• Home
  • Articles
  • Free Associate-Cloud-Engineer Braindumps Download Updated on Dec 06, 2021 with 245 Questions [Q73-Q95]

Free Associate-Cloud-Engineer Braindumps Download Updated on Dec 06, 2021 with 245 Questions [Q73-Q95]

Share

Free Associate-Cloud-Engineer Braindumps Download Updated on Dec 06, 2021 with 245 Questions

Google Associate-Cloud-Engineer Exam Practice Test Questions

NEW QUESTION 73
You need to create a custom IAM role for use with a GCP service. All permissions in the role must be suitable for production use. You also want to clearly share with your organization the status of the custom role. This will be the first version of the custom role. What should you do?

  • A. Use permissions in your role that use the 'supported' support level for role permissions. Set the role stage to ALPHA while testing the role permissions.
  • B. Use permissions in your role that use the 'testing' support level for role permissions. Set the role stage to BETA while testing the role permissions.
  • C. Use permissions in your role that use the 'supported' support level for role permissions. Set the role stage to BETA while testing the role permissions.
  • D. Use permissions in your role that use the 'testing' support level for role permissions. Set the role stage to ALPHA while testing the role permissions.

Answer: D

 

NEW QUESTION 74
Your customer has implemented a solution that uses Cloud Spanner and notices some read latency-related performance issues on one table. This table is accessed only by their users using a primary key. The table schema is shown below.

You want to resolve the issue. What should you do?

  • A. Create a secondary index using the following Data Definition Language (DDL):
  • B. Change the primary key to not have monotonically increasing values.
  • C. Remove the profile_picture field from the table.
  • D. Add a secondary index on the person_id column.

Answer: A

 

NEW QUESTION 75
You want to configure a solution for archiving data in a Cloud Storage bucket. The solution must be cost-effective. Data with multiple versions should be archived after 30 days. Previous versions are accessed once a month for reporting. This archive data is also occasionally updated at month-end. What should you do?

  • A. Add a bucket lifecycle rule that archives data with newer versions after 30 days to Coldline Storage.
  • B. Add a bucket lifecycle rule that archives data from regional storage after 30 days to Coldline Storage.
  • C. Add a bucket lifecycle rule that archives data from regional storage after 30 days to Nearline Storage.
  • D. Add a bucket lifecycle rule that archives data with newer versions after 30 days to Nearline Storage.

Answer: D

Explanation:
Reference:
https://cloud.google.com/storage/docs/managing-lifecycles

 

NEW QUESTION 76
You developed a new application for App Engine and are ready to deploy it to production. You need to estimate the costs of running your application on Google Cloud Platform as accurately as possible. What should you do?

  • A. Use the pricing calculator for App Engine to get an accurate estimation of the expected charges.
  • B. Multiply the costs of your application when it was in development by the number of expected users to get an accurate estimation.
  • C. Create a YAML file with the expected usage. Pass this file to the "gcloud app estimate" command to get an accurate estimation.
  • D. Create a ticket with Google Cloud Billing Support to get an accurate estimation.

Answer: A

Explanation:
A is not correct because that command will generate an error and not give you an estimation on workloads.
B is not correct because this does not result in an accurate estimation.
C is correct because this is the proper way to estimate charges.
D is not correct because billing support is available to help you set up billing and understand invoices, not to make estimations.

 

NEW QUESTION 77
You need to create a custom IAM role for use with a GCP service. All permissions in the role must be suitable for production use. You also want to clearly share with your organization the status of the custom role. This will be the first version of the custom role. What should you do?

  • A. Use permissions in your role that use the `testing' support level for role permissions.
    Set the role stage to ALPHA while testing the role permissions.
  • B. Use permissions in your role that use the `testing' support level for role permissions.
    Set the role stage to BETA while testing the role permissions.
  • C. Use permissions in your role that use the `supported' support level for role permissions.
    Set the role stage to BETA while testing the role permissions.
  • D. Use permissions in your role that use the `supported' support level for role permissions.
    Set the role stage to ALPHA while testing the role permissions.

Answer: D

Explanation:
You need a custom role with permissions supported in prod and you want to publish the status of the role.
https://cloud.google.com/iam/docs/custom-roles-permissions-support
SUPPORTED The permission is fully supported in custom roles.
TESTING The permission is being tested to check its compatibility with custom roles. You can include the permission in custom roles, but you might see unexpected behavior. Not recommended for production use.
NOT_SUPPORTED The permission is not supported in custom roles.
You can't use TESTING as it is not good for prod. And you need first version which should be ALPHA.

