Google Cloud Associate Cloud Engineer Exam MCQ With Answers GCP ACE 9

0

 

Associate Cloud Engineer

Google Cloud


Google Cloud Associate Cloud Engineer

Associate Cloud Engineers deploy applications, monitor operations, and manage enterprise solutions. They use Google Cloud Console and the command-line interface to perform common platform-based tasks to maintain one or more deployed solutions that leverage Google-managed or self-managed services on Google Cloud.


The Associate Cloud Engineer exam assesses your ability to:


  • Set up a cloud solution environment
  • Plan and configure a cloud solution
  • Deploy and implement a cloud solution
  • Ensure successful operation of a cloud solution
  • Configure access and security

About this certification exam


  • Length: 2 hours
  • Registration fee: $125 (plus tax where applicable)
  • Languages: English, Japanese, Spanish, Portuguese
  • Exam format: 50-60 multiple choice and multiple select questions

GOOGLE CLOUD ASSOCIATE CLOUD ENGINEER MCQ

 
1. Using principal of least privilege and allowing for maximum automation, what steps can you take to store audit logs for long-term access and to allow access for external auditors to view? (Choose two)

  1. Generate a signed URL to the Stackdriver export destination for auditors to access.
  2. Create an account for auditors to have view access to Stackdriver Logging.
  3. Export audit logs to Cloud Storage via an export sink.
  4. Export audit logs to BigQuery via an export sink.

Answer: 
1.Generate a signed URL to the Stackdriver export destination for auditors to access.
3.Export audit logs to Cloud Storage via an export sink.


2. You created an update for your application on App Engine. You want to deploy the update without impacting your users. You want to be able to roll back as quickly as possible if it fails. What should you do?

  1. Delete the current version of your application. Deploy the update using the same version identifier as the deleted version.
  2. Notify your users of an upcoming maintenance window. Deploy the update in that maintenance window.
  3. Deploy the update as the same version that is currently running.
  4. Deploy the update as a new version. Migrate traffic from the current version to the new version.

Answer: Deploy the update as a new version. Migrate traffic from the current version to the new version.

 
3. Using the principle of least privilege, your colleague Bob needs to be able to create new instances on Compute Engine in project 'Project A'. How should you give him access without giving more permissions than is necessary?

  1. Give Bob Compute Engine Instance Admin Role for Project A.
  2. Give Bob Compute Engine Admin Role for Project A.
  3. Create a shared VPC that Bob can access Compute resources from.
  4. Give Bob Project Editor IAM role for Project A.

Answer: Give Bob Compute Engine Instance Admin Role for Project A. 


4. You need to create a new Kubernetes Cluster on Google Cloud Platform that can autoscale the number of worker nodes. What should you do?

  1. Create a cluster on Kubernetes Engine and enable autoscaling on Kubernetes Engine.
  2. Create a cluster on Kubernetes Engine and enable autoscaling on the instance group of the cluster.
  3. Configure a Compute Engine instance as a worker and add it to an unmanaged instance group. Add a load balancer to the instance group and rely on the load balancer to create additional Compute Engine instances when needed.
  4. Create Compute Engine instances for the workers and the master and install Kubernetes. Rely on Kubernetes to create additional Compute Engine instances when needed.

Answer: Create a cluster on Kubernetes Engine and enable autoscaling on Kubernetes Engine.
 

5. You are creating a solution to remove backup files older than 90 days from your backup Cloud Storage bucket. You want to optimize ongoing Cloud Storage spend. What should you do?

  1. Write a lifecycle management rule in XML and push it to the bucket with gsutil`
  2. Write a lifecycle management rule in JSON and push it to the bucket with gsutil
  3. Schedule a cron script using gsutil ls -lr gs://backups/** to find and remove items older than 90 days
  4. Schedule a cron script using gsutil ls -l gs://backups/** to find and remove items older than 90 days and schedule it with cron

Answer: Write a lifecycle management rule in JSON and push it to the bucket with gsutil


6. You are working on a project with two compliance requirements. The first requirement states that your developers should be able to see the Google Cloud Platform billing charges for only their own projects. The second requirement states that your finance team members can set budgets and view the current charges for all projects in the organization. The finance team should not be able to view the project contents. You want to set permissions. What should you do?

  1. Add the finance team members to the default IAM Owner role. Add the developers to a custom role that allows them to see their own spend only.
  2. Add the finance team members to the Billing Administrator role for each of the billing accounts that they need to manage. Add the developers to the Viewer role for the Project.
  3. Add the developers and finance managers to the Viewer role for the Project.
  4. Add the finance team to the Viewer role for the Project. Add the developers to the Security Reviewer role for each of the billing accounts.

Answer: Add the finance team members to the Billing Administrator role for each of the billing accounts that they need to manage. Add the developers to the Viewer role for the Project.


