Latest Jul 29, 2023 Associate-Cloud-Engineer Brain Dump A Study Guide with Tips & Tricks for passing Exam [Q113-Q132]

Share

Latest Jul 29, 2023 Associate-Cloud-Engineer Brain Dump: A Study Guide with Tips & Tricks for passing Exam

Associate-Cloud-Engineer Question Bank: Free PDF Download Recently Updated Questions

NEW QUESTION # 113
Your company publishes large files on an Apache web server that runs on a Compute Engine instance. The Apache web server is not the only application running in the project. You want to receive an email when the egress network costs for the server exceed 100 dollars for the current month as measured by Google Cloud Platform (GCP). What should you do?

  • A. Use the Stackdriver Logging Agent to export the Apache web server logs to Stackdriver Logging. Create a Cloud Function that uses BigQuery to parse the HTTP response log data in Stackdriver for the current month and sends an email if the size of all HTTP responses, multiplied by current GCP egress prices, totals over 100 dollars. Schedule the Cloud Function using Cloud Scheduler to run hourly.
  • B. Set up a budget alert on the project with an amount of 100 dollars, a threshold of 100%, and notification type of "email."
  • C. Export the billing data to BigQuery. Create a Cloud Function that uses BigQuery to sum the egress network costs of the exported billing data for the Apache web server for the current month and sends an email if it is over 100 dollars. Schedule the Cloud Function using Cloud Scheduler to run hourly.
  • D. Set up a budget alert on the billing account with an amount of 100 dollars, a threshold of 100%, and notification type of "email."

Answer: A


NEW QUESTION # 114
30. You are running multiple microservices in a Kubernetes Engine cluster. One microservice is rendering images. The microservice responsible for the image rendering requires a large amount of CPU time compared to the memory it requires. The other microservices are workloads that are optimized for n1-standard machine types. You need to optimize your cluster so that all workloads are using resources as efficiently as possible. What should you do?

  • A. Configure the required amount of CPU and memory in the resource requests specification of the image rendering microservice deployment Keep the resource requests for the other microservices at the default
  • B. Create a node pool with compute-optimized machine type nodes for the image rendering microservice Use the node pool with general-purpose machine type nodes for the other microservices
  • C. Assign the pods of the image rendering microservice a higher pod priority than the older microservices
  • D. Use the node pool with general-purpose machine type nodes for lite mage rendering microservice Create a nodepool with compute-optimized machine type nodes for the other microservices

Answer: B


NEW QUESTION # 115
Several employees at your company have been creating projects with Cloud Platform and paying for it with their personal credit cards, which the company reimburses. The company wants to centralize all these projects under a single, new billing account. What should you do?

  • A. In the Google Platform Console, go to the Resource Manage and move all projects to the root Organization.
  • B. In the Google Cloud Platform Console, create a new billing account and set up a payment method.
  • C. Contact [email protected] with your bank account details and request a corporate billing account for your company.
  • D. Create a ticket with Google Support and wait for their call to share your credit card details over the phone.

Answer: B

Explanation:
Reference:
https://www.whizlabs.com/blog/google-cloud-interview-questions/


NEW QUESTION # 116
Your company has a large quantity of unstructured data in different file formats. You want to perform ETL transformations on the data. You need to make the data accessible on Google Cloud so it can be processed by a Dataflow job. What should you do?

  • A. Upload the data into Cloud Spanner using the import function in the console.
  • B. Upload the data into Cloud SQL using the import function in the console.
  • C. Upload the data to BigQuery using the bq command line tool.
  • D. Upload the data to Cloud Storage using the gsutil command line tool.

Answer: C

Explanation:
Reference:
https://cloud.google.com/solutions/performing-etl-from-relational-database-into-bigquery


NEW QUESTION # 117
You have successfully created a development environment in a project for an application. This application uses Compute Engine and Cloud SQL. Now you need to create a production environment for this application. The security team has forbidden the existence of network routes between these 2 environments and has asked you to follow Google-recommended practices. What should you do?

