Google Cloud Associate Cloud Engineer Exam MCQ With Answers GCP ACE 8

0


Associate Cloud Engineer

Google Cloud


Google Cloud Associate Cloud Engineer

Associate Cloud Engineers deploy applications, monitor operations, and manage enterprise solutions. They use Google Cloud Console and the command-line interface to perform common platform-based tasks to maintain one or more deployed solutions that leverage Google-managed or self-managed services on Google Cloud.


The Associate Cloud Engineer exam assesses your ability to:


  • Set up a cloud solution environment
  • Plan and configure a cloud solution
  • Deploy and implement a cloud solution
  • Ensure successful operation of a cloud solution
  • Configure access and security

About this certification exam


  • Length: 2 hours
  • Registration fee: $125 (plus tax where applicable)
  • Languages: English, Japanese, Spanish, Portuguese
  • Exam format: 50-60 multiple choice and multiple select questions

GOOGLE CLOUD ASSOCIATE CLOUD ENGINEER MCQ



1. You have a Cloud Storage bucket that needs to host static web assets. How do you make the 
Bucket public?

  1. Trick question. Don’t ever make a bucket public. 
  2. Check the “make public” box in the UI. 
  3. Set allUsers to have the Storage Object Viewer role. 
  4. gsutil make-public gs://bucket-name

Answer: Set allUsers to have the Storage Object Viewer role. 


2. Your team has chosen to use Deployment Manager to create the Compute Engine infrastructure For your application. You’ve already run the gcloud deployment-manager deployments create Command to create the deployment. You’ve updated two resources in the template and need to deploy the change. What command Should you use?

  1. gcloud deployment-manager resources apply 
  2. gcloud deployment-manager deployments update 
  3. gcloud deployment-manager resources update 
  4. gcloud deployment-manager deployments apply

Answer: gcloud deployment-manager deployments update 
 

3. Your team needs to set up a new Jenkins instance as quickly as possible. What’s the best way 
To get it up- and-running? (two answers)

  1. Use Google’s Managed Jenkins Service. 
  2. Deploy the jar file to a Compute Engine instance. 
  3. Search the marketplace for Jenkins and install with Cloud Launcher. 
  4. Create a Deployment Manager template and deploy it.

Answer:
1. Use Google’s Managed Jenkins Service.   
2.Search the marketplace for Jenkins and install with Cloud Launcher. 


4. Your engineers need to pass database credentials to a Kubernetes Pod. The YAML they’re 
Using looks similar to the following:

apiVersion: “extensions/v1beta1” 
kind: “Deployment” 
metadata: 
name: “products-service” 
namespace: “default” 
labels: 
app: “products-service” 
spec: 
replicas: 3 
selector: 
matchLabels: 
app: “products-service” 
template: 
metadata: 
labels: 
app: “products-service” 
spec: 
containers: 
- Name: “products” 
Image: “gcr.io/find-seller-app-dev/products:latest” 
Env: 
- Name: “database_user” 
Value: “admin” 
- Name: “database_password” 
Value: “TheB3stP@ssW0rd”

5. What is Google’s recommended best practice for working with sensitive information inside of 
Kubernetes?

  1. Store the credentials in a ConfigMap
  2. Mount the credentials in a volume. 
  3. Use an environment variable. 
  4. Store the credentials in a Secret

Answer: Store the credentials in a Secret.


6. You’re trying to provide temporary access to some files in a Cloud Storage bucket. You want to 
Limit the time that the files are available to 10 minutes. With the fewest steps possible, what is 
The best way to generate a signed URL?

  1. In the UI select the objects and click the Generate Signed URL button. 
  2. Create a service account and JSON key. Use the gsutil signurl -t 10m command and pass in The JSON key and bucket. 
  3. In the UI select the objects and click the “Sign With Key” button. 
  4. Create a service account and JSON key. Use the gsutil signurl -d 10m command and pass in The JSON key and bucket.

Answer: Create a service account and JSON key. Use the gsutil signurl -d 10m command and pass in 
The JSON key and bucket.


