Google Certified Professional Cloud Architect 證照考古題大全

小豬科技

2024/10/23閱讀時間約 245 分鐘

谷歌雲端架構師證照題庫彙整 20241023

Google Certified Professional Cloud Architect

Google Cloud Platform（GCP 谷歌雲）全系列考古題，2024年最新題庫，持續更新，全網最完整。GCP 證照含金量高，自我進修、跨足雲端產業必備近期版本更新，隨時追蹤最新趨勢變化。

QUESTION 321

Introductory Info Company overview -

Mountkirk Games makes online, session-based, multiplayer games for mobile platforms. They have recentlystarted expanding to other platforms after successfully migrating their on-premises environments to Google Cloud.

Their most recent endeavor is to create a retro-style first-person shooter (FPS) game that allows hundreds of simultaneous players to join a geo-specific digital arena from multiple platforms and locations. A real- time digitalbanner will display a global leaderboard of all the top players across every active arena.

Solution concept -

Mountkirk Games is building a new multiplayer game that they expect to be very popular. They plan to deploy the game TMs backend on Google Kubernetes Engine so they can scale rapidly and use Google TMs global loadbalancer to route players to the closest regional game arenas. In order to keep the global leader board in sync, theyplan to use a multi-region Spanner cluster.

Existing technical environment -

The existing environment was recently migrated to Google Cloud, and five games came across using lift- and-shift virtual machine migrations, with a few minor exceptions. Each new game exists in an isolated Google Cloudproject nested below a folder that maintains most of the permissions and network policies. Legacy games with low traffic have been consolidated into a single project. There are also separate environments for developmentand testing.

Business requirements -

Support multiple gaming platforms. Supportmultiple regions.

Support rapid iteration of game features.Minimize latency.

Optimize for dynamic scaling.

Use managed services and pooled resources.Minimize costs.

Technical requirements -

Dynamically scale based on game activity.

Publish scoring data on a near real-time global leaderboard. Store game activity logs in structured files for future analysis. Use GPU processing to render graphics server-side for multi-platform support. Support eventual migrationof legacy games to this new platform.

Executive statement -

Our last game was the first time we used Google Cloud, and it was a tremendous success. We were able to analyzeplayer behavior and game telemetry in ways that we never could before. This success allowed us to bet on a full migration to the cloud and to start building all-new games using cloud-native design principles. Our new game is our most ambitious to date and will open up doors for us to support more gaming platforms beyond mobile. Latency is our top priority, although cost management is the next most important challenge. As with our first cloud-based game, we have grown to expect the cloud to enable advanced analytics capabilities so we can rapidly iterate on ourdeployments of bug fixes and new functionality.

Question Mountkirk Games wants to limit the physical location of resources to their operating Google Cloud regions.What should you do?

A. Configure an organizational policy which constrains where resources can be deployed.

B. Configure IAM conditions to limit what resources can be configured.

C. Configure the quotas for resources in the regions not being used to 0.

D. Configure a custom alert in Cloud Monitoring so you can disable resources as they are created in otherregions.

Correct Answer: A

Section: (none)

QUESTION 322

Introductory Info Company overview -

Solution concept -

Existing technical environment -

Business requirements -

Support multiple gaming platforms. Supportmultiple regions.

Support rapid iteration of game features.Minimize latency.

Optimize for dynamic scaling.

Use managed services and pooled resources.Minimize costs.

Technical requirements -

Dynamically scale based on game activity.

Executive statement -

Question You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. Whatshould you do?

A. Create a service account (SA) in the legacy game TMs Google Cloud project, add a second SA in the newgame TMs IAM page, and then give the Organization Admin role to both SAs.

B. Create a service account (SA) in the legacy game TMs Google Cloud project, give the SA theOrganization Admin role, and then give it the Firebase Admin role in both projects.

C. Create a service account (SA) in the legacy game TMs Google Cloud project, add this SA in the new gameTMs IAM page, and then give it the Firebase Admin role in both projects.

D. Create a service account (SA) in the legacy game TMs Google Cloud project, give it the Firebase Adminrole, and then migrate the new game to the legacy game TMs project.

Correct Answer: C

Section: (none)

QUESTION 323

Introductory Info Company overview -

Solution concept -

Existing technical environment -

Business requirements -

Support multiple gaming platforms. Supportmultiple regions.