 

NEW QUESTION 78
You have a website hosted on App Engine standard environment. You want 1% of your users to see a new test version of the website. You want to minimize complexity. What should you do?

  • A. Create a new App Engine application in the same project. Deploy the new version in that application.
    Configure your network load balancer to send 1% of the traffic to that new application.
  • B. Create a new App Engine application in the same project. Deploy the new version in that application. Use the App Engine library to proxy 1% of the requests to the new version.
  • C. Deploy the new version in the same application and use the --migrateoption.
  • D. Deploy the new version in the same application and use the --splitsoption to give a weight of 99 to the current version and a weight of 1 to the new version.

Answer: D

 

NEW QUESTION 79
You are operating a Google Kubernetes Engine (GKE) cluster for your company where different teams can run non-production workloads. Your Machine Learning (ML) team needs access to Nvidia Tesla P100 GPUs to train their models. You want to minimize effort and cost. What should you do?

  • A. Add a new, GPU-enabled, node pool to the GKE cluster. Ask your ML team to add the cloud.google.com/gke -accelerator: nvidia-tesla-p100 nodeSelector to their pod specification.
  • B. Ask your ML team to add the "accelerator: gpu" annotation to their pod specification.
  • C. Recreate all the nodes of the GKE cluster to enable GPUs on all of them.
  • D. Create your own Kubernetes cluster on top of Compute Engine with nodes that have GPUs. Dedicate this cluster to your ML team.

Answer: C

 

NEW QUESTION 80
You are building a new version of an application hosted in an App Engine environment. You want to test the new version with 1% of users before you completely switch your application over to the new version.
What should you do?

  • A. Deploy a new version of your application in a Compute Engine instance instead of App Engine and then use GCP Console to split traffic.
  • B. Deploy a new version of your application in Google Kubernetes Engine instead of App Engine and then use GCP Console to split traffic.
  • C. Deploy a new version as a separate app in App Engine. Then configure App Engine using GCP Console to split traffic between the two apps.
  • D. Deploy a new version of your application in App Engine. Then go to App Engine settings in GCP Console and split traffic between the current version and newly deployed versions accordingly.

Answer: D

Explanation:
https://cloud.google.com/appengine/docs/standard/python/splitting-traffic

 

NEW QUESTION 81
You are given a project with a single virtual private cloud (VPC) and a single subnetwork in the us-central1 region. There is a Compute Engine instance hosting an application in this subnetwork. You need to deploy a new instance in the same project in the europe-west1 region. This new instance needs access to the application.
You want to follow Google-recommended practices. What should you do?

  • A. 1. Create a VPC and a subnetwork in europe-west1.2. Expose the application with an internal load balancer.3. Create the new instance in the new subnetwork and use the load balancer's address as the endpoint.
  • B. 1. Create a subnetwork in the same VPC, in europe-west1.2. Use Cloud VPN to connect the two subnetworks.3. Create the new instance in the new subnetwork and use the first instance's private address as the endpoint.
  • C. 1. Create a subnetwork in the same VPC, in europe-west1.2. Create the new instance in the new subnetwork and use the first instance's private address as the endpoint.
  • D. 1. Create a VPC and a subnetwork in europe-west1.2. Peer the 2 VPCs.3. Create the new instance in the new subnetwork and use the first instance's private address as the endpoint.

Answer: C

 

NEW QUESTION 82
You are working a System Administrator and have been asked to make sure that all images are patched up to date and developers are not allowed to use old images which are not up to date as per PCI compliance. How would you achieve this?

  • A. Mark image as obsolete to prevent users from using the old image.
  • B. Drop a mail to all the developers regarding which image to use whenever you patch images.
  • C. None of the above.
  • D. Mark image as deprecated to prevent users from using the old image.

Answer: A

 

NEW QUESTION 83
You have a website hosted on App Engine standard environment. You want 1% of your users to see a new test version of the website. You want to minimize complexity. What should you do?

  • A. Create a new App Engine application in the same project. Deploy the new version in that application.
    Configure your network load balancer to send 1% of the traffic to that new application.
  • B. Deploy the new version in the same application and use the --splitsoption to give a weight of 99 to the current version and a weight of 1 to the new version.
  • C. Create a new App Engine application in the same project. Deploy the new version in that application. Use the App Engine library to proxy 1% of the requests to the new version.
  • D. Deploy the new version in the same application and use the --migrateoption.

