process using the data in the bucket.

C.

Directly transfer the files to different Google Cloud Multi-Regional Storage bucket locations in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process using the data in the bucket.

D.

Directly transfer the files to a different Google Cloud Regional Storage bucket location in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process to retrieve the data from each Regional bucket.

Full Access
Question # 15

For this question, refer to the JencoMart case study.

The migration of JencoMart’s application to Google Cloud Platform (GCP) is progressing too slowly. The infrastructure is shown in the diagram. You want to maximize throughput. What are three potential bottlenecks? (Choose 3 answers.)

A.

A single VPN tunnel, which limits throughput

B.

A tier of Google Cloud Storage that is not suited for this task

C.

A copy command that is not suited to operate over long distances

D.

Fewer virtual machines (VMs) in GCP than on-premises machines

E.

A separate storage layer outside the VMs, which is not suited for this task

F.

Complicated internet connectivity between the on-premises infrastructure and GCP

Full Access
Question # 16

For this question, refer to the JencoMart case study.

JencoMart wants to move their User Profiles database to Google Cloud Platform. Which Google Database should they use?

A.

Cloud Spanner

B.

Google BigQuery

C.

Google Cloud SQL

D.

Google Cloud Datastore

Full Access
Question # 17

For this question, refer to the JencoMart case study.

JencoMart has built a version of their application on Google Cloud Platform that serves traffic to Asia. You want to measure success against their business and technical goals. Which metrics should you track?

A.

Error rates for requests from Asia

B.

Latency difference between US and Asia

C.

Total visits, error rates, and latency from Asia

D.

Total visits and average latency for users in Asia

E.

The number of character sets present in the database

Full Access
Question # 18

For this question, refer to the JencoMart case study

A few days after JencoMart migrates the user credentials database to Google Cloud Platform and shuts down the old server, the new database server stops responding to SSH connections. It is still serving database requests to the application servers correctly. What three steps should you take to diagnose the problem? Choose 3 answers

A.

Delete the virtual machine (VM) and disks and create a new one.

B.

Delete the instance, attach the disk to a new VM, and investigate.

C.

Take a snapshot of the disk and connect to a new machine to investigate.

D.

Check inbound firewall rules for the network the machine is connected to.

E.

Connect the machine to another network with very simple firewall rules and investigate.

F.

Print the Serial Console output for the instance for troubleshooting, activate the interactive console, and investigate.

Full Access
Question # 19

For this question, refer to the JencoMart case study.

The JencoMart security team requires that all Google Cloud Platform infrastructure is deployed using a least privilege model with separation of duties for administration between production and development resources. What Google domain and project structure should you recommend?

A.

Create two G Suite accounts to manage users: one for development/test/staging and one for production. Each account should contain one project for every application.

B.

Create two G Suite accounts to manage users: one with a single project for all development applications and one with a single project for all production applications.

C.

Create a single G Suite account to manage users with each stage of each application in its own project.

D.

Create a single G Suite account to manage users with one project for the development/test/staging environment and one project for the production environment.

Full Access
Question # 20

For this question, refer to the JencoMart case study.

JencoMart has decided to migrate user profile storage to Google Cloud Datastore and the application servers to Google Compute Engine (GCE). During the migration, the existing infrastructure will need access to Datastore to upload the data. What service account key-management strategy should you recommend?

A.

Provision service account keys for the on-premises infrastructure and for the GCE virtual machines (VMs).

B.

Authenticate the on-premises infrastructure with a user account and provision service account keys for the VMs.

C.

Provision service account keys for the on-premises infrastructure and use Google Cloud Platform (GCP) managed keys for the VMs

D.

Deploy a custom authentication service on GCE/Google Container Engine (GKE) for the on-premises infrastructure and use GCP managed keys for the VMs.

Full Access
Question # 21

Your company has a stateless web API that performs scientific calculations. The web API runs on a single Google Kubernetes Engine (GKE) cluster. The cluster is currently deployed in us-central1. Your company has expanded to offer your API to customers in Asia. You want to reduce the latency for the users in Asia. What should you do?

A.

Use a global HTTP(s) load balancer with Cloud CDN enabled

B.