Support rapid iteration of game features.Minimize latency.

Optimize for dynamic scaling.

Use managed services and pooled resources.Minimize costs.

Technical requirements -

Dynamically scale based on game activity.

Executive statement -

Question You need to optimize batch file transfers into Cloud Storage for Mountkirk Games TM new Google Cloudsolution. The batch files contain game statistics that need to be staged in Cloud Storage and be processed by anextract transform load (ETL) tool. What should you do?

A. Use gsutil to batch move files in sequence.

B. Use gsutil to batch copy the files in parallel.

C. Use gsutil to extract the files as the first part of ETL.

D. Use gsutil to load the files as the last part of ETL.

Correct Answer: B

Section: (none)

QUESTION 324

Introductory Info Company Overview -

Mountkirk Games makes online, session-based, multiplayer games for mobile platforms. They build all of theirgames using some server-side integration.

Historically, they have used cloud providers to lease physical servers. Due to the unexpected popularity of some of their games, they have had problems scaling their global audience, application servers, MySQL databases, and analytics tools. Their current model is to write game statistics to files and send them through an ETL tool that loadsthem into a centralized MySQL database for reporting.

Solution Concept -

Mountkirk Games is building a new game, which they expect to be very popular. They plan to deploy the game TMs backend on Google Compute Engine so they can capture streaming metrics, run intensive analytics, and takeadvantage of its autoscaling server environment and integrate with a managed NoSQL database.

Business Requirements - Increaseto a global footprint

Improve uptime " downtime is loss of players Increaseefficiency of the cloud resources we use Reduce latency to allcustomers

Technical Requirements -

Requirements for Game Backend Platform Dynamically scaleup or down based on game activity

Connect to a transactional database service to manage user profiles and game state Store game activity in a timeseries database service for future analysis As the system scales, ensure that data is not lost due to processingbacklogs Run hardened Linux distro

Requirements for Game Analytics Platform Dynamically scaleup or down based on game activity

Process incoming data on the fly directly from the game servers Process data that arrives late because of slowmobile networks Allow queries to access at least 10 TB of historical data

Process files that are regularly uploaded by users TM mobile devices Executive Statement -

Our last successful game did not scale well with our previous cloud provider, resulting in lower user adoption and affecting the game TMs reputation. Our investors want more key performance indicators (KPIs) to evaluate the speed and stability of the game, as well as other metrics that provide deeper insight into usage patterns so we can adapt the game to target users. Additionally, our current technology stack cannot provide the scale we need, so wewant to replace MySQL and move to an environment that provides autoscaling, low latency load balancing, and frees us up from managing physical servers. Question For this question, refer to the Mountkirk Games case study. Which managed storage option meets Mountkirk TMs technical requirement for storing game activity in a timeseries database service?

A. Cloud Bigtable

B. Cloud Spanner

C. BigQuery

D. Cloud Datastore

Correct Answer: A

Section: (none)

QUESTION 325

Introductory Info Company overview -

EHR Healthcare is a leading provider of electronic health record software to the medical industry. EHR Healthcareprovides their software as a service to multi- national medical offices, hospitals, and insurance providers.

Solution concept -

Due to rapid changes in the healthcare and insurance industry, EHR Healthcare's business has been growingexponentially year over year. They need to be able to scale their environment, adapt their disaster recovery plan, androll out new continuous deployment capabilities to update their software at a fast pace. Google

Cloud has been chosen to replace their current colocation facilities.

Existing technical environment -

EHR's software is currently hosted in multiple colocation facilities. The lease on one of the data centers is about toexpire.

Customer-facing applications are web-based, and many have recently been containerized to run on a group

of Kubernetes clusters. Data is stored in a mixture of relational and NoSQL databases (MySQL, MS SQL Server,Redis, and MongoDB).

EHR is hosting several legacy file- and API-based integrations with insurance providers on-premises. These systems are scheduled to be replaced over the next several years. There is no plan to upgrade or move these systems atthe current time.

Users are managed via Microsoft Active Directory. Monitoring is currently being done via various open source tools.Alerts are sent via email and are often ignored.

Business requirements -

?On-board new insurance providers as quickly as possible.

?Provide a minimum 99.9% availability for all customer-facing systems. ?Provide centralized visibility and proactive action on system performance and usage. ?Increase ability to provide insights into healthcare trends.