  • A. Ask the security team to grant you the Project Editor role in an existing production project used by another division of your company. Once they grant you that role, replicate the setup you have in the development environment in that project.
  • B. Create a new production subnet in the existing VPC and a new production Cloud SQL instance in your existing project, and deploy your application using those resources.
  • C. Create a new project, enable the Compute Engine and Cloud SQL APIs in that project, and replicate the setup you have created in the development environment.
  • D. Create a new project, modify your existing VPC to be a Shared VPC, share that VPC with your new project, and replicate the setup you have in the development environment in that new project in the Shared VPC.

Answer: C


NEW QUESTION # 118
You are assisting a new Google Cloud user who just installed the Google Cloud SDK on their VM.
The server needs access to Cloud Storage. The user wants your help to create a new storage bucket. You need to make this change in multiple environments. What should you do?

  • A. Use a Persistent Disk SSD in the same zone as the VM to improve performance of the VM
  • B. Use a Deployment Manager script to automate creating storage buckets in an appropriate region
  • C. Use the gsutii command to create a storage bucket in the same region as the VM
  • D. Use a local SSD to improve performance of the VM for the targeted workload

Answer: B


NEW QUESTION # 119
Your organization has user identities in Active Directory. Your organization wants to use Active Directory as their source of truth for identities. Your organization wants to have full control over the Google accounts used by employees for all Google services, including your Google Cloud Platform (GCP) organization.
What should you do?

  • A. Use Google Cloud Directory Sync (GCDS) to synchronize users into Cloud Identity.
  • B. Use the cloud Identity APIs and write a script to synchronize users to Cloud Identity.
  • C. Ask each employee to create a Google account using self signup. Require that each employee use their company email address and password.
  • D. Export users from Active Directory as a CSV and import them to Cloud Identity via the Admin Console.

Answer: A

Explanation:
Google Cloud Directory Sync enables administrators to synchronize users, groups and other data from an Active Directory/LDAP service to their Google Cloud domain directory
https://tools.google.com/dlpage/dirsync/


NEW QUESTION # 120
A colleague handed over a Google Cloud Platform project for you to maintain. As part of a security checkup, you want to review who has been granted the Project Owner role. What should you do?

  • A. In the console, validate which SSH keys have been stored as project-wide keys.
  • B. Use the command gcloud projects get-iam-policy to view the current role assignments.
  • C. Enable Audit Logs on the IAM & admin page for all resources, and validate the results.
  • D. Navigate to Identity-Aware Proxy and check the permissions for these resources.

Answer: B

Explanation:
A simple approach would be to use the command flags available when listing all the IAM policy for a given project. For instance, the following command:
`gcloud projects get-iam-policy $PROJECT_ID --flatten="bindings[].members" -- format="table(bindings.members)" --filter="bindings.role:roles/owner"` outputs all the users and service accounts associated with the role 'roles/owner' in the project in question.
https://groups.google.com/g/google-cloud-dev/c/Z6sZs7TvygQ?pli=1


NEW QUESTION # 121
You want to configure an SSH connection to a single Compute Engine instance for users in the dev1 group. This instance is the only resource in this particular Google Cloud Platform project that the dev1 users should be able to connect to. What should you do?

  • A. Set metadata to enable-oslogin=truefor the instance. Grant the dev1 group the compute.osLoginrole. Direct them to use the Cloud Shell to ssh to that instance.
  • B. Set metadata to enable-oslogin=truefor the instance. Set the service account to no service accountfor that instance. Direct them to use the Cloud Shell to ssh to that instance.
  • C. Enable block project wide keysfor the instance. Generate an SSH key and associate the key with that instance. Distribute the key to dev1 users and direct them to use their third-party tools to connect.
  • D. Enable block project wide keysfor the instance. Generate an SSH key for each user in the dev1 group. Distribute the keys to dev1 users and direct them to use their third-party tools to connect.

Answer: A

Explanation:
You can grant roles/compute.osLogin instance access roles at the instance level by using the gcloud compute instances add-iam-policy-binding command.
https://cloud.google.com/compute/docs/instances/managing-instance-access#grant-iam-roles


NEW QUESTION # 122
You are working for a hospital that stores Its medical images in an on-premises data room. The hospital wants to use Cloud Storage for archival storage of these images. The hospital wants an automated process to upload any new medical images to Cloud Storage. You need to design and implement a solution. What should you do?