Create a second GKE cluster in asia-southeast1, and expose both API’s using a Service of

type Load Balancer. Add the public Ips to the Cloud DNS zone

C.

Increase the memory and CPU allocated to the application in the cluster

D.

Create a second GKE cluster in asia-southeast1, and use kubemci to create a global HTTP(s) load balancer

Full Access
Question # 22

Your development team has created a mobile game app. You want to test the new mobile app on Android and

iOS devices with a variety of configurations. You need to ensure that testing is efficient and cost-effective. What

should you do?

A.

Upload your mobile app to the Firebase Test Lab, and test the mobile app on Android and iOS devices.

B.

Create Android and iOS VMs on Google Cloud, install the mobile app on the VMs, and test the mobile app.

C.

Create Android and iOS containers on Google Kubernetes Engine (GKE), install the mobile app on the

containers, and test the mobile app.

D.

Upload your mobile app with different configurations to Firebase Hosting and test each configuration.

Full Access
Question # 23

You need to optimize batch file transfers into Cloud Storage for Mountkirk Games’ new Google Cloud solution.

The batch files contain game statistics that need to be staged in Cloud Storage and be processed by an extract

transform load (ETL) tool. What should you do?

A.

Use gsutil to batch move files in sequence.

B.

Use gsutil to batch copy the files in parallel.

C.

Use gsutil to extract the files as the first part of ETL.

D.

Use gsutil to load the files as the last part of ETL.

Full Access
Question # 24

Mountkirk Games wants you to secure the connectivity from the new gaming application platform to Google

Cloud. You want to streamline the process and follow Google-recommended practices. What should you do?

A.

Configure Workload Identity and service accounts to be used by the application platform.

B.

Use Kubernetes Secrets, which are obfuscated by default. Configure these Secrets to be used by the

application platform.

C.

Configure Kubernetes Secrets to store the secret, enable Application-Layer Secrets Encryption, and use

Cloud Key Management Service (Cloud KMS) to manage the encryption keys. Configure these Secrets to

be used by the application platform.

D.

Configure HashiCorp Vault on Compute Engine, and use customer managed encryption keys and Cloud

Key Management Service (Cloud KMS) to manage the encryption keys. Configure these Secrets to be used

by the application platform.

Full Access
Question # 25

Mountkirk Games wants to limit the physical location of resources to their operating Google Cloud regions.

What should you do?

A.

Configure an organizational policy which constrains where resources can be deployed.

B.

Configure IAM conditions to limit what resources can be configured.

C.

Configure the quotas for resources in the regions not being used to 0.

D.

Configure a custom alert in Cloud Monitoring so you can disable resources as they are created in other

regions.

Full Access
Question # 26

You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game

programmatic access to a legacy game ' s Firestore database. Access should be as restricted as possible. What

should you do?

A.

Create a service account (SA) in the legacy game ' s Google Cloud project, add this SA in the new game ' s IAM page, and then give it the Firebase Admin role in both projects

B.

Create a service account (SA) in the legacy game ' s Google Cloud project, add a second SA in the new game ' s IAM page, and then give the Organization Admin role to both SAs

C.

Create a service account (SA) in the legacy game ' s Google Cloud project, give it the Firebase Admin role, and then migrate the new game to the legacy game ' s project.

D.

Create a service account (SA) in the lgacy game ' s Google Cloud project, give the SA the Organization Admin rule and then give it the Firebase Admin role in both projects

Full Access
Question # 27

You need to implement a network ingress for a new game that meets the defined business and technical

requirements. Mountkirk Games wants each regional game instance to be located in multiple Google Cloud

regions. What should you do?

A.

Configure a global load balancer connected to a managed instance group running Compute Engine

instances.

B.

Configure kubemci with a global load balancer and Google Kubernetes Engine.

C.

Configure a global load balancer with Google Kubernetes Engine.

D.

Configure Ingress for Anthos with a global load balancer and Google Kubernetes Engine.

Full Access
Question # 28

Your development teams release new versions of games running on Google Kubernetes Engine (GKE) daily.

You want to create service level indicators (SLIs) to evaluate the quality of the new versions from the user’s

perspective. What should you do?

A.

Create CPU Utilization and Request Latency as service level indicators.

B.

Create GKE CPU Utilization and Memory Utilization as service level indicators.

