Google Real Dumps Practice Exam Questions by Dumpswarp

Google Certified Professional - Cloud Architect (GCP) Questions and Answers

Question 1

For this question, refer to the JencoMart case study.

The JencoMart security team requires that all Google Cloud Platform infrastructure is deployed using a least privilege model with separation of duties for administration between production and development resources. What Google domain and project structure should you recommend?

Options:

Create two G Suite accounts to manage users: one for development/test/staging and one for production. Each account should contain one project for every application.

Create two G Suite accounts to manage users: one with a single project for all development applications and one with a single project for all production applications.

Create a single G Suite account to manage users with each stage of each application in its own project.

Create a single G Suite account to manage users with one project for the development/test/staging environment and one project for the production environment.

Question 2

For this question, refer to the JencoMart case study.

JencoMart has built a version of their application on Google Cloud Platform that serves traffic to Asia. You want to measure success against their business and technical goals. Which metrics should you track?

Options:

Error rates for requests from Asia

Latency difference between US and Asia

Total visits, error rates, and latency from Asia

Total visits and average latency for users in Asia

The number of character sets present in the database

Question 3

For this question, refer to the JencoMart case study.

JencoMart has decided to migrate user profile storage to Google Cloud Datastore and the application servers to Google Compute Engine (GCE). During the migration, the existing infrastructure will need access to Datastore to upload the data. What service account key-management strategy should you recommend?

Options:

Provision service account keys for the on-premises infrastructure and for the GCE virtual machines (VMs).

Authenticate the on-premises infrastructure with a user account and provision service account keys for the VMs.

Provision service account keys for the on-premises infrastructure and use Google Cloud Platform (GCP) managed keys for the VMs

Deploy a custom authentication service on GCE/Google Container Engine (GKE) for the on-premises infrastructure and use GCP managed keys for the VMs.

Question 4

For this question, refer to the JencoMart case study.

JencoMart wants to move their User Profiles database to Google Cloud Platform. Which Google Database should they use?

Options:

Cloud Spanner

Google BigQuery

Google Cloud SQL

Google Cloud Datastore

Question 5

For this question, refer to the JencoMart case study.

The migration of JencoMart’s application to Google Cloud Platform (GCP) is progressing too slowly. The infrastructure is shown in the diagram. You want to maximize throughput. What are three potential bottlenecks? (Choose 3 answers.)

Options:

A single VPN tunnel, which limits throughput

A tier of Google Cloud Storage that is not suited for this task

A copy command that is not suited to operate over long distances

Fewer virtual machines (VMs) in GCP than on-premises machines

A separate storage layer outside the VMs, which is not suited for this task

Complicated internet connectivity between the on-premises infrastructure and GCP

Question 6

For this question, refer to the JencoMart case study

A few days after JencoMart migrates the user credentials database to Google Cloud Platform and shuts down the old server, the new database server stops responding to SSH connections. It is still serving database requests to the application servers correctly. What three steps should you take to diagnose the problem? Choose 3 answers

Options:

Delete the virtual machine (VM) and disks and create a new one.

Delete the instance, attach the disk to a new VM, and investigate.

Take a snapshot of the disk and connect to a new machine to investigate.

Check inbound firewall rules for the network the machine is connected to.

Connect the machine to another network with very simple firewall rules and investigate.

Print the Serial Console output for the instance for troubleshooting, activate the interactive console, and investigate.

Question 7

The current Dress4win system architecture has high latency to some customers because it is located in one

data center.

As of a future evaluation and optimizing for performance in the cloud, Dresss4win wants to distribute it's system

architecture to multiple locations when Google cloud platform.

Which approach should they use?

Options:

Use regional managed instance groups and a global load balancer to increase performance because the

regional managed instance group can grow instances in each region separately based on traffic.

Use a global load balancer with a set of virtual machines that forward the requests to a closer group of

virtual machines managed by your operations team.

Use regional managed instance groups and a global load balancer to increase reliability by providing

automatic failover between zones in different regions.

Use a global load balancer with a set of virtual machines that forward the requests to a closer group of

virtual machines as part of a separate managed instance groups.

Question 8

For this question, refer to the Dress4Win case study.

Dress4Win has asked you to recommend machine types they should deploy their application servers to. How should you proceed?

Options:

Perform a mapping of the on-premises physical hardware cores and RAM to the nearest machine types in the cloud.

Recommend that Dress4Win deploy application servers to machine types that offer the highest RAM to CPU ratio available.

