Google Professional-Cloud-Architect Exam Practice Questions (P. 3)
- Full Access (551 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #21
Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a
99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load.
What should you do?
99,99% availability SLA under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load.
What should you do?
- ACapture existing users input, and replay captured user load until autoscale is triggered on all layers. At the same time, terminate all resources in one of the zonesMost Voted
- BCreate synthetic random user input, replay synthetic load until autoscale logic is triggered on at least one layer, and introduce ג€chaosג€ to the system by terminating random resources on both zones
- CExpose the new system to a larger group of users, and increase group size each day until autoscale logic is triggered on all layers. At the same time, terminate random resources on both zones
- DCapture existing users input, and replay captured user load until resource utilization crosses 80%. Also, derive estimated number of users based on existing user's usage of the app, and deploy enough resources to handle 200% of expected load
Correct Answer:
B
B
send
light_mode
delete
Question #22
One of the developers on your team deployed their application in Google Container Engine with the Dockerfile below. They report that their application deployments are taking too long.
You want to optimize this Dockerfile for faster deployment times without adversely affecting the app's functionality.
Which two actions should you take? (Choose two.)
You want to optimize this Dockerfile for faster deployment times without adversely affecting the app's functionality.
Which two actions should you take? (Choose two.)
- ARemove Python after running pip
- BRemove dependencies from requirements.txt
- CUse a slimmed-down base image like Alpine LinuxMost Voted
- DUse larger machine types for your Google Container Engine node pools
- ECopy the source after he package dependencies (Python and pip) are installedMost Voted
Correct Answer:
CE
The speed of deployment can be changed by limiting the size of the uploaded app, limiting the complexity of the build necessary in the Dockerfile, if present, and by ensuring a fast and reliable internet connection.
Note: Alpine Linux is built around musl libc and busybox. This makes it smaller and more resource efficient than traditional GNU/Linux distributions. A container requires no more than 8 MB and a minimal installation to disk requires around 130 MB of storage. Not only do you get a fully-fledged Linux environment but a large selection of packages from the repository.
Reference:
https://groups.google.com/forum/#!topic/google-appengine/hZMEkmmObDU https://www.alpinelinux.org/about/
CE
The speed of deployment can be changed by limiting the size of the uploaded app, limiting the complexity of the build necessary in the Dockerfile, if present, and by ensuring a fast and reliable internet connection.
Note: Alpine Linux is built around musl libc and busybox. This makes it smaller and more resource efficient than traditional GNU/Linux distributions. A container requires no more than 8 MB and a minimal installation to disk requires around 130 MB of storage. Not only do you get a fully-fledged Linux environment but a large selection of packages from the repository.
Reference:
https://groups.google.com/forum/#!topic/google-appengine/hZMEkmmObDU https://www.alpinelinux.org/about/
send
light_mode
delete
Question #23
Your solution is producing performance bugs in production that you did not see in staging and test environments. You want to adjust your test and deployment procedures to avoid this problem in the future.
What should you do?
What should you do?
- ADeploy fewer changes to production
- BDeploy smaller changes to production
- CIncrease the load on your test and staging environments
- DDeploy changes to a small subset of users before rolling out to production
Correct Answer:
D
D
send
light_mode
delete
Question #24
A small number of API requests to your microservices-based application take a very long time. You know that each request to the API can traverse many services.
You want to know which service takes the longest in those cases.
What should you do?
You want to know which service takes the longest in those cases.
What should you do?
- ASet timeouts on your application so that you can fail requests faster
- BSend custom metrics for each of your requests to Stackdriver Monitoring
- CUse Stackdriver Monitoring to look for insights that show when your API latencies are high
- DInstrument your application with Stackdriver Trace in order to break down the request latencies at each microserviceMost Voted
Correct Answer:
D
Reference:
https://cloud.google.com/trace/docs/quickstart#find_a_trace
D
Reference:
https://cloud.google.com/trace/docs/quickstart#find_a_trace
send
light_mode
delete
Question #25
During a high traffic portion of the day, one of your relational databases crashes, but the replica is never promoted to a master. You want to avoid this in the future.
What should you do?
What should you do?
- AUse a different database
- BChoose larger instances for your database
- CCreate snapshots of your database more regularly
- DImplement routinely scheduled failovers of your databasesMost Voted
Correct Answer:
D
D
send
light_mode
delete
Question #26
Your organization requires that metrics from all applications be retained for 5 years for future analysis in possible legal proceedings.
Which approach should you use?
Which approach should you use?
- AGrant the security team access to the logs in each Project
- BConfigure Stackdriver Monitoring for all Projects, and export to BigQuery
- CConfigure Stackdriver Monitoring for all Projects with the default retention policies
- DConfigure Stackdriver Monitoring for all Projects, and export to Google Cloud StorageMost Voted
Correct Answer:
B
Stackdriver Logging provides you with the ability to filter, search, and view logs from your cloud and open source application services. Allows you to define metrics based on log contents that are incorporated into dashboards and alerts. Enables you to export logs to BigQuery, Google Cloud Storage, and Pub/Sub.
