GCP Associate Cloud Engineer Practice Exam Part 2

Source:

Actual Exam Version:

  1. You want to deploy a cost-sensitive application to Google Cloud Compute Engine. You want the application to be up at all times, but because of the cost-sensitive nature of the application, you only want to run the application in a single VM instance. How should you configure the managed instance group?

A. Enable autoscaling on the Managed Instance Group (MIG) and set minimum instances to 1 and maximum instances to 2.
B. Disable autoscaling on the Managed Instance Group (MIG) and set mininum instances to 1 and maximum instances to 1.
C. Disable autoscaling on the Managed Instance Group (MIG) and set mininum instances to 1 and maximum instances to 2.
D. Enable autoscaling on the Managed Instance Group (MIG) and set minimum instances to 1 and maximum instances to 1.

  1. You are migrating a mission-critical HTTPS Web application from your on-premises data centre to Google Cloud, and you need to ensure unhealthy compute instances within the autoscaled Managed Instances Group (MIG) are recreated automatically. What should you do?

A. Deploy Managed Instance Group (MIG) instances in multiple zones.
B. When creating the instance template, add a startup script that sends server status to Cloud Monitoring as a custom metric.
C. Add a metadata tag to the Instance Template with key: healthcheck value: enabled.
D. Configure a health check on port 443 when creating the Managed Instance Group (MIG).

  1. Your organization specializes in helping other companies detect if any pages on their website do not align to the specified standards. To do this, your company has deployed a custom C++ application in your on-premises data centre that crawls all the web pages of a customer’s website, compares the headers and template to the expected standard and stores the result before moving on to another customer’s website. This testing takes a lot of time and has resulted in it missing out on the SLA several times recently. The application team is aware of the slow processing time and wants to run the application on multiple virtual machines to split the load, but there is no free space in the data centre. You have been asked to identify if it is possible to migrate this application to Google cloud, ensuring it can autoscale with minimal changes and reduce the processing time. What GCP service should you recommend?

A. Deploy the application on Google App Engine Standard service.
B. Deploy the application as Cloud Dataproc job based on Hadoop.
C. Deploy the application on a GCE Managed Instance Group (MIG) with autoscaling enabled.
D. Deploy the application on a GCE Unmanaged Instance Group. Front the group with a network load balancer.

  1. You want to migrate a public NodeJS application, which serves requests over HTTPS, from your on-premises data centre to Google Cloud Platform. You plan to host it on a fleet of instances behind Managed Instances Group (MIG) in Google Compute Engine. You need to configure a GCP load balancer to terminate SSL session before passing traffic to the VMs. Which GCP Load balancer should you use?

A. Use External SSL proxy load balancer.
B. Use HTTP(S) load balancer.
C. Use Internal TCP load balancer.
D. Use External TCP proxy load balancer.

  1. You host a production application in Google Compute Engine in the us-central1-a zone. Your application needs to be available 24*7 all through the year. The application suffered an outage recently due to a Compute Engine outage in the zone hosting your application. Your application is also susceptible to slowness during peak usage. You have been asked for a recommendation on how to modify the infrastructure to implement a cost-effective and scalable solution that can withstand zone failures. What would you recommend?

A. Use Unmanaged instance groups across multiple zones. Enable Autoscaling on the Unmanaged instance group.
B. Use Managed instance groups with instances in a single zone. Enable a Autoscaling on the Managed instance group.
C. Use Managed instance groups across multiple zones. Enable Autoscaling on the Managed instance group.
D. Use Managed instance groups with preemptible instances across multiple zones. Enable Autoscaling on the Managed instance group.

  1. A mission-critical application running on a Managed Instance Group (MIG) in Google Cloud has been having scaling issues. Although the scaling works, it is not quick enough, and users experience slow response times. The solution architect has recommended moving to GKE to achieve faster scaling and optimize machine resource utilization. Your colleague containerized the application and provided you with a Dockerfile. You now need to deploy this in a GKE cluster. How should you do it?

A. Deploy the application using gcloud app deploy .
B. Deploy the application using kubectl app deploy .
C. Build a container image from the Dockerfile and push it to Google Cloud Storage (GCS). Create a Kubernetes Deployment YAML file and have it use the image from GCS. Use kubectl apply -f deployment.YAML> to deploy the application to the GKE cluster.
D. Build a container image from the Dockerfile and push it to Google Container Registry (GCR). Create a Kubernetes Deployment YAML file and have it use the image from GCR. Use kubectl apply -f to deploy the application to the GKE cluster.

  1. Your company retains all its audit logs in BigQuery for 10 years. At the annual audit every year, you need to provide the auditors’ access to the audit logs. You want to follow Google recommended practices. What should you do?

A. Grant the auditors’ group custom IAM roles with specific permissions.
B. Grant the auditors’ user accounts roles/logging.viewer and roles/bigquery.dataViewer IAM roles.
C. Grant the auditors’ group roles/logging.viewer and roles/bigquery.dataViewer IAM roles.
D. Grant the auditors’ user accounts custom IAM roles with specific permissions.

