Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Google Associate-Cloud-Engineer - Google Cloud Certified - Associate Cloud Engineer

Google Associate-Cloud-Engineer Premium Access     Download Demo    
Page: 10 / 10
Total 332 questions

You have a Google Cloud Platform account with access to both production and development projects. You need to create an automated process to list all compute instances in development and production projects on a daily basis. What should you do?

A.

Create two configurations using gcloud config. Write a script that sets configurations as active, individually. For each configuration, use gcloud compute instances list to get a list of compute resources.

B.

Create two configurations using gsutil config. Write a script that sets configurations as active, individually. For each configuration, use gsutil compute instances list to get a list of compute resources.

C.

Go to Cloud Shell and export this information to Cloud Storage on a daily basis.

D.

Go to GCP Console and export this information to Cloud SQL on a daily basis.

Your company set up a complex organizational structure on Google Could Platform. The structure includes hundreds of folders and projects. Only a few team members should be able to view the hierarchical structure. You need to assign minimum permissions to these team members and you want to follow Google-recommended practices. What should you do?

A.

Add the users to roles/browser role.

B.

Add the users to roles/iam.roleViewer role.

C.

Add the users to a group, and add this group to roles/browser role.

D.

Add the users to a group, and add this group to roles/iam.roleViewer role.

Your company is moving from an on-premises environment to Google Cloud Platform (GCP). You have multiple development teams that use Cassandra environments as backend databases. They all need a development environment that is isolated from other Cassandra instances. You want to move to GCP quickly and with minimal support effort. What should you do?

A.

1. Build an instruction guide to install Cassandra on GCP.2. Make the instruction guide accessible to your developers.

B.

1. Advise your developers to go to Cloud Marketplace.2. Ask the developers to launch a Cassandra image for their development work.

C.

1. Build a Cassandra Compute Engine instance and take a snapshot of it.2. Use the snapshot to create instances for your developers.

D.

1. Build a Cassandra Compute Engine instance and take a snapshot of it.2.Upload the snapshot to Cloud Storage and make it accessible to your developers.3.Build instructions to create a Compute Engine instance from the snapshot so that developers can do it themselves.

You are developing a new application and are looking for a Jenkins installation to build and deploy your source code. You want to automate the installation as quickly and easily as possible. What should you do?

A.

Deploy Jenkins through the Google Cloud Marketplace.

B.

Create a new Compute Engine instance. Run the Jenkins executable.

C.

Create a new Kubernetes Engine cluster. Create a deployment for the Jenkins image.

D.

Create an instance template with the Jenkins executable. Create a managed instance group with this template.

You deployed an LDAP server on Compute Engine that is reachable via TLS through port 636 using UDP. You want to make sure it is reachable by clients over that port. What should you do?

A.

Add the network tag allow-udp-636 to the VM instance running the LDAP server.

B.

Create a route called allow-udp-636 and set the next hop to be the VM instance running the LDAP server.

C.

Add a network tag of your choice to the instance. Create a firewall rule to allow ingress on UDP port 636 for that network tag.

D.

Add a network tag of your choice to the instance running the LDAP server. Create a firewall rule to allow egress on UDP port 636 for that network tag.

You are building a product on top of Google Kubernetes Engine (GKE). You have a single GKE cluster. For each of your customers, a Pod is running in that cluster, and your customers can run arbitrary code inside their Pod. You want to maximize the isolation between your customers’ Pods. What should you do?

A.

Use Binary Authorization and whitelist only the container images used by your customers’ Pods.

B.

Use the Container Analysis API to detect vulnerabilities in the containers used by your customers’ Pods.

C.

Create a GKE node pool with a sandbox type configured to gvisor. Add the parameter runtimeClassName: gvisor to the specification of your customers’ Pods.

D.

Use the cos_containerd image for your GKE nodes. Add a nodeSelector with the value cloud.google.com/gke-os-distribution: cos_containerd to the specification of your customers’ Pods.

You need to track and verity modifications to a set of Google Compute Engine instances in your Google Cloud project. In particular, you want to verify OS system patching events on your virtual machines (VMs). What should you do?

A.

Review the Compute Engine activity logs Select and review the Admin Event logs

B.

Review the Compute Engine activity logs Select and review the System Event logs

C.

Install the Cloud Logging Agent In Cloud Logging review the Compute Engine syslog logs

D.

Install the Cloud Logging Agent In Cloud Logging, review the Compute Engine operation logs

You want to send and consume Cloud Pub/Sub messages from your App Engine application. The Cloud Pub/Sub API is currently disabled. You will use a service account to authenticate yourapplication to the API. You want to make sure your application can use Cloud Pub/Sub. What should you do?

A.

Enable the Cloud Pub/Sub API in the API Library on the GCP Console.

B.

Rely on the automatic enablement of the Cloud Pub/Sub API when the Service Account accesses it.

C.

Use Deployment Manager to deploy your application. Rely on the automatic enablement of all APIs used by the application being deployed.

D.

Grant the App Engine Default service account the role of Cloud Pub/Sub Admin. Have your application enable the API on the first connection to Cloud Pub/Sub.

You are using Google Kubernetes Engine with autoscaling enabled to host a new application. You want to expose this new application to the public, using HTTPS on a public IP address. What should you do?

A.

Create a Kubernetes Service of type NodePort for your application, and a Kubernetes Ingress to expose this Service via a Cloud Load Balancer.

B.

Create a Kubernetes Service of type ClusterIP for your application. Configure the public DNS name of your application using the IP of this Service.

C.

Create a Kubernetes Service of type NodePort to expose the application on port 443 of each node of the Kubernetes cluster. Configure the public DNS name of your application with the IP of every node of the cluster to achieve load-balancing.

D.

Create a HAProxy pod in the cluster to load-balance the traffic to all the pods of the application. Forward the public traffic to HAProxy with an iptable rule. Configure the DNS name of your application using the public IP of the node HAProxy is running on.