?Reduce latency to all customers.

?Maintain regulatory compliance.

?Decrease infrastructure administration costs.

?Make predictions and generate reports on industry trends based on provider data.

Technical requirements -

?Maintain legacy interfaces to insurance providers with connectivity to both on-premises systems and cloudproviders.

?Provide a consistent way to manage customer-facing applications that are container-based. ?Provide a secure and high-performance connection between on-premises systems and Google Cloud. ?Provide consistent logging, log retention, monitoring, and alerting capabilities. ?Maintain and manage multiple container-basedenvironments.

?Dynamically scale and provision new environments.

?Create interfaces to ingest and process data from new providers.

Executive statement -

Our on-premises strategy has worked for years but has required a major investment of time and money in training our team on distinctly different systems, managing similar but separate environments, and responding to outages. Many of these outages have been a result of misconfigured systems, inadequate capacity to manage spikes intraffic, and inconsistent monitoring practices. We want to use Google Cloud to leverage a scalable, resilient platform that can span multiple environments seamlessly and provide a consistent and stable user experience that positions us for future growth. Question For this question, refer to the EHR Healthcare case study. You are responsible for designing the Google Cloud network architecture for Google Kubernetes

Engine. You want to follow Google best practices. Considering the EHR Healthcare business and technicalrequirements, what should you do to reduce the attack surface?

A. Use a private cluster with a private endpoint with master authorized networks configured.

B. Use a public cluster with firewall rules and Virtual Private Cloud (VPC) routes.

C. Use a private cluster with a public endpoint with master authorized networks configured.

D. Use a public cluster with master authorized networks enabled and firewall rules.

Correct Answer: A

Section: (none)

小豬科技，您的最佳雲端合作夥伴，點擊這裡 了解更多！

QUESTION 326

Introductory Info Company overview -

Solution concept -

Cloud has been chosen to replace their current colocation facilities.

Existing technical environment -

EHR's software is currently hosted in multiple colocation facilities. The lease on one of the data centers is about toexpire.

Customer-facing applications are web-based, and many have recently been containerized to run on a group of Kubernetes clusters. Data is stored in a mixture of relational and NoSQL databases (MySQL, MS SQL Server,Redis, and MongoDB).

Users are managed via Microsoft Active Directory. Monitoring is currently being done via various open source tools.Alerts are sent via email and are often ignored.

Business requirements -

?On-board new insurance providers as quickly as possible.

?Reduce latency to all customers.

?Maintain regulatory compliance.

?Decrease infrastructure administration costs.

?Make predictions and generate reports on industry trends based on provider data.

Technical requirements -

?Maintain legacy interfaces to insurance providers with connectivity to both on-premises systems and cloudproviders.

?Dynamically scale and provision new environments.

?Create interfaces to ingest and process data from new providers.

Executive statement -

Our on-premises strategy has worked for years but has required a major investment of time and money in training our team on distinctly different systems, managing similar but separate environments, and responding to outages. Many of these outages have been a result of misconfigured systems, inadequate capacity to manage spikes intraffic, and inconsistent monitoring practices. We want to use Google Cloud to leverage a scalable, resilient platform that can span multiple environments seamlessly and provide a consistent and stable user experience that positions us for future growth. Question For this question, refer to the EHR Healthcare case study. In the past, configuration errors put public IP addresses on backend servers that should not have been accessible from the Internet. You need to ensure that no one can put external IP addresses on backend Compute Engine instances and that external IP addresses can only be configured on frontend Compute Engine instances. What should you do?

A. Create an Organizational Policy with a constraint to allow external IP addresses only on the frontendCompute Engine instances.

B. Revoke the compute.networkAdmin role from all users in the project with front end instances.

C. Create an Identity and Access Management (IAM) policy that maps the IT staff to thecompute.networkAdmin role for the organization.

D. Create a custom Identity and Access Management (IAM) role named GCE_FRONTEND with thecompute.addresses.create permission.

Correct Answer: A

Section: (none)

QUESTION 327

Introductory Info Company overview -

Solution concept -

Cloud has been chosen to replace their current colocation facilities.

Existing technical environment -

EHR's software is currently hosted in multiple colocation facilities. The lease on one of the data centers is about toexpire.

Users are managed via Microsoft Active Directory. Monitoring is currently being done via various open source tools.Alerts are sent via email and are often ignored.

Business requirements -

?On-board new insurance providers as quickly as possible.

?Reduce latency to all customers.

?Maintain regulatory compliance.

?Decrease infrastructure administration costs.

?Make predictions and generate reports on industry trends based on provider data.

Technical requirements -

?Maintain legacy interfaces to insurance providers with connectivity to both on-premises systems and cloudproviders.

?Dynamically scale and provision new environments.

?Create interfaces to ingest and process data from new providers.

Executive statement -

Our on-premises strategy has worked for years but has required a major investment of time and money in training our team on distinctly different systems, managing similar but separate environments, and responding to outages. Many of these outages have been a result of misconfigured systems, inadequate capacity to manage spikes intraffic, and inconsistent monitoring practices. We want to use Google Cloud to leverage a scalable, resilient platform that can span multiple environments seamlessly and provide a consistent and stable user experience that positions us for future growth. Question For this question, refer to the EHR Healthcare case study. You are a developer on the EHR customer portal team. Your team recently migrated the customer portal application to Google Cloud. The load has increased on the application servers, and now the application is logging many timeout errors. You recently incorporated Pub/ Sub into the application architecture, and the application is not logging any Pub/Sub publishing errors. You want to improve publishing latency.

What should you do?

A. Increase the Pub/Sub Total Timeout retry value.

B. Move from a Pub/Sub subscriber pull model to a push model.

C. Turn off Pub/Sub message batching.

D. Create a backup Pub/Sub message queue.

Correct Answer: C

Section: (none)

QUESTION 328

Introductory Info Company overview -

Solution concept -

recovery plan, and roll out new continuous deployment capabilities to update their software at a fast pace. Google

Cloud has been chosen to replace their current colocation facilities.

Existing technical environment -

EHR's software is currently hosted in multiple colocation facilities. The lease on one of the data centers is about toexpire.

Users are managed via Microsoft Active Directory. Monitoring is currently being done via various open source tools.Alerts are sent via email and are often ignored.

Business requirements -

?On-board new insurance providers as quickly as possible.

?Reduce latency to all customers.

?Maintain regulatory compliance.

?Decrease infrastructure administration costs.

?Make predictions and generate reports on industry trends based on provider data.

Technical requirements -

?Maintain legacy interfaces to insurance providers with connectivity to both on-premises systems and cloudproviders.

?Dynamically scale and provision new environments.

?Create interfaces to ingest and process data from new providers.

Executive statement -

Our on-premises strategy has worked for years but has required a major investment of time and money in training our team on distinctly different systems, managing similar but separate environments, and responding to outages. Many of these outages have been a result of misconfigured systems, inadequate capacity to manage spikes intraffic, and inconsistent monitoring practices. We want to use Google Cloud to leverage a scalable, resilient platform that can span multiple environments seamlessly and provide a consistent and stable user experience that positions us for future growth. Question For this question, refer to the EHR Healthcare case study. You need to define the technical architecture for hybrid connectivity between EHR's on-premises systems and Google Cloud. You want to follow Google's recommended practices for production-level applications. Considering the EHR Healthcare business and technical requirements, what should you do?

A. Configure two Partner Interconnect connections in one metro (City), and make sure the Interconnectconnections are placed in different metro zones.

B. Configure two VPN connections from on-premises to Google Cloud, and make sure the VPN devices on-premises are in separate racks.

C. Configure Direct Peering between EHR Healthcare and Google Cloud, and make sure you are peering at leasttwo Google locations.

D. Configure two Dedicated Interconnect connections in one metro (City) and two connections in another metro,and make sure the Interconnect connections are placed in different metro zones.

Correct Answer: D

Section: (none)

QUESTION 329

Introductory Info Company overview -

EHR Healthcare is a leading provider of electronic health record software to the medical industry. EHR Healthcare provides their software as a service to multi- national medical offices, hospitals, and insurance providers.

Solution concept -

Cloud has been chosen to replace their current colocation facilities.

Existing technical environment -

EHR's software is currently hosted in multiple colocation facilities. The lease on one of the data centers is about toexpire.

Users are managed via Microsoft Active Directory. Monitoring is currently being done via various open source tools.Alerts are sent via email and are often ignored.

Business requirements -

?On-board new insurance providers as quickly as possible.

?Reduce latency to all customers.

?Maintain regulatory compliance.

?Decrease infrastructure administration costs.

?Make predictions and generate reports on industry trends based on provider data.

Technical requirements -

?Maintain legacy interfaces to insurance providers with connectivity to both on-premises systems and cloudproviders.

?Dynamically scale and provision new environments.

?Create interfaces to ingest and process data from new providers.

Executive statement -

Our on-premises strategy has worked for years but has required a major investment of time and money in training our team on distinctly different systems, managing similar but separate environments, and responding to outages. Many of these outages have been a result of misconfigured systems, inadequate capacity to manage spikes intraffic, and inconsistent monitoring practices. We want to use Google Cloud to leverage a scalable, resilient platform that can span multiple environments seamlessly and provide a consistent and stable user experience that positionsus for future growth. Question You need to upgrade the EHR connection to comply with their requirements. The new connection design must support business- critical needs and meet the same network and security policyrequirements. What should you do?

A. Add a new Dedicated Interconnect connection.

B. Upgrade the bandwidth on the Dedicated Interconnect connection to 100 G.

C. Add three new Cloud VPN connections.

D. Add a new Carrier Peering connection.

Correct Answer: A

Section: (none)

QUESTION 330

Introductory Info Company overview -

Solution concept -

Cloud has been chosen to replace their current colocation facilities.

Existing technical environment -

EHR's software is currently hosted in multiple colocation facilities. The lease on one of the data centers is about toexpire.

Users are managed via Microsoft Active Directory. Monitoring is currently being done via various open source tools.Alerts are sent via email and are often ignored.

Business requirements -

?On-board new insurance providers as quickly as possible.

?Reduce latency to all customers.

?Maintain regulatory compliance.

?Decrease infrastructure administration costs.

?Make predictions and generate reports on industry trends based on provider data.

Technical requirements -

?Maintain legacy interfaces to insurance providers with connectivity to both on-premises systems and cloudproviders.

?Dynamically scale and provision new environments.

?Create interfaces to ingest and process data from new providers.

Executive statement -

Our on-premises strategy has worked for years but has required a major investment of time and money in training our team on distinctly different systems, managing similar but separate environments, and responding to outages. Many of these outages have been a result of misconfigured systems, inadequate capacity to manage spikes intraffic, and inconsistent monitoring practices. We want to use Google Cloud to leverage a scalable, resilient platform that can span multiple environments seamlessly and provide a consistent and stable user experience that positions us for future growth. Question For this question, refer to the EHR Healthcare case study. You need to define the technical architecture for securely deploying workloads to Google Cloud. You also need to ensure that only verified containers are deployed using Google Cloud services. What should you do? (Choose two.)

A. Enable Binary Authorization on GKE, and sign containers as part of a CI/CD pipeline.

B. Configure Jenkins to utilize Kritis to cryptographically sign a container as part of a CI/CD pipeline.

C. Configure Container Registry to only allow trusted service accounts to create and deploy containers fromthe registry.

D. Configure Container Registry to use vulnerability scanning to confirm that there are no vulnerabilities beforedeploying the workload.

Correct Answer: AD

Section: (none)

擁有彈性、可擴展的雲端服務，立即註冊 體驗無縫連接！

QUESTION 331

Introductory Info Company overview -

EHR Healthcare is a leading provider of electronic health record software to the medical industry. EHR

Healthcare provides their software as a service to multi- national medical offices, hospitals, and insurance providers.

Solution concept -

Cloud has been chosen to replace their current colocation facilities.

Existing technical environment -

EHR's software is currently hosted in multiple colocation facilities. The lease on one of the data centers is about toexpire.

Users are managed via Microsoft Active Directory. Monitoring is currently being done via various open source tools.Alerts are sent via email and are often ignored.

Business requirements -

?On-board new insurance providers as quickly as possible.

?Reduce latency to all customers.

?Maintain regulatory compliance.

?Decrease infrastructure administration costs.

?Make predictions and generate reports on industry trends based on provider data.

Technical requirements -

?Maintain legacy interfaces to insurance providers with connectivity to both on-premises systems and cloudproviders.

?Dynamically scale and provision new environments.

?Create interfaces to ingest and process data from new providers.

Executive statement -

Our on-premises strategy has worked for years but has required a major investment of time and money in training our team on distinctly different systems, managing similar but separate environments, and responding to outages. Many of these outages have been a result of misconfigured systems, inadequate capacity to manage spikes intraffic, and inconsistent monitoring practices. We want to use Google Cloud to leverage a scalable, resilient platform that can span multiple environments seamlessly and provide a consistent and stable user experience that positions us for future growth. Question For this question, refer to the EHR Healthcare case study. You are responsible for ensuring that EHR's use of Google Cloud will pass an upcoming privacy compliance audit. What should you do?(Choose two.)

A. Verify EHR's product usage against the list of compliant products on the Google Cloud compliance page.

B. Advise EHR to execute a Business Associate Agreement (BAA) with Google Cloud.

C. Use Firebase Authentication for EHR's user facing applications.

D. Implement Prometheus to detect and prevent security breaches on EHR's web-based applications.

E. Use GKE private clusters for all Kubernetes workloads.

Correct Answer: AB

Section: (none)QUESTION 332

Introductory Info Company overview -

Helicopter Racing League (HRL) is a global sports league for competitive helicopter racing. Each year HRL holds the world championship and several regional league competitions where teams compete to earn a spot in the world championship. HRL offers a paid service to stream the races all over the world with live telemetry and predictionsthroughout each race.

Solution concept -

HRL wants to migrate their existing service to a new platform to expand their use of managed AI and ML services to facilitate race predictions. Additionally, as new fans engage with the sport, particularly in emerging regions, they want to move the serving of their content, both real-time and recorded, closer to their users.

Existing technical environment -

HRL is a public cloud-first company; the core of their mission-critical applications runs on their current public cloud provider. Video recording and editing is performed at the race tracks, and the content is encoded and transcoded,where needed, in the cloud. Enterprise-grade connectivity and local compute is provided by truck-mounted mobile data centers. Their race prediction services are hosted exclusively on their existing public cloud provider. Theirexisting technical environment is as follows:

Existing content is stored in an object storage service on their existing public cloud provider. Video encoding and transcoding is performed on VMs created for each job. Race predictions are performed using TensorFlow runningon VMs in the current public cloud provider.

Business requirements -

HRL TMs owners want to expand their predictive capabilities and reduce latency for their viewers inemerging markets. Their requirements are:

Support ability to expose the predictive models to partners.Increase predictive capabilities during and before races:

--< Race results

--< Mechanical failures

--< Crowd sentiment

Increase telemetry and create additional insights. Measure fanengagement with new predictions. Enhance global availabilityand quality of the broadcasts. Increase the number of concurrentviewers.

Minimize operational complexity. Ensurecompliance with regulations.

Create a merchandising revenue stream.

Technical requirements -

Maintain or increase prediction throughput and accuracy. Reduceviewer latency.

Increase transcoding performance.

Create real-time analytics of viewer consumption patterns and engagement. Create a data mart to enableprocessing of large volumes of race data.

Executive statement -

Compute Engine instances are allocated to do video encoding and transcoding. You suspect that these VirtualMachines are zombie machines that were not deleted after their workloads completed. You need to quickly get a listof which VM instances are idle. What should you do?

A. Log into each Compute Engine instance and collect disk, CPU, memory, and network usage statistics for analysis.

B. Use the gcloud compute instances list to list the virtual machine instances that have the idle: true label set.

C. Use the gcloud recommender command to list the idle virtual machine instances.

D. From the Google Console, identify which Compute Engine instances in the managed instance groups are nolonger responding to health check probes.

Correct Answer: C

Section: (none)

QUESTION 333

Introductory Info Company overview -

Solution concept -

Existing technical environment -

Business requirements -

HRL TMs owners want to expand their predictive capabilities and reduce latency for their viewers inemerging markets. Their requirements are:

Support ability to expose the predictive models to partners.Increase predictive capabilities during and before races:

--< Race results

--< Mechanical failures

--< Crowd sentiment

Increase telemetry and create additional insights. Measure fanengagement with new predictions. Enhance global availabilityand quality of the broadcasts. Increase the number of concurrentviewers.

Minimize operational complexity. Ensurecompliance with regulations.

Create a merchandising revenue stream.

Technical requirements -

Maintain or increase prediction throughput and accuracy. Reduceviewer latency.

Increase transcoding performance.

Create real-time analytics of viewer consumption patterns and engagement. Create a data mart to enableprocessing of large volumes of race data.