  1. You are working for a cryptocurrency startup, and you have enabled a link to the company’s Initial Coin Offering (ICO) whitepaper on the company website – which runs off Google Cloud Storage. Your CTO clicked on this link and got prompted to save the file to their desktop. The CTO thinks this is a poor user experience and has asked you to identify if it is possible to render the file directly in the browser for all users. What should you do?

A. Add a metadata tag on all the PDF file objects with key: Content- Type and value: application/pdf.
B. Modify the bucket ACLs to make all PDF files public.
C. Add a label on the Cloud Storage bucket with key: Content-Type and value: application/pdf.
D. Use Cloud CDN to front the static bucket and set the HTTP header displayInBrowser to 1.

  1. You want to reduce storage costs for infrequently accessed data. The data will still be accessed approximately once a month and data older than 2 years is no longer needed. What should you do to reduce storage costs? (Select 2)

A. Set an Object Lifecycle Management policy to change the storage class to Archive for data older than 2 years.
B. Set an Object Lifecycle Management policy to change the storage class to Coldline for data older than 2 years.
C. Store infrequently accessed data in a Nearline bucket.
D. Set an Object Lifecycle Management policy to delete data older than 2 years.
E. Store infrequently accessed data in a Multi-Regional bucket.

  1. You want to migrate a mission-critical application from the on-premises data centre to Google Cloud Platform. Due to the mission-critical nature of the application, you want to have 3 idle (unoccupied) instances all the time to ensure the application always has enough resources to handle sudden bursts in traffic. How should you configure the scaling to meet this requirement?

A. Start with 3 instances and manually scale as needed.
B. Enable Basic Scaling and set maximum instances to 3.
C. Enable Basic Scaling and set minimum instances to 3.
D. Enable Automatic Scaling and set minimum idle instances to 3.

  1. Your company owns a mobile game that is popular with users all over the world. The mobile game backend uses Cloud Spanner to store user state. An overnight job exports user state to a Cloud Storage bucket. The app pushes all time-series events during the game to a streaming Dataflow service that saves them to Cloud Bigtable. You are debugging an in-game issue raised by a gamer, and you want to join the user state information with data stored in Bigtable to debug. How can you do this one-off join efficiently?

A. Create two external tables in BigQuery and link them to the Cloud BigTable and Cloud Storage data sources, respectively. Execute a query in BigQuery console to join up data between the two external tables for the specific gamer.
B. Set up a Cloud Dataflow job to read data from Cloud Spanner and Cloud BigTable for the specific gamer.
C. Set up a Cloud Dataflow job to read data from Cloud Storage and Cloud BigTable for the specific gamer.
D. Set up a Cloud Dataproc Cluster to run a Hadoop job to join up data from Cloud BigTable and Cloud Storage for the specific gamer.

  1. Your finance department wants you to create a new billing account and link all development and test Google Cloud Projects to the new billing account. What should you do?

A. Ask your security administrator to grant you the Billing Account Creator role on the GCP organization and Project Billing Manager role on all the development and test projects. Link all the development and test projects to an existing Billing Account.
B. Ask your security administrator to grant you the Billing Account Creator role on the GCP organization and Project Billing Manager role on all the development and test projects. Create a new Billing Account and link all the development and test projects to the new Billing Account.
C. Ask your security administrator to grant you the Billing Account Administrator role on the existing Billing Account. Create new development and test projects and link them to the existing Billing Account.
D. Ask your security administrator to grant you the Billing Account Administrator a role on the existing Billing Account Link all development and test projects to the existing Billing Account.

  1. You have annual audits every year and you need to provide external auditors access to the last 10 years of audit logs. You want to minimize the cost and operational overhead while following Google recommended practices. What should you do?

A. Set a custom retention of 10 years in Stackdriver logging and provide external auditors view access to Stackdriver Logs.
B. Export audit logs to Cloud Filestore via a Pub/Sub export sink.
C. Export audit logs to Cloud Storage via an audit log export sink.
D. Export audit logs to BigQuery via an audit log export sink.
E. Grant external auditors Storage Object Viewer role on the logs storage bucket.
F. Configure a lifecycle management policy on the logs bucket to delete objects older than 10 years

  1. You have been asked to create a new Kubernetes Cluster on Google Kubernetes Engine that can autoscale the number of worker nodes as well as pods. What should you do? (Select 2)

A. Create Compute Engine instances for the workers and the master and install Kubernetes. Rely on Kubernetes to create additional Compute Engine instances when needed.
B. Enable Horizontal Pod Autoscaling for the Kubernetes deployment.
C. Create a GKE cluster and enable autoscaling on the instance group of the cluster.
D. Configure a Compute Engine instance as a worker and add it to an unmanaged instance group. Add a load balancer to the instance group and rely on the load balancer to create additional Compute Engine instances when needed.
E. Create a GKE cluster and enable autoscaling on Kubernetes Engine.

  1. Your company wants to move all documents from a secure internal NAS drive to a Google Cloud Storage (GCS) bucket. The data contains personally identifiable information (PII) and sensitive customer information. Your company tax auditors need access to some of these documents. What security strategy would you recommend on GCS?

