• Home
  • Articles
  • Latest Google Professional-Cloud-Architect Free Certification Exam Material with 262 Q&As [Q13-Q33]

Latest Google Professional-Cloud-Architect Free Certification Exam Material with 262 Q&As [Q13-Q33]

Share

Latest Google Professional-Cloud-Architect Free Certification Exam Material with 262 Q&As 

UPDATED Professional-Cloud-Architect Exam Questions Certification Test Engine to PDF


For more info visit:

Google-provided tutorials Community-provided tutorials

 

NEW QUESTION 13
Your company has successfully migrated to the cloud and wants to analyze their data stream to optimize operations. They do not have any existing code for this analysis, so they are exploring all their options. These options include a mix of batch and stream processing, as they are running some hourly jobs and live-processing some data as it comes in. Which technology should they use for this?

  • A. Google Container Engine with Bigtable
  • B. Google Cloud Dataflow
  • C. Google Compute Engine with Google BigQuery
  • D. Google Cloud Dataproc

Answer: B

Explanation:
Cloud Dataflow is a fully-managed service for transforming and enriching data in stream (real time) and batch (historical) modes with equal reliability and expressiveness -- no more complex workarounds or compromises needed.
References: https://cloud.google.com/dataflow/

 

NEW QUESTION 14
You are helping the QA team to roll out a new load-testing tool to test the scalability of your primary cloud services that run on Google Compute Engine with Cloud Bigtable. Which three requirements should they include? Choose 3 answers

  • A. Ensure all third-party systems your services use are capable of handling high load.
  • B. Ensure that the load tests validate the performance of Cloud Bigtable.
  • C. Instrument the load-testing tool and the target services with detailed logging and metrics collection.
  • D. Schedule the load-testing tool to regularly run against the production environment.
  • E. Create a separate Google Cloud project to use for the load-testing environment.
  • F. Instrument the production services to record every transaction for replay by the load- testing tool.

Answer: A,B,C

 

NEW QUESTION 15
Your company has multiple on-premises systems that serve as sources for reporting. The data has not been maintained well and has become degraded over time. You want to use Google-recommended practices to detect anomalies in your company data. What should you do?

  • A. Connect Cloud Dataprep to your on-premises systems. Use Cloud Dataprep to explore and clean your data.
  • B. Upload your files into Cloud Storage. Use Cloud Datalab to explore and clean your data.
  • C. Connect Cloud Datalab to your on-premises systems. Use Cloud Datalab to explore and clean your data.
  • D. Upload your files into Cloud Storage. Use Cloud Dataprep to explore and clean your data.

Answer: D

Explanation:
Explanation
https://cloud.google.com/dataprep/

 

NEW QUESTION 16
For this question, refer to the JencoMart case study.
JencoMart has built a version of their application on Google Cloud Platform that serves traffic to Asia. You want to measure success against their business and technical goals. Which metrics should you track?

  • A. Total visits, error rates, and latency from Asia
  • B. The number of character sets present in the database
  • C. Latency difference between US and Asia
  • D. Error rates for requests from Asia
  • E. Total visits and average latency for users in Asia

Answer: E

 

NEW QUESTION 17
Your company acquired a healthcare startup and must retain its customers' medical information for up to 4 more years, depending on when it was created. Your corporate policy is to securely retain this data, and then delete it as soon as regulations allow.
Which approach should you take?

  • A. Store the data in Cloud Storage and run a nightly batch script that deletes all expired datA.
  • B. Anonymize the data using the Cloud Data Loss Prevention API and store it indefinitely.
  • C. Store the data using the Cloud Storage and use lifecycle management to delete files when they expire.
  • D. Store the data in Google Drive and manually delete records as they expire.

Answer: C

Explanation:
Reference:
https://cloud.google.com/storage/docs/lifecycle

 

NEW QUESTION 18
Your company operates nationally and plans to use GCP for multiple batch workloads, including some that are not time-critical. You also need to use GCP services that are HIPAA-certified and manage service costs.
How should you design to meet Google best practices?

  • A. Provisioning preemptible VMs to reduce cost. Disable and then discontinue use of all GCP and APIs that are not HIPAA-compliant.
  • B. Provision standard VMs to the same region to reduce cost. Disable and then discontinue use of all GCP services and APIs that are not HIPAA-compliant.
  • C. Provisioning preemptible VMs to reduce cost. Discontinue use of all GCP services and APIs that are not HIPAA-compliant.
  • D. Provision standard VMs in the same region to reduce cost. Discontinue use of all GCP services and APIs that are not HIPAA-compliant.

Answer: A

Explanation:
Reference:
https://cloud.google.com/security/compliance/hipaa/

 

NEW QUESTION 19
You are designing a large distributed application with 30 microservices. Each of your distributed microservices needs to connect to a database back-end. You want to store the credentials securely. Where should you store the credentials?

  • A. In an environment variable
  • B. In a secret management system
  • C. In the source code
  • D. In a config file that has restricted access through ACLs

Answer: B

Explanation:
Explanation
https://cloud.google.com/docs/authentication/production#providing_credentials_to_your_application

 

NEW QUESTION 20
As part of implementing their disaster recovery plan, your company is trying to replicate their production MySQL database from their private data center to their GCP project using a Google Cloud VPN connection. They are experiencing latency issues and a small amount of packet loss that is disrupting the replication. What should they do?

  • A. Configure a Google Cloud Dedicated Interconnect.
  • B. Send the replicated transaction to Google Cloud Pub/Sub.
  • C. Add additional VPN connections and load balance them.
  • D. Configure their replication to use UDP.
  • E. Restore their database daily using Google Cloud SQL.

Answer: A

 

NEW QUESTION 21
JencoMart has decided to migrate user profile storage to Google Cloud Datastore and the application
servers to Google Compute Engine (GCE). During the migration, the existing infrastructure will need
access to Datastore to upload the data.
What service account key-management strategy should you recommend?

  • A. Provision service account keys for the on-premises infrastructure and use Google Cloud Platform
    (GCP) managed keys for the VMs
  • B. Provision service account keys for the on-premises infrastructure and for the GCE virtual machines
    (VMs)
  • C. Authenticate the on-premises infrastructure with a user account and provision service account keys for
    the VMs
  • D. Deploy a custom authentication service on GCE/Google Kubernetes Engine (GKE) for the on-premises
    infrastructure and use GCP managed keys for the VMs

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Migrating data to Google Cloud Platform
Let's say that you have some data processing that happens on another cloud provider and you want to
transfer the processed data to Google Cloud Platform. You can use a service account from the virtual
machines on the external cloud to push the data to Google Cloud Platform. To do this, you must create
and download a service account key when you create the service account and then use that key from the
external process to call the Cloud Platform APIs.
References:
https://cloud.google.com/iam/docs/understanding-service-
accounts#migrating_data_to_google_cloud_platform

 

NEW QUESTION 22
For this question, refer to the TerramEarth case study.
To speed up data retrieval, more vehicles will be upgraded to cellular connections and be able to transmit data to the ETL process. The current FTP process is error-prone and restarts the data transfer from the start of the file when connections fail, which happens often. You want to improve the reliability of the solution and minimize data transfer time on the cellular connections. What should you do?

  • A. Directly transfer the files to different Google Cloud Multi-Regional Storage bucket locations in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process using the data in the bucket.
  • B. Use multiple Google Container Engine clusters running FTP servers located in different regions. Save the data to Multi-Regional buckets in us, eu, and asia. Run the ETL process using the data in the bucket.
  • C. Use one Google Container Engine cluster of FTP servers. Save the data to a Multi- Regional bucket. Run the ETL process using data in the bucket.
  • D. Directly transfer the files to a different Google Cloud Regional Storage bucket location in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process to retrieve the data from each Regional bucket.

Answer: D

Explanation:
Topic 3, JencoMart Case Study
Company Overview
JencoMart is a global retailer with over 10,000 stores in 16 countries. The stores carry a range of goods, such as groceries, tires, and jewelry. One of the company's core values is excellent customer service. In addition, they recently introduced an environmental policy to reduce their carbon output by 50% over the next 5 years.
Company Background
JencoMart started as a general store in 1931, and has grown into one of the world's leading brands known for great value and customer service. Over time, the company transitioned from only physical stores to a stores and online hybrid model, with 25% of sales online. Currently, JencoMart has little presence in Asia, but considers that market key for future growth.
Solution Concept
JencoMart wants to migrate several critical applications to the cloud but has not completed a technical review to determine their suitability for the cloud and the engineering required for migration. They currently host all of these applications on infrastructure that is at its end of life and is no longer supported.
Existing Technical Environment
JencoMart hosts all of its applications in 4 data centers: 3 in North American and 1 in Europe, most applications are dual-homed.
JencoMart understands the dependencies and resource usage metrics of their on-premises architecture.
Application Customer loyalty portal
LAMP (Linux, Apache, MySQL and PHP) application served from the two JencoMart- owned U.S. data centers.
Database
* Oracle Database stores user profiles
* 20 TB
* Complex table structure
* Well maintained, clean data
* Strong backup strategy
* PostgreSQL database stores user credentials
* Single-homed in US West
No redundancy
Backed up every 12 hours
* 100% uptime service level agreement (SLA)
* Authenticates all users
Compute
* 30 machines in US West Coast, each machine has:
Twin, dual core CPUs
32GB of RAM
* Twin 250 GB HDD (RAID 1)
* 20 machines in US East Coast, each machine has:
Single dual-core CPU
2 4 GB of RAM
* Twin 250 GB HDD (RAID 1)
Storage
* Access to shared 100 TB SAN in each location
* Tape backup every week
Business Requirements
* Optimize for capacity during peak periods and value during off-peak periods
* Guarantee service availably and support
* Reduce on-premises footprint and associated financial and environmental impact.
* Move to outsourcing model to avoid large upfront costs associated with infrastructure purchase
* Expand services into Asia.
Technical Requirements
* Assess key application for cloud suitability.
* Modify application for the cloud.
* Move applications to a new infrastructure.
* Leverage managed services wherever feasible
* Sunset 20% of capacity in existing data centers
* Decrease latency in Asia
CEO Statement
JencoMart will continue to develop personal relationships with our customers as more people access the web. The future of our retail business is in the global market and the connection between online and in-store experiences. As a large global company, we also have a responsibility to the environment through 'green' initiatives and polices.
CTO Statement
The challenges of operating data centers prevents focus on key technologies critical to our long-term success. Migrating our data services to a public cloud infrastructure will allow us to focus on big data and machine learning to improve our service customers.
CFO Statement
Since its founding JencoMart has invested heavily in our data services infrastructure.
However, because of changing market trends, we need to outsource our infrastructure to ensure our long-term success. This model will allow us to respond to increasing customer demand during peak and reduce costs.

 

NEW QUESTION 23
Your organization wants to control IAM policies for different departments independently, but centrally.
Which approach should you take?

  • A. A single Organization with multiple projects, each with a central owner
  • B. Multiple Organizations with multiple Folders
  • C. Multiple Organizations, one for each department
  • D. A single Organization with Folder for each department

Answer: D

Explanation:
Explanation
Folders are nodes in the Cloud Platform Resource Hierarchy. A folder can contain projects, other folders, or a combination of both. You can use folders to group projects under an organization in a hierarchy. For example, your organization might contain multiple departments, each with its own set of GCP resources. Folders allow you to group these resources on a per-department basis. Folders are used to group resources that share common IAM policies. While a folder can contain multiple folders or resources, a given folder or resource can have exactly one parent.
References: https://cloud.google.com/resource-manager/docs/creating-managing-folders

 

NEW QUESTION 24
You are designing an application for use only during business hours. For the minimum viable product release, you'd like to use a managed product that automatically "scales to zero" so you don't incur costs when there is no activity.
Which primary compute resource should you choose?

  • A. Google Kubernetes Engine
  • B. Cloud Functions
  • C. Compute Engine
  • D. AppEngine flexible environment

Answer: B

 

NEW QUESTION 25
You want to enable your running Google Container Engine cluster to scale as demand for your application changes.
What should you do?

  • A. Add additional nodes to your Container Engine cluster using the following command:
    gcloud container clusters resize CLUSTER_NAME --size 10
  • B. Update the existing Container Engine cluster with the following command:
    gcloud alpha container clusters update mycluster --enable-autoscaling --min-nodes=1 --max-nodes=10
  • C. Create a new Container Engine cluster with the following command:
    gcloud alpha container clusters create mycluster --enable-autocaling --min-nodes=1 --max-nodes=10 and redeploy your application.
  • D. Add a tag to the instances in the cluster with the following command:
    gcloud compute instances add-tags INSTANCE --tags enable --autoscaling max-nodes-10

Answer: D

Explanation:
Explanation
https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-autoscaler Cluster autoscaling
--enable-autoscaling
Enables autoscaling for a node pool.
Enables autoscaling in the node pool specified by --node-pool or the default node pool if --node-pool is not provided.
Where:
--max-nodes=MAX_NODES
Maximum number of nodes in the node pool.
Maximum number of nodes to which the node pool specified by --node-pool (or default node pool if unspecified) can scale.

 

NEW QUESTION 26
Your customer is moving an existing corporate application to Google Cloud Platform from an on-premises data center. The business owners require minimal user disruption. There are strict security team requirements for storing passwords. What authentication strategy should they use?