Recommend that Dress4Win deploy into production with the smallest instances available, monitor them over time, and scale the machine type up until the desired performance is reached.

Identify the number of virtual cores and RAM associated with the application server virtual machines align them to a custom machine type in the cloud, monitor performance, and scale the machine types up until the desired performance is reached.

Question 9

For this question, refer to the Dress4Win case study.

Dress4Win has end-to-end tests covering 100% of their endpoints. They want to ensure that the move to the cloud does not introduce any new bugs. Which additional testing methods should the developers employ to prevent an outage?

Options:

They should enable Google Stackdriver Debugger on the application code to show errors in the code.

They should add additional unit tests and production scale load tests on their cloud staging environment.

They should run the end-to-end tests in the cloud staging environment to determine if the code is working as intended.

They should add canary tests so developers can measure how much of an impact the new release causes to latency.

Question 10

For this question, refer to the TerramEarth case study.

TerramEarth's CTO wants to use the raw data from connected vehicles to help identify approximately when a vehicle in the development team to focus their failure. You want to allow analysts to centrally query the vehicle data. Which architecture should you recommend?

Options:

Option A

Option B

Option C

Option D

Question 11

For this question, refer to the TerramEarth case study.

TerramEarth's 20 million vehicles are scattered around the world. Based on the vehicle's location its telemetry data is stored in a Google Cloud Storage (GCS) regional bucket (US. Europe, or Asia). The CTO has asked you to run a report on the raw telemetry data to determine why vehicles are breaking down after 100 K miles. You want to run this job on all the data. What is the most cost-effective way to run this job?

Options:

Move all the data into 1 zone, then launch a Cloud Dataproc cluster to run the job.

Move all the data into 1 region, then launch a Google Cloud Dataproc cluster to run the job.

Launch a cluster in each region to preprocess and compress the raw data, then move the data into a multi region bucket and use a Dataproc cluster to finish the job.

Launch a cluster in each region to preprocess and compress the raw data, then move the data into a region bucket and use a Cloud Dataproc cluster to finish the jo

Question 12

For this question, refer to the TerramEarth case study

You analyzed TerramEarth's business requirement to reduce downtime, and found that they can achieve a majority of time saving by reducing customers' wait time for parts You decided to focus on reduction of the 3 weeks aggregate reporting time Which modifications to the company's processes should you recommend?

Options:

Migrate from CSV to binary format, migrate from FTP to SFTP transport, and develop machine learning analysis of metrics.

Migrate from FTP to streaming transport, migrate from CSV to binary format, and develop machine learning analysis of metrics.

Increase fleet cellular connectivity to 80%, migrate from FTP to streaming transport, and develop machine learning analysis of metrics.

Migrate from FTP to SFTP transport, develop machine learning analysis of metrics, and increase dealer local inventory by a fixed factor.

Question 13

For this question, refer to the TerramEarth case study.

To speed up data retrieval, more vehicles will be upgraded to cellular connections and be able to transmit data to the ETL process. The current FTP process is error-prone and restarts the data transfer from the start of the file when connections fail, which happens often. You want to improve the reliability of the solution and minimize data transfer time on the cellular connections. What should you do?

Options:

Use one Google Container Engine cluster of FTP servers. Save the data to a Multi-Regional bucket. Run the ETL process using data in the bucket.

Use multiple Google Container Engine clusters running FTP servers located in different regions. Save the data to Multi-Regional buckets in us, eu, and asia. Run the ETL process using the data in the bucket.

Directly transfer the files to different Google Cloud Multi-Regional Storage bucket locations in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process using the data in the bucket.

Directly transfer the files to a different Google Cloud Regional Storage bucket location in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process to retrieve the data from each Regional bucket.

Question 14

For this question, refer to the TerramEarth case study.

TerramEarth has equipped unconnected trucks with servers and sensors to collet telemetry data. Next year they want to use the data to train machine learning models. They want to store this data in the cloud while reducing costs. What should they do?

Options:

Have the vehicle’ computer compress the data in hourly snapshots, and store it in a Google Cloud storage (GCS) Nearline bucket.

Push the telemetry data in Real-time to a streaming dataflow job that compresses the data, and store it in Google BigQuery.

Push the telemetry data in real-time to a streaming dataflow job that compresses the data, and store it in Cloud Bigtable.

Have the vehicle's computer compress the data in hourly snapshots, a Store it in a GCS Coldline bucket.