7. Your team has some new functionality that they want to roll out slowly so they can monitor for 
Errors. The change contains some significant changes to the user interface. You’ve chosen to 
Use traffic splitting to perform a canary deployment. You’re going to start by rolling out the code 
To 15% of your users. How should you go about setting up traffic splitting?

  1. Deploy the new version. Split the traffic using an IP or cookie based distribution. 
  2. Use the gcloud app deploy command with the distribution flag to deploy and split the traffic in 
  3. One command. 
  4. Deploy the new version using the no-promote flag. Split the traffic using a random 
  5. Distribution. 
  6. Deploy the new version using the no-promote flag. Split the traffic using distribution.

Answer: Deploy the new version using the no-promote flag. Split the traffic using distribution.


8. You have an App Engine application serving as your front-end. It’s going to publish messages to Pub/Sub. The Pub/Sub API hasn’t been enabled yet. What is the fastest way to enable the API? (two)

  1. Use a service account to auto-enable the API. 
  2. Enable the API in the Console. 
  3. Application’s in App Engine don’t require external APIs to be enabled. 
  4. The API wil be enabled the first time the code attempts to access Pub/Sub.
Answer:
1.Enable the API in the Console. 
2.The API wil be enabled the first time the code attempts to access Pub/Sub.


9. You are assisting a new Google Cloud user who just installed the Google Cloud SDK on their VM. The server needs access to Cloud Storage. The user wants your help to create a new storage bucket. You need to make this change in multiple environments. What should you do?

  1. Use a Deployment Manager script to automate creating storage buckets in an appropriate region
  2. Use a local SSD to improve performance of the VM for the targeted workload
  3. Use the gsutii command to create a storage bucket in the same region as the VM
  4. Use a Persistent Disk SSD in the same zone as the VM to improve performance of the VM

Answer: Use a Deployment Manager script to automate creating storage buckets in an appropriate 
region


10. Your company has an internal application for managing transactional orders. The application is used exclusively by employees in a single physical location. The application requires strong consistency, fast queries, and ACID guarantees for multi-table transactional updates. The first version of the application is implemented inPostgreSQL, and you want to deploy it to the cloud with minimal code changes. Which database is most appropriate for this application?

  1. BigQuery
  2. Cloud SQL
  3. Cloud Spanner
  4. Cloud Datastore

Answer: Cloud SQL


11. You are managing a Data Warehouse on BigQuery. An external auditor will review your company's processes, and multiple external consultants will need view access to the data. You need to provide them with view access while following Google-recommended practices. What should you do?

  1. Grant each individual external consultant the role of BigQuery Editor
  2. Grant each individual external consultant the role of BigQuery Viewer
  3. Create a Google Group that contains the consultants and grant the group the role of BigQuery Editor
  4. Create a Google Group that contains the consultants, and grant the group the role of BigQuery viewer

Answer: Create a Google Group that contains the consultants, and grant the group the role of BigQuery viewer


12. Your company wants to reduce cost on infrequently accessed data by moving it to the cloud. The data will still be accessed approximately once a month to refresh historical charts. In addition, data older than 5 years is no longer needed. How should you store and manage the data?

  1. In Google Cloud Storage and stored in a Multi-Regional bucket. Set an Object Lifecycle Management policy to delete data older than 5 years.
  2. In Google Cloud Storage and stored in a Multi-Regional bucket. Set an Object Lifecycle Management policy to change the storage class to Coldline for data older than 5 years.
  3. In Google Cloud Storage and stored in a Nearline bucket. Set an Object Lifecycle Management policy to delete data older than 5 years.
  4. In Google Cloud Storage and stored in a Nearline bucket. Set an Object Lifecycle Management policy to change the storage class to Coldline for data older than 5 years.

Answer: In Google Cloud Storage and stored in a Nearline bucket. Set an Object Lifecycle Management policy to delete data older than 5 years.


13. Your managed instance group raised an alert stating that new instance creation has failed to create new instances. You need to maintain the number of running instances specified by the template to be able to process expected application traffic. What should you do?