  • A. Ask users to set their Google password to match their corporate password.
  • B. Use G Suite Password Sync to replicate passwords into Google.
  • C. Federate authentication via SAML 2.0 to the existing Identity Provider.
  • D. Provision users in Google using the Google Cloud Directory Sync tool.

Answer: C

Explanation:
Reference:
https://cloud.google.com/solutions/authenticating-corporate-users-in-a-hybrid-environment

 

NEW QUESTION 27
You want to create a private connection between your instances on Compute Engine and your on-premises data center. You require a connection of at least 20 Gbps. You want to follow Google-recommended practices. How should you set up the connection?

  • A. Create a Cloud Content Delivery Network (Cloud CDN) and connect it to your on-premises datacenter using a single Cloud VPN.
  • B. Create a VPC and connect it to your on-premises data center using Dedicated Interconnect.
  • C. Create a Cloud Content Delivery Network (Cloud CDN) and connect it to your on-premises data center using Dedicated Interconnect.
  • D. Create a VPC and connect it to your on-premises data center using a single Cloud VPN.

Answer: B

 

NEW QUESTION 28
You set up an autoscaling instance group to serve web traffic for an upcoming launch. After configuring the instance group as a backend service to an HTTP(S) load balancer, you notice that virtual machine (VM) instances are being terminated and re-launched every minute. The instances do not have a public IP address. You have verified the appropriate web response is coming from each instance using the curl command. You want to ensure the backend is configured correctly. What should you do?

  • A. Ensure that a firewall rule exists to allow source traffic on HTTP/HTTPS to reach the load balancer.
  • B. Assign a public IP to each instance and configure a firewall rule to allow the load balancer to reach the instance public IP.
  • C. Create a tag on each instance with the name of the load balancer. Configure a firewall rule with the name of the load balancer as the source and the instance tag as the destination.
  • D. Ensure that a firewall rule exists to allow load balancer health checks to reach the instances in the instance group.

Answer: D

Explanation:
The best practice when configuration a health check is to check health and serve traffic on the same port. However, it is possible to perform health checks on one port, but serve traffic on another. If you do use two different ports, ensure that firewall rules and services running on instances are configured appropriately. If you run health checks and serve traffic on the same port, but decide to switch ports at some point, be sure to update both the backend service and the health check.
Backend services that do not have a valid global forwarding rule referencing it will not be health checked and will have no health status.
References: https://cloud.google.com/compute/docs/load-balancing/http/backend-service

 

NEW QUESTION 29
Case Study: 2 - TerramEarth Case Study
Company Overview
TerramEarth manufactures heavy equipment for the mining and agricultural industries: About
80% of their business is from mining and 20% from agriculture. They currently have over 500 dealers and service centers in 100 countries. Their mission is to build products that make their customers more productive.
Company Background
TerramEarth formed in 1946, when several small, family owned companies combined to retool after World War II. The company cares about their employees and customers and considers them to be extended members of their family.
TerramEarth is proud of their ability to innovate on their core products and find new markets as their customers' needs change. For the past 20 years trends in the industry have been largely toward increasing productivity by using larger vehicles with a human operator.
Solution Concept
There are 20 million TerramEarth vehicles in operation that collect 120 fields of data per second.
Data is stored locally on the vehicle and can be accessed for analysis when a vehicle is serviced.
The data is downloaded via a maintenance port. This same port can be used to adjust operational parameters, allowing the vehicles to be upgraded in the field with new computing modules.
Approximately 200,000 vehicles are connected to a cellular network, allowing TerramEarth to collect data directly. At a rate of 120 fields of data per second, with 22 hours of operation per day.
TerramEarth collects a total of about 9 TB/day from these connected vehicles.
Existing Technical Environment

TerramEarth's existing architecture is composed of Linux-based systems that reside in a data center. These systems gzip CSV files from the field and upload via FTP, transform and aggregate them, and place the data in their data warehouse. Because this process takes time, aggregated reports are based on data that is 3 weeks old.
With this data, TerramEarth has been able to preemptively stock replacement parts and reduce unplanned downtime of their vehicles by 60%. However, because the data is stale, some customers are without their vehicles for up to 4 weeks while they wait for replacement parts.
Business Requirements
- Decrease unplanned vehicle downtime to less than 1 week, without
increasing the cost of carrying surplus inventory
- Support the dealer network with more data on how their customers use
their equipment IP better position new products and services.
- Have the ability to partner with different companies-especially with
seed and fertilizer suppliers in the fast-growing agricultural
business-to create compelling joint offerings for their customers
CEO Statement
We have been successful in capitalizing on the trend toward larger vehicles to increase the productivity of our customers. Technological change is occurring rapidly and TerramEarth has taken advantage of connected devices technology to provide our customers with better services, such as our intelligent farming equipment. With this technology, we have been able to increase farmers' yields by 25%, by using past trends to adjust how our vehicles operate. These advances have led to the rapid growth of our agricultural product line, which we expect will generate 50% of our revenues by 2020.
CTO Statement
Our competitive advantage has always been in the manufacturing process with our ability to build better vehicles for tower cost than our competitors. However, new products with different approaches are constantly being developed, and I'm concerned that we lack the skills to undergo the next wave of transformations in our industry. Unfortunately, our CEO doesn't take technology obsolescence seriously and he considers the many new companies in our industry to be niche players. My goals are to build our skills while addressing immediate market needs through incremental innovations.
Your agricultural division is experimenting with fully autonomous vehicles. You want your architecture to promote strong security during vehicle operation.
Which two architectures should you consider? (Choose two.)

  • A. Use multiple connectivity subsystems for redundancy.
  • B. Treat every micro service call between modules on the vehicle as untrusted.
  • C. Use a functional programming language to isolate code execution cycles.
  • D. Enclose the vehicle's drive electronics in a Faraday cage to isolate chips.
  • E. Require IPv6 for connectivity to ensure a secure address space.
  • F. Use a trusted platform module (TPM) and verify firmware and binaries on boot.

Answer: B,F

 

NEW QUESTION 30
Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?

  • A. A NAT and TLS translation gateway installed on-premises
  • B. Google Cloud Dedicated Interconnect
  • C. A Google Compute Engine instance with a VPN server installed connected to the data center network
  • D. Google Cloud VPN connected to the data center network

Answer: B

Explanation:
https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations Google Cloud Dedicated Interconnect provides direct physical connections and RFC 1918 communication between your on-premises network and Google's network. Dedicated Interconnect enables you to transfer large amounts of data between networks, which can be more cost effective than purchasing additional bandwidth over the public Internet or using VPN tunnels.
Benefits:
Traffic between your on-premises network and your VPC network doesn't traverse the public Internet. Traffic traverses a dedicated connection with fewer hops, meaning there are less points of failure where traffic might get dropped or disrupted.
Your VPC network's internal (RFC 1918) IP addresses are directly accessible from your on-premises network. You don't need to use a NAT device or VPN tunnel to reach internal IP addresses. Currently, you can only reach internal IP addresses over a dedicated connection. To reach Google external IP addresses, you must use a separate connection.
You can scale your connection to Google based on your needs. Connection capacity is delivered over one or more 10 Gbps Ethernet connections, with a maximum of eight connections (80 Gbps total per interconnect).
The cost of egress traffic from your VPC network to your on-premises network is reduced. A dedicated connection is generally the least expensive method if you have a high-volume of traffic to and from Google's network.

 

NEW QUESTION 31
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

  • A. Run your script on a new virtual machine with the BigQuery access scope enabled
  • B. Install the latest BigQuery API client library for Python
  • C. Install the bq component for gccloud with the command gcloud components install bq.
  • D. Create a new service account with BigQuery access and execute your script with that user

Answer: B

Explanation:
Applications that use BigQuery must be associated with a Google Cloud Platform Console project with the BigQuery API enabled.
Reference: https://cloud.google.com/bigquery/create-simple-app-api

 

NEW QUESTION 32
For this question, refer to the Dress4Win case study.
As part of Dress4Win's plans to migrate to the cloud, they want to be able to set up a managed logging and monitoring system so they can handle spikes in their traffic load. They want to ensure that:
* The infrastructure can be notified when it needs to scale up and down to handle the ebb and flow of usage throughout the day
* Their administrators are notified automatically when their application reports errors.
* They can filter their aggregated logs down in order to debug one piece of the application across many hosts Which Google StackDriver features should they use?

  • A. Monitoring, Logging, Alerts, Error Reporting
  • B. Monitoring, Logging, Debug, Error Report
  • C. Monitoring, Trace, Debug, Logging
  • D. Logging, Alerts, Insights, Debug

Answer: A

 

NEW QUESTION 33
......

Get The Important Preparation Guide With Professional-Cloud-Architect Dumps: https://theexamcerts.lead2passexam.com/Google/valid-Professional-Cloud-Architect-exam-dumps.html

Related Articles

more
Google Professional-Cloud-Architect Certification Practice Exam