Google Professional-Cloud-Architect Exam Practice Test Instant Access

Question 1

Your company has an enterprise application running on Compute Engine that requires high availability and high performance. The application has been deployed on two instances in two zones in the same region m active passive mode. The application writes data to a persistent disk in the case of a single zone outage that data should be immediately made available to the other instance in the other zone. You want to maximize performance while minimizing downtime and data loss. What should you do?

A1. Attach a persistent SSD disk to the first instance
2. Create a snapshot every hour
3. In case of a zone outage, recreate a persistent SSD disk in the second instance where data is coming from the created snapshot

B1 Create a Cloud Storage bucket
2. Mount the bucket into the first instance with gcs-fuse
3. In case of a zone outage, mount the Cloud Storage bucket to the second instance with gcs-fuse

C1 Attach a local SSD lo the first instance disk
2. Execute an rsync command every hour where the target is a persistent SSD disk attached to the second instance
3. In case of a zone outage, use the second instance

D1. Attach a regional SSD persistent Ask to the first instance
2. In case of a zone outage, force-attach the disk to the other instance

Answer : D

Question 2

You company has a Kubernetes application that pulls messages from Pub/Sub and stores them in Firestore. Because the application is simple, it was deployed as a single pod. The infrastructure team has analyzed Pub/Sub metrics and discovered that the application cannot process the messages in real time. Most of them wait for minutes before being processed. You need to scale the elaboration process that is I/O-intensive. What should you do?

AConfigure a Kubernetes autoscaling based on the subscription/push_request metric.

BUse the --enable- autoscaling flag when you create the Kubernetes cluster

CConfigure a Kubernetes autoscaling based on the subscription/num_undelivered message metric.

DUse kubectl autoscale deployment APP_NAME --max 6 --min 2 --cpu- percent 50 to configure Kubernetes autoscaling deployment

Answer : A

https://cloud.google.com/kubernetes-engine/docs/concepts/custom-and-external-metrics#external_metrics

Question 3

Your company is planning to upload several important files to Cloud Storage. After the upload is completed, they want to verify that the upload content is identical to what they have on- premises. You want to minimize the cost and effort of performing this check. What should you do?

A1) Use gsutil -m to upload all the files to Cloud Storage.
2) Use gsutil cp to download the uploaded files
3) Use Linux diff to compare the content of the files

B1) Use gsutil -m to upload all the files to Cloud Storage.
2) Develop a custom Java application that computes CRC32C hashes
3) Use gsutil ls -L gs://[YOUR_BUCKET_NAME] to collect CRC32C hashes of the uploaded files
4) Compare the hashes

C1) Use Linux shasum to compute a digest of files you want to upload
2) Use gsutil -m to upload all the files to the Cloud Storage
3) Use gsutil cp to download the uploaded files
4) Use Linux shasum to compute a digest of the downloaded files 5.Compre the hashes

D1) Use gsutil -m to upload all the files to Cloud Storage.
2) Use gsutil hash -c FILE_NAME to generate CRC32C hashes of all on-premises files
3) Use gsutil ls -L gs://[YOUR_BUCKET_NAME] to collect CRC32C hashes of the uploaded files
4) Compare the hashes

Answer : D

https://cloud.google.com/storage/docs/gsutil/commands/hash

Question 4

Your company has a stateless web API that performs scientific calculations. The web API runs on a single Google Kubernetes Engine (GKE) cluster. The cluster is currently deployed in us-central1. Your company has expanded to offer your API to customers in Asi

a. You want to reduce the latency for the users in Asia. What should you do?

AUse a global HTTP(s) load balancer with Cloud CDN enabled

BCreate a second GKE cluster in asia-southeast1, and expose both API's using a Service of
type Load Balancer. Add the public Ips to the Cloud DNS zone

CIncrease the memory and CPU allocated to the application in the cluster

DCreate a second GKE cluster in asia-southeast1, and use kubemci to create a global HTTP(s) load balancer

Answer : D

https://cloud.google.com/kubernetes-engine/docs/concepts/multi-cluster-ingress#how_works

https://github.com/GoogleCloudPlatform/k8s-multicluster-ingress

https://cloud.google.com/blog/products/gcp/how-to-deploy-geographically-distributed-services-on-kubernetes-engine-with-kubemci

Question 5

You are migrating third-party applications from optimized on-premises virtual machines to Google Cloud. You are unsure about the optimum CPU and memory options. The application have a consistent usage patterns across multiple weeks. You want to optimize resource usage for the lowest cost. What should you do?

ACreate a Compute engine instance with CPU and Memory options similar to your application's current on-premises virtual machine. Install the cloud monitoring agent, and deploy the third party application. Run a load with normal traffic levels on third party application and follow the Rightsizing Recommendations in the Cloud Console

BCreate an App Engine flexible environment, and deploy the third party application using a Docker file and a custom runtime. Set CPU and memory options similar to your application's current on-premises virtual machine in the app.yaml file.

CCreate an instance template with the smallest available machine type, and use an image of the third party application taken from the current on-premises virtual machine. Create a managed instance group that uses average CPU to autoscale the number of instances in the group. Modify the average CPU utilization threshold to optimize the number of instances running.

DCreate multiple Compute Engine instances with varying CPU and memory options. Install the cloud monitoring agent and deploy the third-party application on each of them. Run a load test with high traffic levels on the application and use the results to determine the optimal settings.

Answer : A

Create a Compute engine instance with CPU and Memory options similar to your application's current on-premises virtual machine. Install the cloud monitoring agent, and deploy the third party application. Run a load with normal traffic levels on third party application and follow the Rightsizing Recommendations in the Cloud Console

https://cloud.google.com/migrate/compute-engine/docs/4.9/concepts/planning-a-migration/cloud-instance-rightsizing?hl=en

Question 6

You are designing a Data Warehouse on Google Cloud and want to store sensitive data in BigQuery. Your company requires you to generate encryption keys outside of Google Cloud. You need to implement a solution. What should you do?

AGenerate a new key in Cloud Key Management Service (Cloud KMS). Store all data in Cloud Storage using the customer-managed key option and select the created key. Set up a Dataflow pipeline to decrypt the data and to store it in a BigQuery dataset.

BGenerate a new key in Cloud Key Management Service (Cloud KMS). Create a dataset in BigQuery using the customer-managed key option and select the created key

CImport a key in Cloud KMS. Store all data in Cloud Storage using the customer-managed key option and select the created key. Set up a Dataflow pipeline to decrypt the data and to store it in a new BigQuery dataset.

DImport a key in Cloud KMS. Create a dataset in BigQuery using the customer-supplied key option and select the created key.

Answer : D

https://cloud.google.com/bigquery/docs/customer-managed-encryption

Question 7

Your organization has stored sensitive data in a Cloud Storage bucket. For regulatory reasons, your company must be able to rotate the encryption key used to encrypt the data in the bucket. The data will be processed in Dataproc. You want to follow Google-recommended practices for security What should you do?

ACreate a key with Cloud Key Management Service (KMS) Encrypt the data using the encrypt method of Cloud KMS.

BCreate a key with Cloud Key Management Service (KMS). Set the encryption key on the bucket to the Cloud KMS key.

CGenerate a GPG key pair. Encrypt the data using the GPG key. Upload the encrypted data to the bucket.

DGenerate an AES-256 encryption key. Encrypt the data in the bucket using the customer-supplied encryption keys feature.

Answer : B

https://cloud.google.com/storage/docs/encryption/using-customer-managed-keys#add-object-key

https://cloud.google.com/storage/docs/encryption/using-customer-managed-keys

Google Cloud Architect Professional Exam Practice Test