• support@dumpspool.com

SPECIAL LIMITED TIME DISCOUNT OFFER. USE DISCOUNT CODE TO GET 20% OFF DP2021

PDF Only

Dumpspool PDF book

$35.00 Free Updates Upto 90 Days

  • Associate-Cloud-Engineer Dumps PDF
  • 285 Questions
  • Updated On November 08, 2024

PDF + Test Engine

Dumpspool PDF and Test Engine book

$60.00 Free Updates Upto 90 Days

  • Associate-Cloud-Engineer Question Answers
  • 285 Questions
  • Updated On November 08, 2024

Test Engine

Dumpspool Test Engine book

$50.00 Free Updates Upto 90 Days

  • Associate-Cloud-Engineer Practice Questions
  • 285 Questions
  • Updated On November 08, 2024
Check Our Free Google Associate-Cloud-Engineer Online Test Engine Demo.

How to pass Google Associate-Cloud-Engineer exam with the help of dumps?

DumpsPool provides you the finest quality resources you’ve been looking for to no avail. So, it's due time you stop stressing and get ready for the exam. Our Online Test Engine provides you with the guidance you need to pass the certification exam. We guarantee top-grade results because we know we’ve covered each topic in a precise and understandable manner. Our expert team prepared the latest Google Associate-Cloud-Engineer Dumps to satisfy your need for training. Plus, they are in two different formats: Dumps PDF and Online Test Engine.

How Do I Know Google Associate-Cloud-Engineer Dumps are Worth it?

Did we mention our latest Associate-Cloud-Engineer Dumps PDF is also available as Online Test Engine? And that’s just the point where things start to take root. Of all the amazing features you are offered here at DumpsPool, the money-back guarantee has to be the best one. Now that you know you don’t have to worry about the payments. Let us explore all other reasons you would want to buy from us. Other than affordable Real Exam Dumps, you are offered three-month free updates.

You can easily scroll through our large catalog of certification exams. And, pick any exam to start your training. That’s right, DumpsPool isn’t limited to just Google Exams. We trust our customers need the support of an authentic and reliable resource. So, we made sure there is never any outdated content in our study resources. Our expert team makes sure everything is up to the mark by keeping an eye on every single update. Our main concern and focus are that you understand the real exam format. So, you can pass the exam in an easier way!

IT Students Are Using our Google Cloud Certified - Associate Cloud Engineer Dumps Worldwide!

It is a well-established fact that certification exams can’t be conquered without some help from experts. The point of using Google Cloud Certified - Associate Cloud Engineer Practice Question Answers is exactly that. You are constantly surrounded by IT experts who’ve been through you are about to and know better. The 24/7 customer service of DumpsPool ensures you are in touch with these experts whenever needed. Our 100% success rate and validity around the world, make us the most trusted resource candidates use. The updated Dumps PDF helps you pass the exam on the first attempt. And, with the money-back guarantee, you feel safe buying from us. You can claim your return on not passing the exam.

How to Get Associate-Cloud-Engineer Real Exam Dumps?

Getting access to the real exam dumps is as easy as pressing a button, literally! There are various resources available online, but the majority of them sell scams or copied content. So, if you are going to attempt the Associate-Cloud-Engineer exam, you need to be sure you are buying the right kind of Dumps. All the Dumps PDF available on DumpsPool are as unique and the latest as they can be. Plus, our Practice Question Answers are tested and approved by professionals. Making it the top authentic resource available on the internet. Our expert has made sure the Online Test Engine is free from outdated & fake content, repeated questions, and false plus indefinite information, etc. We make every penny count, and you leave our platform fully satisfied!

Frequently Asked Questions

Google Associate-Cloud-Engineer Sample Question Answers

Question # 1

You have a number of applications that have bursty workloads and are heavily dependent on topics to decouple publishing systems from consuming systems. Your company would like to go serverless to enable developers to focus on writing code without worrying about infrastructure. Your solution architect has already identified Cloud Pub/Sub as a suitable alternative for decoupling systems. You have been asked to identify a suitable GCP Serverless service that is easy to use with Cloud Pub/Sub. You want the ability to scale down to zero when there is no traffic in order to minimize costs. You want to follow Google recommended practices. What should you suggest?

A. Cloud Run for Anthos 
B. Cloud Run 
C. App Engine Standard 
D. Cloud Functions. 

Question # 2

You need to track and verity modifications to a set of Google Compute Engine instances in your Google Cloud project. In particular, you want to verify OS system patching events on your virtual machines (VMs). What should you do?

A. Review the Compute Engine activity logs Select and review the Admin Event logs 
B. Review the Compute Engine activity logs Select and review the System Event logs 
C. Install the Cloud Logging Agent In Cloud Logging review the Compute Engine syslog logs 
D. Install the Cloud Logging Agent In Cloud Logging, review the Compute Engine operation logs 

Question # 3

Your web application has been running successfully on Cloud Run for Anthos. You want to evaluate an updated version of the application with a specific percentage of your production users (canary deployment). What should you do?