Reference:
https://cloud.google.com/stackdriver/
B
Stackdriver Logging provides you with the ability to filter, search, and view logs from your cloud and open source application services. Allows you to define metrics based on log contents that are incorporated into dashboards and alerts. Enables you to export logs to BigQuery, Google Cloud Storage, and Pub/Sub.
Reference:
https://cloud.google.com/stackdriver/
send
light_mode
delete
Question #27
Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4
TB, and large updates are frequent. Replication requires private address space communication.
Which networking approach should you use?
TB, and large updates are frequent. Replication requires private address space communication.
Which networking approach should you use?
- AGoogle Cloud Dedicated InterconnectMost Voted
- BGoogle Cloud VPN connected to the data center network
- CA NAT and TLS translation gateway installed on-premises
- DA Google Compute Engine instance with a VPN server installed connected to the data center network
Correct Answer:
A
Google Cloud Dedicated Interconnect provides direct physical connections and RFC 1918 communication between your on-premises network and Google's network. Dedicated Interconnect enables you to transfer large amounts of data between networks, which can be more cost effective than purchasing additional bandwidth over the public Internet or using VPN tunnels.
Benefits:
✑ Traffic between your on-premises network and your VPC network doesn't traverse the public Internet. Traffic traverses a dedicated connection with fewer hops, meaning there are less points of failure where traffic might get dropped or disrupted.
✑ Your VPC network's internal (RFC 1918) IP addresses are directly accessible from your on-premises network. You don't need to use a NAT device or VPN tunnel to reach internal IP addresses. Currently, you can only reach internal IP addresses over a dedicated connection. To reach Google external IP addresses, you must use a separate connection.
✑ You can scale your connection to Google based on your needs. Connection capacity is delivered over one or more 10 Gbps Ethernet connections, with a maximum of eight connections (80 Gbps total per interconnect).
✑ The cost of egress traffic from your VPC network to your on-premises network is reduced. A dedicated connection is generally the least expensive method if you have a high-volume of traffic to and from Google's network.
Reference:
https://cloud.google.com/interconnect/docs/details/dedicated
A
Google Cloud Dedicated Interconnect provides direct physical connections and RFC 1918 communication between your on-premises network and Google's network. Dedicated Interconnect enables you to transfer large amounts of data between networks, which can be more cost effective than purchasing additional bandwidth over the public Internet or using VPN tunnels.
Benefits:
✑ Traffic between your on-premises network and your VPC network doesn't traverse the public Internet. Traffic traverses a dedicated connection with fewer hops, meaning there are less points of failure where traffic might get dropped or disrupted.
✑ Your VPC network's internal (RFC 1918) IP addresses are directly accessible from your on-premises network. You don't need to use a NAT device or VPN tunnel to reach internal IP addresses. Currently, you can only reach internal IP addresses over a dedicated connection. To reach Google external IP addresses, you must use a separate connection.
✑ You can scale your connection to Google based on your needs. Connection capacity is delivered over one or more 10 Gbps Ethernet connections, with a maximum of eight connections (80 Gbps total per interconnect).
✑ The cost of egress traffic from your VPC network to your on-premises network is reduced. A dedicated connection is generally the least expensive method if you have a high-volume of traffic to and from Google's network.
Reference:
https://cloud.google.com/interconnect/docs/details/dedicated
send
light_mode
delete
Question #28
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process.
What should you do?
What should you do?
- ACreate custom Google Stackdriver alerts and send them to the auditor
- BEnable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor
- CUse cloud functions to transfer log entries to Google Cloud SQL and use ACLs and views to limit an auditor's view
- DEnable Google Cloud Storage (GCS) log export to audit logs into a GCS bucket and delegate access to the bucket
Correct Answer:
D
D
send
light_mode
delete
Question #29
You are designing a large distributed application with 30 microservices. Each of your distributed microservices needs to connect to a database back-end. You want to store the credentials securely.
Where should you store the credentials?
Where should you store the credentials?
- AIn the source code
- BIn an environment variable
- CIn a secret management systemMost Voted
- DIn a config file that has restricted access through ACLs
Correct Answer:
C
Reference:
https://cloud.google.com/kms/docs/secret-management
C
Reference:
https://cloud.google.com/kms/docs/secret-management
send
light_mode
delete
Question #30
A lead engineer wrote a custom tool that deploys virtual machines in the legacy data center. He wants to migrate the custom tool to the new cloud environment.
You want to advocate for the adoption of Google Cloud Deployment Manager.
What are two business risks of migrating to Cloud Deployment Manager? (Choose two.)
You want to advocate for the adoption of Google Cloud Deployment Manager.
What are two business risks of migrating to Cloud Deployment Manager? (Choose two.)
- ACloud Deployment Manager uses Python
- BCloud Deployment Manager APIs could be deprecated in the future
- CCloud Deployment Manager is unfamiliar to the company's engineersMost Voted
- DCloud Deployment Manager requires a Google APIs service account to run
- ECloud Deployment Manager can be used to permanently delete cloud resources
- FCloud Deployment Manager only supports automation of Google Cloud resourcesMost Voted
Correct Answer:
BF
BF
send
light_mode
delete
All Pages