Cloud Architecture Exam Deck 1
How can you speed up the process of copying a large number of small files into Google Cloud Storage? (Choose 2 answers) A Use parallel composite uploads. B Use resumable uploads. C Use multi-threaded uploads. D Compress multiple small files into a single compressed file, then upload.
Correct Answer: C Why is this correct? Multi-threaded uploads are performed with the command gsutil -m cp (source and target destination). Correct Answer: D Why is this correct? Compressing multiple small files into a single file and uploading is a recommended best practice.
For this question, refer to the Dress4Win case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-dress4win-rev2 Dress4Win needs to migrate their SAN to Google Cloud. How would they want to approach this? A Migrate their SAN data to a Cloud Storage bucket B Migrate their SAN data to Dataprep C Migrate their SAN data to to a persistent disk cluster D Migrate their SAN data to BigQuery
Correct Answer: C Why is this correct? SANs required block level storage, which is best served by a persistent disk (or persistent disk cluster). Your Answer: A Why is this incorrect? SANs required block level storage, which is best served by a persistent disk (or persistent disk cluster).
What is the best practice for separating responsibilities and access for production and development environments? A Separate project for each environment, both teams have access to both projects. B Both environments use the same project, just note which resources are in use by which group. C Both environments use the same project, but different VPCs. D Separate project for each environment, each team only has access to their project.
Correct Answer: D Why is this correct? Separate projects isolate resources by account access, VPCs isolate resources but not user/service accounts.
Your company is building a large-scale web application. Each team is responsible for its own service component of the application and wants to manage its own individual projects. You want each service to communicate with the others over RFC1918 address space. What should you do? A Configure a global load balancer for each project and communicate between each service using the global load balancer IP addresses B Configure each service to communicate with the others over the HTTPS protocol C Deploy each service into a single project within the same VPC D Configure a Shared VPC and add each project as a service of the Shared VPC project
Correct Answer: D Why is this correct? Using a shared VPC allows each team to individually manage their own application resources while enabling each application to communicate with each other securely over RFC1918 address space.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 Mountkirk games will need to configure their development environments. Their developers and testers should be able to access each other's resources, and users that work with staging and production can access each other's resources as well. How should you best isolate the two groups' environments? A Create a single VPC for all environments, separate by subnets B Create separate projects each for development, testers, stagers, and production C Create a VPC network for development and testers and a separate VPC network for stagers and production D Create a project for development and testers and one for stagers and production
Why is this incorrect? Since development and testers/stagers and production need to share each others resources, this is actually too much isolation. Correct Answer: D Why is this correct? Users who need to share resources are to be separated by projects, so this is the correct answer.
You've created a Kubernetes engine cluster named "project-1", which has a cluster pool named 'primary-node-pool'. You've realized that you need more total nodes within your cluster pool to meet capacity demands from 10 to 20. What is the command to change the number of nodes in your pool? A You can only increase the node pool size via autoscaling settings B gcloud container clusters update project-1 --node-pool 'primary-node-pool' --num-nodes 20 C gcloud container clusters resize project-1 --node-pool 'primary-node-pool' --num-nodes 20 D You must create a new node pool and transfer the workload to the new pool
Correct Answer: C Why is this correct? The command to resize an existing GKE node pool is gcloud container clusters resize (PROJECT ID) --node pool (POOL NAME) --num-nodes (updated node pool size). NOTE: The syntax of this command has changed over time. --size is the older, deprecated syntax which has been replaced by the --num-nodes option.
You need to analyze log data from your credit card processing application while staying in compliance with PCI regulations. What is the best method to perform this task? A Export data from your on-premises application into BigQuery for analysis. B Forward data from Cloud Storage into Cloud Dataproc. C Using a Squid proxy, have data collected by Stackdriver Logging exported to BigQuery via a sink based on needed log filters. D Export data from your Squid Proxy via Cloud Pub/Sub into BigQuery.
Correct Answer: C Why is this correct? The proper model for exporting credit card processing data is to forward from a Squid proxy to Stackdriver Logging and export from Stackdriver Logging into BigQuery. Video for reference: Legal Compliance and Audits
Your company currently hosts an AWS S3 bucket. You need to keep the contents of this bucket in sync with a new Google Cloud Storage bucket to support a backup storage destination. What is the best method to achieve this? A Use gsutil -m cp to keep both locations in sync B Use gsutil rsync commands to keep both locations in sync. C Use Storage Transfer Service to keep both the source and destination in sync. D Once per week, use a gsutil cp command to copy over newly modified files
Correct Answer: C Why is this correct? You can use gsutil rsync to keep two locations in sync. However, the preferred option when working with an AWS S3 bucket is to use the Storage Transfer Service.
You are attempting to access data access audit logs that are over 30 days old in Stackdriver, however, you are past the retention period and they are no longer there. How do you recover the expired logs? A Upgrade to an enterprise plan, you can recover logs that are deleted past their retention period. B Submit a request to support to have the logs restored. C Go to Deleted Items, and restore logs from there. D You cannot recover logs once they are past their retention period.
Correct Answer: D Why is this correct? Once logs are past their retention period and are deleted, they are permanently gone. Export logs to Cloud Storage or BigQuery for long-term retention.
For this question, refer to the Dress4Win case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-dress4win-rev2 Which of these compute services could be migrated to GCP "as-is", and still be optimized for a cloud environment? A Hadoop deployed to a Compute Engine cluster B RabbitMQ deployed to an unmanaged instance group C Tomcat servers deployed to an App Engine application D Security monitors, bastion hosts, and Jenkins deployed to Compute Engine instances
Correct Answer: D Why is this correct? These services have no managed service equivalents, therefore Compute Engine instances are the most optimized route.
Your company has different on-premises systems that generate a variety of reports. This data is not well maintained and needs to be cleaned up before it is used for any useful analysis. Which best-practice method should you use to accomplish this task? A Connect Cloud Datalab to your on-premises systems. Use Cloud Datalab to explore and clean your data. B Upload your files into Cloud Storage. Use Cloud Datalab to clean your data. C Connect Cloud Dataprep to your on-premises systems. Use Cloud Dataprep to explore and clean your data. D Upload your files into Cloud Storage. Use Cloud Dataprep to explore and clean your data hosted in Cloud Storage.
Correct Answer: D Why is this correct? This is the correct answer. Dataprep cleans data in a web interface format using data from Cloud Storage or Bigquery.
For this question, refer to the Dress4Win case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-dress4win-rev2 Dress4Win has a number of internal backends that they do not want to be exposed to the public Internet. How can they reduce their external exposure while still allowing maintenance access to resources when working remotely? A Remove the external IP address and use Identity Aware Proxy to access the resource B Remove the external IP address and have remote employees dial into the company VPN connection for maintenance work. C Hide the external IP address behind a load balancer and restrict load balancer access to the internal company network. D Remove the external IP address and use a bastion host to access internal-only resources.
Correct Answer: D Why is this correct? Using a bastion host to access GCP resources without an external IP address is a very secure method for limiting external exposure. Your Answer: B Why is this incorrect? A bastion host is a better option.
For this question, refer to the Dress4Win case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-dress4win-rev2 The Dress4Win developers are evaluating using Google Cloud Platform. They have decided to deploy repeatable templates using Google Cloud Deployment Manager. The developers will deploy their code using the Google Cloud SDK tools. Which of their stated technical requirements does this solution meet? Choose 2 answers. A Easily create non-production environments in the cloud. B Support multiple VPN connections between the production data center and the cloud environment. C Encrypt data on the wire and at rest. D Implement an automation framework for provisioning resources in the cloud.
Correct Answer: A Why is this correct? Deployment Manager can easily create both production and non-production environments in the cloud using infrastructure as code templates and configurations. Correct Answer: D Why is this correct? Using the Google Cloud SDK allows for provisioning and management of Google Cloud Platform resources such as Deployment Manager, which is an automation framework.
Your CI/CD process is as follows, fill in the blanks in order: Container Registry Jenkins A Google Cloud Source Repositories, Google Cloud Build, Google Kubernetes Engine B Google Cloud Storage, Google Cloud Shell, Google Kubernetes Engine C Google Cloud Source Repositories, Google Cloud Storage, Google Kubernetes Engine D Google Cloud Storage, Google Cloud Pub/Sub, Google Compute Engine
Correct Answer: A Why is this correct? Google Cloud Source Repositories provide a Git version-controlled development environment. Google Cloud Build builds Docker images from source repositories like Google Cloud Source Repositories. Finally, Google Kubernetes Engine can run and manage your Docker containers received from a Jenkins deployment pipeline.
For this question, refer to the Dress4Win case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-dress4win-rev2 Dress4Win is expecting major growth after it migrates to Google Cloud Platform. How would you configure their existing environment to properly scale to meet demand on the cloud without making major changes to their environment. (Pick 3 answers) A Migrate their Hadoop cluster to Cloud Dataproc B Migrate their Tomcat and Ngnix servers to App Engine C Migrate MySQL to a MySQL installation on Compute Engine D Migrate Rabbit MQ to Cloud Pub/Sub E Migrate their NAS to a Cloud Storage bucket F Migrate their NAS to a Compute Engine persistent disk
Correct Answer: A Why is this correct? Perfect managed scaling conversion. Correct Answer: D Why is this correct? This is a much better scaling message ingest option. Correct Answer: E Why is this correct? A Cloud Storage bucket has infinite scaling potential. Your Answer: B Why is this incorrect? It would scale, but would require substantial changes to their environment. A managed instance group may be a better choice.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 Mountkirk games is currently running a managed instance group for their game servers. They want to convert to using a CI/CD pipeline using microservices. They need to deploy game resources across the US, Europe, and SE Asia. Their deployed microservices need to be immutable. What products should they use? A HTTP/S Load Balancer, Container Registry, Kubernetes Engine B Network Load Balancer, Container Registry, Kubernetes Engine C App Engine, Cloud Functions, Cloud Deployment Manager D Compute Engine, Cloud Storage, Network Load Balancer
Correct Answer: A Why is this correct? An HTTP/S Load Balancer is able to globally serve multiple regions. Container Registry can store immutable container images for deployment. Kubernetes Engine is able to manage their containerized application.
Your organization is going to use Cloud SQL as the database backend for a large web application. You will be using a failover instance and are able to support small maintenance windows of downtime for updates. Your scaling requirements are as follows: Do not run out of storage/disk space Keep average CPU usage under 80% Keep replication lag under 60 seconds Based on these requirements, how should you set up your Cloud SQL environment? A Provision your instance with a 50 TB persistent disk to ensure you have enough space Create an alert in Stackdriver for replication lag and shard the database to reduce replication time Use a 64-core machine type to make sure you have enough CPU capacity B Enable the automatic storage increase feature for your Cloud SQL instance Create an alert in Stackdriver when CPU usage exceeds 80% and change the instance type to reduce CPU usage. Create an alert in Stackdriver for replication lag and shard the database to reduce replication time C Enable the automatic storage increase feature for your Cloud SQL instance Create an alert in Stackdriver for replication lag and increase the CPU count to reduce replication lag time Create an alert in Stackdriver when CPU usage exceeds 80% and change the instance type to reduce CPU usage D Enable the automatic storage increase feature for your Cloud SQL instance Create an alert in Stackdriver for replication lag and use Memcache to reduce replication time Create an alert in Stackdriver when CPU usage exceeds 80% and change the instance type to reduce CPU usage
Correct Answer: B Why is this correct? This satisfies all requirements: Enabling automatic storage will allow your Cloud SQL instance to automatically increase its storage without user interaction. The CPU alert will allow you to monitor CPU usage, and take steps to improve performance before your database is negatively impacted. The replication lag alert will provide early warning to replication lag issue, allowing you to take action before it is a bigger issue.
Your application is running on Compute Engine. How can you best design your application's architecture that takes into account a disaster recovery plan that requires your application to fail over to another region in case of a regional outage? A Deploy the application on two Compute Engine instance groups, each in the same project but in a different region. Use the first instance group to serve traffic, and use an HTTP load balancer to fail over to the standby instance group in case of a disaster. B Deploy the application on two Compute Engine instances in a single project but in different regions. Use the first instance to serve traffic, and use an HTTP load balancer to fail over to the standby instance in case of a disaster. C Deploy the application on two Compute Engine instance groups, each in separate projects and a different region. Use the first instance group to serve traffic, and use an HTTP load balancer to fail over to the standby instance in case of a disaster. D Deploy the application on a Compute Engine instance. Use the instance to serve traffic, and use an HTTP load balancer to fail over to an instance on an on-premises server in case of a disaster.
Correct Answer: A Why is this correct? There is no need to use separate projects, and this is the best answer.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 After Mountkirk Games' migration to GCP is complete, how can they best monitor their game server backend for performance? A Use Cloud Dataflow to pull metrics to load into Cloud Storage for analysis B Create custom metrics in Stackdriver, and view results (including live dashboards) using Stackdriver Monitoring C Use Pub/Sub to send custom metrics to BigQuery for analysis D Export performance metrics to BigQuery - View performance metrics with Data Studio.
Correct Answer: B Why is this correct? Using Stackdriver Logging and Monitoring is the best route to go.
Your marketing team is moving their marketing analytics data to Google Cloud. They need an online analytical processing (OLAP) storage option for their analytics data. The data is hundreds of terabytes in size and is in relational format. Which managed storage option should you choose? A Cloud SQL B Cloud Datastore C BigQuery D Cloud Spanner
Correct Answer: C Why is this correct? BigQuery meets all of the requirements as it is best suited for analytics, the amount of data required, and works with relational data.
Your business is connected to a VPN connection to GCP. On GCP, you are hosting an internal website using an HTTP load balancer which serves traffic to a managed instance group. Your users are unable to access the internal website, though all systems are up. What is a possible cause for this problem? A You need to enable the Stackdriver debugger to collect more information. B Your load balancer is not set for the correct region. C Firewall rules are not correctly configured. D You've enabled static IP address for the managed instance group servers.
Correct Answer: C Why is this correct? Check to make sure you have proper firewall rules allowing the correct subnets access. Also, make sure another rule with higher priority is not conflicting with it.
You are migrating your organization to the cloud and need to evaluate data processing options. You have no existing codebase or workflows so all options are on the table. Your data processing needs will include a combination of both steaming and batch data processing. Which product should you go with? A Kubernetes Engine B Cloud Dataproc C Cloud Dataflow D Compute Engine with BigQuery
Correct Answer: C Why is this correct? Dataflow is built on top of Apache Beam and is ideal for new, cloud-native batch and streaming data processing.
For this question, refer to the TerramEarth case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-terramearth-rev2 TerramEarth wants to create an API to meet the company's business requirements. You want the development team to focus their development effort on business value versus creating a custom framework. How should they do this? A Use a Compute Engine instance using Swagger for open API framework B Use Cloud Key Management System to house the API C Using Google App Engine with Google Cloud Endpoints, focus on an API for dealers and partners D While using Google App Engine with the Swagger (open API Specification) framework, focus on an API for dealers and partners
Correct Answer: C Why is this correct? Endpoints will manage and project their APIs. The managed solutions will allow them to spend more development effort on their API to better help their partners.
For this question, refer to the TerramEarth case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-terramearth-rev2 To comply with GDPR regulations, TerramEarth must delete data generated from customers in Europe after 36 months. Data is stored in both BigQuery and Cloud Storage. What must they do in order to stay compliant? A In BigQuery, create a table for the European data and set the table retention period for 36 months. In Cloud Storage, create a lifecycle management policy that uses a DELETE action, with an Age condition of 36 months. B Create a BigQuery table for the European data and set the table retention period for 36 months. In Cloud Storage, create a lifecycle management policy with the condition SetStorageClass set to NONE, with an Age condition of 36 months. C In BigQuery, create a time-partitioned table for the European data, and set the partition expiration period to 36 months. In Cloud Storage, create a lifecycle management policy that uses a DELETE action, with an Age condition of 36 months. D In BigQuery, create a time-partitioned table for the European data and set the partition period to 36 months. In Cloud Storage, create a lifecycle management policy with the condition SetStorageClass set to NONE with an Age condition of 36 months.
Correct Answer: C Why is this correct? If we do not create a time-partitioned table vs. just a single table for all entries, we will not be able to effectively remove data for a particular date stamp as easily. We only want the partitioned data for that date removed. For lifecycle management, DELETE is the correct action that will delete unstructured data, and the condition of 'Age' will apply a running age of on object to be automatically removed. Your Answer: A Why is this incorrect? In BigQuery, you'll want to create a time partitioned table so only the partitioned table is removed when the expiration date is met.
For this question, refer to the Dress4Win case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-dress4win-rev2 Dress4Win is evaluating how their current database structure would translate to Google Cloud. They need to know which databases can be converted to a managed service and which ones will need to remain unmanaged. They do not want to re-engineer their databases into a different format. Choose the correct answer for the available options for database hosting, keeping in mind to use managed services where applicable. A Host MySQL database on a Compute Engine instance. B Host their MySQL database on Bigtable C Host MySQL database on Cloud SQL. D Host their MySQL database on Cloud Datastore
Correct Answer: C Why is this correct? MySQL translates directly to Cloud SQL without having to convert the database to a different format and it is a managed service. Their MySQL environment is comfortably less than the storage limit of Cloud SQL, so this option would be the easiest transition.
For this question, refer to the TerramEarth case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-terramearth-rev2 TerramEarth wants to share insights with their dealer network regarding how customers use their equipment. From our discussion on the case study, how might they be able to do this? A Export Stackdriver logs to a data sink and send these reports to dealers. B Use Cloud Dataflow to gain insights. C Use Google Data Studio to create live charts that read directly from BigQuery. Give dealer representatives view rights to these charts to gain better understanding. D Export BigQuery records to a Cloud Storage bucket and give dealer representatives permission to download exported records for viewing.
Correct Answer: C Why is this correct? This is the best answer as it uses live analytics data. Data Studio is able to easily create useful charts from live BigQuery data to get insight.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 Mountkirk Games is migrating the analytics and statistics reporting model from their previous game to one that works with their technical requirements on GCP. Choose two steps that should be part of their conversion plan. A Make plans to move from a single MySQL database to a MySQL cluster B Convert their current ETL pipeline to work with Cloud Dataflow C Migrate to Cloud SQL for their analytical database D Convert their current MySQL database format to work with BigQuery
Correct Answer: B Why is this correct? They will want to migrate their data processing pipeline to Dataflow. Correct Answer: D Why is this correct? BigQuery is a perfect solution for the scale and scope they need for an analytics database.
Your web application uses an auto-scaling managed instance group on a VPC. You want to restrict communications between the instance group and other instances in your VPC to limit which ports they can use. You do not want to restrict traffic by static IP addresses because the app autoscales. How can you best restrict access as needed? A Use unmanaged instance groups to have more control over scaling capabilities B Create firewall rules based on network tags attached to the individual instances C Use the Cloud DNS service to only route communications based on host name D Configure instance service accounts to only allow certain access
Correct Answer: B Why is this correct? This is correct as tags can be automatically be applied to newly added instances in an instance group and can have appropriate restrictions applied as needed.
Your organization stores all customer emails in Cloud Storage for retention and analysis. How should you approach sanitizing this data to remove sensitive information before it is placed in Cloud Storage? A Hash your data using SHA256 B Use the Data Loss Prevention API to automatically detect and redact sensitive data C Encrypt your data using a .boto configuration file D Use Cloud Dataprep to create a recipe to remove PII data
Correct Answer: B Why is this correct? This is the best practice to use.
You are creating a custom machine learning application that recognizes images of certain models of cars using Cloud ML Engine. You need to gather test data and are allowing specific people to submit their own car images for the next 24 hours. Most of your users do not have a Google account. How should you enable your users to submit images? A Have your users upload images to a public Cloud Storage bucket that is protected by a password. Configure this password to expire after 24 hours. B Provide a signed URL that allows users to upload images to Cloud Storage that expires in 24 hours. C Create Google accounts for your users, and instruct them to use the newly created accounts to upload images. Delete the accounts after 24 hours. D Create a Cloud Functions event that will take user-supplied Google Photos URLs and upload them to the Cloud Storage bucket.
Correct Answer: B Why is this correct? This is the preferred method to use.
For this question, refer to the Dress4Win case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-dress4win-rev2 Dress4Win is ready to migrate their on-premises MySQL deployment to the cloud. They want to reduce downtime and performance impact to their on-premises solution during the migration. What should they do? A Use the Cloud SQL migration service to automatically pull data from the on-premises server. B Create a dump of the on-premises MySQL master server, upload it to the cloud environment, then load into a new MySQL cluster. Shut down the on-premises MySQL master server when done. C Set up a MySQL replica/slave in Google Cloud using Cloud SQL and configure it for asynchronous replication from the MySQL master server on-premises until cutover. D Create a Cloud Dataflow job to process data from the on-premises MySQL server and insert it into a Cloud SQL instance.
Correct Answer: C Why is this correct? This is the best approach that results in the least amount of downtime.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 Mountkirk has decided that they want to convert their gaming server backend to use microservices via container images. In working with the new containerized application deployments, they are discovering that deployments are taking too long to meet their KPIs. What is one step they can take to improve their deployment times? A Compress the container images before deploying them B Create large machine types for their GKE cluster C Use a lighter base image such as Alpine Linux D Use Cloud Functions instead of Kubernetes Engine
Correct Answer: C Why is this correct? Using a lighter base image will have a substantially improved effect on deployment size. Your Answer: A Why is this incorrect? This is not possible.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 You need to plan the architecture for Mountkirk Games' game servers. Based on the technical and business requirements, what should you do? A Host the application on Cloud Functions so that it can scale down to zero. B Use App Engine flexible environment to host the application. C Use a Layer 4 Network load balancer that serves managed instances groups that have autoscaling enabled. D Use a global HTTP load balancer that serves managed instances groups that have autoscaling enabled.
Correct Answer: D Why is this correct? An HTTP load balancer can serve instance groups in multiple regions. One of the requirements is to make the game available globally.
For this question, refer to the TerramEarth case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-terramearth-rev2 TerramEarth plans to connect all 20 million of their vehicles to the cloud using a streaming cellular connection. This increases the volume to 20 million 600-byte records a second for 40 TB an hour. Pick the best choice to handle that volume of data ingestion. A Sensors stream directly into BigQuery B Stream into an FTP server C Stream into Cloud Dataflow D Vehicles write data directly to Google Cloud Pub/Sub
Correct Answer: D Why is this correct? Cloud Pub/Sub is designed to handle infinitely-scalable streaming data ingest.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 MountKirk Games needs to set up their game server backend database. Based on their requirements, which storage service best fits their needs? A Cloud SQL B Host databases on a Compute Engine NoSQL instance. C Cloud Dataflow D Cloud Datastore
Correct Answer: D Why is this correct? Datastore is a managed NoSQL database well suited to mobile applications, which meets their requirements. Your Answer: A Why is this incorrect? They need a NoSQL database, Datastore is the better option.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 Mountkirk games is asking for assistance with their new application testing strategy. Compared to their previous games' environment, how would software testing be different on Google Cloud? A They should not perform unit tests, and instead focus only on end to end testing B Testing should only focus on integration testing, not unit testing C They do not need to use and support a testing environment before rolling out to production D The application will be able to scale far beyond their previous capabilities thanks to load tests.
Correct Answer: D Why is this correct? Load tests will be easier to scale on GCP compared to more traditional platforms. Your Answer: A Why is this incorrect? Unit testing should still be the majority of their testing format.
For this question, refer to the Dress4Win case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-dress4win-rev2 For future migration phases, Dress4Win is looking at options to deploy data analytics to the Google Cloud. Which option meets their business and technical requirements? A Run current jobs from the current technical environment on Google Cloud Dataproc. B Review all current data jobs. Identify the most critical jobs and develop Google Cloud Dataflow pipelines to process data. C Deploy a Hadoop/Spark cluster to Google Compute Engine virtual machines. Move current jobs from the current technical environment and run them on the Hadoop/Spark cluster. D Review all current data jobs. Identify the most critical jobs and create Google BigQuery tables to store and query data.
Correct Answer: A Why is this correct? There is no requirement to migrate the current jobs to a different technology. The business does need to be able to automatically and rapidly provision new resources, of which a managed service offering is able to provide for their Hadoop and Spark requirements. Using Google Cloud Dataproc allows the current jobs to execute within Google Cloud Platform on a managed services offering. Additionally, Cloud Dataproc is considered to be within Google's best practices for running Hadoop and Spark workloads on GCP.
For this question, refer to the TerramEarth case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-terramearth-rev2 One of TerramEarth's current pain points is that their current analytics software only allows 2 users to use it at a time due to licensing constraints. Following a migration to Google Cloud, how can they best address this? A Use Data Studio in place of their current software B Increase the number of licenses for their software and use it to view BigQuery data C Migrating their current software to Google Cloud means they won't have to manage licenses anymore D Use Cloud Pub/Sub in place of their their current software
Correct Answer: A Why is this correct? This is the best drop-in replacement.
Your company wants to control IAM policies for different departments. The departments must be independent from each other, however, you want to centrally manage the IAM policies for each individual department. How should you approach this? A Use a single Organization with a Folder for each department B Multiple Organizations, one for each department C Multiple Organizations with multiple Folders D Create a single Organization with multiple projects, each with a central owner
Correct Answer: A Why is this correct? This is the best structure to use. One single organization for the entire company. Organize departments inside folders inside of the single organization. You can then apply a single IAM policy to the single department folder, which will be applied to any projects or subfolders inside of it.
For this question, refer to the TerramEarth case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-terramearth-rev2 Considering TerramEarth's requirements, what would be a suitable data warehouse solution for the company? A Create a 96-CPU Compute Engine instance with a 65 TB persistent disk B Use a BigQuery with table partitioning C Use BigQuery with federated data sources D Use Cloud Spanner
Correct Answer: B Why is this correct? BigQuery is the best choice for data warehousing. Table partitioning will allow them to more easily handle the massive amount of data they will be dealing with by breaking it up into days.
You have an App Engine Standard Environment application that uses Cloud SQL for the database backend. During peak usage hours, the number of query requests to Cloud SQL are resulting in a drop in performance. How can you best help mitigate performance bottlenecks for common queries? A Switch to App Engine Flexible Environment B Set App Engine's Memcache to a dedicated service level and increase the cache capacity to meet the peak load of queries C Increase the memory of your Cloud SQL database D Set App Engine's Memcache to shared service level.
Correct Answer: B Why is this correct? Dedicated Memcache has a cost attached to it, however, it is able to dedicate in-memory caching of common queries to help performance.
A recent software update to an e-commerce website running on Google Cloud has caused the website to crash for several hours. The CTO decides that all critical changes must now have a back-out/roll-back plan. The website is deployed on hundreds of virtual machines (VMs), and critical changes are frequent. Which two actions should you take to implement the back-out/roll-back plan? (Choose two) A Create a snapshot of each VM prior to an update, and recover the VM from the snapshot in case of a new version failure. B Use managed instance groups with the Rolling Update feature to manage versions of your application C Create a Nearline copy for the website's static data files stored in Google Cloud Storage. D Enable object versioning on the website's static data files stored in Google Cloud Storage.
Correct Answer: B Why is this correct? Managed instance group updater allows for easy management of the VMs and lets GCE take care of updating each instance. Correct Answer: D Why is this correct? Object versioning is a seamless way to ensure the last known good version of the static content is always available.
Your company wants to reduce cost on infrequently accessed data by moving it to the cloud. The data is still accessed approximately once a month to refresh historical charts. In addition, data older than 5 years is no longer needed. Where should you store it and how should you manage the data? A Place the data in Google Cloud Storage in a Multi-Regional bucket. Set an Object Lifecycle Management policy to change the storage class to Coldline for data older than 5 years. B Place the data in Google Cloud Storage in a Nearline bucket. Set an Object Lifecycle Management policy to delete data older than 5 years. C Place the data In Google Cloud Storage in a Nearline bucket. Set an Object Lifecycle Management policy to change the storage class to Coldline for data older than 5 years. D Place the data on a single-region persistent disk. Create a cron job to delete the disk after 5 years.
Correct Answer: B Why is this correct? Once-a-month access fits the usage requirements for a Nearline bucket. The Object Lifecycle Management policy is correct as we need to delete the data after 5 years.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 Mountkirk Games' gaming servers are not scaling properly, especially since they have recently become much more popular. As a result, the game's performance has suffered with slow response times. What is the first thing they should check? A Verify that a recent update is not impacting performance B Verify that they haven't exceeded their project quota C Make sure Memcache is not out of capacity D Check for latency in the VPC network
Correct Answer: B Why is this correct? Since the app has recently become popular, they may have hit their upper scaling limit due to resource quotas. If they hit their quota, then their app will not scale above the quota cap, hence the slow response times.
You are in a sensitive environment where public Internet access from the Compute Engine VMs are not allowed. You do not have a VPN connection to your on-premises file server. You need to install specific software on a Compute Engine instance. You are able to connect to your private VM using a bastion host. How should you install the software? A Upload the installation files to Cloud Storage and use firewall rules to block all traffic except the IP address range for Cloud Storage. Download the files to the VM using gsutil. B Upload the installation files to Cloud Source Repositories and use firewall rules to block all traffic except the IP address range for Cloud Source Repositories. Download the files to the VM using gsutil. C Upload the installation files to Cloud Source Repositories. Configure the VM on a subnet with a Private Google Access subnet. Assign only an internal IP address to the VM. Download the installation files to the VM using gcloud. D Upload the installation files to Cloud Storage. Configure the VM on a subnet with a Private Google Access subnet. Assign only an internal IP address to the VM. Download the installation files to the VM using gsutil.
Correct Answer: D Why is this correct? Private Google Access will allow VMs on your subnet to access GCP resources without a public IP address.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 MountKirk Games needs to build out their streaming data analytics pipeline to feed from their game backend application. What GCP services in which order will achieve this? A Cloud Storage - Cloud Dataflow - BigQuery B Cloud Pub/Sub - Cloud Dataflow - Data Studio C Cloud Dataproc - Cloud Storage - BigQuery D Cloud Pub/Sub - Cloud Dataflow - BigQuery
Correct Answer: D Why is this correct? Pub/Sub handles streaming data in real time while accounting for slower mobile networks. Dataflow will transform the data as they see fit. BigQuery is a data warehouse which runs queries using SQL format.
A lead software engineer tells you that his new application design uses WebSockets and HTTP sessions that are not distributed across the web servers. You want to help him ensure his application will run properly on Google Cloud Platform. What should you do? A Help the engineer redesign the application to use a distributed user session service that does not rely on WebSockets and HTTP sessions. B Help the engineer to convert his WebSocket code to use HTTP streaming. C Review the encryption requirements for WebSocket connections with the security team. D Meet with the cloud operations team and the engineer to discuss load balancer options.
Correct Answer: D Why is this correct? The HTTP(S) load balancer in GCP handles WebSocket traffic natively. Backends that use WebSocket to communicate with clients can use the HTTP(S) load balancer as a front end for scale and availability.
For this question, refer to the MountKirk Games case study: https://cloud.google.com/certification/guides/cloud-architect/casestudy-mountkirkgames-rev2 You are planning the best database workloads for Mountkirk Games analytics requirements. Considering the business and technical requirements, what actions should you take? A Use Cloud SQL for time series data. Use Cloud Bigtable for historical data queries. B Use Cloud Bigtable for time series data, use Cloud Spanner for transactional data, and use BigQuery for historical data queries. C Replace MySQL with Cloud SQL and use Cloud Spanner for historical data queries. D Use Cloud Bigtable to replace MySQL and use BigQuery for historical data queries.
Correct Answer: D Why is this correct? This is the most correct answer of the given choices. Bigtable is well suited for holding time series data and BigQuery can query data in Bigtable. Alternatively, BigQuery can also be used for both solutions if low latency response times are not required. Your Answer: B Why is this incorrect? One of the requirements is to use a NoSQL database for transactional data. Cloud Spanner is a SQL/relational database.
You can SSH into an instance from another instance in the same VPC by its internal IP address, but not its external IP address. What is one possible reason why this is so? A The receiving instance has an ephemeral address instead of a reserved address. B The outgoing instance does not have correct permission granted to its service account. C The external IP address is disabled. D The firewall rule to allow SSH is restricted to the internal VPC.
Correct Answer: D Why is this correct? When connecting to another instance by its external address, you're going out to the external Internet and back to the external address. If traffic is restricted to the local VPC, it will reject this attempt as it is coming from an external source.
You are migrating your on-premises application to Google Cloud. You will use the Cloud VPN service to connect your on-premises systems and Google Cloud until the migration is completed. What should you do to make sure that all network resources remain reachable during the migration? A Use the same IP range on your Google Cloud VPC as you use on-premises for your primary IP range and use a secondary range that does not overlap with the range you use on-premises B Use an IP range on your Google Cloud VPC that does not overlap with the range you use on-premises for your primary IP range and use a secondary range with the same IP range as you use on-premises C Use the same IP range on your Google Cloud VPC as you use on-premises D Use an IP range on your Google Cloud VPC that does not overlap with the range you use on-premises
Correct Answer: D Why is this correct? You need to ensure that none of your IP ranges overlap each other on either your on-premises or Google Cloud VPC networks.