Question 15

For this question, refer to the TerramEarth case study.

TerramEarth plans to connect all 20 million vehicles in the field to the cloud. This increases the volume to 20 million 600 byte records a second for 40 TB an hour. How should you design the data ingestion?

Options:

Vehicles write data directly to GCS.

Vehicles write data directly to Google Cloud Pub/Sub.

Vehicles stream data directly to Google BigQuery.

Vehicles continue to write data using the existing system (FTP).

Question 16

For this question, refer to the TerramEarth case study.

The TerramEarth development team wants to create an API to meet the company's business requirements. You want the development team to focus their development effort on business value versus creating a custom framework. Which method should they use?

Options:

Use Google App Engine with Google Cloud Endpoints. Focus on an API for dealers and partners.

Use Google App Engine with a JAX-RS Jersey Java-based framework. Focus on an API for the public.

Use Google App Engine with the Swagger (open API Specification) framework. Focus on an API for the public.

Use Google Container Engine with a Django Python container. Focus on an API for the public.

Use Google Container Engine with a Tomcat container with the Swagger (Open API Specification) framework. Focus on an API for dealers and partners.

Question 17

For this question, refer to the TerramEarth case study

Your development team has created a structured API to retrieve vehicle data. They want to allow third parties to develop tools for dealerships that use this vehicle event data. You want to support delegated authorization against this data. What should you do?

Options:

Build or leverage an OAuth-compatible access control system.

Build SAML 2.0 SSO compatibility into your authentication system.

Restrict data access based on the source IP address of the partner systems.

Create secondary credentials for each dealer that can be given to the trusted third party.

Question 18

For this question refer to the TerramEarth case study.

Which of TerramEarth's legacy enterprise processes will experience significant change as a result of increased Google Cloud Platform adoption.

Options:

Opex/capex allocation, LAN changes, capacity planning

Capacity planning, TCO calculations, opex/capex allocation

Capacity planning, utilization measurement, data center expansion

Data Center expansion, TCO calculations, utilization measurement

Question 19

For this question, refer to the EHR Healthcare case study. You need to define the technical architecture for hybrid connectivity between EHR's on-premises systems and Google Cloud. You want to follow Google's recommended practices for production-level applications. Considering the EHR Healthcare business and technical requirements, what should you do?

Options:

Configure two Partner Interconnect connections in one metro (City), and make sure the Interconnect connections are placed in different metro zones.

Configure two VPN connections from on-premises to Google Cloud, and make sure the VPN devices on-premises are in separate racks.

Configure Direct Peering between EHR Healthcare and Google Cloud, and make sure you are peering at least two Google locations.

Configure two Dedicated Interconnect connections in one metro (City) and two connections in another metro, and make sure the Interconnect connections are placed in different metro zones.

Question 20

For this question, refer to the EHR Healthcare case study. In the past, configuration errors put public IP addresses on backend servers that should not have been accessible from the Internet. You need to ensure that no one can put external IP addresses on backend Compute Engine instances and that external IP addresses can only be configured on frontend Compute Engine instances. What should you do?

Options:

Create an Organizational Policy with a constraint to allow external IP addresses only on the frontend Compute Engine instances.

Revoke the compute.networkAdmin role from all users in the project with front end instances.

Create an Identity and Access Management (IAM) policy that maps the IT staff to the compute.networkAdmin role for the organization.

Create a custom Identity and Access Management (IAM) role named GCE_FRONTEND with the compute.addresses.create permission.

Question 21

For this question, refer to the EHR Healthcare case study. You are responsible for ensuring that EHR's use of Google Cloud will pass an upcoming privacy compliance audit. What should you do? (Choose two.)

Options:

Verify EHR's product usage against the list of compliant products on the Google Cloud compliance page.

Advise EHR to execute a Business Associate Agreement (BAA) with Google Cloud.

Use Firebase Authentication for EHR's user facing applications.

Implement Prometheus to detect and prevent security breaches on EHR's web-based applications.

Use GKE private clusters for all Kubernetes workloads.

Question 22

For this question, refer to the EHR Healthcare case study. You are a developer on the EHR customer portal team. Your team recently migrated the customer portal application to Google Cloud. The load has increased on the application servers, and now the application is logging many timeout errors. You recently incorporated Pub/Sub into the application architecture, and the application is not logging any Pub/Sub publishing errors. You want to improve publishing latency. What should you do?

Options:

Increase the Pub/Sub Total Timeout retry value.