Answer: C

Explanation:
Explanation

 

NEW QUESTION 84
For analysis purposes, you need to send all the logs from all of your Compute Engine instances to a BigQuery dataset called platform-logs. You have already installed the Stackdriver Logging agent on all the instances.
You want to minimize cost. What should you do?

  • A. 1. In Stackdriver Logging, create a filter to view only Compute Engine logs.2. Click Create Export.3.
    Choose BigQuery as Sink Service, and the platform-logs dataset as Sink Destination.
  • B. 1. Give the BigQuery Data Editor role on the platform-logs dataset to the service accounts used by your instances.2. Update your instances' metadata to add the following value: logs-destination:
    bq://platform-logs.
  • C. 1. Create a Cloud Function that has the BigQuery User role on the platform-logs dataset.2. Configure this Cloud Function to create a BigQuery Job that executes this query:INSERT INTO dataset.platform-logs (timestamp, log)SELECT timestamp, log FROM compute.logsWHERE timestamp
    > DATE_SUB(CURRENT_DATE(), INTERVAL 1 DAY)3. Use Cloud Scheduler to trigger this Cloud Function once a day.
  • D. 1. In Stackdriver Logging, create a logs export with a Cloud Pub/Sub topic called logs as a sink.2.
    Create a Cloud Function that is triggered by messages in the logs topic.3. Configure that Cloud Function to drop logs that are not from Compute Engine and to insert Compute Engine logs in the platform-logs dataset.

Answer: A

 

NEW QUESTION 85
You have a batch workload that runs every night and uses a large number of virtual machines (VMs). It is fault- tolerant and can tolerate some of the VMs being terminated. The current cost of VMs is too high. What should you do?

  • A. Run a test using N1 standard VMs instead of N2. If the test is successful, use N1 Standard VMs when running future jobs.
  • B. Run a test using simulated maintenance events. If the test is successful, use N1 Standard VMs when running future jobs.
  • C. Run a test using simulated maintenance events. If the test is successful, use preemptible N1 Standard VMs when running future jobs.
  • D. Run a test using a managed instance group. If the test is successful, use N1 Standard VMs in the managed instance group when running future jobs.

Answer: B

 

NEW QUESTION 86
Your company has a 3-tier solution running on Compute Engine. The configuration of the current infrastructure is shown below.

Each tier has a service account that is associated with all instances within it. You need to enable communication on TCP port 8080 between tiers as follows:
* Instances in tier #1 must communicate with tier #2.
* Instances in tier #2 must communicate with tier #3.
What should you do?

  • A. 1. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #2 service account* Source filter: all instances with tier #1 service account* Protocols: allow all2. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #3 service account* Source filter: all instances with tier #2 service account* Protocols: allow all
  • B. 1. Create an egress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to 10.0.2.0/24)* Protocols: allow TCP: 80802. Create an egress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to
    10.0.1.0/24)* Protocols: allow TCP: 8080
  • C. 1. Create an ingress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to 10.0.2.0/24)* Protocols: allow all2. Create an ingress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to 10.0.1.0/24)* Protocols: allow all
  • D. 1. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #2 service account* Source filter: all instances with tier #1 service account* Protocols: allow TCP:80802. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #3 service account* Source filter: all instances with tier #2 service account* Protocols: allow TCP: 8080

Answer: D

 

NEW QUESTION 87
Your company uses Cloud Storage to store application backup files for disaster recovery purposes. You want to follow Google's recommended practices. Which storage option should you use?

  • A. Nearline Storage
  • B. Coldline Storage
  • C. Multi-Regional Storage
  • D. Regional Storage

Answer: B

Explanation:
Explanation/Reference: https://cloud.google.com/storage/docs/storage-classes#nearline

 

NEW QUESTION 88
You received a JSON file that contained a private key of a Service Account in order to get access to several resources in a Google Cloud project. You downloaded and installed the Cloud SDK and want to use this private key for authentication and authorization when performing gcloud commands. What should you do?

  • A. Use the command gcloud auth login and point it to the private key
  • B. Place the private key file in your home directory and rename it to ''GOOGLE_APPUCATION_CREDENTiALS".
  • C. Place the private key file in the installation directory of the Cloud SDK and rename it to "credentials ison"
  • D. Use the command gcloud auth activate-service-account and point it to the private key

Answer: A

 

NEW QUESTION 89
You received a JSON file that contained a private key of a Service Account in order to get access to several resources in a Google Cloud project. You downloaded and installed the Cloud SDK and want to use this private key for authentication and authorization when performing gcloud commands. What should you do?

