Google Cloud Digital Leader Exam Practice Test Instant Access

Question 1

An organization needs protection against distributed denial-of-service (DDoS) attacks. Which Google Cloud service should the organization use?

ACloud Build

BGoogle Cloud Armor

CSecurity Command Center

DCloud VPN

Answer : B

Google Cloud Armor is a service that provides protection against Distributed Denial-of-Service (DDoS) attacks. It offers a scalable web application firewall (WAF) that helps to defend against layer 3, 4, and 7 DDoS attacks, ensuring that applications remain available and responsive.

Option B: Google Cloud Armor is correct because it is specifically designed to provide protection against DDoS attacks.

Google Cloud Armor: DDoS Protection and WAF Features

Google Cloud Security: Overview of DDoS Protection Services

Question 2

Your client is a financial services company giving loans based on customer profiles. As part of the regulatory compliance, they have to collect a bunch of different documents with know your cus-tomer (KYC) information. They want to be able to process the information in these documents quickly and at scale. They want to integrate the chosen solution as quickly as possible. What are your options on Google Cloud?

AIntegrate the Cloud Vision API to create a custom model to handle the documents.

BCreate a model using TensorFlow and integrated it into the process workflow.

CIntegrate the Lending DocAI and Document AI in two there processes workflow of the processing loan requests.

DIntegrate the Natural Language API to read the request sent in by clients and to process the forms.

Answer : C

Lending DocAI is a pre-packaged AI solution that speeds 'up the mortgage workflow processes to easily process loans and automate document data capture, while ensuring the accuracy and breadth of different documents (e.g., tax statements and asset documents).'

https://cloud.google.com/solutions/lending-doc-ai

Question 3

The government has ordered an audit of your company's dat

a. You have hired an external company to conduct the audit. They need to be able to review the data stored in your Cloud Storage buckets across eight projects. How would you grant them access?

AGive the auditors an Owner role on the eight buckets so that they have proper access.

BGive them Storage Object Viewer access to the buckets in those eight projects.

CThey might need access to all projects as the audit progresses; so give them access to all Storage buckets so that you don't have to do it repeatedly later on.

DThey might need access to all projects as the audit progresses; so give them the Editor role on all Storage buckets so that you don't have to do it repeatedly later on.

Answer : B

Apply the Principle of Least Privilege and only provide read permissions on only the required buckets. No more, no less

https://cloud.google.com/storage/docs/access-control/iam-roles

Question 4

You are a program manager in a company and handling a project and you need to create a virtual machine on google cloud console that will be very simple to set up, by flipping a bit via command, API, or with developer console that gives you 30 seconds to shut down when you're preempted, allow you to save your work that also helps in the company budget upto 70-80% of less charges than the regular VMs.

ABare Metal Solutions

BPreemptible Virtual Machines.

CGoogle Cloud VM Instances

DNone of the above.

Answer : B

Preemptible VMs have all these features

Simple configuration

Create a preemptible instance simply by flipping a bit via command, API, or developer console.

Easy extensibility

Attach GPUs and local SSDs to preemptible instances for additional performance and savings.

Graceful shutdown

Compute Engine gives you 30 seconds to shut down when you're preempted, letting you save your work in progress for later.

Large scale computing

Spin up as many instances as you need and turn them off when you're done. You only pay for what you use.

Quickly reclaim capacity

Managed instance groups automatically recreate your instances when they're preempted (if capacity is available).

Fixed pricing

Preemptible VMs have fixed pricing up to 80% off regular instances. They show up on your bill separately so you'll see just how much you're saving.

Question 5

Your customer is moving from AWS to Google Cloud. Data also needs to be moved. There is about 50TB of dat

a. On AWS, the data resides in an S3 bucket. It is going to be moved to Cloud Storage. Data is also being continuously generated on S3 prior to the cutover. It is preferable that this is also periodically transferred. What is the best way to move the data?

AUse the gsutil command-line option

BUse the Google Cloud console to drag and drop the files easily

CUse the Storage Transfer Service

DUse a Transfer Appliance

Answer : C

Storage Transfer Service provides options that make data transfers and synchronization easier. We can also schedule one-time transfer operations or recurring transfer operations.

Reference link-https://cloud.google.com/storage-transfer/docs/overview

Reference link-https://cloud.google.com/architecture/transferring-data-from-amazon-s3-to-cloud-storage-using-vpc-service-controls-and-storage-transfer-service

Question 6

You are storing sensitive information in a Cloud Storage bucket. For legal reasons, you need to be able to record all requests that read any of the stored dat

a. You want to make sure you comply with these requirements. What should you do?

AScan the bucket using the Data Loss Prevention API.

BEnable Data Access audit logs for the Cloud Storage API.

CEnable the Identity Aware Proxy API on the project.

DAllow only a single Service Account access to read the data.

Answer : B

Logged information

Your Google Cloud projects contain only the audit logs for resources that are directly within the Cloud project. Other Google Cloud resources, such as folders, organizations, and billing accounts, contain the audit logs for the entity itself.

Reference link-https://cloud.google.com/storage/docs/audit-logging

Question 7

An organization wants to measure everything as part of its new DevOps philosophy. What should the organization measure?

AThe reliability and health of their systems.

BThe satisfaction and happiness of their employees.

CThe risk and reward of their investments.

DThe speed of their cloud adoption process.

Answer : A

https://newrelic.com/devops/measuring-devops#toc-devops-measurments-for-team-health