  • A. Create a script that uses the gsutil command line interface to synchronize the on- premises storage with Cloud Storage Schedule the script as a cron job
  • B. Create a Pub/Sub topic, and enable a Cloud Storage trigger for the Pub/Sub topic. Create an application that sends all medical images to the Pub/Sub lope
  • C. In the Cloud Console, go to Cloud Storage Upload the relevant images to the appropriate bucket
  • D. Deploy a Dataflow job from the batch template "Datastore lo Cloud Storage" Schedule the batch job on the desired interval

Answer: A

Explanation:
Keyword, they require cloud storage for archival and the want to automate the process to upload new medical image to cloud storage, hence we go for gsutil to copy on-prem images to cloud storage and automate the process via cron job. whereas Pub/Sub listens to the changes in the Cloud Storage bucket and triggers the pub/sub topic, which is not required.


NEW QUESTION # 123
You have an instance group that you want to load balance. You want the load balancer to terminate the client SSL session. The instance group is used to serve a public web application over HTTPS. You want to follow Google-recommended practices. What should you do?

  • A. Configure an external SSL proxy load balancer.
  • B. Configure an external TCP proxy load balancer.
  • C. Configure an internal TCP load balancer.
  • D. Configure an HTTP(S) load balancer.

Answer: D

Explanation:
According to this guide for setting up an HTTP (S) load balancer in GCP: The client SSL session terminates at the load balancer. Sessions between the load balancer and the instance can either be HTTPS (recommended) or HTTP.


NEW QUESTION # 124
You want to send and consume Cloud Pub/Sub messages from your App Engine application. The Cloud Pub/Sub API is currently disabled. You will use a service account to authenticate your application to the API.
You want to make sure your application can use Cloud Pub/Sub. What should you do?

  • A. Enable the Cloud Pub/Sub API in the API Library on the GCP Console.
  • B. Rely on the automatic enablement of the Cloud Pub/Sub API when the Service Account accesses it.
  • C. Grant the App Engine Default service account the role of Cloud Pub/Sub Admin. Have your application enable the API on the first connection to Cloud Pub/Sub.
  • D. Use Deployment Manager to deploy your application. Rely on the automatic enablement of all APIs used by the application being deployed.

Answer: A


NEW QUESTION # 125
A Solutions Architect must design a web application that will be hosted on AWS, allowing users to purchase access to premium, shared content that is stored in an S3 bucket. Upon payment, content will be available for download for 14 days before the user is denied access.
Which of the following would be the LEAST complicated implementation?

  • A. Use an Amazon CloudFront distribution with an origin access identity (OAI). Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs. Design a Lambda function to remove data that is older than 14 days.
  • B. Use an S3 bucket and provide direct access to the file. Design the application to track purchases in a DynamoDB table. Configure a Lambda function to remove data that is older than 14 days based on a query to Amazon DynamoDB.
  • C. Use an Amazon CloudFront distribution with an OAI. Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs. Design the application to set an expiration of 14 days for the URI.
  • D. Use an Amazon CloudFront distribution with an OAI. Configure the distribution with an Amazon S3 origin to provide access to the file through signed URLs. Design the application to set an expiration of 60 minutes for the URL, and recreate the URL as necessary.

Answer: C


NEW QUESTION # 126
You need to deploy an application, which is packaged in a container image, in a new project. The application exposes an HTTP endpoint and receives very few requests per day. You want to minimize costs. What should you do?

  • A. Deploy the container on Google Kubernetes Engine, with cluster autoscaling and horizontal pod autoscaling enabled.
  • B. Deploy the container on Cloud Run.
  • C. Deploy the container on App Engine Flexible.
  • D. Deploy the container on Cloud Run on GKE.

Answer: B


NEW QUESTION # 127
You want to find out who in your organization has Owner access to a project called "my- project".What should you do?

  • A. In the Google Cloud Platform Console, go to the IAM page for your organization and apply the filter "Role:Owner".
  • B. Use "gcloud iam list-grantable-role --project my-project" from your Terminal.
  • C. In the Google Cloud Platform Console, go to the IAM page for your project and apply the filter
    "Role:Owner".
  • D. Use "gcloud iam list-grantable-role" from Cloud Shell on the project page.

Answer: C

Explanation:
A is not correct because it will give the org-wide owners, but you are interested in the project owners, which could be different.
B is correct because this shows you the Owners of the project.
C is not correct because this command is to list grantable roles for a resource, but does not return who has a specific role.
D is not correct because this command is to list grantable roles for a resource, but does not return who has a specific role.


NEW QUESTION # 128
You are a Google Cloud Engineer and assigned to set up a project for the team of four members.
You need to grant only general permissions for all the resources of the project. You decided to grant a primitive role to each person for different levels of access on the basis of their responsibilities in the project. What is not considered as a primitive role in the Google Cloud Platform console?

  • A. Viewer
  • B. Editor
  • C. Owner
  • D. Publisher

Answer: D


NEW QUESTION # 129
You need to provide a cost estimate for a Kubernetes cluster using the GCP pricing calculator for Kubernetes. Your workload requires high IOPs, and you will also be using disk snapshots. You start by entering the number of nodes, average hours, and average days. What should you do next?

  • A. Fill in local SSD. Fill in persistent disk storage and snapshot storage.
  • B. Select Add GPUs. Fill in persistent disk storage and snapshot storage.
  • C. Fill in local SSD. Add estimated cost for cluster management.
  • D. Select Add GPUs. Add estimated cost for cluster management.

Answer: A

Explanation:
https://cloud.google.com/products/calculator#tab=container


NEW QUESTION # 130
Your company is moving from an on-premises environment to Google Cloud Platform (GCP). You have multiple development teams that use Cassandra environments as backend databases. They all need a development environment that is isolated from other Cassandra instances. You want to move to GCP quickly and with minimal support effort. What should you do?

  • A. 1. Build a Cassandra Compute Engine instance and take a snapshot of it.
    2.Upload the snapshot to Cloud Storage and make it accessible to your developers.
    3.Build instructions to create a Compute Engine instance from the snapshot so that developers can do it themselves.
  • B. 1. Build a Cassandra Compute Engine instance and take a snapshot of it.
    2. Use the snapshot to create instances for your developers.
  • C. 1. Advise your developers to go to Cloud Marketplace.
    2. Ask the developers to launch a Cassandra image for their development work.
  • D. 1. Build an instruction guide to install Cassandra on GCP.
    2. Make the instruction guide accessible to your developers.

Answer: A


NEW QUESTION # 131
For analysis purposes, you need to send all the logs from all of your Compute Engine instances to a BigQuery dataset called platform-logs. You have already installed the Stackdriver Logging agent on all the instances.
You want to minimize cost. What should you do?

  • A. 1. In Stackdriver Logging, create a logs export with a Cloud Pub/Sub topic called logs as a sink.2.
    Create a Cloud Function that is triggered by messages in the logs topic.3. Configure that Cloud Function to drop logs that are not from Compute Engine and to insert Compute Engine logs in the platform-logs dataset.
  • B. 1. Create a Cloud Function that has the BigQuery User role on the platform-logs dataset.2. Configure this Cloud Function to create a BigQuery Job that executes this query:INSERT INTO dataset.platform-logs (timestamp, log)SELECT timestamp, log FROM compute.logsWHERE timestamp
    > DATE_SUB(CURRENT_DATE(), INTERVAL 1 DAY)3. Use Cloud Scheduler to trigger this Cloud Function once a day.
  • C. 1. Give the BigQuery Data Editor role on the platform-logs dataset to the service accounts used by your instances.2. Update your instances' metadata to add the following value: logs-destination:
    bq://platform-logs.
  • D. 1. In Stackdriver Logging, create a filter to view only Compute Engine logs.2. Click Create Export.3.
    Choose BigQuery as Sink Service, and the platform-logs dataset as Sink Destination.

Answer: D


NEW QUESTION # 132
......

New Associate-Cloud-Engineer Exam Dumps with High Passing Rate: https://www.certkingdompdf.com/Associate-Cloud-Engineer-latest-certkingdom-dumps.html

Associate-Cloud-Engineer Certification Exam Dumps with 218 Practice Test Questions: https://drive.google.com/open?id=1S-sfkU9l24JOozfCiCP9_wC26BLRp3op