A. Create randomized bucket and object names. Enable public access, but only provide specific file URLs to people who do not have Google accounts and need access.
B. Use signed URLs to generate time-bound access to objects.
C. Grant no Google Cloud Identity and Access Management (Cloud IAM) roles to users, and use granular ACLs on the bucket.
D. Grant IAM read-only access to users, and use default ACLs on the bucket.

  1. Users of your application are complaining of slowness when loading the application. You realize the slowness is because the App Engine deployment serving the application is deployed in us-central whereas all users of this application are closest to europe-west3. You want to change the region of the App Engine application to europe-west3 to minimize latency. What’s the best way to change the App Engine region?

A. Create a new project and create an App Engine instance in europe-west3
B. Use the gcloud app region set command and supply the name of the new region.
C. From the console, under the App Engine page, click edit, and change the region drop-down.
D. Contact Google Cloud Support and request the change.

  1. You are developing a mobile game that uses Cloud Datastore for gaming leaderboards and player profiles. You want to test an aspect of this solution locally on your Ubuntu workstation which already has Cloud SDK installed. What should you do?

A. Install Datastore emulator to provide local emulation of the production datastore environment in your local workstation by running gcloud components install.
B. Install Datastore emulator to provide local emulation of the production datastore a environment in your local workstation by running apt get install.
C. Add a new index to Cloud Datastore instance in the development project by running gcloud datastore indexes create and modify your application on your workstation to retrieve the data from Cloud Datastore using the index.
D. Initiate an export of Cloud Datastore instance from development GCP project by executing gcloud datastore export. Modify your applications to point to the export.

  1. You deployed a number of services to Google App Engine Standard. The services are designed as microservices with several interdependencies between them. Most services have few version upgrades but some key services have over 20 version upgrades. You identified an issue with the service pt-createOrder and deployed a new version v3 for this service. You are confident this works and want this new version to receive all traffic for the service. You want to minimize effort and ensure the availability of service. What should you do?

A. Execute gcloud app versions stop v2 –service=”pt-createOrder” and gcloud app versions start v3 –service=”pt-createOrder”
B. Execute gcloud app versions migrate v3
C. Execute gcloud app versions stop v2 and gcloud app versions start v3
D. Execute gcloud app versions migrate v3 -service – “pt-createOrder”

  1. You have a web application deployed as a managed instance group based on an instance template. You modified the startup script used in the instance template and would like the existing instances to pick up changes from the new startup scripts. Your web application is currently serving live web traffic. You want to propagate the startup script changes to all instances in the managed instances group while minimizing effort, minimizing cost and ensuring that the available capacity does not decrease. What would you do?

A. Create a new managed instance group (MIG) based on a new template. Add the group to the backend service for the load balancer. When all instances in the new managed instance group are healthy, delete the old managed instance group.
B. Delete instances in the managed instance group (MIG) one at a time and rely on auto-healing to provision an additional instance.
C. Perform a rolling-action start-update with max-unavailable set to 1 and max – surge set to 0
D. Perform a rolling-action replace with max-unavailable set to 0 and max-surge set to 1

  1. To facilitate disaster recovery, your company wants to save database backup tar files in Cloud Storage bucket. You want to minimize the cost. Which GCP Cloud Storage class should you use?

A. Use Coldline Storage Class.
B. Use Multi-Regional Storage Class.
C. Use Regional Storage Class.
D. Use Nearline Storage Class.

  1. You recently deployed a new application in Google App Engine to serve production traffic. After analyzing logs for various user flows, you uncovered several issues in your application code and have developed a fix to address the issues. Parts of your proposed fix could not be validated in the pre-production environment by your testing team as some of the scenarios can only be validated by an end-user with access to specific data in your production environment. In the company’s weekly Change Approval Board meeting, concerns were raised that the fix could possibly take down the application. It was unanimously agreed that while the fix is risky, it is a necessary change to the application. You have been asked to suggest a solution that minimizes the impact of the change going wrong. You also want to minimize costs. What should you do?

A. Set up a second Google App Engine service, and then update a subset of clients to hit the new service.
B. Deploy the new application version temporarily, capture logs and then roll it back to the previous version.
C. Deploy a new version of the application, and use traffic splitting to send a small percentage of traffic to it.
D. Create a second Google App Engine project with the new application code, and onboard users gradually to the new application.

  1. You want to list all the compute instances in zones us-central1-b and europe-west1-d. Which of the commands below should you run to retrieve this information?

A. gcloud compute instances list–filter=”zone:(us-central1-b europe-west1-d)”
B. gcloud compute instances get–filter=”zone:(us-central1-b)” and gcloud compute instances list -filter= “zone:( europe-west1-d)” and combine the results.
C. gcloud compute instances list –filter=”zone:(us-central1-b)” and gcloud compute instances list -filter=”zone:(europe-west1-d)” and combine the results.
D. gcloud compute instances get –filter=”zone:(us-central1-b europe-west1-d)”