  1. Create an instance template that contains valid syntax which will be used by the instance group. Delete any persistent disks with the same name as instance names.
  2. Create an instance template that contains valid syntax that will be used by the instance group. Verify that the instance name and persistent disk name values are not the same in the template
  3. Verify that the instance template being used by the instance group contains valid syntax. Delete any persistent disks with the same name as instance names. Set the disks.autoDelete property to true in the instance template
  4. Delete the current instance template and replace it with a new instance template. Verify that the instance name and persistent disk name values are not the same in the template. Set the disks.auto Delete property to true in the instance template.

Answer: Verify that the instance template being used by the instance group contains valid syntax. Delete any persistent disks with the same name as instance names. Set the disks.autoDelete property to true in the instance template


14. You have a project for your App Engine application that serves a development environment. The required testing has succeeded and you want to create a new project to serve as your production environment. What should you do?

  1. Use gcloud to create the new project, and then deploy your application to the new project.
  2. Use gcloud to create the new project and to copy the deployed application to the new project.
  3. Create a Deployment Manager configuration file that copies the current App Engine deployment into a new project.
  4. Deploy your application again using gcloud and specify the project parameter with the new project name to create the new project.

Answer: Create a Deployment Manager configuration file that copies the current App Engine deployment into a new project.


15. You want to add a new auditor to a Google Cloud Platform project. The auditor should be allowed to read, but not modify, all project items.How should you configure the auditor's permissions?

  1. Create a custom role with view-only project permissions. Add the user's account to the custom role.
  2. Create a custom role with view-only service permissions. Add the user's account to the custom role.
  3. Select the built-in IAM project Viewer role. Add the user's account to this role.
  4. Select the built-in IAM service Viewer role. Add the user's account to this role.

Answer: Select the built-in IAM project Viewer role. Add the user's account to this role.


16. You have an application on a general-purpose Compute Engine instance that is experiencing excessive disk read throttling on its Zonal SSD Persistent Disk. The application primarily reads large files from disk. The disk size is currently 350 GB. You want to provide the maximum amount of throughput while minimizing costs. What should you do?

  1. Increase the size of the disk to 1 TB.
  2. Increase the allocated CPU to the instance.
  3. Migrate to use a Local SSD on the instance.
  4. Migrate to use a Regional SSD on the instance.

Answer: Migrate to use a Local SSD on the instance.


17. You are building a pipeline to process time-series data. Which Google Cloud Platform services should you put in boxes 1,2,3, and 4?

Question no.191
  1. Cloud Pub/Sub, Cloud Dataflow, Cloud Datastore, BigQuery
  2. Firebase Messages, Cloud Pub/Sub, Cloud Spanner, BigQuery
  3. Cloud Pub/Sub, Cloud Storage, BigQuery, Cloud Bigtable
  4. Cloud Pub/Sub, Cloud Dataflow, Cloud Bigtable, BigQuery

Answer: Cloud Pub/Sub, Cloud Dataflow, Cloud Bigtable, BigQuery

 
18. Your company has a set of compute engine instances that would be hosting production-based 
applications. These applications would be running 24x7 throughout the year. You need to implement the cost-effective, scalable and high availability solution even if a zone fails. How would you design the solute 

  1. Use Managed instance groups with preemptible instances across multiple zones
  2. Use Managed instance groups across multiple zone
  3. Use managed instance groups with instances in a single zone
  4. Use Unmanaged instance groups across multiple zones

Answer: Use Managed instance groups across multiple zone


19. Your management has asked an external auditor to review all the resources in a specific project. The security team has enabled the Organization Policy called Domain Restricted Sharing on the organization node by specifying only your Cloud Identity domain. You want the auditor to only be able to view, but not modify, the resources in that project. What should you do?

  1. Ask the auditor for their Google account, and give them the Viewer role on the project.
  2. Ask the auditor for their Google account, and give them the Security Reviewer role on the project.
  3. Create a temporary account for the auditor in Cloud Identity, and give that account the Viewer role on the project.
  4. Create a temporary account for the auditor in Cloud Identity, and give that account the Security Reviewer role on the project.

