Google Cloud Associate Certification
1. You want to optimize the performance of an accurate, real-time, weather-charting application. The data comes from 50,000 sensors sending 10 readings a second, in the format of a timestamp and sensor reading. Where should you store the data?
A. Google BigQuery
B. Google Cloud SQL
C. Google Cloud Bigtable
D. Google Cloud Storage
2. You have been asked to select the storage system for the click-data of your company’s large portfolio of websites. This data is streamed in from a custom website analytics package at a typical rate of 6,000 clicks per minute. With bursts of up to 8,500 clicks per second. It must have been stored for future analysis by your data science and user experience teams. Which storage infrastructure should you choose?
A. Google Cloud SQL
B. Google Cloud Bigtable
C. Google Cloud Storage
D. Google Cloud Datastore
3. Which of the following statements about Stackdriver Trace are true?
A. Stackdriver Trace tracks the performance of the virtual machines running the application.
B. Stackdriver Trace tracks the latency of incoming requests.
C. Applications in App Engine automatically submit traces to Stackdriver Trace. Applications outside of App Engine need to use the Trace SDK or Trace API.
D. To make an application work with Stackdriver Trace, you need to add instrumentation code using the Trace SDK or Trace API, even if the application is in App
4. If you have object versioning enabled on a multi-regional bucket, what will the following lifecycle config file do?
A. Archive objects older than 30 days (the second rule doesn’t do anything)
B. Delete objects older than 30 days (the second rule doesn’t do anything)
C. Archive objects older than 30 days and move objects to Coldline Storage after 365 days
D. Delete objects older than 30 days and move objects to Coldline Storage after 365 days
5. Which two places hold information you can use to monitor the effects of a Cloud Storage lifecycle policy on specific objects? (Select 2 answers.)
A. Cloud Storage Lifecycle Monitoring
B. Expiration time metadata
C. Access logs
D. Lifecycle config file
6. Which of the following practices can help you develop more secure software? (Select 3 answers.)
A. Penetration tests
B. Integrating static code analysis tools into your CI/CD pipeline
C. Encrypting your source code
D. Peer review of code
7. If network traffic between one Google Compute Engine instance and another instance is being dropped, what is the most likely cause?
A. The instances are on a network with low bandwidth.
B. The TCP keep-alive setting is too short.
C. The instances are on a default network with no additional firewall rules.
D. A firewall rule was deleted.
8. To minimize the risk of someone changing your log files to hide their activities, which of the following principles would help? (Select 3 answers.)
A. Restrict usage of the owner role for projects and log buckets.
B. Require two people to inspect the logs.
C. Implement object versioning on the log-buckets.
D. Encrypt the logs using Cloud KMS.
9. You can use Stackdriver to monitor virtual machines on which cloud platforms?
A. Google Cloud Platform, Microsoft Azure
B. Google Cloud Platform
C. Google Cloud Platform, Microsoft Azure, Amazon Web Services
D. Google Cloud Platform, Amazon Web Services
10. If you have configured Stackdriver Logging to export logs to BigQuery, but logs entries are not getting exported to BigQuery, what is the most likely cause?
A. The Cloud Data Transfer Service has not been enabled.
B. There isn’t a firewall rule allowing traffic between Stackdriver and BigQuery.
C. Stackdriver Logging does not have permission to write to the BigQuery dataset.
D. The size of the Stackdriver log entries being exported exceeds the maximum capacity of the BigQuery dataset.
11. Which combination of Stackdriver services will alert you about errors generated by your applications and help you locate the root cause in the code?
A. Monitoring, Trace, and Debugger
B. Monitoring and Error Reporting
C. Debugger and Error Reporting
D. Alerts and Debugger
12. You have developed an enhancement for a photo compression application running on the App Engine Standard service in Google Cloud Platform, and you want to canary test this enhancement on a small percentage of live users. How can you do this?
A. Deploy the enhancement as a new App Engine Application in the existing GCP project. Make use of App Engine native routing to have the old App Engine application proxy 1% of the requests to the new App Engine application.
B. Use gcloud app deploy to deploy the enhancement as a new version in the existing application and use –splits flag to split the traffic between the old version and the new version. Assign a weight of 1 to the new version and 99 to the old version.
C. Use gcloud app deploy to deploy the enhancement as a new version in the existing application with -migrate flag.
D. Deploy the enhancement as a new App Engine Application in the existing GCP project. Configure the network load balancer to route 99% of the requests to the old (existing) App Engine Application and 1% to the new App Engine Application.
13. Your company plans to store sensitive PII data in a cloud storage bucket. Your compliance department has asked you to ensure the objects in this bucket are encrypted by customer-managed encryption keys. What should you do?
A. In the bucket advanced settings, select Customer-supplied key and then select a Cloud KMS encryption key.
B. In the bucket advanced settings, select Customer-managed key and then select a Cloud KMS encryption key.
C. Recreate the bucket to use a Customer-managed key. Encryption can only be specified at the time of bucket creation.
D. In the bucket advanced settings, select Google-managed key and then select a Cloud KMS encryption key.
14. You deployed your application to a default node pool on the GKE cluster and you want to configure cluster autoscaling for this GKE cluster. For your application to be profitable, you must limit the number of Kubernetes nodes to 10. You want to start small and scale up as traffic increases and scale down when the traffic goes down. What should you do?
A. Update existing GKE cluster to enable autoscaling by running the command gcloud container clusters update [CLUSTER_NAME] enable-autoscaling -min-nodes= 1 –max-nodes=10
B. Set up a stack driver alert to detect slowness in the application. When the alert is triggered, increase nodes in the cluster by running the command gcloud container clusters resize CLUSTER_Name -size .
C. Create a new GKE cluster by running the command gcloud container clusters create [CLUSTER_NAME] –enable-autoscaling –min-nodes= 1 -max-nodes= 10.
D. Redeploy your application To enable autoscaling, add a tag to the instances in the cluster by running the command gcloud compute instances add-tags [INSTANCE] -tags=enable-autoscaling,min-nodes=1,max-nodes=1
15. You want to deploy a python application to an autoscaled managed instance group on Compute Engine. You want to use GCP deployment manager to do this. What is the fastest way to get the application onto the instances without introducing undue complexity?
A. Include a startup script to bootstrap the python application when creating an instance template by running gcloud compute instance-templates create app-template -startup-script=/scripts/install_app.sh
B. Include a startup script to bootstrap the python application when creating an instance template by running gcloud compute instance-templates create app-template – –metadata-from-file startup-script=/scripts/install_app.sh
C. Once the instance starts up, connect over SSH and install the application.
D. Include a startup script to bootstrap the python application when creating an instance template by running gcloud compute nstance-templates create app-template – metadata-from-file startup-script-url=/scripts/install_app.sh
16. You are the Cloud Security Manager at your company, and you want to review IAM users and their assigned roles in the production GCP project. You want to follow Google recommended practices. What should you do?
A. Review the information in the Roles section for the production GCP project in Google Cloud Console.
B. Check the output of gcloud iam roles list command.
C. Check the output of gcloud iam service-accounts list command.
D. Review the information in the IAM section for the production GCP project in Google Cloud Console.
17. Your team manages the game backend for a popular game with users all over the world. The game backend APIs runs on a fleet of VMs behind a Managed Instance Group (MIG) with autoscaling enabled. You have configured the scaling policy on the MIG to add more instances if the CPU utilization is consistently over 85%, and to scale down when the CPU utilization is consistently lower than 65%. You noticed the autoscaler adds more VMs than is necessary during the scale-up, and you suspect this might be down to an incorrect configuration in the health check – the initial delay on the health check is 30 seconds. Each VM takes just under 3 minutes before it is ready to process the requests from the web application and mobile app. What should you do to fix the scaling issue?
A. Update the Managed Instances template to set the maximum instances to 5.
B. Update the Managed Instances template to set the maximum instances to 1.
C. Update the autoscaling health check from HTTP to TCP.
D. Update the autoscaling health check to increase the initial delay to 200 seconds.
18. Your company has a number of GCP projects that are managed by the respective project teams. Your expenditure of all GCP projects combined has exceeded your operational expenditure budget. At a review meeting, it has been agreed that your finance team should be able to set budgets and view the current charges for all projects in the organization but not view the project resources; and your developers should be able to see the Google Cloud Platform billing charges for only their own projects as well as view resources within the project. You want to follow Google recommended practices to set up IAM roles and permissions. What should you do?
A. Add the finance team to the Billing Account Administrator role for each of the billing accounts that they need to manage. Add the developers to the Viewer role for the Project.
B. Add the finance team to the Viewer role for the Project. Add the developers to the Security Reviewer role for each of the billing accounts.
C. Add the finance team to the default IAM Owner role. Add the developers to a custom role that allows them to see their own spend only.
D. Add the developers and finance managers to the Viewer role for the Project.
19. You are developing a simple application in App Engine Standard service. Unit testing and user acceptance testing has succeeded, and you want to build a new App Engine application to serve as your performance testing environment. What should you do?
A. Use gcloud to deploy the application to a new performance testing GCP project by specifying the –project parameter. Select Yes when prompted for confirmation on creating a new project.
B. Create a new GCP project for the performance testing environment using gcloud and deploy your App Engine application to the new GCP project.
C. Configure a Deployment Manager YAML template to copy the application from the development GCP project into the performance testing GCP project.
D. Create a new GCP project for the performance testing environment using gcloud and copy the application from the development GCP project into the performance testing GCP project.
20. You work for a multinational delivery services company that uses Apache Cassandra DB as the backend store for its delivery track and trace system. The existing on-premises data center is out of space. To cope with an anticipated increase in requests in the run-up to Christmas, you want to move this application rapidly to Google Cloud with minimal effort whilst ensuring you can spin up multiple stacks (development, test, production) and isolate them from each other. How can you do this?
A. Download the installation guide for Cassandra on GCP and follow the instructions to install the database.
B. Launch Cassandra DB from Cloud Marketplace.
C. Install an instance of Cassandra DB on Google Cloud Compute Engine, take a snapshot of this instance and use the snapshot to spin up additional instances of Cassandra DB.
D. Install an instance of Cassandra DB on Google Cloud Compute Engine, take a snapshot of this instance and upload to Google Cloud Storage bucket. Every time you need a new instance of Cassandra DB, spin up a new compute engine instance from the snapshot.
21. Which of these statements about resilience testing are true? (Select 2 answers.)
A. In a resilience test, your application should keep running with little or no downtime.
B. To test the resilience of an autoscaling instance group, you can terminate a random instance within that group.
C. In order for an application to survive instance failures, it should not be stateless.
D. Resilience testing is the same as disaster recovery testing.
22. Which statements about application load testing are true? (Select 2 answers.)
A. You should test at the maximum load that you expect to encounter.
B. You should test at 50% more than the maximum load that you expect to encounter.
C. It is not necessary to test sudden increases in traffic since GCP scales seamlessly.
D. Your load tests should include testing sudden increases in traffic.
23. What are two of the actions you can take to troubleshoot a virtual machine instance that won’t start up at all? (Select 2 answers.)
A. Increase the CPU and memory on the instance by changing the machine type.
B. Validate that your disk has a valid file system.
C. Examine your virtual machine instance’s serial port output.
D. Connect to your virtual machine instance using SSH.
24. Which of these tools can you use to copy data from AWS S3 to Cloud Storage? (Select 2 answers.)
A. Cloud Storage Transfer Service
B. S3 Storage Transfer Service
C. Cloud Storage Console
D. gsutil
25. To configure Stackdriver to monitor a web server and let you know if it goes down, what steps do you need to take? (Select 2 answers.)
A. Install the Stackdriver Logging Agent on the web server
B. Create an alerting policy
C. Install the Stackdriver Monitoring Agent on the web server
D. Create an uptime check
26. Suppose you have a web server that is working properly, but you can’t connect to its instance VM over SSH. Which of these troubleshooting methods can you use without disrupting production traffic? (Select 3 answers.)
A. Create a snapshot of the disk and use it to create a new disk; then attach the new disk to a new instance
B. Use netcat to try to connect to port 22
C. Access the serial console output
D. Create a startup script to collect information.
27. What are two different features that fully isolate groups of VM instances?
A. Firewall rules and subnetworks
B. Networks and subnetworks
C. Subnetworks and projects
D. Projects and networks
No comments:
Write commentsPlease do not enter spam links