7. A SysOps admin has configured a lifecycle rule on an object versioning enabled multi-regional bucket. Which of the following statement effect reflects the following lifecycle config?
{"rule":
[
{
"action": {"type": "Delete"},
"condition": {"age": 30, "isLive": false}
},
{
"action": {"type": "SetStorageClass", "storageClass": "COLDLINE"},
CloudCertified Practice Tests
CloudCertified Practice Tests
"condition": {"age": 365, "matchesStorageClass": "MULTI_REGIONAL"}
}
]
}
  1. Archive objects older than 30 days and move objects to Coldline Storage after 365 days if the storage class in Multi-regional
  2. Delete objects older than 30 days and move objects to Coldline Storage after 365 days if the storage class in Multi-regional.
  3. Delete archived objects older than 30 days and move objects to Coldline Storage after 365 days if the storage class in Multi-regional.
  4. Move objects to Coldline Storage after 365 days if the storage class in Multi-regional First rule has no effect on the bucket.

Answer: Delete archived objects older than 30 days and move objects to Coldline Storage after 365 days if the storage class in Multi-regional 


8. Using principal of least privilege and allowing for maximum automation, what steps can you take to store audit logs for long-term access and to allow access for external auditors to view? (Select Two)

  1. Create account for auditors to have view access to Stackdriver Logging.
  2. Export audit logs to Cloud Storage via an export sink.
  3. Export audit logs to BigQuery via an export sink.
  4. Create account for auditors to have view access to export storage bucket with the Storage Object Viewer role.
Answer:
2.Export audit logs to Cloud Storage via an export sink.
4.Create account for auditors to have view access to export storage bucket with the Storage Object 
Viewer role.


9. You are creating a single preemptible VM instance named "preempt" to be used as scratch space for a single workload. If your VM is preempted, you need to ensure that disk contents can be re-used. Which gcloud command would you use to create this instance?

  1. gcloud compute instances create "preempt" --preemptible --no-boot-disk-auto-delete
  2. gcloud compute instances create "preempt" --preemptible --boot-disk-auto-delete=no
  3. gcloud compute instances create "preempt" --preemptible
  4. gcloud compute instances create "preempt" --no-auto-delete

Answer: gcloud compute instances create "preempt" --preemptible --no-boot-disk-auto-delete


10. You have a definition for an instance template that contains a web application. You are asked to deploy the application so that it can scale based on the HTTP traffic it receives. What should you do?

  1. Create a VM from the instance template. Create a custom image from the VM's disk. Export the image to Cloud Storage. Create an HTTP load balancer and add the Cloud Storage bucket as its backend service.
  2. Create an unmanaged instance group based on the instance template. Configure autoscaling based onHTTP traffic and configure the instance group as the backend service of an HTTP load balancer.
  3. Create a managed instance group based on the instance template. Configure autoscaling based on HTTP traffic and configure the instance group as the backend service of an HTTP load balancer.
  4. Create the necessary number of instances required for peak user traffic based on the instance template. Create an unmanaged instance group and add the instances to that instance group. Configure the instance group as the Backend Service of an HTTP load balancer.

Answer: Create a managed instance group based on the instance template. Configure autoscaling based on HTTP traffic and configure the instance group as the backend service of an HTTP load balancer.


11. A Company is using Cloud SQL to host critical data. They want to enable high availability in case a complete zone goes down. How should you configure the same?

  1. Create a Read replica in the same region different zone
  2. Create a Read replica in the different region different zone
  3. Create a Failover replica in the same region different zone
  4. Create a Failover replica in the different region different zone

Answer: Create a Failover replica in the same region different zone


12. You're writing a Python application and want your application to run in a sandboxed managed environment with the ability to scale up in seconds to account for huge spikes in demand. Which service should you host your application on?

  1. Compute Engine
  2. App Engine Flexible Environment
  3. Kubernetes Engine
  4. App Engine Standard Environment

Answer: App Engine Standard Environment


13. You are a project owner and need your co-worker to deploy a new version of your application to App Engine. You want to follow Google's recommended practices. Which IAM roles should you grant your coworker?

  1. Project Editor
  2. App Engine Service Admin
  3. App Engine Deployer
  4. App Engine Code Viewer

Answer: App Engine Deployer 


14. You developed a new application for App Engine and are ready to deploy it to production. You need to estimate the costs of running your application on Google Cloud Platform as accurately as possible. What should you do?

  1. Create a YAML file with the expected usage. Pass this file to the gcloud app estimate command to get an accurate estimation.
  2. Multiply the costs of your application when it was in development by the number of expected users to get an accurate estimation.
  3. Use the pricing calculator for App Engine to get an accurate estimation of the expected charges.
  4. Create a ticket with Google Cloud Billing Support to get an accurate estimation.

Answer:  Use the pricing calculator for App Engine to get an accurate estimation of the expected charges.


15: You are creating a Kubernetes Engine cluster to deploy multiple pods inside the cluster. All container logs must be stored in BigQuery for later analysis. You want to follow Google-recommended practices. Which two approaches can you take?