Move from a Pub/Sub subscriber pull model to a push model.

Turn off Pub/Sub message batching.

Create a backup Pub/Sub message queue.

Question 23

For this question, refer to the EHR Healthcare case study. You need to define the technical architecture for securely deploying workloads to Google Cloud. You also need to ensure that only verified containers are deployed using Google Cloud services. What should you do? (Choose two.)

Options:

Enable Binary Authorization on GKE, and sign containers as part of a CI/CD pipeline.

Configure Jenkins to utilize Kritis to cryptographically sign a container as part of a CI/CD pipeline.

Configure Container Registry to only allow trusted service accounts to create and deploy containers from the registry.

Configure Container Registry to use vulnerability scanning to confirm that there are no vulnerabilities before deploying the workload.

Question 24

You need to upgrade the EHR connection to comply with their requirements. The new connection design must support business-critical needs and meet the same network and security policy requirements. What should you do?

Options:

Add a new Dedicated Interconnect connection.

Upgrade the bandwidth on the Dedicated Interconnect connection to 100 G.

Add three new Cloud VPN connections.

Add a new Carrier Peering connection.

Question 25

For this question, refer to the EHR Healthcare case study. EHR has single Dedicated Interconnect

connection between their primary data center and Googles network. This connection satisfies

EHR’s network and security policies:

• On-premises servers without public IP addresses need to connect to cloud resources

without public IP addresses

• Traffic flows from production network mgmt. servers to Compute Engine virtual

machines should never traverse the public internet.

You need to upgrade the EHR connection to comply with their requirements. The new

connection design must support business critical needs and meet the same network and

security policy requirements. What should you do?

Options:

Add a new Dedicated Interconnect connection

Upgrade the bandwidth on the Dedicated Interconnect connection to 100 G

Add three new Cloud VPN connections

Add a new Carrier Peering connection

Question 26

For this question, refer to the EHR Healthcare case study. You are responsible for designing the Google Cloud network architecture for Google Kubernetes Engine. You want to follow Google best practices. Considering the EHR Healthcare business and technical requirements, what should you do to reduce the attack surface?

Options:

Use a private cluster with a private endpoint with master authorized networks configured.

Use a public cluster with firewall rules and Virtual Private Cloud (VPC) routes.

Use a private cluster with a public endpoint with master authorized networks configured.

Use a public cluster with master authorized networks enabled and firewall rules.

Question 27

For this question, refer to the TerramEarth case study. To be compliant with European GDPR regulation, TerramEarth is required to delete data generated from its European customers after a period of 36 months when it contains personal data. In the new architecture, this data will be stored in both Cloud Storage and BigQuery. What should you do?

Options:

Create a BigQuery table for the European data, and set the table retention period to 36 months. For Cloud Storage, use gsutil to enable lifecycle management using a DELETE action with an Age condition of 36 months.

Create a BigQuery table for the European data, and set the table retention period to 36 months. For Cloud Storage, use gsutil to create a SetStorageClass to NONE action when with an Age condition of 36 months.

Create a BigQuery time-partitioned table for the European data, and set the partition expiration period to 36 months. For Cloud Storage, use gsutil to enable lifecycle management using a DELETE action with an Age condition of 36 months.

Create a BigQuery time-partitioned table for the European data, and set the partition period to 36 months. For Cloud Storage, use gsutil to create a SetStorageClass to NONE action with an Age condition of 36 months.

Question 28

For this question, refer to the Dress4Win case study. Which of the compute services should be migrated as –is and would still be an optimized architecture for performance in the cloud?

Options:

Web applications deployed using App Engine standard environment

RabbitMQ deployed using an unmanaged instance group

Hadoop/Spark deployed using Cloud Dataproc Regional in High Availability mode

Jenkins, monitoring, bastion hosts, security scanners services deployed on custom machine types

Question 29

For this question, refer to the Dress4Win case study. Considering the given business requirements, how would you automate the deployment of web and transactional data layers?

Options:

Deploy Nginx and Tomcat using Cloud Deployment Manager to Compute Engine. Deploy a Cloud SQL server to replace MySQL. Deploy Jenkins using Cloud Deployment Manager.

Deploy Nginx and Tomcat using Cloud Launcher. Deploy a MySQL server using Cloud Launcher. Deploy Jenkins to Compute Engine using Cloud Deployment Manager scripts.