C.

Create Request Latency and Error Rate as service level indicators.

D.

Create Server Uptime and Error Rate as service level indicators.

Full Access
Question # 29

For this question, refer to the Helicopter Racing League (HRL) case study. The HRL development team

releases a new version of their predictive capability application every Tuesday evening at 3 a.m. UTC to a

repository. The security team at HRL has developed an in-house penetration test Cloud Function called Airwolf.

The security team wants to run Airwolf against the predictive capability application as soon as it is released

every Tuesday. You need to set up Airwolf to run at the recurring weekly cadence. What should you do?

A.

Set up Cloud Tasks and a Cloud Storage bucket that triggers a Cloud Function.

B.

Set up a Cloud Logging sink and a Cloud Storage bucket that triggers a Cloud Function.

C.

Configure the deployment job to notify a Pub/Sub queue that triggers a Cloud Function.

D.

Set up Identity and Access Management (IAM) and Confidential Computing to trigger a Cloud Function.

Full Access
Question # 30

For this question, refer to the Helicopter Racing League (HRL) case study. Your team is in charge of creating a

payment card data vault for card numbers used to bill tens of thousands of viewers, merchandise consumers,

and season ticket holders. You need to implement a custom card tokenization service that meets the following

requirements:

• It must provide low latency at minimal cost.

• It must be able to identify duplicate credit cards and must not store plaintext card numbers.

• It should support annual key rotation.

Which storage approach should you adopt for your tokenization service?

A.

Store the card data in Secret Manager after running a query to identify duplicates.

B.

Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode.

C.

Encrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances.

D.

Use column-level encryption to store the data in Cloud SQL.

Full Access
Question # 31

For this question, refer to the Mountkirk Games case study.

Mountkirk Games ' gaming servers are not automatically scaling properly. Last month, they rolled out a new feature, which suddenly became very popular. A record number of users are trying to use the service, but many of them are getting 503 errors and very slow response times. What should they investigate first?

A.

Verify that the database is online.

B.

Verify that the project quota hasn ' t been exceeded.

C.

Verify that the new feature code did not introduce any performance bugs.

D.

Verify that the load-testing team is not running their tool against production.

Full Access
Question # 32

For this question, refer to the Mountkirk Games case study.

Mountkirk Games wants to set up a real-time analytics platform for their new game. The new platform must meet their technical requirements. Which combination of Google technologies will meet all of their requirements?

A.

Container Engine, Cloud Pub/Sub, and Cloud SQL

B.

Cloud Dataflow, Cloud Storage, Cloud Pub/Sub, and BigQuery

C.

Cloud SQL, Cloud Storage, Cloud Pub/Sub, and Cloud Dataflow

D.

Cloud Dataproc, Cloud Pub/Sub, Cloud SQL, and Cloud Dataflow

E.

Cloud Pub/Sub, Compute Engine, Cloud Storage, and Cloud Dataproc

Full Access
Question # 33

For this question, refer to the Mountkirk Games case study

Mountkirk Games needs to create a repeatable and configurable mechanism for deploying isolated application environments. Developers and testers can access each other ' s environments and resources, but they cannot access staging or production resources. The staging environment needs access to some services from production.

What should you do to isolate development environments from staging and production?

A.

Create a project for development and test and another for staging and production.

B.

Create a network for development and test and another for staging and production.

C.

Create one subnetwork for development and another for staging and production.

D.

Create one project for development, a second for staging and a third for production.

Full Access
Question # 34

For this question, refer to the Mountkirk Games case study.

Mountkirk Games has deployed their new backend on Google Cloud Platform (GCP). You want to create a thorough testing process for new versions of the backend before they are released to the public. You want the testing environment to scale in an economical way. How should you design the process?

A.

Create a scalable environment in GCP for simulating production load.

B.

Use the existing infrastructure to test the GCP-based backend at scale.

C.

Build stress tests into each component of your application using resources internal to GCP to simulate load.

D.

Create a set of static environments in GCP to test different levels of load — for example, high, medium, and low.

Full Access
Question # 35

For this question, refer to the Mountkirk Games case study.

Mountkirk Games wants to set up a continuous delivery pipeline. Their architecture includes many small services that they want to be able to update and roll back quickly. Mountkirk Games has the following requirements:

• Services are deployed redundantly across multiple regions in the US and Europe.

• Only frontend services are exposed on the public internet.

• They can provide a single frontend IP for their fleet of services.

• Deployment artifacts are immutable.

Which set of products should they use?

A.

Google Cloud Storage, Google Cloud Dataflow, Google Compute Engine

B.

Google Cloud Storage, Google App Engine, Google Network Load Balancer

C.

Google Kubernetes Registry, Google Container Engine, Google HTTP(S) Load Balancer

D.

Google Cloud Functions, Google Cloud Pub/Sub, Google Cloud Deployment Manager

Full Access
Question # 36

For this question, refer to the Mountkirk Games case study.

Mountkirk Games wants you to design their new testing strategy. How should the test coverage differ from their existing backends on the other platforms?

A.

Tests should scale well beyond the prior approaches.

B.

Unit tests are no longer required, only end-to-end tests.

C.

Tests should be applied after the release is in the production environment.

D.

Tests should include directly testing the Google Cloud Platform (GCP) infrastructure.

Full Access
Question # 37

For this question, refer to the EHR Healthcare case study. You need to define the technical architecture for hybrid connectivity between EHR ' s on-premises systems and Google Cloud. You want to follow Google ' s recommended practices for production-level applications. Considering the EHR Healthcare business and technical requirements, what should you do?

A.

Configure two Partner Interconnect connections in one metro (City), and make sure the Interconnect connections are placed in different metro zones.

B.

Configure two VPN connections from on-premises to Google Cloud, and make sure the VPN devices on-premises are in separate racks.

C.

Configure Direct Peering between EHR Healthcare and Google Cloud, and make sure you are peering at least two Google locations.

D.

Configure two Dedicated Interconnect connections in one metro (City) and two connections in another metro, and make sure the Interconnect connections are placed in different metro zones.

Full Access
Question # 38

For this question, refer to the Cymbal Retail case study. Cymbal wants to migrate its diverse database environment to Google Cloud while ensuring high availability and performance for online customers. The company also wants to efficiently store and access large product images These images typically stay In the catalog for more than 90 days and are accessed less and less frequently. You need to select the appropriate Google Cloud services for each database. You also need to design a storage solution for the product images that optimizes cost and performance What should you do?

A.

Migrate all databases to Spanner for consistency, and use Cloud Storage Standard for image storage

B.

Migrate all databases to self-managed instances on Compute Engino. and use a persistent disk for image storage.

C.

Migrate MySQL and SQL Server to Spanner. Redis to Memorystore. and MongoDB to Firestore Use Cloud Storage Standard for image storage, and move

images to Cloud Storage Nearline storage when products become less popular.

D.

Migrate MySQL to Cloud SQL. SQL Server to Cloud SQL. Redis to Memorystore. and MongoDB to Firestore. Use Cloud Storage Standard for image storage, and move images to Cloud Storage Coldline storage when products become less popular

Full Access
Question # 39

For this question, refer to the Cymbal Retail case study. Cymbal ' s generative Al models require high-performance storage for temporary files generated during model training and inference. These files are ephemeral and frequently accessed and modified You need to select a storage solution that minimizes latency and cost and maximizes performance for generative Al workloads. What should you do?

A.

Use a Cloud Storage bucket in the same region as your virtual machines Configure lifecycle policies to delete files after processing

B.

Use Filestore to store temporary files

C.

Use performance persistent disks.

D.

Use Local SSDs attached to the VMs running the generative Al models

Full Access
Question # 40

For this question, refer to the Cymbal Retail case study. Cymbal wants you to connect their on-premises systems to Google Cloud while maintaining secure communication between their on-premises and cloud environments You want to follow Google ' s recommended approach to ensure the most secure and manageable solution. What should you do?

A.

Use a bastion host to provide secure access lo Google Cloud resources from Cymbal ' s on-premises systems.

B.

Configure a static VPN connection using SSH tunnels to connect the on-premises systems to Google Cloud

C.

Configure a Cloud VPN gateway and establish a VPN tunnel Configure firewall rules to restrict access to specific resources and services based on IP addresses and ports.

D.

Use Google Cloud ' s VPC peering to connect Cymbal ' s on-premises network to Google Cloud.

Full Access
Question # 41

For this question, refer to the Cymbal Retail case study. Cymbal has a centralized project that supports large video files for Vertex Al model training. Standard storage costs have suddenly increased this month, and you need to determine why. What should you do?

A.

Investigate if the project owner disabled a soft-delete policy on the bucket holding the video files.

B.

Investigate if the project owner moved from dual-region storage to region storage

C.

Investigate If the project owner enabled a soft-delete policy on the bucket holding the video files.

D.

Investigate if the project owner moved from multi-region storage to region stotage.

Full Access
Question # 42

For this question, refer to the Cymbal Retail case study. Cymbal wants you to design a cloud-first data storage infrastructure for the product catalog modernization project. You want to ensure efficient data access and high availability for Cymbals web application and virtual agents while minimizing operational costs. What should you do?

A.

Use AlloyDB for structured product data, and Cloud Storage for product images

B.

Use Spanner for the structured product data, and BigTable for product images

C.

Use Filestore for the structured product data and Cloud Storage for product images

D.

Use Cloud Storage for structured product data, and BigQuery for product images

Full Access
Question # 43

For this question, refer to the Cymbal Retail case study. Cymbal wants to migrate their product catalog management processes to Google Cloud. You need to ensure a smooth migration with proper change management to minimize disruption and risks to the business. You want to follow Google-recommended practices to automate product catalog enrichment, improve product discoverability, increase customer engagement, and minimize costs. What should you do?

A.

Design a migration plan to move all of Cymbal ' s data to Cloud Storage, and use Compute Engine for all business logic

B.

Design a migration plan to move all of Cymbal ' s data to Cloud Storage, and use Cloud Run functions for all business logic

C.

Design a migration plan, starting with a pilot project focusing on a specific product category, and gradually expand to other categories.

D.

Design a migration plan with a scheduled window to move all components at once Perform extensive testing to ensure a successful migration.

Full Access
Question # 44

For this question, refer to the Cymbal Retail case study Cymbal plans to migrate their existing on-premises systems to Google Cloud and implement Al-powered virtual agents to handle customer interactions You need to provision the compute resources that can scale for the Al-powered virtual agents What should you do?

A.

Use Cloud SQL to store the customer data and product catalog.

B.

Configure Cloud Build to call Al Applications (formerly Vertex Al Agent Builder).

C.

Deploy a Google Kubernetes Engine (GKE) cluster with autoscaling enabled

D.

Create a single, large Compute Engine VM instance with a high CPU allocation.

Full Access
Question # 45

You are migrating a Linux-based application from your private data center to Google Cloud. The TerramEarth security team sent you several recent Linux vulnerabilities published by Common Vulnerabilities and Exposures (CVE). You need assistance in understanding how these vulnerabilities could impact your migration. What should you do?

A.

Open a support case regarding the CVE and chat with the support engineer.

B.

Read the CVEs from the Google Cloud Status Dashboard to understand the impact.

C.

Read the CVEs from the Google Cloud Platform Security Bulletins to understand the impact

D.

Post a question regarding the CVE in Stack Overflow to get an explanation

E.

Post a question regarding the CVE in a Google Cloud discussion group to get an explanation

Full Access
Question # 46

For this question, refer to the TerramEarth case study. Considering the technical requirements, how should you reduce the unplanned vehicle downtime in GCP?

A.

Use BigQuery as the data warehouse. Connect all vehicles to the network and stream data into BigQuery using Cloud Pub/Sub and Cloud Dataflow. Use Google Data Studio for analysis and reporting.

B.

Use BigQuery as the data warehouse. Connect all vehicles to the network and upload gzip files to a Multi-Regional Cloud Storage bucket using gcloud. Use Google Data Studio for analysis and reporting.

C.

Use Cloud Dataproc Hive as the data warehouse. Upload gzip files to a MultiRegional Cloud Storage

bucket. Upload this data into BigQuery using gcloud. Use Google data Studio for analysis and reporting.

D.

Use Cloud Dataproc Hive as the data warehouse. Directly stream data into prtitioned Hive tables. Use Pig scripts to analyze data.