  • A. Use the command gcloud auth loginand point it to the private key.
  • B. Place the private key file in the installation directory of the Cloud SDK and rename it to "credentials.json".
  • C. Place the private key file in your home directory and rename it to
    "GOOGLE_APPLICATION_CREDENTIALS".
  • D. Use the command gcloud auth activate-service-accountand point it to the private key.

Answer: D

Explanation:
Explanation/Reference: https://cloud.google.com/sdk/docs/authorizing

 

NEW QUESTION 90
You deployed an App Engine application using gcloud app deploy, but it did not deploy to the intended project. You want to find out why this happened and where the application deployed. What should you do?

  • A. Go the Cloud Shell and run gcloud config list to review the Google Cloud configuration used for deployment.
  • B. Check the web-application.xml file for your application and check project settings.
  • C. Go to Deployment Manager and review settings for deployment of applications.
  • D. Check the app.yaml file for your application and check project settings.

Answer: D

 

NEW QUESTION 91
An employee was terminated, but their access to Google Cloud Platform (GCP) was not removed until 2 weeks later. You need to find out this employee accessed any sensitive customer information after their termination.
What should you do?

  • A. View the Admin Activity log in Stackdriver. Search for the service account associated with the user.
  • B. View Data Access audit logs in Stackdriver. Search for the user's email as the principal.
  • C. View System Event Logs in Stackdriver. Search for the service account associated with the user.
  • D. View System Event Logs in Stackdriver. Search for the user's email as the principal.

Answer: C

 

NEW QUESTION 92
Your existing application running in Google Kubernetes Engine (GKE) consists of multiple pods running on four GKE n1-standard-2 nodes. You need to deploy additional pods requiring n2-highmem-16 nodes without any downtime. What should you do?

  • A. Create a new cluster with n2-highmem-16 nodes. Redeploy the pods and delete the old cluster.
  • B. Create a new cluster with both n1-standard-2 and n2-highmem-16 nodes. Redeploy the pods and delete the old cluster.
  • C. Use gcloud container clusters upgrade. Deploy the new services.
  • D. Create a new Node Pool and specify machine type n2-highmem-16. Deploy the new pods.

Answer: D

 

NEW QUESTION 93
You are building an application that processes data files uploaded from thousands of suppliers. Your primary goals for the application are data security and the expiration of aged data. You need to design the application to:
* Restrict access so that suppliers can access only their own data.
* Give suppliers write access to data only for 30 minutes.
* Delete data that is over 45 days old.
You have a very short development cycle, and you need to make sure that the application requires minimal maintenance. Which two strategies should you use? (Choose two.)

  • A. Develop a script that loops through all Cloud Storage buckets and deletes any buckets that are older than
    45 days.
  • B. Build a lifecycle policy to delete Cloud Storage objects after 45 days.
  • C. Set up an SFTP server for your application, and create a separate user for each supplier.
  • D. Use signed URLs to allow suppliers limited time access to store their objects.
  • E. Build a Cloud function that triggers a timer of 45 days to delete objects that have expired.

Answer: A,B

Explanation:
Explanation/Reference:

 

NEW QUESTION 94
You created a Google Cloud Platform project with an App Engine application inside the project.
You initially configured the application to be served from the us-central region. Now you want the application to be served from the asia-northeast1 region. What should you do?

  • A. Change the default region property setting in the existing GCP project to asia-northeast1.
  • B. Create a second App Engine application in the existing GCP project and specify asia-northeast1 as the region to serve your application.
  • C. Change the region property setting in the existing App Engine application from us-central to asia- northeast1.
  • D. Create a new GCP project and create an App Engine application inside this new project.
    Specify asia-northeast1 as the region to serve your application.

Answer: D

Explanation:
https://cloud.google.com/appengine/docs/flexible/nodejs/an-overview-of-app-engine

 

NEW QUESTION 95
......

Updated Verified Associate-Cloud-Engineer dumps Q&As - Pass Guarantee or Full Refund: https://passtorrent.testvalid.com/Associate-Cloud-Engineer-valid-exam-test.html

Related Articles

more
Google Associate-Cloud-Engineer Certification Practice Exam

Copyright © 2026 TestValid NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy