• Home
  • Articles
  • [Jan 05, 2024] Associate-Cloud-Engineer PDF Recently Updated Questions Dumps to Improve Exam Score [Q127-Q152]

[Jan 05, 2024] Associate-Cloud-Engineer PDF Recently Updated Questions Dumps to Improve Exam Score [Q127-Q152]

Share

[Jan 05, 2024] Associate-Cloud-Engineer PDF Recently Updated Questions Dumps to Improve Exam Score

Associate-Cloud-Engineer Dumps Full Questions with Free PDF Questions to Pass


Career prospects

The professionals with the Google Associate Cloud Engineer certification can explore different job roles. Some of these include a Cloud Operations Engineer, a Cloud Services Engineer, a Cloud Solutions Systems Engineer, a Cloud Network Engineer, and a Software Engineer. The average salary for these certified specialists is $74,000 per year. The actual salary depends on your position and level of experience.


Below are the requirements of Associate Cloud Engineer Exam

There is no prerequisite for Oracle Associate Cloud Engineer certification.

 

NEW QUESTION # 127
The core business of your company is to rent out construction equipment at a large scale. All the equipment that is being rented out has been equipped with multiple sensors that send event information every few seconds. These signals can vary from engine status, distance traveled, fuel level, and more. Customers are billed based on the consumption monitored by these sensors. You expect high throughput - up to thousands of events per hour per device - and need to retrieve consistent data based on the time of the event. Storing and retrieving individual signals should be atomic. What should you do?

  • A. Ingest the data into Datastore. Store data in an entity group based on the device.
  • B. Create a file in Cloud Storage per device and append new data to that file.
  • C. Create a file in Cloud Filestore per device and append new data to that file.
  • D. Ingest the data into Cloud Bigtable. Create a row key based on the event timestamp.

Answer: A


NEW QUESTION # 128
You are building a new version of an application hosted in an App Engine environment. You want to test the new version with 1% of users before you completely switch your application over to the new version. What should you do?

  • A. Deploy a new version as a separate app in App Engine. Then configure App Engine using GCP Console to split traffic between the two apps.
  • B. Deploy a new version of your application in App Engine. Then go to App Engine settings in GCP Console and split traffic between the current version and newly deployed versions accordingly.
  • C. Deploy a new version of your application in Google Kubernetes Engine instead of App Engine and then use GCP Console to split traffic.
  • D. Deploy a new version of your application in a Compute Engine instance instead of App Engine and then use GCP Console to split traffic.

Answer: B


NEW QUESTION # 129
The DevOps group in your organization needs full control of Compute Engine resources in your development project. However, they should not have permission to create or update any other resources in the project. You want to follow Google's recommendations for setting permissions for the DevOps group. What should you do?

  • A. Grant the basic role roles/viewer and the predefined role roles/compute.admin to the DevOps group.
  • B. Create an 1AM policy and grant all compute. instanceAdmln." permissions to the policy Attach the policy to the DevOps group.
  • C. Create a custom role at the folder level and grant all compute. instanceAdmln. * permissions to the role Grant the custom role to the DevOps group.
  • D. Grant the basic role roles/editor to the DevOps group.

Answer: A


NEW QUESTION # 130
You are building a pipeline to process time-series data.
Which Google Cloud Platform services should you put in boxes 1,2,3, and 4?

  • A. Cloud Pub/Sub, Cloud Storage, BigQuery, Cloud Bigtable
  • B. Cloud Pub/Sub, Cloud Dataflow, Cloud Bigtable, BigQuery
  • C. Cloud Pub/Sub, Cloud Dataflow, Cloud Datastore, BigQuery
  • D. Firebase Messages, Cloud Pub/Sub, Cloud Spanner, BigQuery

Answer: B

Explanation:
Correct answer is D as Cloud Pub/Sub for data ingestion, Dataflow for data handling and transformation, Bigtable for storage to provide low latency data access and BigQuery for analytics Whenever we want to process timeseries data look for BigTable.
Also you want to perform analystics in Box 4 ..look for BigQuery
https://cloud.google.com/blog/products/databases/getting-started-with-time-series-trend- predictions-using-gcp


NEW QUESTION # 131
You will have several applications running on different Compute Engine instances in the same project. You want to specify at a more granular level the service account each instance uses when calling Google Cloud APIs. What should you do?

  • A. After starting the instances, use gcloud compute instances update to specify a Service Account for each instance
  • B. When creating the instances, assign the name of each Service Account as instance metadata
  • C. After starting the instances, use gcloud compute instances update to assign the name of the relevant Service Account as instance metadata
  • D. When creating the instances, specify a Service Account for each instance

Answer: D

Explanation:
When you create an instance using the gcloud command-line tool or the Google Cloud Console, you can specify which service account the instance uses when calling Google Cloud APIs.
https://cloud.google.com/compute/docs/access/service-
accounts#associating_a_service_account_to_an_instance


NEW QUESTION # 132
Your company is moving its entire workload to Compute Engine. Some servers should be accessible through the Internet, and other servers should only be accessible over the internal network. All servers need to be able to talk to each other over specific ports and protocols. The current on-premises network relies on a demilitarized zone (DMZ) for the public servers and a Local Area Network (LAN) for the private servers. You need to design the networking infrastructure on Google Cloud to match these requirements. What should you do?

  • A. 1. Create a VPC with a subnet for the DMZ and another VPC with a subnet for the LAN.
    2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public egress traffic for the DMZ.
  • B. 1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN.
    2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public egress traffic for the DMZ.
  • C. 1. Create a VPC with a subnet for the DMZ and another VPC with a subnet for the LAN.
    2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ.
  • D. 1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN.
    2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ.

Answer: D

Explanation:
By default traffic between subnets on a VPC network is not allowed (except on the "default" network).
(This blocks traffic between all instances, not just traffic between subnets => FW rules must be defined to allow communications between all instances, regardless the subnets)
2 VPC will not work without peering.


NEW QUESTION # 133
You are analyzing Google Cloud Platform service costs from three separate projects. You want to use this information to create service cost estimates by service type, daily and monthly, for the next six months using standard query syntax. What should you do?

  • A. Export your bill to a BigQuery dataset, and then write time window-based SQL queries for analysis.
  • B. Export your bill to a Cloud Storage bucket, and then import into Cloud Bigtable for analysis.
  • C. Export your bill to a Cloud Storage bucket, and then import into Google Sheets for analysis.
  • D. Export your transactions to a local file, and perform analysis with a desktop tool.

Answer: A

Explanation:
Explanation
"...we recommend that you enable Cloud Billing data export to BigQuery at the same time that you create a Cloud Billing account. " https://cloud.google.com/billing/docs/how-to/export-data-bigquery
https://medium.com/google-cloud/analyzing-google-cloud-billing-data-with-big-query-30bae1c2aae4


NEW QUESTION # 134
You have a web application deployed as a managed instance group. You have a new version of the application to gradually deploy. Your web application is currently receiving live web traffic.
You want to ensure that the available capacity does not decrease during the deployment. What should you do?

  • A. Perform a rolling-action start-update with maxSurge set to 0 and maxUnavailable set to 1.
  • B. Create a new instance template with the new application version.
    Update the existing managed instance group with the new instance template.
    Delete the instances in the managed instance group to allow the managed instance group to recreate the instance using the new instance template.
  • C. Perform a rolling-action start-update with maxSurge set to 1 and maxUnavailable set to 0.
  • D. Create a new managed instance group with an updated instance template.
    Add the group to the backend service for the load balancer.
    When all instances in the new managed instance group are healthy, delete the old managed instance group.

Answer: C

Explanation:
We need to ensure the global capacity remains intact, for that reason we need to establish maxUnavailable to 0. On the other hand, we need to ensure new instances can be created. We do that by establishing the maxSurge to 1.
Option C is more expensive and more difficult to set up and option D won't meet requirements since it won't keep global capacity intact.
https://cloud.google.com/compute/docs/instance-groups/rolling-out-updates-to-managed- instance-groups#options


NEW QUESTION # 135
You are running an application on multiple virtual machines within a managed instance group and have autoscaling enabled. The autoscaling policy is configured so that additional instances are added to the group if the CPU utilization of instances goes above 80%. VMs are added until the instance group reaches its maximum limit of five VMs or until CPU utilization of instances lowers to 80%. The initial delay for HTTP health checks against the instances is set to 30 seconds. The virtual machine instances take around three minutes to become available for users. You observe that when the instance group autoscales, it adds more instances then necessary to support the levels of end-user traffic. You want to properly maintain instance group sizes when autoscaling. What should you do?

  • A. Set the maximum number of instances to 1.
  • B. Use a TCP health check instead of an HTTP health check.
  • C. Decrease the maximum number of instances to 3.
  • D. Increase the initial delay of the HTTP health check to 200 seconds.

Answer: D

Explanation:
The reason is that when you do health check, you want the VM to be working. Do the first check after initial setup time of 3 mins = 180 s < 200 s is reasonable.
The reason why our autoscaling is adding more instances than needed is that it checks 30 seconds after launching the instance and at this point, the instance isnt up and isnt ready to serve traffic. So our autoscaling policy starts another instance again checks this after 30 seconds and the cycle repeats until it gets to the maximum instances or the instances launched earlier are healthy and start processing traffic which happens after 180 seconds (3 minutes). This can be easily rectified by adjusting the initial delay to be higher than the time it takes for the instance to become available for processing traffic. So setting this to 200 ensures that it waits until the instance is up (around 180-second mark) and then starts forwarding traffic to this instance. Even after a cool out period, if the CPU utilization is still high, the autoscaler can again scale up but this scale-up is genuine and is based on the actual load.
Initial Delay Seconds This setting delays autohealing from potentially prematurely recreating the instance if the instance is in the process of starting up. The initial delay timer starts when the currentAction of the instance is VERIFYING. Ref: https://cloud.google.com/compute/docs/instance-groups/autohealing-instances-in-migs


NEW QUESTION # 136
You are working with a Cloud SQL MySQL database at your company. You need to retain a month-end copy of the database for three years for audit purposes. What should you do?

  • A. Save the automatic first-of-the-month backup for three years. Store the backup file in an Archive class Cloud Storage bucket.
  • B. Set up an on-demand backup for the first of the month. Write the backup to an Archive class Cloud Storage bucket.
  • C. Convert the automatic first-of-the-month backup to an export file. Write the export file to a Coldline class Cloud Storage bucket.
  • D. Set up an export job for the first of the month. Write the export file to an Archive class Cloud Storage bucket.

Answer: A


NEW QUESTION # 137
You created several resources in multiple Google Cloud projects. All projects are linked to different billing accounts. To better estimate future charges, you want to have a single visual representation of all costs incurred. You want to include new cost data as soon as possible. What should you do?

  • A. Fill all resources in the Pricing Calculator to get an estimate of the monthly cost.
  • B. Use the Reports view in the Cloud Billing Console to view the desired cost information.
  • C. Visit the Cost Table page to get a CSV export and visualize it using Data Studio.
  • D. Configure Billing Data Export to BigQuery and visualize the data in Data Studio.

Answer: D

Explanation:
https://cloud.google.com/billing/docs/how-to/export-data-bigquery "Cloud Billing export to BigQuery enables you to export detailed Google Cloud billing data (such as usage, cost estimates, and pricing data) automatically throughout the day to a BigQuery dataset that you specify."


NEW QUESTION # 138
You recently deployed a new version of an application to App Engine and then discovered a bug in the release. You need to immediately revert to the prior version of the application. What should you do?

  • A. Deploy the original version as a separate application. Then go to App Engine settings and split traffic between applications so that the original version serves 100% of the requests.
  • B. On the App Engine page of the GCP Console, select the application that needs to be reverted and click Revert.
  • C. On the App Engine Versions page of the GCP Console, route 100% of the traffic to the previous version.
  • D. Run gcloud app restore.

Answer: A


NEW QUESTION # 139
Your developers have been thoroughly logging everything that happens in the API. The API allows end users to request the data as JSON, XML, CSV, and XLS. Supporting all of these formats is taking a lot of developer effort. Management would like to start tracking which options are used over the next month. Without modifying the code, what's the fastest way to be able to report on this data at the end of the month?

  • A. Create a custom counter logging metric that uses a regex to extract the data format into a label. At the end of the month, use the metric
    viewer to see the group by the label.
  • B. Create a custom monitoring metric in code and edit the API code to set the metric each time the API is called.
  • C. Export the logs to excel, and search for the different fields.
  • D. Create a log sink that filters for rows that mention the data format. Export that to BigQuery, and run a query at the end of the month.

Answer: A,C


NEW QUESTION # 140
You built an application on Google Cloud Platform that uses Cloud Spanner. Your support team needs to monitor the environment but should not have access to table data. You need a streamlined solution to grant the correct permissions to your support team, and you want to follow Google-recommended practices. What should you do?

  • A. Add the support team group to the roles/monitoring.viewer role
  • B. Add the support team group to the roles/spanner.databaseUser role.
  • C. Add the support team group to the roles/stackdriver.accounts.viewer role.
  • D. Add the support team group to the roles/spanner.databaseReader role.

Answer: A


NEW QUESTION # 141
You need to create a custom VPC with a single subnet. The subnet's range must be as large as possible. Which range should you use?

  • A. 10.0.0.0/8
  • B. 172.16.0.0/12
  • C. 192.168.0.0/16
  • D. .00.0.0/0

Answer: A

Explanation:
Explanation
https://cloud.google.com/vpc/docs/vpc#manually_created_subnet_ip_ranges


NEW QUESTION # 142
Your developers have created an application that needs to be able to make calls to Cloud Storage and BigQuery. The code is going to run inside a container and will run on Kubernetes Engine and on-premises.
What's the best way for them to authenticate to the Google Cloud services?

  • A. Use the default service account for App Engine which already has the required permissions.
  • B. Create a service account, grant it the least viable privileges to the required services, generate and download a key. Use the key to authenticate inside the application.
  • C. Create a service account, with editor permissions, generate and download a key. Use the key to authenticate inside the application.
  • D. Use the default service account for Compute Engine which already has the required permissions.

Answer: B


NEW QUESTION # 143
You have a Dockerfile that you need to deploy on Kubernetes Engine. What should you do?

  • A. Create a docker image from the Dockerfile and upload it to Cloud Storage.
    Create a Deployment YAML file to point to that image.
    Use kubectl to create the deployment with that file.
  • B. Use gcloud app deploy <dockerfilename>.
  • C. Create a docker image from the Dockerfile and upload it to Container Registry.
    Create a Deployment YAML file to point to that image.
    Use kubectl to create the deployment with that file.
  • D. Use kubectl app deploy <dockerfilename>.

Answer: C

Explanation:
Create the image prior to deployment:
https://cloud.google.com/kubernetes-engine/docs/tutorials/hello-app
You cant deploy a docker file


NEW QUESTION # 144
Your company runs its Linux workloads on Compute Engine instances. Your company will be working with a new operations partner that does not use Google Accounts. You need to grant access to the instances to your operations partner so they can maintain the installed tooling. What should you do?

  • A. Ask the operations partner to generate SSH key pairs, and add the public keys to the VM instances.
  • B. Tag all the instances with the same network tag. Create a firewall rule in the VPC to grant TCP access on port 22 for traffic from the operations partner to instances with the network tag.
  • C. Set up Cloud VPN between your Google Cloud VPC and the internal network of the operations partner.
  • D. Enable Cloud IAP for the Compute Engine instances, and add the operations partner as a Cloud IAP Tunnel User.

Answer: A

Explanation:
IAP controls access to your App Engine apps and Compute Engine VMs running on Google Cloud. It leverages user identity and the context of a request to determine if a user should be allowed access. IAP is a building block toward BeyondCorp, an enterprise security model that enables employees to work from untrusted networks without using a VPN.
By default, IAP uses Google identities and IAM. By leveraging Identity Platform instead, you can authenticate users with a wide range of external identity providers, such as:
Email/password
OAuth (Google, Facebook, Twitter, GitHub, Microsoft, etc.)
SAML
OIDC
Phone number
Custom
Anonymous
This is useful if your application is already using an external authentication system, and migrating your users to Google accounts is impractical.
https://cloud.google.com/iap/docs/using-tcp-forwarding#grant-permission


NEW QUESTION # 145
You are working for a hospital that stores Its medical images in an on-premises data room. The hospital wants to use Cloud Storage for archival storage of these images. The hospital wants an automated process to upload any new medical images to Cloud Storage. You need to design and implement a solution. What should you do?

  • A. In the Cloud Console, go to Cloud Storage Upload the relevant images to the appropriate bucket
  • B. Deploy a Dataflow job from the batch template "Datastore lo Cloud Storage" Schedule the batch job on the desired interval
  • C. Create a Pub/Sub topic, and enable a Cloud Storage trigger for the Pub/Sub topic. Create an application that sends all medical images to the Pub/Sub lope
  • D. Create a script that uses the gsutil command line interface to synchronize the on- premises storage with Cloud Storage Schedule the script as a cron job

Answer: D

Explanation:
Keyword, they require cloud storage for archival and the want to automate the process to upload new medical image to cloud storage, hence we go for gsutil to copy on-prem images to cloud storage and automate the process via cron job. whereas Pub/Sub listens to the changes in the Cloud Storage bucket and triggers the pub/sub topic, which is not required.


NEW QUESTION # 146
You are deploying a production application on Compute Engine. You want to prevent anyone from accidentally destroying the instance by clicking the wrong button. What should you do?

  • A. Enable delete protection on the instance.
  • B. Disable Automatic restart on the instance.
  • C. Enable Preemptibility on the instance.
  • D. Disable the flag "Delete boot disk when instance is deleted."

Answer: D

Explanation:
https://googlecloudplatform.uservoice.com/forums/302595-compute-
engine/suggestions/14227521-set-delete-boot-disk-when-instance-is-deleted-to


NEW QUESTION # 147
You have been asked to set up the billing configuration for a new Google Cloud customer. Your customer wants to group resources that share common IAM policies. What should you do?

  • A. Use labels to group resources that share common IAM policies
  • B. Use folders to group resources that share common IAM policies
  • C. Set up a proper project naming structure to group IAM policies
  • D. Set up a proper billing account structure to group IAM policies

Answer: B

Explanation:
Folders are nodes in the Cloud Platform Resource Hierarchy. A folder can contain projects, other folders, or a combination of both. Organizations can use folders to group projects under the organization node in a hierarchy. For example, your organization might contain multiple departments, each with its own set of Google Cloud resources. Folders allow you to group these resources on a per-department basis. Folders are used to group resources that share common IAM policies. While a folder can contain multiple folders or resources, a given folder or resource can have exactly one parent. https://cloud.google.com/resource-manager/docs/creating-managing-folders


NEW QUESTION # 148
Your company publishes large files on an Apache web server that runs on a Compute Engine instance. The Apache web server is not the only application running in the project. You want to receive an email when the egress network costs for the server exceed 100 dollars for the current month as measured by Google Cloud Platform (GCP). What should you do?

  • A. Set up a budget alert on the billing account with an amount of 100 dollars, a threshold of 100%, and notification type of "email."
  • B. Export the billing data to BigQuery. Create a Cloud Function that uses BigQuery to sum the egress network costs of the exported billing data for the Apache web server for the current month and sends an email if it is over 100 dollars. Schedule the Cloud Function using Cloud Scheduler to run hourly.
  • C. Set up a budget alert on the project with an amount of 100 dollars, a threshold of 100%, and notification type of "email."
  • D. Use the Stackdriver Logging Agent to export the Apache web server logs to Stackdriver Logging. Create a Cloud Function that uses BigQuery to parse the HTTP response log data in Stackdriver for the current month and sends an email if the size of all HTTP responses, multiplied by current GCP egress prices, totals over 100 dollars. Schedule the Cloud Function using Cloud Scheduler to run hourly.

Answer: B

Explanation:
https://blog.doit-intl.com/the-truth-behind-google-cloud-egress-traffic-6e8f57b5c2f8


NEW QUESTION # 149
You have designed a solution on Google Cloud Platform (GCP) that uses multiple GCP products. Your company has asked you to estimate the costs of the solution. You need to provide estimates for the monthly total cost. What should you do?

  • A. For each GCP product in the solution, review the pricing details on the products pricing page. Create a Google Sheet that summarizes the expected monthly costs for each product.
  • B. Provision the solution on GCP. Leave the solution provisioned for 1 week. Use Stackdriver to determine the provisioned and used resource amounts. Multiply the 1 week cost to determine the monthly costs.
  • C. For each GCP product in the solution, review the pricing details on the products pricing page. Use the pricing calculator to total the monthly costs for each GCP product.
  • D. Provision the solution on GCP. Leave the solution provisioned for 1 week. Navigate to the Billing Report page in the Google Cloud Platform Console. Multiply the 1 week cost to determine the monthly costs.

Answer: D


NEW QUESTION # 150
Your Dataproc cluster runs in a single Virtual Private Cloud (VPC) network in a single subnet with range
172.16.20.128/25. There are no private IP addresses available in the VPC network. You want to add new VMs to communicate with your cluster using the minimum number of steps. What should you do?

  • A. Create a new Secondary IP Range in the VPC and configure the VMs to use that range.
  • B. Create a new VPC network for the VMs with a subnet of 172.32.0.0/16. Enable VPC network Peering between the Dataproc VPC network and the VMs VPC network. Configure a custom Route exchange.
  • C. Modify the existing subnet range to 172.16.20.0/24.
  • D. Create a new VPC network for the VMs. Enable VPC Peering between the VMs' VPC network and the Dataproc cluster VPC network.

Answer: C

Explanation:
Explanation
/25:
CIDR to IP Range
Result
CIDR Range 172.16.20.128/25
Netmask 255.255.255.128
Wildcard Bits 0.0.0.127
First IP 172.16.20.128
First IP (Decimal) 2886734976
Last IP 172.16.20.255
Last IP (Decimal) 2886735103
Total Host 128
CIDR
172.16.20.128/25
/24:
CIDR to IP Range
Result
CIDR Range 172.16.20.128/24
Netmask 255.255.255.0
Wildcard Bits 0.0.0.255
First IP 172.16.20.0
First IP (Decimal) 2886734848
Last IP 172.16.20.255
Last IP (Decimal) 2886735103
Total Host 256
CIDR
172.16.20.128/24


NEW QUESTION # 151
Your VMs are running in a subnet that has a subnet mask of 255.255.255.240. The current subnet has no more free IP addresses and you require an additional 10 IP addresses for new VMs. The existing and new VMs should all be able to reach each other without additional routes. What should you do?

  • A. Create a new project. Use Shared VPC to share the current network with the new project.
  • B. Create a new subnet with the same starting IP but a wider range to overwrite the current subnet.
  • C. Delete the subnet, and recreate it using a wider range of IP addresses.
  • D. Use gcloud to expand the IP range of the current subnet.

Answer: A


NEW QUESTION # 152
......


Google Associate-Cloud-Engineer Certification Exam is an entry-level certification that can help individuals kick-start their career in cloud computing. Google Associate Cloud Engineer Exam certification is suitable for individuals who have some basic knowledge of cloud computing concepts and have experience working with GCP. Associate-Cloud-Engineer exam is ideal for IT professionals, system administrators, and developers who want to validate their skills and knowledge in using GCP. Google Associate Cloud Engineer Exam certification exam is conducted online and comprises of multiple-choice questions that assess the candidates' understanding of GCP services and their ability to use them in real-world scenarios. Passing the exam leads to the award of the Google Associate Cloud Engineer certification, which is highly valued in the IT industry.

 

100% Updated Google Associate-Cloud-Engineer Enterprise PDF Dumps: https://www.vceprep.com/Associate-Cloud-Engineer-latest-vce-prep.html

Free Google Cloud Certified Associate-Cloud-Engineer Official Cert Guide PDF Download: https://drive.google.com/open?id=1O10JVvfhHT1nYfhrmH060VhOLyvjaFch

Related Articles

more
Google Associate-Cloud-Engineer Certification Practice Exam