Full Access
Question # 47

For this question, refer to the TerramEarth case study. You need to implement a reliable, scalable GCP solution for the data warehouse for your company, TerramEarth. Considering the TerramEarth business and technical requirements, what should you do?

A.

Replace the existing data warehouse with BigQuery. Use table partitioning.

B.

Replace the existing data warehouse with a Compute Engine instance with 96 CPUs.

C.

Replace the existing data warehouse with BigQuery. Use federated data sources.

D.

Replace the existing data warehouse with a Compute Engine instance with 96 CPUs. Add an additional Compute Engine pre-emptible instance with 32 CPUs.

Full Access
Question # 48

For this question, refer to the TerramEarth case study. You are asked to design a new architecture for the

ingestion of the data of the 200,000 vehicles that are connected to a cellular network. You want to follow

Google-recommended practices.

Considering the technical requirements, which components should you use for the ingestion of the data?

A.

Google Kubernetes Engine with an SSL Ingress

B.

Cloud IoT Core with public/private key pairs

C.

Compute Engine with project-wide SSH keys

D.

Compute Engine with specific SSH keys

Full Access
Question # 49

For this question, refer to the TerramEarth case study. TerramEarth has decided to store data files in Cloud Storage. You need to configure Cloud Storage lifecycle rule to store 1 year of data and minimize file storage cost.

Which two actions should you take?

A.

Create a Cloud Storage lifecycle rule with Age: “30”, Storage Class: “Standard”, and Action: “Set to Coldline”, and create a second GCS life-cycle rule with Age: “365”, Storage Class: “Coldline”, and Action: “Delete”.

B.

Create a Cloud Storage lifecycle rule with Age: “30”, Storage Class: “Coldline”, and Action: “Set to Nearline”, and create a second GCS life-cycle rule with Age: “91”, Storage Class: “Coldline”, and Action: “Set to Nearline”.

C.

Create a Cloud Storage lifecycle rule with Age: “90”, Storage Class: “Standard”, and Action: “Set to Nearline”, and create a second GCS life-cycle rule with Age: “91”, Storage Class: “Nearline”, and Action: “Set to Coldline”.

D.

Create a Cloud Storage lifecycle rule with Age: “30”, Storage Class: “Standard”, and Action: “Set to Coldline”, and create a second GCS life-cycle rule with Age: “365”, Storage Class: “Nearline”, and Action: “Delete”.

Full Access
Question # 50

You have broken down a legacy monolithic application into a few containerized RESTful microservices. You want to run those microservices on Cloud Run. You also want to make sure the services are highly available with low latency to your customers. What should you do?

A.

Deploy Cloud Run services to multiple availability zones. Create Cloud Endpoints that point to the services. Create a global HTIP(S) Load Balancing instance and attach the Cloud Endpoints to its backend.

B.

Deploy Cloud Run services to multiple regions Create serverless network endpoint groups pointing to the services. Add the serverless NE Gs to a backend service that is used by a global HTIP(S) Load Balancing instance.

C.

Cloud Run services to multiple regions. In Cloud DNS, create a latency-based DNS name that points to the services.

D.

Deploy Cloud Run services to multiple availability zones. Create a TCP/IP global load balancer. Add the Cloud Run Endpoints to its backend service.

Full Access
Question # 51

TerramEarth has a legacy web application that you cannot migrate to cloud. However, you still want to build a cloud-native way to monitor the application. If the application goes down, you want the URL to point to a " Site is unavailable " page as soon as possible. You also want your Ops team to receive a notification for the issue. You need to build a reliable solution for minimum cost

What should you do?

A.

Create a scheduled job in Cloud Run to invoke a container every minute. The container will check the application URL If the application is down, switch the URL to the " Site is unavailable " page, and notify the Ops team.

B.

Create a cron job on a Compute Engine VM that runs every minute. The cron job invokes a Python program to check the application URL If the application is down, switch the URL to the " Site is unavailable " page, and notify the Ops team.

C.

Create a Cloud Monitoring uptime check to validate the application URL If it fails, put a message in a Pub/Sub queue that triggers a Cloud Function to switch the URL to the " Site is unavailable " page, and notify the Ops team.

D.

Use Cloud Error Reporting to check the application URL If the application is down, switch the URL to the " Site is unavailable " page, and notify the Ops team.

Full Access
Question # 52

For this question, refer to the TerramEarth case study. To be compliant with European GDPR regulation, TerramEarth is required to delete data generated from its European customers after a period of 36 months when it contains personal data. In the new architecture, this data will be stored in both Cloud Storage and BigQuery. What should you do?

A.

Create a BigQuery table for the European data, and set the table retention period to 36 months. For Cloud Storage, use gsutil to enable lifecycle management using a DELETE action with an Age condition of 36 months.

B.

Create a BigQuery table for the European data, and set the table retention period to 36 months. For Cloud Storage, use gsutil to create a SetStorageClass to NONE action when with an Age condition of 36 months.

C.

Create a BigQuery time-partitioned table for the European data, and set the partition expiration period to 36 months. For Cloud Storage, use gsutil to enable lifecycle management using a DELETE action with an Age condition of 36 months.

D.

Create a BigQuery time-partitioned table for the European data, and set the partition period to 36 months. For Cloud Storage, use gsutil to create a SetStorageClass to NONE action with an Age condition of 36 months.

Full Access
Question # 53

For this question, refer to the Dress4Win case study.

As part of their new application experience, Dress4Wm allows customers to upload images of themselves. The customer has exclusive control over who may view these images. Customers should be able to upload images with minimal latency and also be shown their images quickly on the main application page when they log in. Which configuration should Dress4Win use?

A.

Store image files in a Google Cloud Storage bucket. Use Google Cloud Datastore to maintain metadata that maps each customer ' s ID and their image files.

B.

Store image files in a Google Cloud Storage bucket. Add custom metadata to the uploaded images in Cloud Storage that contains the customer ' s unique ID.

C.

Use a distributed file system to store customers ' images. As storage needs increase, add more persistent disks and/or nodes. Assign each customer a unique ID, which sets each file ' s owner attribute, ensuring privacy of images.

D.

Use a distributed file system to store customers ' images. As storage needs increase, add more persistent disks and/or nodes. Use a Google Cloud SQL database to maintain metadata that maps each customer ' s ID to their image files.

Full Access
Question # 54

For this question, refer to the Mountkirk Games case study. You need to analyze and define the technical architecture for the compute workloads for your company, Mountkirk Games. Considering the Mountkirk Games business and technical requirements, what should you do?

A.

Create network load balancers. Use preemptible Compute Engine instances.

B.

Create network load balancers. Use non-preemptible Compute Engine instances.

C.

Create a global load balancer with managed instance groups and autoscaling policies. Use preemptible Compute Engine instances.

D.

Create a global load balancer with managed instance groups and autoscaling policies. Use non-preemptible Compute Engine instances.

Full Access
Question # 55

For this question, refer to the Mountkirk Games case study. Mountkirk Games wants you to design a way to test the analytics platform’s resilience to changes in mobile network latency. What should you do?

A.

Deploy failure injection software to the game analytics platform that can inject additional latency to mobile client analytics traffic.

B.

Build a test client that can be run from a mobile phone emulator on a Compute Engine virtual machine, and run multiple copies in Google Cloud Platform regions all over the world to generate realistic traffic.

C.

Add the ability to introduce a random amount of delay before beginning to process analytics files uploaded from mobile devices.

D.

Create an opt-in beta of the game that runs on players ' mobile devices and collects response times from analytics endpoints running in Google Cloud Platform regions all over the world.

Full Access
Question # 56

For this question, refer to the Mountkirk Games case study. Mountkirk Games wants to migrate from their current analytics and statistics reporting model to one that meets their technical requirements on Google Cloud Platform.

Which two steps should be part of their migration plan? (Choose two.)

A.

Evaluate the impact of migrating their current batch ETL code to Cloud Dataflow.

B.

Write a schema migration plan to denormalize data for better performance in BigQuery.

C.

Draw an architecture diagram that shows how to move from a single MySQL database to a MySQL cluster.

D.

Load 10 TB of analytics data from a previous game into a Cloud SQL instance, and run test queries against the full dataset to confirm that they complete successfully.

E.

Integrate Cloud Armor to defend against possible SQL injection attacks in analytics files uploaded to Cloud Storage.

Full Access