Migrate Nginx and Tomcat to App Engine. Deploy a Cloud Datastore server to replace the MySQL server in a high-availability configuration. Deploy Jenkins to Compute Engine using Cloud Launcher.

Migrate Nginx and Tomcat to App Engine. Deploy a MySQL server using Cloud Launcher. Deploy Jenkins to Compute Engine using Cloud Launcher.

Question 30

For this question, refer to the Dress4Win case study. You are responsible for the security of data stored in

Cloud Storage for your company, Dress4Win. You have already created a set of Google Groups and assigned the appropriate users to those groups. You should use Google best practices and implement the simplest design to meet the requirements.

Considering Dress4Win’s business and technical requirements, what should you do?

Options:

Assign custom IAM roles to the Google Groups you created in order to enforce security requirements.

Encrypt data with a customer-supplied encryption key when storing files in Cloud Storage.

Assign custom IAM roles to the Google Groups you created in order to enforce security requirements.

Enable default storage encryption before storing files in Cloud Storage.

Assign predefined IAM roles to the Google Groups you created in order to enforce security requirements.

Utilize Google’s default encryption at rest when storing files in Cloud Storage.

Assign predefined IAM roles to the Google Groups you created in order to enforce security requirements. Ensure that the default Cloud KMS key is set before storing files in Cloud Storage.

Question 31

For this question, refer to the Dress4Win case study. Dress4Win is expected to grow to 10 times its size in 1 year with a corresponding growth in data and traffic that mirrors the existing patterns of usage. The CIO has set the target of migrating production infrastructure to the cloud within the next 6 months. How will you configure the solution to scale for this growth without making major application changes and still maximize the ROI?

Options:

Migrate the web application layer to App Engine, and MySQL to Cloud Datastore, and NAS to Cloud Storage. Deploy RabbitMQ, and deploy Hadoop servers using Deployment Manager.

Migrate RabbitMQ to Cloud Pub/Sub, Hadoop to BigQuery, and NAS to Compute Engine with Persistent Disk storage. Deploy Tomcat, and deploy Nginx using Deployment Manager.

Implement managed instance groups for Tomcat and Nginx. Migrate MySQL to Cloud SQL, RabbitMQ to Cloud Pub/Sub, Hadoop to Cloud Dataproc, and NAS to Compute Engine with Persistent Disk storage.

Implement managed instance groups for the Tomcat and Nginx. Migrate MySQL to Cloud SQL, RabbitMQ to Cloud Pub/Sub, Hadoop to Cloud Dataproc, and NAS to Cloud Storage.

Question 32

For this question, refer to the Dress4Win case study. You want to ensure that your on-premises architecture meets business requirements before you migrate your solution.

What change in the on-premises architecture should you make?

Options:

Replace RabbitMQ with Google Pub/Sub.

Downgrade MySQL to v5.7, which is supported by Cloud SQL for MySQL.

Resize compute resources to match predefined Compute Engine machine types.

Containerize the micro services and host them in Google Kubernetes Engine.

Question 33

For this question, refer to the Dress4Win case study. To be legally compliant during an audit, Dress4Win must be able to give insights in all administrative actions that modify the configuration or metadata of resources on Google Cloud.

What should you do?

Options:

Use Stackdriver Trace to create a trace list analysis.

Use Stackdriver Monitoring to create a dashboard on the project’s activity.

Enable Cloud Identity-Aware Proxy in all projects, and add the group of Administrators as a member.

Use the Activity page in the GCP Console and Stackdriver Logging to provide the required insight.

Question 34

For this question, refer to the Mountkirk Games case study.

Mountkirk Games' gaming servers are not automatically scaling properly. Last month, they rolled out a new feature, which suddenly became very popular. A record number of users are trying to use the service, but many of them are getting 503 errors and very slow response times. What should they investigate first?

Options:

Verify that the database is online.

Verify that the project quota hasn't been exceeded.

Verify that the new feature code did not introduce any performance bugs.

Verify that the load-testing team is not running their tool against production.

Question 35

For this question, refer to the Mountkirk Games case study.

Mountkirk Games has deployed their new backend on Google Cloud Platform (GCP). You want to create a thorough testing process for new versions of the backend before they are released to the public. You want the testing environment to scale in an economical way. How should you design the process?

Options:

Create a scalable environment in GCP for simulating production load.

Use the existing infrastructure to test the GCP-based backend at scale.

Build stress tests into each component of your application using resources internal to GCP to simulate load.

Create a set of static environments in GCP to test different levels of load — for example, high, medium, and low.

