|
Google Associate Cloud Engineer Exam Page3(Dumps)
Question No:-21
|
You have one GCP account running in your default region and zone and another account running in a non-default region and zone. You want to start a new Compute Engine instance in these two Google Cloud Platform accounts using the command line interface. What should you do?
1. Create two configurations using gcloud config configurations create [NAME]. Run gcloud config configurations activate [NAME] to switch between accounts when running the commands to start the Compute Engine instances.
2. Create two configurations using gcloud config configurations create [NAME]. Run gcloud configurations list to start the Compute Engine instances.
3. Activate two configurations using gcloud configurations activate [NAME]. Run gcloud config list to start the Compute Engine instances.
4. Activate two configurations using gcloud configurations activate [NAME]. Run gcloud configurations list to start the Compute Engine instances.
|
Answer:-1. Create two configurations using gcloud config configurations create [NAME]. Run gcloud config configurations activate [NAME] to switch between accounts when running the commands to start the Compute Engine instances.
|
|
Question No:-22
|
You significantly changed a complex Deployment Manager template and want to confirm that the dependencies of all defined resources are properly met before committing it to the project. You want the most rapid feedback on your changes. What should you do?
1. Use granular logging statements within a Deployment Manager template authored in Python.
2. Monitor activity of the Deployment Manager execution on the Stackdriver Logging page of the GCP Console.
3. Execute the Deployment Manager template against a separate project with the same configuration, and monitor for failures.
4. Execute the Deployment Manager template using the ג€"-preview option in the same project, and observe the state of interdependent resources.
|
Question No:-23
|
You are building a pipeline to process time-series data. Which Google Cloud Platform services should you put in boxes 1,2,3, and 4?
1. Cloud Pub/Sub, Cloud Dataflow, Cloud Datastore, BigQuery
2. Firebase Messages, Cloud Pub/Sub, Cloud Spanner, BigQuery
3. Cloud Pub/Sub, Cloud Storage, BigQuery, Cloud Bigtable
4. Cloud Pub/Sub, Cloud Dataflow, Cloud Bigtable, BigQuery
|
Question No:-24
|
You have a project for your App Engine application that serves a development environment. The required testing has succeeded and you want to create a new project to serve as your production environment. What should you do?
1. Use gcloud to create the new project, and then deploy your application to the new project.
2. Use gcloud to create the new project and to copy the deployed application to the new project.
3. Create a Deployment Manager configuration file that copies the current App Engine deployment into a new project.
4. Deploy your application again using gcloud and specify the project parameter with the new project name to create the new project.
|
Answer:-1. Use gcloud to create the new project, and then deploy your application to the new project.
|
|
Question No:-25
|
You need to configure IAM access audit logging in BigQuery for external auditors. You want to follow Google-recommended practices. What should you do?
1. Add the auditors group to the 'logging.viewer' and 'bigQuery.dataViewer' predefined IAM roles.
2. Add the auditors group to two new custom IAM roles.
3. Add the auditor user accounts to the 'logging.viewer' and 'bigQuery.dataViewer' predefined IAM roles.
4. Add the auditor user accounts to two new custom IAM roles.
|
Question No:-26
|
You need to set up permissions for a set of Compute Engine instances to enable them to write data into a particular Cloud Storage bucket. You want to follow Google-recommended practices. What should you do?
1. Create a service account with an access scope. Use the access scope 'https://www.googleapis.com/auth/devstorage.write_only'.
2. Create a service account with an access scope. Use the access scope 'https://www.googleapis.com/auth/cloud-platform'.
3. Create a service account and add it to the IAM role 'storage.objectCreator' for that bucket.
4. Create a service account and add it to the IAM role 'storage.objectAdmin' for that bucket.
|
Answer:-4. Create a service account and add it to the IAM role 'storage.objectAdmin' for that bucket.
|
|
Question No:-27
|
You have sensitive data stored in three Cloud Storage buckets and have enabled data access logging. You want to verify activities for a particular user for these buckets, using the fewest possible steps. You need to verify the addition of metadata labels and which files have been viewed from those buckets. What should you do?
1. Using the GCP Console, filter the Activity log to view the information.
2. Using the GCP Console, filter the Stackdriver log to view the information.
3. View the bucket in the Storage section of the GCP Console.
4. Create a trace in Stackdriver to view the information.
|
Answer:-1. Using the GCP Console, filter the Activity log to view the information.
Most of people answer option (2) as there answer
|
|
Question No:-28
|
You are the project owner of a GCP project and want to delegate control to colleagues to manage buckets and files in Cloud Storage. You want to follow Google- recommended practices. Which IAM roles should you grant your colleagues?
1. Project Editor
2. Storage Admin
3. Storage Object Admin
4. Storage Object Creator
|
Question No:-29
|
You have an object in a Cloud Storage bucket that you want to share with an external company. The object contains sensitive data. You want access to the content to be removed after four hours. The external company does not have a Google account to which you can grant specific user-based access privileges. You want to use the most secure method that requires the fewest steps. What should you do?
1. Create a signed URL with a four-hour expiration and share the URL with the company.
2. Set object access to 'public' and use object lifecycle management to remove the object after four hours.
3. Configure the storage bucket as a static website and furnish the object's URL to the company. Delete the object from the storage bucket after four hours.
4. Create a new Cloud Storage bucket specifically for the external company to access. Copy the object to that bucket. Delete the bucket after four hours have passed.
|
1. Create a signed URL with a four-hour expiration and share the URL with the company.
|
|
Question No:-30
|
You are creating a Google Kubernetes Engine (GKE) cluster with a cluster autoscaler feature enabled. You need to make sure that each node of the cluster will run a monitoring pod that sends container metrics to a third-party monitoring solution. What should you do?
1. Deploy the monitoring pod in a StatefulSet object.
2. Deploy the monitoring pod in a DaemonSet object.
3. Reference the monitoring pod in a Deployment object.
4. Reference the monitoring pod in a cluster initializer at the GKE cluster creation time.
|
Answer:-2. Deploy the monitoring pod in a DaemonSet object.
|
|
|