Answer: Create a temporary account for the auditor in Cloud Identity, and give that account the Viewer role on the project.


20. You have been asked to create robust Virtual Private Network (VPN) connectivity between a new Virtual Private Cloud (VPC) and a remote site. Key requirements include dynamic routing, a shared address space of 10.19.0.1/22, and no overprovisioning of tunnels during a failover event. You want to follow Google-recommended practices to set up a high availability Cloud VPN. What should you do?

  1. Use a custom mode VPC network, configure static routes, and use active/passive routing
  2. Use an automatic mode VPC network, configure static routes, and use active/active routing
  3. Use a custom mode VPC network use Cloud Router border gateway protocol (86P) routes, and use active/passive routing
  4. Use an automatic mode VPC network, use Cloud Router border gateway protocol (BGP) routes and configure policy-based routing

Answer: Use an automatic mode VPC network, use Cloud Router border gateway protocol (BGP) routes and configure policy-based routing


21. You have an application that receives SSL-encrypted TCP traffic on port 443. Clients for this application are located all over the world. You want to minimize latency for the clients. Which load balancing option should you use?

  1. HTTPS Load Balancer
  2. Network Load Balancer
  3. SSL Proxy Load Balancer
  4. Internal TCP/UDP Load Balancer. Add a firewall rule allowing ingress traffic from 0.0.0.0/0 on 
  5. the target instances.

Answer: SSL Proxy Load Balancer


22. You have an application that looks for its licensing server on the IP 10.0.3.21. You need to deploy the licensing server on Compute Engine. You do not want to change the configuration of the application and want the application to be able to reach the licensing server. What should you do?
  1. Reserve the IP 10.0.3.21 as a static internal IP address using gcloud and assign it to the licensing server.
  2. Reserve the IP 10.0.3.21 as a static public IP address using gcloud and assign it to the licensing server.
  3. Use the IP 10.0.3.21 as a custom ephemeral IP address and assign it to the licensing server.
  4. Start the licensing server with an automatic ephemeral IP address, and then promote it to a static internal IP address.

Answer: Reserve the IP 10.0.3.21 as a static internal IP address using gcloud and assign it to the licensing server.


23. Your organization uses Active Directory (AD) to manage user identities. Each user uses this identity for federated access to various on-premises systems. Your security team has adopted a policy that requires users to log into Google Cloud with their AD identity instead of their own login. You want to follow the Google-recommended practices to implement this policy. What should you do?

  1. Sync Identities with Cloud Directory Sync, and then enable SAML for single sign-on
  2. Sync Identities in the Google Admin console, and then enable Oauth for single sign-on
  3. Sync identities with 3rd party LDAP sync, and then copy passwords to allow simplified login with (he same credentials
  4. Sync identities with Cloud Directory Sync, and then copy passwords to allow simplified login with the same credentials.

Answer: Sync Identities with Cloud Directory Sync, and then enable SAML for single sign-on


24. Your organization requires that log from all applications be archived for 10 years as a part of 
compliance. Which approach should you use?

  1. Configure Stackdriver Monitoring for all Projects, and export to BigQuery
  2. Configure Stackdriver Monitoring for all Projects with the default retention policies
  3. Configure Stackdriver Monitoring for all Projects, and export to Google Cloud Storage
  4. Grant the security team access to the logs in each Project

Answer : Configure Stackdriver Monitoring for all Projects, and export to Google Cloud Storage


25. Your organization requires that log from all applications be archived for 10 years as a part of compliance. Which approach should you use?

  1. Configure Stackdriver Monitoring for all Projects, and export to BigQuery
  2. Configure Stackdriver Monitoring for all Projects with the default retention policies
  3. Configure Stackdriver Monitoring for all Projects, and export to Google Cloud Storage
  4. Grant the security team access to the log in each Project

Answer:  Configure Stackdriver Monitoring for all Projects, and export to Google Cloud Storage





Tags:

Post a Comment