Google Associate Cloud Engineer Exam Questions Instant Access

Question 1

You created an instance of SQL Server 2017 on Compute Engine to test features in the new version. You want to connect to this instance using the fewest number of steps. What should you do?

AInstall a RDP client on your desktop. Verify that a firewall rule for port 3389 exists.

BInstall a RDP client in your desktop. Set a Windows username and password in the GCP Console. Use the credentials to log in to the instance.

CSet a Windows password in the GCP Console. Verify that a firewall rule for port 22 exists. Click the RDP button in the GCP Console and supply the credentials to log in.

DSet a Windows username and password in the GCP Console. Verify that a firewall rule for port 3389 exists. Click the RDP button in the GCP Console, and supply the credentials to log in.

Answer : D

https://cloud.google.com/compute/docs/instances/connecting-to-windows#remote-desktop-connection-app

https://cloud.google.com/compute/docs/instances/windows/generating-credentials

https://cloud.google.com/compute/docs/instances/connecting-to-windows#before-you-begin

Question 2

You have successfully created a development environment in a project for an application. This application uses Compute Engine and Cloud SQL. Now, you need to create a production environment for this application.

The security team has forbidden the existence of network routes between these 2 environments, and asks you to follow Google-recommended practices. What should you do?

ACreate a new project, enable the Compute Engine and Cloud SQL APIs in that project, and replicate the setup you have created in the development environment.

BCreate a new production subnet in the existing VPC and a new production Cloud SQL instance in your existing project, and deploy your application using those resources.

CCreate a new project, modify your existing VPC to be a Shared VPC, share that VPC with your new project, and replicate the setup you have in the development environment in that new project, in the Shared VPC.

DAsk the security team to grant you the Project Editor role in an existing production project used by another division of your company. Once they grant you that role, replicate the setup you have in the development environment in that project.

Answer : A

This aligns with Googles recommended practices. By creating a new project, we achieve complete isolation between development and production environments; as well as isolate this production application from production applications of other departments.

Ref:https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#define-hierarchy

Question 3

You are using Data Studio to visualize a table from your data warehouse that is built on top of BigQuery. Data is appended to the data warehouse during the day. At night, the daily summary is recalculated by overwriting the table. You just noticed that the charts in Data Studio are broken, and you want to analyze the problem. What should you do?

AUse the BigQuery interface to review the nightly Job and look for any errors

BReview the Error Reporting page in the Cloud Console to find any errors.

CIn Cloud Logging create a filter for your Data Studio report

DUse the open source CLI tool. Snapshot Debugger, to find out why the data was not refreshed correctly.

Answer : D

Cloud Debugger helps inspect the state of an application, at any code location, without stopping or slowing down the running app //https://cloud.google.com/debugger/docs

Question 4

You have been asked to set up Object Lifecycle Management for objects stored in storage buckets. The objects are written once and accessed frequently for 30 days. After 30 days, the objects are not read again unless there is a special need. The object should be kept for three years, and you need to minimize cost. What should you do?

ASet up a policy that uses Nearline storage for 30 days and then moves to Archive storage for three years.

BSet up a policy that uses Standard storage for 30 days and then moves to Archive storage for three years.

CSet up a policy that uses Nearline storage for 30 days, then moves the Coldline for one year, and then moves to Archive storage for two years.

DSet up a policy that uses Standard storage for 30 days, then moves to Coldline for one year, and then moves to Archive storage for two years.

Answer : B

The key to understand the requirement is : 'The objects are written once and accessed frequently for 30 days'

Standard Storage

Standard Storage is best for data that is frequently accessed ('hot' data) and/or stored for only brief periods of time.

Archive Storage

Archive Storage is the lowest-cost, highly durable storage service for data archiving, online backup, and disaster recovery. Unlike the 'coldest' storage services offered by other Cloud providers, your data is available within milliseconds, not hours or days. Archive Storage is the best choice for data that you plan to access less than once a year.

https://cloud.google.com/storage/docs/storage-classes#standard

Question 5

You are assigned to maintain a Google Kubernetes Engine (GKE) cluster named dev that was deployed on Google Cloud. You want to manage the GKE configuration using the command line interface (CLI). You have just downloaded and installed the Cloud SDK. You want to ensure that future CLI commands by default address this specific cluster. What should you do?

AUse the command gcloud config set container/cluster dev.

BUse the command gcloud container clusters update dev.

CCreate a file called gke.default in the ~/.gcloud aname.

DCreate a file called defaults.json in the ~/.gcloud folder that contains the cluster name.

Answer : A

To set a default cluster for gcloud commands, run the following command: gcloud config set container/cluster CLUSTER_NAMEhttps://cloud.google.com/kubernetes-engine/docs/how-to/managing-clusters?hl=en

Question 6

You have developed a web application that serves traffic for a local event and are expecting unpredictable traffic. You have containerized the application, and you now want to deploy the application on Google Cloud. You also want to minimize costs. What should you do?

ADeploy the web application as a Cloud Run service.

BDeploy the web application on Google Kubernetes Engine In Standard mode.

CDeploy the web application as a Cloud Run job.

DDeploy the web application on Google Kubernetes Engine in Autopilot mode.

Answer : A

Comprehensive and Detailed Explanation From Exact Extract:

The key requirements are a containerized web application that handles unpredictable traffic and must minimize costs.

Cloud Run is the ideal solution because it is a fully managed, serverless platform for containers that automatically scales to zero instances when there is no traffic. This directly fulfills the cost requirement by eliminating charges for idle resources. It excels at handling unpredictable, bursty traffic.

GKE Standard and Autopilot (Options B and D) incur costs for the cluster or nodes even when not serving traffic (unless carefully scaled down), making them less cost-efficient than Cloud Run's native scale-to-zero for unpredictable, non-constant workloads.

'Cloud Run is a managed compute platform that enables you to run containers that are invocable via HTTP requests... Because Cloud Run is serverless, it abstracts away all infrastructure management. It scales up or down automatically, including scaling to zero to minimize your cost.'

Question 7

The DevOps group in your organization needs full control of Compute Engine resources in your development project. However, they should not have permission to create or update any other resources in the project. You want to follow Google's recommendations for setting permissions for the DevOps group. What should you do?

AGrant the basic role roles/viewer and the predefined role roles/compute.admin to the DevOps group.

BCreate an IAM policy and grant all compute. instanceAdmln.' permissions to the policy Attach the policy to the DevOps group.

CCreate a custom role at the folder level and grant all compute. instanceAdmln. * permissions to the role Grant the custom role to the DevOps group.

DGrant the basic role roles/editor to the DevOps group.

Answer : D