Google Associate Cloud Engineer Exam Questions Instant Access

Question 1

You need to manage a third-party application that will run on a Compute Engine instance. Other Compute Engine instances are already running with default configuration. Application installation files are hosted on Cloud Storage. You need to access these files from the new instance without allowing other virtual machines (VMs) to access these files. What should you do?

ACreate the instance with the default Compute Engine service account Grant the service account permissions on Cloud Storage.

BCreate the instance with the default Compute Engine service account Add metadata to the objects on Cloud Storage that matches the metadata on the new instance.

CCreate a new service account and assig n this service account to the new instance Grant the service account permissions on Cloud Storage.

DCreate a new service account and assign this service account to the new instance Add metadata to the objects on Cloud Storage that matches the metadata on the new instance.

Answer : B

https://cloud.google.com/iam/docs/best-practices-for-using-and-managing-service-accounts

If an application uses third-party or custom identities and needs to access a resource, such as a BigQuery dataset or a Cloud Storage bucket, it must perform a transition between principals. Because Google Cloud APIs don't recognize third-party or custom identities, the application can't propagate the end-user's identity to BigQuery or Cloud Storage. Instead, the application has to perform the access by using a different Google identity.

Question 2

You have two Google Cloud projects: project-a with VPC vpc-a (10.0.0.0/16) and project-b with VPC vpc-b (10.8.0.0/16). Your frontend application resides in vpc-a and the backend API services ate deployed in vpc-b. You need to efficiently and cost-effectively enable communication between these Google Cloud projects. You also want to follow Google-recommended practices. What should you do?

AConfigure a Cloud Router in vpc-a and another Cloud Router in vpc-b.

BConfigure a Cloud Interconnect connection between vpc-a and vpc-b.

CCreate VPC Network Peering between vpc-a and vpc-b.

DCreate an OpenVPN connection between vpc-a and vpc-b.

Answer : C

Question 3

You need to track and verity modifications to a set of Google Compute Engine instances in your Google Cloud project. In particular, you want to verify OS system patching events on your virtual machines (VMs). What should you do?

AReview the Compute Engine activity logs Select and review the Admin Event logs

BReview the Compute Engine activity logs Select and review the System Event logs

CInstall the Cloud Logging Agent In Cloud Logging review the Compute Engine syslog logs

DInstall the Cloud Logging Agent In Cloud Logging, review the Compute Engine operation logs

Answer : A

Question 4

You recently deployed a new version of an application to App Engine and then discovered a bug in the release. You need to immediately revert to the prior version of the application. What should you do?

ARun gcloud app restore.

BOn the App Engine page of the GCP Console, select the application that needs to be reverted and click Revert.

COn the App Engine Versions page of the GCP Console, route 100% of the traffic to the previous version.

DDeploy the original version as a separate application. Then go to App Engine settings and split traffic between applications so that the original version serves 100% of the requests.

Answer : C

Question 5

Your customer has implemented a solution that uses Cloud Spanner and notices some read latency-related performance issues on one table. This table is accessed only by their users using a primary key. The table schema is shown below.

You want to resolve the issue. What should you do?

AOption A

BOption B

COption C

DOption D

Answer : C

As mentioned in Schema and data model, you should be careful when choosing a primary key to not accidentally create hotspots in your database. One cause of hotspots is having a column whose value monotonically increases as the first key part, because this results in all inserts occurring at the end of your key space. This pattern is undesirable because Cloud Spanner divides data among servers by key ranges, which means all your inserts will be directed at a single server that will end up doing all the work.https://cloud.google.com/spanner/docs/schema-design#primary-key-prevent-hotspots

Question 6

You used the gcloud container clusters command to create two Google Cloud Kubernetes (GKE) clusters prod-cluster and dev-cluster.

* prod-cluster is a standard cluster.

* dev-cluster is an auto-pilot duster.

When you run the Kubect1 get nodes command, you only see the nodes from prod-cluster Which commands should you run to check the node status for dev-cluster?

AOption A

BOption B

COption C

DOption D

Answer : A

Question 7

You are running multiple microservices in a Kubernetes Engine cluster. One microservice is rendering images. The microservice responsible for the image rendering requires a large amount of CPU time compared to the memory it requires. The other microservices are workloads that are optimized for n1-standard machine types. You need to optimize your cluster so that all workloads are using resources as efficiently as possible. What should you do?

AAssign the pods of the image rendering microservice a higher pod priority than the older microservices

BCreate a node pool with compute-optimized machine type nodes for the image rendering microservice Use the node pool with general-purposemachine type nodes for the other microservices

CUse the node pool with general-purpose machine type nodes for lite mage rendering microservice Create a nodepool with compute-optimized machine type nodes for the other microservices

DConfigure the required amount of CPU and memory in the resource requests specification of the image rendering microservice deployment Keep the resource requests for the other microservices at the default

Answer : B