A. Create a new service with the new version of the application. Split traffic between this version and the version that is currently running. 
B. Create a new revision with the new version of the application. Split traffic between this version and the version that is currently running. 
C. Create a new service with the new version of the application. Add an HTTP Load Balancer in front of both services. 
D. Create a new revision with the new version of the application. Add an HTTP Load Balancer in front of both revisions. 

Question # 4

Your company has a Google Cloud Platform project that uses BigQuery for data warehousing. Your data science team changes frequently and has few members. You need to allow members of this team to perform queries. You want to follow Googlerecommended practices. What should you do?

A. 1. Create an IAM entry for each data scientist's user account.2. Assign the BigQuery jobUser role to the group. 
B. 1. Create an IAM entry for each data scientist's user account.2. Assign the BigQuery dataViewer user role to the group. 
C. 1. Create a dedicated Google group in Cloud Identity.2. Add each data scientist's user account to the group.3. Assign the BigQuery jobUser role to the group. 
D. 1. Create a dedicated Google group in Cloud Identity.2. Add each data scientist's user account to the group.3. Assign the BigQuery dataViewer user role to the group. 

Question # 5

Your company is moving its entire workload to Compute Engine. Some servers should be accessible through the Internet, and other servers should only be accessible over the internal network. All servers need to be able to talk to each other over specific ports and protocols. The current on-premises network relies on a demilitarized zone (DMZ) for the public servers and a Local Area Network (LAN) for the private servers. You need to desig the networking infrastructure on Google Cloud to match these requirements. What should you do?

A. 1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ. 
B. 1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public egress traffic for the DMZ. 
C. 1. Create a VPC with a subnet for the DMZ and another VPC with a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ. 
D. 1. Create a VPC with a subnet for the DMZ and another VPC with a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public egress traffic for the DMZ. 

Question # 6

The DevOps group in your organization needs full control of Compute Engine resources in your development project. However, they should not have permission to create or update any other resources in the project. You want to follow Google's recommendations for setting permissions for the DevOps group. What should you do?

A. Grant the basic role roles/viewer and the predefined role roles/compute.admin to the DevOps group. 
B. Create an 1AM policy and grant all compute. instanceAdmln." permissions to the policy Attach the policy to the DevOps group.
 C. Create a custom role at the folder level and grant all compute. instanceAdmln. * permissions to the role Grant the custom role to the DevOps group. 
D. Grant the basic role roles/editor to the DevOps group. 

Question # 7

You are designing an application that lets users upload and share photos. You expect your application to grow really fast and you are targeting a worldwide audience. You want to delete uploaded photos after 30 days. You want to minimize costs while ensuring your application is highly available. Which GCP storage solution should you choose?

A. Persistent SSD on VM instances. 
B. Cloud Filestore. 
C. Multiregional Cloud Storage bucket. 
D. Cloud Datastore database. 

Question # 8

You are migrating a business critical application from your local data center into Google Cloud. As part of your high-availability strategy, you want to ensure that any data used by the application will be immediately available if a zonal failure occurs. What should you do? 

A. Store the application data on a zonal persistent disk. Create a snapshot schedule for the disk. If an outage occurs, create a new disk from the most recent snapshot and attach it to a new VM in another zone. 
B. Store the application data on a zonal persistent disk. If an outage occurs, create an instance in another zone with this disk attached. 
C. Store the application data on a regional persistent disk. Create a snapshot schedule for the disk. If an outage occurs, create a new disk from the most recent snapshot and attach it to a new VM in another zone.
 D. Store the application data on a regional persistent disk If an outage occurs, create an instance in another zone with this disk attached.

Question # 9

Your company has developed a new application that consists of multiple microservices. You want to deploy the application to Google Kubernetes Engine (GKE), and you want to ensure that the cluster can scale as more applications are deployed in the future. You want to avoid manual intervention when each new application is deployed. What should you do?

A. Deploy the application on GKE, and add a HorizontalPodAutoscaler to the deployment. 
B. Deploy the application on GKE, and add a VerticalPodAutoscaler to the deployment. 
C. Create a GKE cluster with autoscaling enabled on the node pool. Set a minimum and maximum for the size of the node pool. 
D. Create a separate node pool for each application, and deploy each application to its dedicated node pool. 

Question # 10

You want to verify the IAM users and roles assigned within a GCP project named myproject. What should you do?

A. Run gcloud iam roles list. Review the output section. 
B. Run gcloud iam service-accounts list. Review the output section. 
C. Navigate to the project and then to the IAM section in the GCP Console. Review the members and roles. 
D. Navigate to the project and then to the Roles section in the GCP Console. Review the roles and status. 

Question # 11

Your company has embraced a hybrid cloud strategy where some of the applications are deployed on Google Cloud. A Virtual Private Network (VPN) tunnel connects your Virtual Private Cloud (VPC) in Google Cloud with your company's on-premises network. Multiple applications in Google Cloud need to connect to an on-premises database server, and you want to avoid having to change the IP configuration in all of your applications when the IP of the database changes. What should you do?

A. Configure Cloud NAT for all subnets of your VPC to be used when egressing from the VM instances. 
B. Create a private zone on Cloud DNS, and configure the applications with the DNS name. 
C. Configure the IP of the database as custom metadata for each instance, and query the metadata server.
 D. Query the Compute Engine internal DNS from the applications to retrieve the IP of the database. 

Question # 12

You have developed a containerized web application that will serve Internal colleagues during business hours. You want to ensure that no costs are incurred outside of the hours the application is used. You have just created a new Google Cloud project and want to deploy the application. What should you do?

A. Deploy the container on Cloud Run for Anthos, and set the minimum number of instances to zero 
B. Deploy the container on Cloud Run (fully managed), and set the minimum number of instances to zero. 
C. Deploy the container on App Engine flexible environment with autoscaling. and set the value min_instances to zero in the app yaml
D. Deploy the container on App Engine flexible environment with manual scaling, and set the value instances to zero in the app yaml 

Question # 13

The storage costs for your application logs have far exceeded the project budget. The logs are currently being retained indefinitely in the Cloud Storage bucket myapp-gcp-ace-logs. You have been asked to remove logs older than 90 days from your Cloud Storage bucket. You want to optimize ongoing Cloud Storage spend. What should you do? 

A. Write a script that runs gsutil Is -| – gs://myapp-gcp-ace-logs/** to find and remove items older than 90 days. Schedule the script with cron. 
B. Write a lifecycle management rule in JSON and push it to the bucket with gsutil lifecycle set config-json-file. 
C. Write a lifecycle management rule in XML and push it to the bucket with gsutil lifecycle set config-xml-file. 
D. Write a script that runs gsutil Is -Ir gs://myapp-gcp-ace-logs/** to find and remove items older than 90 days. Repeat this process every morning. 

Question # 14

Your organization is a financial company that needs to store audit log files for 3 years. Your organization has hundreds of Google Cloud projects. You need to implement a costeffective approach for log file retention. What should you do? 

A. Create an export to the sink that saves logs from Cloud Audit to BigQuery. 
B. Create an export to the sink that saves logs from Cloud Audit to a Coldline Storage bucket. 
C. Write a custom script that uses logging API to copy the logs from Stackdriver logs to BigQuery. 
D. Export these logs to Cloud Pub/Sub and write a Cloud Dataflow pipeline to store logs to Cloud SQL. 

Question # 15

You need to verify that a Google Cloud Platform service account was created at a particular time. What should you do?

A. Filter the Activity log to view the Configuration category. Filter the Resource type to Service Account. 
B. Filter the Activity log to view the Configuration category. Filter the Resource type to Google Project. 
C. Filter the Activity log to view the Data Access category. Filter the Resource type to Service Account. 
D. Filter the Activity log to view the Data Access category. Filter the Resource type to Google Project. 

Question # 16

You have two subnets (subnet-a and subnet-b) in the default VPC. Your database servers are running in subnet-a. Your application servers and web servers are running in subnet-b. You want to configure a firewall rule that only allows database traffic from the application servers to the database servers. What should you do?

A. * Create service accounts sa-app and sa-db. • Associate service account: sa-app with the application servers and the service account sa-db with the database servers. • Create an ingress firewall rule to allow network traffic from source service account sa-app to target service account sa-db. 
B. • Create network tags app-server and db-server. • Add the app-server lag lo the application servers and the db-server lag to the database servers. • Create an egress firewall rule to allow network traffic from source network tag app-server to target network tag db-server. 
C. * Create a service account sa-app and a network tag db-server. Associate the service account sa-app with the application servers and the network tag dbserver with the database servers. • Create an ingress firewall rule to allow network traffic from source VPC IP addresses and target the subnet-a IP addresses. 
D. • Create a network lag app-server and service account sa-db. • Add the tag to the application servers and associate the service account with the database servers. • Create an egress firewall rule to allow network traffic from source network tag app-server to target service account sa-db. 

Question # 17

Your company is using Google Workspace to manage employee accounts. Anticipated growth will increase the number of personnel from 100 employees to 1.000 employees within 2 years. Most employees will need access to your company's Google Cloud account. The systems and processes will need to support 10x growth without performance degradation, unnecessary complexity, or security issues. What should you do? 

A. Migrate the users to Active Directory. Connect the Human Resources system to Active Directory. Turn on Google Cloud Directory Sync (GCDS) for Cloud Identity. Turn on Identity Federation from Cloud Identity to Active Directory. 
B. Organize the users in Cloud Identity into groups. Enforce multi-factor authentication in Cloud Identity. 
C. Turn on identity federation between Cloud Identity and Google Workspace. Enforce multi-factor authentication for domain wide delegation. 
D. Use a third-party identity provider service through federation. Synchronize the users from Google Workplace to the third-party provider in real time. 

Question # 18

You built an application on your development laptop that uses Google Cloud services. Your application uses Application Default Credentials for authentication and works fine on your development laptop. You want to migrate this application to a Compute Engine virtual machine (VM) and set up authentication using Google- recommended practices and minimal changes. What should you do?