Question 36

For this question, refer to the Mountkirk Games case study

Mountkirk Games needs to create a repeatable and configurable mechanism for deploying isolated application environments. Developers and testers can access each other's environments and resources, but they cannot access staging or production resources. The staging environment needs access to some services from production.

What should you do to isolate development environments from staging and production?

Options:

Create a project for development and test and another for staging and production.

Create a network for development and test and another for staging and production.

Create one subnetwork for development and another for staging and production.

Create one project for development, a second for staging and a third for production.

Question 37

For this question, refer to the Helicopter Racing League (HRL) case study. HRL is looking for a cost-effective

approach for storing their race data such as telemetry. They want to keep all historical records, train models

using only the previous season's data, and plan for data growth in terms of volume and information collected.

You need to propose a data solution. Considering HRL business requirements and the goals expressed by

CEO S. Hawke, what should you do?

Options:

Use Firestore for its scalable and flexible document-based database. Use collections to aggregate race data

by season and event.

Use Cloud Spanner for its scalability and ability to version schemas with zero downtime. Split race data

using season as a primary key.

Use BigQuery for its scalability and ability to add columns to a schema. Partition race data based on

season.

Use Cloud SQL for its ability to automatically manage storage increases and compatibility with MySQL. Use

separate database instances for each season.

Question 38

For this question, refer to the Helicopter Racing League (HRL) case study. HRL wants better prediction

accuracy from their ML prediction models. They want you to use Google’s AI Platform so HRL can understand

and interpret the predictions. What should you do?

Options:

Use Explainable AI.

Use Vision AI.

Use Google Cloud’s operations suite.

Use Jupyter Notebooks.

Question 39

For this question, refer to the Helicopter Racing League (HRL) case study. A recent finance audit of cloud

infrastructure noted an exceptionally high number of Compute Engine instances are allocated to do video

encoding and transcoding. You suspect that these Virtual Machines are zombie machines that were not deleted

after their workloads completed. You need to quickly get a list of which VM instances are idle. What should you

do?

Options:

Log into each Compute Engine instance and collect disk, CPU, memory, and network usage statistics for

analysis.

Use the gcloud compute instances list to list the virtual machine instances that have the idle: true label set.

Use the gcloud recommender command to list the idle virtual machine instances.

From the Google Console, identify which Compute Engine instances in the managed instance groups are

no longer responding to health check probes.

Question 40

For this question, refer to the Helicopter Racing League (HRL) case study. Recently HRL started a new regional

racing league in Cape Town, South Africa. In an effort to give customers in Cape Town a better user

experience, HRL has partnered with the Content Delivery Network provider, Fastly. HRL needs to allow traffic

coming from all of the Fastly IP address ranges into their Virtual Private Cloud network (VPC network). You are

a member of the HRL security team and you need to configure the update that will allow only the Fastly IP

address ranges through the External HTTP(S) load balancer. Which command should you use?

Options:

glouc compute firewall rules update hlr-policy \

--priority 1000 \

target tags-sourceiplist fastly \

--allow tcp:443

gcloud compute security policies rules update 1000 \

--security-policy hlr-policy \

--expression "evaluatePreconfiguredExpr('sourceiplist-fastly')" \

--action " allow"

gcloud compute firewall rules update

sourceiplist-fastly \

priority 1000 \

allow tcp: 443

gcloud compute priority-policies rules update

1000 \

security policy from fastly

--src- ip-ranges"

-- action " allow"

Question 41

For this question, refer to the Helicopter Racing League (HRL) case study. Your team is in charge of creating a

payment card data vault for card numbers used to bill tens of thousands of viewers, merchandise consumers,

and season ticket holders. You need to implement a custom card tokenization service that meets the following

requirements:

• It must provide low latency at minimal cost.

• It must be able to identify duplicate credit cards and must not store plaintext card numbers.

• It should support annual key rotation.

Which storage approach should you adopt for your tokenization service?

Options:

Store the card data in Secret Manager after running a query to identify duplicates.

Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode.

Encrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances.

Use column-level encryption to store the data in Cloud SQL.

Question 42

For this question, refer to the Helicopter Racing League (HRL) case study. The HRL development team

releases a new version of their predictive capability application every Tuesday evening at 3 a.m. UTC to a

repository. The security team at HRL has developed an in-house penetration test Cloud Function called Airwolf.

The security team wants to run Airwolf against the predictive capability application as soon as it is released

every Tuesday. You need to set up Airwolf to run at the recurring weekly cadence. What should you do?

Options:

Set up Cloud Tasks and a Cloud Storage bucket that triggers a Cloud Function.

Set up a Cloud Logging sink and a Cloud Storage bucket that triggers a Cloud Function.

Configure the deployment job to notify a Pub/Sub queue that triggers a Cloud Function.

Set up Identity and Access Management (IAM) and Confidential Computing to trigger a Cloud Function.

Question 43

For this question, refer to the Mountkirk Games case study. Mountkirk Games wants to design their solution for the future in order to take advantage of cloud and technology improvements as they become available. Which two steps should they take? (Choose two.)

Options:

Store as much analytics and game activity data as financially feasible today so it can be used to train machine learning models to predict user behavior in the future.

Begin packaging their game backend artifacts in container images and running them on Kubernetes Engine to improve the availability to scale up or down based on game activity.

Set up a CI/CD pipeline using Jenkins and Spinnaker to automate canary deployments and improve development velocity.

Adopt a schema versioning tool to reduce downtime when adding new game features that require storing additional player data in the database.

Implement a weekly rolling maintenance process for the Linux virtual machines so they can apply critical kernel patches and package updates and reduce the risk of 0-day vulnerabilities.

Question 44

For this question, refer to the Mountkirk Games case study. You need to analyze and define the technical architecture for the compute workloads for your company, Mountkirk Games. Considering the Mountkirk Games business and technical requirements, what should you do?

Options:

Create network load balancers. Use preemptible Compute Engine instances.

Create network load balancers. Use non-preemptible Compute Engine instances.

Create a global load balancer with managed instance groups and autoscaling policies. Use preemptible Compute Engine instances.

Create a global load balancer with managed instance groups and autoscaling policies. Use non-preemptible Compute Engine instances.

Question 45

Your development teams release new versions of games running on Google Kubernetes Engine (GKE) daily.

You want to create service level indicators (SLIs) to evaluate the quality of the new versions from the user’s

perspective. What should you do?

Options:

Create CPU Utilization and Request Latency as service level indicators.

Create GKE CPU Utilization and Memory Utilization as service level indicators.

Create Request Latency and Error Rate as service level indicators.

Create Server Uptime and Error Rate as service level indicators.

Question 46

You deploy your custom Java application to Google App Engine. It fails to deploy and gives you the following stack trace.

What should you do?

Options:

Upload missing JAR files and redeploy your application.

Digitally sign all of your JAR files and redeploy your application

Recompile the CLoakedServlet class using and MD5 hash instead of SHA1

Question 47

A development team at your company has created a dockerized HTTPS web application. You need to deploy the application on Google Kubernetes Engine (GKE) and make sure that the application scales automatically.

How should you deploy to GKE?

Options:

Use the Horizontal Pod Autoscaler and enable cluster autoscaling. Use an Ingress resource to loadbalance the HTTPS traffic.

Use the Horizontal Pod Autoscaler and enable cluster autoscaling on the Kubernetes cluster. Use a

Service resource of type LoadBalancer to load-balance the HTTPS traffic.

Enable autoscaling on the Compute Engine instance group. Use an Ingress resource to load balance the HTTPS traffic.

Enable autoscaling on the Compute Engine instance group. Use a Service resource of type LoadBalancer to load-balance the HTTPS traffic.

Question 48

The application reliability team at your company has added a debug feature to their backend service to send all server events to Google Cloud Storage for eventual analysis. The event records are at least 50 KB and at most 15 MB and are expected to peak at 3,000 events per second. You want to minimize data loss.

Which process should you implement?

Options:

• Append metadata to file body.

• Compress individual files.

• Name files with serverName-Timestamp.

• Create a new bucket if bucket is older than 1 hour and save individual files to the new bucket. Otherwise, save files to existing bucket

• Batch every 10,000 events with a single manifest file for metadata.

• Compress event files and manifest file into a single archive file.

• Name files using serverName-EventSequence.

• Create a new bucket if bucket is older than 1 day and save the single archive file to the new bucket. Otherwise, save the single archive file to existing bucket.

• Compress individual files.

• Name files with serverName-EventSequence.

• Save files to one bucket

• Set custom metadata headers for each object after saving.

• Append metadata to file body.

• Compress individual files.

• Name files with a random prefix pattern.

• Save files to one bucket

Question 49

Your company wants to migrate their 10-TB on-premises database export into Cloud Storage You want to minimize the time it takes to complete this activity, the overall cost and database load The bandwidth between the on-premises environment and Google Cloud is 1 Gbps You want to follow Google-recommended practices What should you do?

Options:

Use the Data Transfer appliance to perform an offline migration

Use a commercial partner ETL solution to extract the data from the on-premises database and upload it into Cloud Storage

Develop a Dataflow job to read data directly from the database and write it into Cloud Storage

Compress the data and upload it with gsutii -m to enable multi-threaded copy

Question 50

You are using Cloud SQL as the database backend for a large CRM deployment. You want to scale as usage increases and ensure that you don’t run out of storage, maintain 75% CPU usage cores, and keep replication lag below 60 seconds. What are the correct steps to meet your requirements?

Options:

1) Enable automatic storage increase for the instance.

2) Create a Stackdriver alert when CPU usage exceeds 75%, and change the instance type to reduce

CPU usage.

3) Create a Stackdriver alert for replication lag, and shard the database to reduce replication time.

1) Enable automatic storage increase for the instance.

2) Change the instance type to a 32-core machine type to keep CPU usage below 75%.

3) Create a Stackdriver alert for replication lag, and shard the database to reduce replication time.

1) Create a Stackdriver alert when storage exceeds 75%, and increase the available storage on the

instance to create more space.

2) Deploy memcached to reduce CPU load.

3) Change the instance type to a 32-core machine type to reduce replication lag.

1) Create a Stackdriver alert when storage exceeds 75%, and increase the available storage on the

instance to create more space.

2) Deploy memcached to reduce CPU load.

3) Create a Stackdriver alert for replication lag, and change the instance type to a 32-core machine type to reduce replication lag.

Question 51

You are deploying an application to Google Cloud. The application is part of a system. The application in Google Cloud must communicate over a private network with applications in a non-Google Cloud environment. The expected average throughput is 200 kbps. The business requires:

• 99.99% system availability

• cost optimization

You need to design the connectivity between the locations to meet the business requirements. What should you provision?

Options:

A Classic Cloud VPN gateway connected with one tunnel to an on-premises VPN gateway.

A Classic Cloud VPN gateway connected with two tunnels to an on-premises VPN gateway.

An HA Cloud VPN gateway connected with two tunnels to an on-premises VPN gateway.

Two HA Cloud VPN gateways connected to two on-premises VPN gateways. Configure each HA Cloud

VPN gateway to have two tunnels, each connected to different on-premises VPN gateways.

Question 52

The operations team in your company wants to save Cloud VPN log events (or one year You need to configure the cloud infrastructure to save the logs What should you do?

Options:

Set up a filter in Cloud Logging and a topic in Pub/Sub to publish the logs

Set up a Cloud Logging Dashboard titled Cloud VPN Logs, and then add a chart that queries for the VPN metrics over a one-year time period

Enable the Compute Engine API and then enable logging on the firewall rules that match the traffic you want to save

Set up a filter in Cloud Logging and a Cloud Storage bucket as an export target for the logs you want to save

Question 53

You need to design a solution for global load balancing based on the URL path being requested. You need to ensure operations reliability and end-to-end in-transit encryption based on Google best practices.

What should you do?

Options:

Create a cross-region load balancer with URL Maps.

Create an HTTPS load balancer with URL maps.

Create appropriate instance groups and instances. Configure SSL proxy load balancing.

Create a global forwarding rule. Configure SSL proxy balancing.

Question 54

You want to enable your running Google Container Engine cluster to scale as demand for your application

changes.

What should you do?

Options:

Add additional nodes to your Container Engine cluster using the following command:

gcloud container clusters resize CLUSTER_NAME --size 10

Add a tag to the instances in the cluster with the following command:

gcloud compute instances add-tags INSTANCE --tags enable --autoscaling max-nodes-10

Update the existing Container Engine cluster with the following command:

gcloud alpha container clusters update mycluster --enable-autoscaling --min-nodes=1 --max-nodes=10

Create a new Container Engine cluster with the following command:

gcloud alpha container clusters create mycluster --enable-autocaling --min-nodes=1 --max-nodes=10

and redeploy your application.

Load More Professional-Cloud-Architect Questions

Weekend Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dumps65

Dumpswrap Top Menu

breadcrumb

Google Professional-Cloud-Architect Dumps

Professional-Cloud-Architect Free PDF Questions

Google Certified Professional - Cloud Architect (GCP) Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer: