Professional-Cloud-Architect Google Cloud Certified - Professional Cloud Architect exam Question and Answers

Replace the existing data warehouse with BigQuery. Use table partitioning.

Replace the existing data warehouse with a Compute Engine instance with 96 CPUs.

Replace the existing data warehouse with BigQuery. Use federated data sources.

Replace the existing data warehouse with a Compute Engine instance with 96 CPUs. Add an additional Compute Engine pre-emptible instance with 32 CPUs.

Create a token and pass it in as an environment variable to func_display. When invoking func_query, include the token in the request Pass the same token to func _query and reject the invocation if the tokens are different.

Make func_query 'Require authentication.' Create a unique service account and associate it to func_display. Grant the service account invoker role for func_query. Create an id token in func_display and include the token to the request when invoking func_query.

Make func _query 'Require authentication' and only accept internal traffic. Create those two functions in the same VPC. Create an ingress firewall rule for func_query to only allow traffic from func_display.

Create those two functions in the same project and VPC. Make func_query only accept internal traffic. Create an ingress firewall for func_query to only allow traffic from func_display. Also, make sure both functions use the same service account.

Request Transfer Appliances from Google Cloud, export the data to appliances, and return the appliances to Google Cloud.

Configure the Storage Transfer service from Google Cloud to send the data from your data center to Cloud Storage

Make sure there are no other users consuming the 1 Gbps link, and use multi-thread transfer to upload the data to Cloud Storage.

Export files to an encrypted USB device, send the device to Google Cloud, and request an import of the data to Cloud Storage

glouc compute firewall rules update hlr-policy \

--priority 1000 \

target tags-sourceiplist fastly \

--allow tcp:443

gcloud compute security policies rules update 1000 \

--security-policy hlr-policy \

--expression "evaluatePreconfiguredExpr('sourceiplist-fastly')" \

--action " allow"

gcloud compute firewall rules update

sourceiplist-fastly \

priority 1000 \

allow tcp: 443

gcloud compute priority-policies rules update

1000 \

security policy from fastly

--src- ip-ranges"

-- action " allow"

Store the card data in Secret Manager after running a query to identify duplicates.

Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode.

Encrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances.

Use column-level encryption to store the data in Cloud SQL.

Use Firestore for its scalable and flexible document-based database. Use collections to aggregate race data

by season and event.

Use Cloud Spanner for its scalability and ability to version schemas with zero downtime. Split race data

using season as a primary key.

Use BigQuery for its scalability and ability to add columns to a schema. Partition race data based on

season.

Use Cloud SQL for its ability to automatically manage storage increases and compatibility with MySQL. Use

separate database instances for each season.

Set up Cloud Tasks and a Cloud Storage bucket that triggers a Cloud Function.

Set up a Cloud Logging sink and a Cloud Storage bucket that triggers a Cloud Function.

Configure the deployment job to notify a Pub/Sub queue that triggers a Cloud Function.

Set up Identity and Access Management (IAM) and Confidential Computing to trigger a Cloud Function.

Delete the virtual machine (VM) and disks and create a new one.

Delete the instance, attach the disk to a new VM, and investigate.

Take a snapshot of the disk and connect to a new machine to investigate.

Check inbound firewall rules for the network the machine is connected to.

Connect the machine to another network with very simple firewall rules and investigate.

Print the Serial Console output for the instance for troubleshooting, activate the interactive console, and investigate.

Create two G Suite accounts to manage users: one for development/test/staging and one for production. Each account should contain one project for every application.

Create two G Suite accounts to manage users: one with a single project for all development applications and one with a single project for all production applications.

Create a single G Suite account to manage users with each stage of each application in its own project.

Create a single G Suite account to manage users with one project for the development/test/staging environment and one project for the production environment.

1 Create a second Google Workspace account and Organization

2 Grant all developers the Project Creator IAM role on the new Organization

3 Move the developer projects into the new Organization

4 Set the policies for all projects on both Organizations.

5 Additionally set the production policies on the original Organization

1 Create a folder under the Organization resource named "Production '

2 Grant all developers the Project Creator IAM role on the Organization 3. Move the developer projects into the Organization

4 Set the policies for all projects on the Organization

5 Additionally set the production policies on the 'Production" folder

1 Create folders under the Organization resource named "Development" and Production'

2 Grant all developers the Project Creator IAM role on the ""Development1 folder 3. Move the developer projects into the "Development" folder

4 Set the policies for all projects on the Organization

5 Additionally set the production policies on the "Production" folder

1 Designate the Organization for production projects only

2 Ensure that developers do not have the Project Creator IAM role on the Organization

3 Create development projects outside of the Organization using the developer Google Workspace accounts

4 Set the policies for all projects on the Organization

5 Additionally set the production policies on the individual production projects

Use VPC Network Peering between the VPC and the on-premises network.

Expose the VPC to the on-premises network using IAM and VPC Sharing.

Create a global Cloud VPN Gateway with VPN tunnels from each region to the on-premises peer gateway.

Deploy Cloud VPN Gateway in each region. Ensure that each region has at least one VPN tunnel to the on-premises peer gateway.

Configure private services access

Configure private Google access for on-premises hosts only

Configure serverless VPC access

Configure private Google access

Introduce a green-blue deployment model.

Replace the QA environment with canary releases.

Fragment the monolithic platform into microservices.

Reduce the platform's dependency on relational database systems.

Replace the platform's relational database systems with a NoSQL database.

Create a project for development and test and another for staging and production.

Create a network for development and test and another for staging and production.

Create one subnetwork for development and another for staging and production.

Create one project for development, a second for staging and a third for production.

Tests should scale well beyond the prior approaches.

Unit tests are no longer required, only end-to-end tests.

Tests should be applied after the release is in the production environment.

Tests should include directly testing the Google Cloud Platform (GCP) infrastructure.

Verify that the database is online.

Verify that the project quota hasn't been exceeded.

Verify that the new feature code did not introduce any performance bugs.

Verify that the load-testing team is not running their tool against production.

Container Engine, Cloud Pub/Sub, and Cloud SQL

Cloud Dataflow, Cloud Storage, Cloud Pub/Sub, and BigQuery

Cloud SQL, Cloud Storage, Cloud Pub/Sub, and Cloud Dataflow

Cloud Dataproc, Cloud Pub/Sub, Cloud SQL, and Cloud Dataflow

Cloud Pub/Sub, Compute Engine, Cloud Storage, and Cloud Dataproc

Option A

Option B

Option C

Option D

Use Google App Engine with Google Cloud Endpoints. Focus on an API for dealers and partners.

Use Google App Engine with a JAX-RS Jersey Java-based framework. Focus on an API for the public.

Use Google App Engine with the Swagger (open API Specification) framework. Focus on an API for the public.

Use Google Container Engine with a Django Python container. Focus on an API for the public.

Use Google Container Engine with a Tomcat container with the Swagger (Open API Specification) framework. Focus on an API for dealers and partners.

Have the vehicle’ computer compress the data in hourly snapshots, and store it in a Google Cloud storage (GCS) Nearline bucket.

Push the telemetry data in Real-time to a streaming dataflow job that compresses the data, and store it in Google BigQuery.

Push the telemetry data in real-time to a streaming dataflow job that compresses the data, and store it in Cloud Bigtable.

Have the vehicle's computer compress the data in hourly snapshots, a Store it in a GCS Coldline bucket.

Build or leverage an OAuth-compatible access control system.

Build SAML 2.0 SSO compatibility into your authentication system.

Restrict data access based on the source IP address of the partner systems.

Create secondary credentials for each dealer that can be given to the trusted third party.

Migrate the web application layer to App Engine, and MySQL to Cloud Datastore, and NAS to Cloud Storage. Deploy RabbitMQ, and deploy Hadoop servers using Deployment Manager.

Migrate RabbitMQ to Cloud Pub/Sub, Hadoop to BigQuery, and NAS to Compute Engine with Persistent Disk storage. Deploy Tomcat, and deploy Nginx using Deployment Manager.

Implement managed instance groups for Tomcat and Nginx. Migrate MySQL to Cloud SQL, RabbitMQ to Cloud Pub/Sub, Hadoop to Cloud Dataproc, and NAS to Compute Engine with Persistent Disk storage.

Implement managed instance groups for the Tomcat and Nginx. Migrate MySQL to Cloud SQL, RabbitMQ to Cloud Pub/Sub, Hadoop to Cloud Dataproc, and NAS to Cloud Storage.

Deploy Nginx and Tomcat using Cloud Deployment Manager to Compute Engine. Deploy a Cloud SQL server to replace MySQL. Deploy Jenkins using Cloud Deployment Manager.

Deploy Nginx and Tomcat using Cloud Launcher. Deploy a MySQL server using Cloud Launcher. Deploy Jenkins to Compute Engine using Cloud Deployment Manager scripts.

Migrate Nginx and Tomcat to App Engine. Deploy a Cloud Datastore server to replace the MySQL server in a high-availability configuration. Deploy Jenkins to Compute Engine using Cloud Launcher.

Migrate Nginx and Tomcat to App Engine. Deploy a MySQL server using Cloud Launcher. Deploy Jenkins to Compute Engine using Cloud Launcher.

Assign custom IAM roles to the Google Groups you created in order to enforce security requirements.

Encrypt data with a customer-supplied encryption key when storing files in Cloud Storage.

Assign custom IAM roles to the Google Groups you created in order to enforce security requirements.

Enable default storage encryption before storing files in Cloud Storage.

Assign predefined IAM roles to the Google Groups you created in order to enforce security requirements.

Utilize Google’s default encryption at rest when storing files in Cloud Storage.

Assign predefined IAM roles to the Google Groups you created in order to enforce security requirements. Ensure that the default Cloud KMS key is set before storing files in Cloud Storage.

Error rates for requests from Asia

Latency difference between US and Asia

Total visits, error rates, and latency from Asia

Total visits and average latency for users in Asia

The number of character sets present in the database

Cloud Spanner

Google BigQuery

Google Cloud SQL

Google Cloud Datastore

Use Stackdriver Trace to create a trace list analysis.

Use Stackdriver Monitoring to create a dashboard on the project’s activity.

Enable Cloud Identity-Aware Proxy in all projects, and add the group of Administrators as a member.

Use the Activity page in the GCP Console and Stackdriver Logging to provide the required insight.

Evaluate the impact of migrating their current batch ETL code to Cloud Dataflow.

Write a schema migration plan to denormalize data for better performance in BigQuery.

Draw an architecture diagram that shows how to move from a single MySQL database to a MySQL cluster.

Load 10 TB of analytics data from a previous game into a Cloud SQL instance, and run test queries against the full dataset to confirm that they complete successfully.

Integrate Cloud Armor to defend against possible SQL injection attacks in analytics files uploaded to Cloud Storage.

Create CPU Utilization and Request Latency as service level indicators.

Create GKE CPU Utilization and Memory Utilization as service level indicators.

Create Request Latency and Error Rate as service level indicators.

Create Server Uptime and Error Rate as service level indicators.

Use gsutil to batch move files in sequence.

Use gsutil to batch copy the files in parallel.

Use gsutil to extract the files as the first part of ETL.

Use gsutil to load the files as the last part of ETL.

Create network load balancers. Use preemptible Compute Engine instances.

Create network load balancers. Use non-preemptible Compute Engine instances.

Create a global load balancer with managed instance groups and autoscaling policies. Use preemptible Compute Engine instances.

Create a global load balancer with managed instance groups and autoscaling policies. Use non-preemptible Compute Engine instances.

Increase the Pub/Sub Total Timeout retry value.

Move from a Pub/Sub subscriber pull model to a push model.

Turn off Pub/Sub message batching.

Create a backup Pub/Sub message queue.

Use a private cluster with a private endpoint with master authorized networks configured.

Use a public cluster with firewall rules and Virtual Private Cloud (VPC) routes.

Use a private cluster with a public endpoint with master authorized networks configured.

Use a public cluster with master authorized networks enabled and firewall rules.

Enable Binary Authorization on GKE, and sign containers as part of a CI/CD pipeline.

Configure Jenkins to utilize Kritis to cryptographically sign a container as part of a CI/CD pipeline.

Configure Container Registry to only allow trusted service accounts to create and deploy containers from the registry.

Configure Container Registry to use vulnerability scanning to confirm that there are no vulnerabilities before deploying the workload.

Store image files in a Google Cloud Storage bucket. Use Google Cloud Datastore to maintain metadata that maps each customer's ID and their image files.

Store image files in a Google Cloud Storage bucket. Add custom metadata to the uploaded images in Cloud Storage that contains the customer's unique ID.

Use a distributed file system to store customers' images. As storage needs increase, add more persistent disks and/or nodes. Assign each customer a unique ID, which sets each file's owner attribute, ensuring privacy of images.

Use a distributed file system to store customers' images. As storage needs increase, add more persistent disks and/or nodes. Use a Google Cloud SQL database to maintain metadata that maps each customer's ID to their image files.

They should enable Google Stackdriver Debugger on the application code to show errors in the code.

They should add additional unit tests and production scale load tests on their cloud staging environment.

They should run the end-to-end tests in the cloud staging environment to determine if the code is working as intended.

They should add canary tests so developers can measure how much of an impact the new release causes to latency.

Add a new Dedicated Interconnect connection

Upgrade the bandwidth on the Dedicated Interconnect connection to 100 G

Add three new Cloud VPN connections

Add a new Carrier Peering connection