  1. Turn on Stackdriver Logging during the Kubernetes Engine cluster creation.
  2. Turn on Stackdriver Monitoring during the Kubernetes Engine cluster creation.
  3. Develop a custom add-on that uses Cloud Logging API and BigQuery API. Deploy the add-on to your Kubernetes Engine cluster.
  4. Use the Stackdriver Logging export feature to create a sink to Cloud Storage. Create a Cloud Dataflow job that imports log files from Cloud Storage to BigQuery.
  5. Use the Stackdriver Logging export feature to create a sink to BigQuery. Specify a filter expression to export log records related to your Kubernetes Engine cluster only.

Answer:
1.Turn on Stackdriver Logging during the Kubernetes Engine cluster creation.
5.Use the Stackdriver Logging export feature to create a sink to BigQuery. Specify a filter expression to export log records related to your Kubernetes Engine cluster only.


16. Your company has a mission-critical application that serves users globally. You need to select a transactional and relational data storage system for this application. Which two products should you choose?

  1. BigQuery
  2. Cloud SQL
  3. Cloud Spanner
  4. Cloud Bigtable
  5. Cloud Datastore

Answer:
2.Cloud SQL
3.Cloud Spanner


17. You want to find out who in your organization has Owner access to a project called "my-project". What should you do?

  1. In the Google Cloud Platform Console, go to the IAM page for your organization and apply the filter "Role:Owner".
  2. In the Google Cloud Platform Console, go to the IAM page for your project and apply the filter "Role:Owner".
  3. Use gcloud iam list-grantable-role --project my-project from your Terminal.
  4. Use gcloud iam list-grantable-role from Cloud Shell on the project page.

Answer: In the Google Cloud Platform Console, go to the IAM page for your project and apply the filter "Role:Owner".


18. You need to verify the assigned permissions in a custom IAM role. What should you dou

  1. Use the GCP Console, IAM section to view the information.
  2. Use the gcloud init command to view the information.
  3. Use the GCP Console, Security section to view the information.
  4. Use the GCP Console, API section to view the information.

Answer: Use the GCP Console, IAM section to view the information.


19. You have an App Engine application serving as your front-end. It's going to publish messages to Pub/Sub. The Pub/Sub API hasn't been enabled yet. What is the fastest way to enable the API?

  1. Use a service account with the Pub/Sub Admin role to auto-enable the API.
  2. Enable the API in the Console.
  3. Application's in App Engine don't require external APIs to be enabled.
  4. The API will be enabled the first time the code attempts to access Pub/Sub.

Answer: Enable the API in the Console. 


20. Your team is working on designing an IoT solution. There are thousands of devices that need to send periodic time series data for processing. Which services should be used to ingest and store the data?

  1. Pub/Sub, Datastore
  2. Pub/Sub, Dataproc
  3. Dataproc, Bigtable
  4. Pub/Sub, Bigtable

Answer: Pub/Sub, Bigtable


21. Your company wants to host confidential documents in Cloud Storage. Due to compliance requirements, there is a need for the data to be highly available and resilient even in case of a regional outage. Which storage classes help meet the requirement?

  1. Standard
  2. Regional
  3. Coldline
  4. Dual-Regional
  5. Multi-Regional

Answer:
3.Coldline
5.Multi-Regional


22. You need to create a new development Kubernetes cluster with 3 nodes. The cluster will be named project-1-cluster. Which of the following truncated commands will create a cluster?

  1. gcloud container clusters create project-1-cluster --num-nodes 3
  2. kubectl clusters create project-1-cluster 3
  3. kubectl clusters create project-1-cluster --num-nodes 3
  4. gcloud container clusters create project-1-cluster 3

Answer: gcloud container clusters create project-1-cluster --num-nodes 3


23. Your security team wants to be able to audit network traffic inside of your network. What's the best way to ensure they have access to the data they need?

  1. Disable flow logs.
  2. Enable flow logs.
  3. Enable VPC Network logs
  4. Add a firewall capture filter.

Answer: Enable flow logs.


24. You have a Cloud Storage bucket that needs to host static web assets with a dozen HTML pages, a few JavaScript files, and some CSS. How do you make the bucket public?

  1. Check the "make public" box on the GCP Console for the bucket
  2. gsutil iam ch allAuthenticatedUsers:objectViewer gs://bucket-name
  3. gsutil make-public gs://bucket-name
  4. gsutil iam ch allUsers:objectViewer gs://bucket-name

Answer : gsutil iam ch allUsers:objectViewer gs://bucket-name


25. You've created a new Compute Engine instance in zone us-central1-b. When you tried to attach the GPU that your data engineers requested, you're getting an error. What is the most likely cause of the error?

  1. Your instance isn't running with the correct scopes to allow GPUs.
  2. The GPU is not supported for your OS.
  3. Your instance isn't running with the default compute engine service account.
  4. The desired GPU doesn't exist in that zone.

Answer: The desired GPU doesn't exist in that zone.
 
Tags:

Post a Comment