A. Assign appropriate access for Google services to the service account used by the Compute Engine VM. 
B. Create a service account with appropriate access for Google services, and configure the application to use this account. 
C. Store credentials for service accounts with appropriate access for Google services in a config file, and deploy this config file with your application. 
D. Store credentials for your user account with appropriate access for Google services in a config file, and deploy this config file with your application. 

Question # 19

Your company developed a mobile game that is deployed on Google Cloud. Gamers are connecting to the game with their personal phones over the Internet. The game sends UDP packets to update the servers about the gamers' actions while they are playing in multiplayer mode. Your game backend can scale over multiple virtual machines (VMs), and you want to expose the VMs over a single IP address. What should you do?

A. Configure an SSL Proxy load balancer in front of the application servers. 
B. Configure an Internal UDP load balancer in front of the application servers. 
C. Configure an External HTTP(s) load balancer in front of the application servers. tree 
D. Configure an External Network load balancer in front of the application servers. 

Question # 20

You are designing an application that uses WebSockets and HTTP sessions that are not distributed across the web servers. You want to ensure the application runs properly on Google Cloud Platform. What should you do?

A. Meet with the cloud enablement team to discuss load balancer options. 
B. Redesign the application to use a distributed user session service that does not rely on WebSockets and HTTP sessions. 
C. Review the encryption requirements for WebSocket connections with the security team. 
D. Convert the WebSocket code to use HTTP streaming. 

Question # 21

You are managing a project for the Business Intelligence (BI) department in your company A data pipeline ingests data into BigQuery via streaming. You want the users in the BI department to be able to run the custom SQL queries against the latest data in BigQuery. What should you do?

A. Create a Data Studio dashboard that uses the related BigQuery tables as a source and give the BI team view access to the Data Studio dashboard. 
B. Create a Service Account for the BI team and distribute a new private key to each member of the BI team. 
C. Use Cloud Scheduler to schedule a batch Dataflow job to copy the data from BigQuery to the BI team's internal data warehouse. 
D. Assign the IAM role of BigQuery User to a Google Group that contains the members of the BI team. 

Question # 22

You want to deploy an application on Cloud Run that processes messages from a Cloud Pub/Sub topic. You want to follow Google-recommended practices. What should you do?

A. 1. Create a Cloud Function that uses a Cloud Pub/Sub trigger on that topic.2. Call your application on Cloud Run from the Cloud Function for every message. 
B. 1. Grant the Pub/Sub Subscriber role to the service account used by Cloud Run.2. Create a Cloud Pub/Sub subscription for that topic.3. Make your application pull messages from that subscription. 
C. 1. Create a service account.2. Give the Cloud Run Invoker role to that service account for your Cloud Run application.3. Create a Cloud Pub/Sub subscription that uses that service account and uses your Cloud Run application as the push endpoint. 
D. 1. Deploy your application on Cloud Run on GKE with the connectivity set to Internal.2. Create a Cloud Pub/Sub subscription for that topic.3. In the same Google Kubernetes Engine cluster as your application, deploy a container that takes the messages and sends them to your application.

Question # 23

A company wants to build an application that stores images in a Cloud Storage bucket and wants to generate thumbnails as well as resize the images. They want to use a google managed service that can scale up and scale down to zero automatically with minimal effort. You have been asked to recommend a service. Which GCP service would you suggest? 

A. Google Compute Engine 
B. Google App Engine 
C. Cloud Functions
 D. Google Kubernetes Engine 

Question # 24

You are working for a startup that was officially registered as a business 6 months ago. As your customer base grows, your use of Google Cloud increases. You want to allow all engineers to create new projects without asking them for their credit card information. What should you do?

A. Create a Billing account, associate a payment method with it, and provide all project creators with permission to associate that billing account with their projects. 
B. Grant all engineer’s permission to create their own billing accounts for each new project. 
C. Apply for monthly invoiced billing, and have a single invoice tor the project paid by the finance team. 
D. Create a billing account, associate it with a monthly purchase order (PO), and send the PO to Google Cloud. 

Question # 25

You are assigned to maintain a Google Kubernetes Engine (GKE) cluster named dev that was deployed on Google Cloud. You want to manage the GKE configuration using the command line interface (CLI). You have just downloaded and installed the Cloud SDK. You want to ensure that future CLI commands by default address this specific cluster. What should you do?

A. Use the command gcloud config set container/cluster dev. 
B. Use the command gcloud container clusters update dev. 
C. Create a file called gke.default in the ~/.gcloud folder that contains the cluster name.
 D. Create a file called defaults.json in the ~/.gcloud folder that contains the cluster name. 

Question # 26

You have a workload running on Compute Engine that is critical to your business. You want to ensure that the data on the boot disk of this workload is backed up regularly. You need to be able to restore a backup as quickly as possible in case of disaster. You also want older backups to be cleaned automatically to save on cost. You want to follow Google recommended practices. What should you do?

A. Create a Cloud Function to create an instance template. 
B. Create a snapshot schedule for the disk using the desired interval. 
C. Create a cron job to create a new disk from the disk using gcloud. 
D. Create a Cloud Task to create an image and export it to Cloud Storage. 

Question # 27

You are about to deploy a new Enterprise Resource Planning (ERP) system on Google Cloud. The application holds the full database in-memory for fast data access, and you need to configure the most appropriate resources on Google Cloud for this application. What should you do? 

A. Provision preemptible Compute Engine instances. 
B. Provision Compute Engine instances with GPUs attached. 
C. Provision Compute Engine instances with local SSDs attached. %3F
D. Provision Compute Engine instances with M1 machine type. 

Question # 28

You are setting up a Windows VM on Compute Engine and want to make sure you can log in to the VM via RDP. What should you do?

A. After the VM has been created, use your Google Account credentials to log in into the VM. 
B. After the VM has been created, use gcloud compute reset-windows-password to retrieve the login credentials for the VM. 
C. When creating the VM, add metadata to the instance using ‘windows-password’ as the key and a password as the value.
D. After the VM has been created, download the JSON private key for the default Compute Engine service account. Use the credentials in the JSON file to log in to the VM. 

Question # 29

You manage an App Engine Service that aggregates and visualizes data from BigQuery. The application is deployed with the default App Engine Service account. The data that needs to be visualized resides in a different project managed by another team. You do not have access to this project, but you want your application to be able to read data from the BigQuery dataset. What should you do?

A. Ask the other team to grant your default App Engine Service account the role of BigQuery Job User. 
B. Ask the other team to grant your default App Engine Service account the role of BigQuery Data Viewer. 
C. In Cloud IAM of your project, ensure that the default App Engine service account has the role of BigQuery Data Viewer.
D. In Cloud IAM of your project, grant a newly created service account from the other team the role of BigQuery Job User in your project. 

Question # 30

You have an application that runs on Compute Engine VM instances in a custom Virtual Private Cloud (VPC). Your company's security policies only allow the use to internal IP addresses on VM instances and do not let VM instances connect to the internet. You need to ensure that the application can access a file hosted in a Cloud Storage bucket within your project. What should you do?

A. Enable Private Service Access on the Cloud Storage Bucket. 
B. Add slorage.googleapis.com to the list of restricted services in a VPC Service Controls perimeter and add your project to the list to protected projects. 
C. Enable Private Google Access on the subnet within the custom VPC. 
D. Deploy a Cloud NAT instance and route the traffic to the dedicated IP address of the Cloud Storage bucket. 

Question # 31

You are performing a monthly security check of your Google Cloud environment and want to know who has access to view data stored in your Google Cloud Project. What should you do? 

A. Enable Audit Logs for all APIs that are related to data storage. 
B. Review the IAM permissions for any role that allows for data access. Most Voted 
C. Review the Identity-Aware Proxy settings for each resource. 
D. Create a Data Loss Prevention job. 

Question # 32

You have files in a Cloud Storage bucket that you need to share with your suppliers. You want to restrict the time that the files are available to your suppliers to 1 hour. You want to follow Google recommended practices. What should you do?

A. Create a service account with just the permissions to access files in the bucket. Create a JSON key for the service account. Execute the command gsutil signurl -m 1h gs:///*. 
B. Create a service account with just the permissions to access files in the bucket. Create a JSON key for the service account. Execute the command gsutil signurl -d 1h gs:///**. 
C. Create a service account with just the permissions to access files in the bucket. Create a JSON key for the service account. Execute the command gsutil signurl -p 60m gs:///. 
D. Create a JSON key for the Default Compute Engine Service Account. Execute the command gsutil signurl -t 60m gs:///*** 

Question # 33

Your coworker has helped you set up several configurations for gcloud. You've noticed that you're running commands against the wrong project. Being new to the company, you haven't yet memorized any of the projects. With the fewest steps possible, what's the fastest way to switch to the correct configuration?

A. Run gcloud configurations list followed by gcloud configurations activate . 
B. Run gcloud config list followed by gcloud config activate. 
C. Run gcloud config configurations list followed by gcloud config configurations activate. 
D. Re-authenticate with the gcloud auth login command and select the correct configurations on login

Question # 34

All development (dev) teams in your organization are located in the United States. Each dev team has its own Google Cloud project. You want to restrict access so that each dev team can only create cloud resources in the United States (US). What should you do? 

A. Create a folder to contain all the dev projects Create an organization policy to limit resources in US locations.
B. Create an organization to contain all the dev projects. Create an Identity and Access Management (1AM) policy to limit the resources in US regions.
C. Create an Identity and Access Management <IAM) policy to restrict the resources locations in the US. Apply the policy to all dev projects.
D. Create an Identity and Access Management (IAM)policy to restrict the resources locations in all dev projects. Apply the policy to all dev roles. 

Question # 35

Your company completed the acquisition of a startup and is now merging the IT systems of both companies. The startup had a production Google Cloud project in their organization. You need to move this project into your organization and ensure that the project is billed lo your organization. You want to accomplish this task with minimal effort. What should you do?

A. Use the projects. move method to move the project to your organization. Update the billing account of the project to that of your organization. 
B. Ensure that you have an Organization Administrator Identity and Access Management (1AM) role assigned to you in both organizations. Navigate to the Resource Manager in the startup's Google Cloud organization, and drag the project to your company's organization. 
C. Create a Private Catalog tor the Google Cloud Marketplace, and upload the resources of the startup’s production project to the Catalog. Share the Catalog with your organization, and deploy the resources in your company’s project. 
D. Create an infrastructure-as-code template tor all resources in the project by using Terraform. and deploy that template to a new project in your organization. Delete the protect from the startup's Google Cloud organization. 

Question # 36

Your team is running an on-premises ecommerce application. The application contains a complex set of microservices written in Python, and each microservice is running on Docker containers. Configurations are injected by using environment variables. You need to deploy your current application to a serverless Google Cloud cloud solution. What should you do? 

A. Use your existing CI/CD pipeline Use the generated Docker images and deploy them to Cloud Run. Update the configurations and the required endpoints. 
B. Use your existing continuous integration and delivery (CI/CD) pipeline. Use the generated Docker images and deploy them to Cloud Function. Use the same configuration as on-premises. 
C. Use the existing codebase and deploy each service as a separate Cloud Function Update the configurations and the required endpoints. 
D. Use your existing codebase and deploy each service as a separate Cloud Run Use the same configurations as on-premises. 

Question # 37

You are developing a financial trading application that will be used globally. Data is stored and queried using a relational structure, and clients from all over the world should get the exact identical state of the data. The application will be deployed in multiple regions to provide the lowest latency to end users. You need to select a storage option for the application data while minimizing latency. What should you do?

A. Use Cloud Bigtable for data storage. 
B. Use Cloud SQL for data storage.
 C. Use Cloud Spanner for data storage. 
D. Use Firestore for data storage.

Question # 38

You created a Kubernetes deployment by running kubectl run nginx image=nginx replicas=1. After a few days, you decided you no longer want this deployment. You identified the pod and deleted it by running kubectl delete pod. You noticed the pod got recreated. $ kubectl get pods NAME READY STATUS RESTARTS AGE nginx-84748895c4-nqqmt 1/1 Running 0 9m41s $ kubectl delete pod nginx-84748895c4-nqqmt pod nginx-84748895c4-nqqmt deleted $ kubectl get pods NAME READY STATUS RESTARTS AGE nginx-84748895c4-k6bzl 1/1 Running 0 25s What should you do to delete the deployment and avoid pod getting recreated?

A. kubectl delete deployment nginx 
B. kubectl delete –deployment=nginx 
C. kubectl delete pod nginx-84748895c4-k6bzl –no-restart 2 
D. kubectl delete inginx 

Question # 39

You have been asked to migrate a docker application from datacenter to cloud. Your solution architect has suggested uploading docker images to GCR in one project and running an application in a GKE cluster in a separate project. You want to store images in the project img-278322 and run the application in the project prod-278986. You want to tag the image as acme_track_n_trace:v1. You want to follow Google-recommended practices. What should you do? 

A. Run gcloud builds submit --tag gcr.io/img-278322/acme_track_n_trace 
B. Run gcloud builds submit --tag gcr.io/img-278322/acme_track_n_trace:v1 
C. Run gcloud builds submit --tag gcr.io/prod-278986/acme_track_n_trace 
D. Run gcloud builds submit --tag gcr.io/prod-278986/acme_track_n_trace:v1 

Question # 40

You are configuring Cloud DNS. You want !to create DNS records to point home.mydomain.com, mydomain.com. and www.mydomain.com to the IP address of your Google Cloud load balancer. What should you do?

A. Create one CNAME record to point mydomain.com to the load balancer, and create two A records to point WWW and HOME lo mydomain.com respectively. 
B. Create one CNAME record to point mydomain.com to the load balancer, and create two AAAA records to point WWW and HOME to mydomain.com respectively. 
C. Create one A record to point mydomain.com to the load balancer, and create two CNAME records to point WWW and HOME to mydomain.com respectively. 
D. Create one A record to point mydomain.com lo the load balancer, and create two NS records to point WWW and HOME to mydomain.com respectively. 

Question # 41

You have developed an application that consists of multiple microservices, with each microservice packaged in its own Docker container image. You want to deploy the entire application on Google Kubernetes Engine so that each microservice can be scaled individually. What should you do?

A. Create and deploy a Custom Resource Definition per microservice. 
B. Create and deploy a Docker Compose File. 
C. Create and deploy a Job per microservice. 
D. Create and deploy a Deployment per microservice. 

Question # 42

The sales team has a project named Sales Data Digest that has the ID acme-data-digest You need to set up similar Google Cloud resources for the marketing team but their resources must be organized independently of the sales team. What should you do?

A. Grant the Project Editor role to the Marketing learn for acme data digest 
B. Create a Project Lien on acme-data digest and then grant the Project Editor role to the Marketing team 
C. Create another protect with the ID acme-marketing-data-digest for the Marketing team and deploy the resources there 
D. Create a new protect named Meeting Data Digest and use the ID acme-data-digest Grant the Project Editor role to the Marketing team. 

Question # 43

Your application development team has created Docker images for an application that will be deployed on Google Cloud. Your team does not want to manage the infrastructure associated with this application. You need to ensure that the application can scale automatically as it gains popularity. What should you do?

A. gcloud deployment-manager deployments create my-gcp-ace-cluster --config cluster.yaml 
B. gcloud deployment-manager deployments create my-gcp-ace-cluster --type container.v1.cluster --config cluster.yaml 
C. gcloud deployment-manager deployments apply my-gcp-ace-cluster --type container.v1.cluster --config cluster.yaml 
D. gcloud deployment-manager deployments apply my-gcp-ace-cluster --config cluster.yaml 

Question # 44

Your application development team has created Docker images for an application that will be deployed on Google Cloud. Your team does not want to manage the infrastructure associated with this application. You need to ensure that the application can scale automatically as it gains popularity. What should you do?

A. Create an Instance template with the container image, and deploy a Managed Instance Group with Autoscaling. 
B. Upload Docker images to Artifact Registry, and deploy the application on Google Kubernetes Engine using Standard mode.
 C. Upload Docker images to the Cloud Storage, and deploy the application on Google Kubernetes Engine using Standard mode.
 D. Upload Docker images to Artifact Registry, and deploy the application on Cloud Run. 

Question # 45

You are given a project with a single virtual private cloud (VPC) and a single subnetwork in the us-central1 region. There is a Compute Engine instance hosting an application in this subnetwork. You need to deploy a new instance in the same project in the europe-west1 region. This new instance needs access to the application. You want to follow Googlerecommended practices. What should you do?

A. 1. Create a subnetwork in the same VPC, in europe-west1.2. Create the new instance in the new subnetwork and use the first instance's private address as the endpoint. 
B. 1. Create a VPC and a subnetwork in europe-west1.2. Expose the application with an internal load balancer.3. Create the new instance in the new subnetwork and use the load balancer's address as the endpoint. 
C. 1. Create a subnetwork in the same VPC, in europe-west1.2. Use Cloud VPN to connect the two subnetworks.3. Create the new instance in the new subnetwork and use the first instance's private address as the endpoint. 
D. 1. Create a VPC and a subnetwork in europe-west1.2. Peer the 2 VPCs.3. Create the new instance in the new subnetwork and use the first instance's private address as the endpoint. 

Question # 46

You are running a web application on Cloud Run for a few hundred users. Some of your users complain that the initial web page of the application takes much longer to load than the following pages. You want to follow Google's recommendations to mitigate the issue. What should you do? 

A. Update your web application to use the protocol HTTP/2 instead of HTTP/1.1 
B. Set the concurrency number to 1 for your Cloud Run service. 
C. Set the maximum number of instances for your Cloud Run service to 100. 
D. Set the minimum number of instances for your Cloud Run service to 3. 

Question # 47

2. Your auditor wants to view your organization's use of data in Google Cloud. The auditoris most interested in auditing who accessed data in Cloud Storage buckets. You need tohelp the auditor access the data they need. What should you do?

A. Assign the appropriate permissions, and then use Cloud Monitoring to review metrics 
B. Use the export logs API to provide the Admin Activity Audit Logs in the format they want 
C. Turn on Data Access Logs for the buckets they want to audit, and Then build a query inthe log viewer that filters on Cloud Storage 
D. Assign the appropriate permissions, and then create a Data Studio report on AdminActivity Audit Logs 

Question # 48

Your organization has three existing Google Cloud projects. You need to bill the Marketingdepartment for only their Google Cloud services for a new initiative within their group. Whatshould you do?

A. 1. Verify that you ace assigned the Billing Administrator IAM role tor your organization's Google Cloud Project for the Marketing department 2. Link the new project to a Marketing Billing Account 
B. 1. Verify that you are assigned the Billing Administrator IAM role for your organization's Google Cloud account 2. Create a new Google Cloud Project for the Marketing department 3. Set the default key-value project labels to department marketing for all services in this project 
C. 1. Verify that you are assigned the Organization Administrator IAM role for your organization's Google Cloud account 2. Create a new Google Cloud Project for the Marketing department 3. Link the new project to a Marketing Billing Account. 
D. 1. Verity that you are assigned the Organization Administrator IAM role for your organization's Google Cloud account 2. Create a new Google Cloud Project for the Marketing department 3. Set the default key value project labels to department marketing for all services in this protect 

Question # 49

You will have several applications running on different Compute Engine instances in thesame project. You want to specify at a more granular level the service account eachinstance uses when calling Google Cloud APIs. What should you do?

A. When creating the instances, specify a Service Account for each instance 
B. When creating the instances, assign the name of each Service Account as instancemetadata 
C. After starting the instances, use gcloud compute instances update to specify a ServiceAccount for each instance 
D. After starting the instances, use gcloud compute instances update to assign the name ofthe relevant Service Account as instance metadata 

Question # 50

An application generates daily reports in a Compute Engine virtual machine (VM). The VMis in the project corp-iot-insights. Your team operates only in the project corp-aggregatereports and needs a copy of the daily exports in the bucket corp-aggregate-reports-storage.You want to configure access so that the daily reports from the VM are available in thebucket corp-aggregate-reports-storage and use as few steps as possible while followingGoogle-recommended practices. What should you do?

A. Move both projects under the same folder. 
B. Grant the VM Service Account the role Storage Object Creator on corp-aggregatereports-storage. 
C. Create a Shared VPC network between both projects. Grant the VM Service Accountthe role Storage Object Creator on corp-iot-insights. 
D. Make corp-aggregate-reports-storage public and create a folder with a pseudorandomized suffix name. Share the folder with the IoT team. 

Question # 51

You want to verify the IAM users and roles assigned within a GCP project named myproject. What should you do?

A. Run gcloud iam roles list. Review the output section. 
B. Run gcloud iam service-accounts list. Review the output section. 
C. Navigate to the project and then to the IAM section in the GCP Console. Review themembers and roles. 
D. Navigate to the project and then to the Roles section in the GCP Console. Review theroles and status. 

Question # 52

You need to add a group of new users to Cloud Identity. Some of the users already haveexisting Google accounts. You want to follow one of Google's recommended practices andavoid conflicting accounts. What should you do?

A. Invite the user to transfer their existing account 
B. Invite the user to use an email alias to resolve the conflict 
C. Tell the user that they must delete their existing account 
D. Tell the user to remove all personal email from the existing account 

Question # 53

30. You are running multiple microservices in a Kubernetes Engine cluster. Onemicroservice is rendering images. The microservice responsible for the image renderingrequires a large amount of CPU time compared to the memory it requires. The othermicroservices are workloads that are optimized for n1-standard machine types. You needto optimize your cluster so that all workloads are using resources as efficiently as possible.What should you do?

A. Assign the pods of the image rendering microservice a higher pod priority than the oldermicroservices 
B. Create a node pool with compute-optimized machine type nodes for the image renderingmicroservice Use the node pool with general-purpose machine type nodes for the other microservices 
C. Use the node pool with general-purpose machine type nodes for lite mage renderingmicroservice Create a nodepool with compute-optimized machine type nodes for the othermicroservices 
D. Configure the required amount of CPU and memory in the resource requestsspecification of the image rendering microservice deployment Keep the resource requestsfor the other microservices at the default 

Question # 54

You have been asked to set up the billing configuration for a new Google Cloud customer.Your customer wants to group resources that share common IAM policies. What shouldyou do?

A. Use labels to group resources that share common IAM policies 
B. Use folders to group resources that share common IAM policies 
C. Set up a proper billing account structure to group IAM policies 
D. Set up a proper project naming structure to group IAM policies 

Question # 55

You manage three Google Cloud projects with the Cloud Monitoring API enabled. You want to follow Google-recommended practices to visualize CPU and network metrics for all threeprojects together. What should you do?

A. 1. Create a Cloud Monitoring Dashboard  2. Collect metrics and publish them into the Pub/Sub topics 3. Add CPU and network Charts (or each of (he three projects 
B. 1. Create a Cloud Monitoring Dashboard. 2. Select the CPU and Network metrics from the three projects. 3. Add CPU and network Charts lot each of the three protects. 
C. 1 Create a Service Account and apply roles/viewer on the three projects 2. Collect metrics and publish them lo the Cloud Monitoring API 3. Add CPU and network Charts for each of the three projects. 
D. 1. Create a fourth Google Cloud project 2 Create a Cloud Workspace from the fourth project and add the other three projects 

Question # 56

You have deployed multiple Linux instances on Compute Engine. You plan on adding moreinstances in the coming weeks. You want to be able to access all of these instancesthrough your SSH client over me Internet without having to configure specific access on theexisting and new instances. You do not want the Compute Engine instances to have apublic IP. What should you do?

A. Configure Cloud Identity-Aware Proxy (or HTTPS resources 
B. Configure Cloud Identity-Aware Proxy for SSH and TCP resources. 
C. Create an SSH keypair and store the public key as a project-wide SSH Key 
D. Create an SSH keypair and store the private key as a project-wide SSH Key 

Question # 57

You are assisting a new Google Cloud user who just installed the Google Cloud SDK ontheir VM. The server needs access to Cloud Storage. The user wants your help to create anew storage bucket. You need to make this change in multiple environments. What shouldyou do?

A. Use a Deployment Manager script to automate creating storage buckets in anappropriate region 
B. Use a local SSD to improve performance of the VM for the targeted workload 
C. Use the gsutii command to create a storage bucket in the same region as the VM 
D. Use a Persistent Disk SSD in the same zone as the VM to improve performance of the VM 

What our clients say about Associate-Cloud-Engineer Dumps

Leave a comment

Your email address will not be published. Required fields are marked *

Rating / Feedback About This Exam