Executive statement -

Our CEO, S. Hawke, wants to bring high-adrenaline racing to fans all around the world. We listen to our fans, and they want enhanced video streams that include predictions of events within the race (e.g., overtaking). Our current platform allows us to predict race outcomes but lacks the facility to support real- time predictions during races and the capacity to process season-long results. Question For this question, refer to the Helicopter Racing League (HRL) case study. HRL is looking for a cost-effective approach for storing their race data such as telemetry. They want to keep all historical records, train models using only the previous season's data, and plan for data growth in terms of volume and information collected. You need to propose a data solution. Considering HRL businessrequirements and the goals expressed by CEO

S. Hawke, what should you do?

A. Use Firestore for its scalable and flexible document-based database. Use collections to aggregate race data byseason and event.

B. Use Cloud Spanner for its scalability and ability to version schemas with zero downtime. Split race data usingseason as a primary key.

C. Use BigQuery for its scalability and ability to add columns to a schema. Partition race data based onseason.

D. Use Cloud SQL for its ability to automatically manage storage increases and compatibility with MySQL. Useseparate database instances for each season.

Correct Answer: C

Section: (none)

QUESTION 334

Introductory Info Company overview -

Solution concept -

Existing technical environment -

Business requirements -

HRL TMs owners want to expand their predictive capabilities and reduce latency for their viewers inemerging markets. Their requirements are:

Support ability to expose the predictive models to partners.Increase predictive capabilities during and before races:

--< Race results

--< Mechanical failures

--< Crowd sentiment

Increase telemetry and create additional insights. Measure fanengagement with new predictions. Enhance global availabilityand quality of the broadcasts. Increase the number of concurrentviewers.

Minimize operational complexity. Ensurecompliance with regulations.

Create a merchandising revenue stream.

Technical requirements -

Maintain or increase prediction throughput and accuracy. Reduceviewer latency.

Increase transcoding performance.

Create real-time analytics of viewer consumption patterns and engagement. Create a data mart to enableprocessing of large volumes of race data.

Executive statement -

A. Use Explainable AI.

B. Use Vision AI.

C. Use Google Cloud TMs operations suite.

D. Use Jupyter Notebooks.

Correct Answer: A

Section: (none)

QUESTION 335

Introductory Info Company overview -

Solution concept -

Existing technical environment -

Business requirements -

HRL TMs owners want to expand their predictive capabilities and reduce latency for their viewers inemerging markets. Their requirements are:

Support ability to expose the predictive models to partners.Increase predictive capabilities during and before races:

--< Race results

--< Mechanical failures

--< Crowd sentiment

Increase telemetry and create additional insights. Measure fanengagement with new predictions. Enhance global availabilityand quality of the broadcasts. Increase the number of concurrentviewers.

Minimize operational complexity. Ensurecompliance with regulations.

Create a merchandising revenue stream.

Technical requirements -

Maintain or increase prediction throughput and accuracy. Reduceviewer latency.

Increase transcoding performance.

Create real-time analytics of viewer consumption patterns and engagement. Create a data mart to enableprocessing of large volumes of race data.

Executive statement -

Our CEO, S. Hawke, wants to bring high-adrenaline racing to fans all around the world. We listen to our fans, and they want enhanced video streams that include predictions of events within the race (e.g., overtaking). Our current platform allows us to predict race outcomes but lacks the facility to support real- time predictions during races andthe capacity to process season-long results. Question For this question, refer to the Helicopter Racing League (HRL) case study. The HRL development team releases a new version of their predictive capability applicationevery Tuesday evening at 3 a.m. UTC to a repository. The security team at HRL has developed an in-house penetration test Cloud Function called Airwolf. The security team wants to run Airwolf against the predictive capability application as soon as it is released every Tuesday. You need to set up Airwolf to run at the recurringweekly cadence. What should you do?

A. Set up Cloud Tasks and a Cloud Storage bucket that triggers a Cloud Function.

B. Set up a Cloud Logging sink and a Cloud Storage bucket that triggers a Cloud Function.

C. Configure the deployment job to notify a Pub/Sub queue that triggers a Cloud Function.

D. Set up Identity and Access Management (IAM) and Confidential Computing to trigger a Cloud Function.

Correct Answer: A

Section: (none)

需要專業建議？點擊這裡 聯絡我們的小豬科技專員。

QUESTION 336

Introductory Info Company overview -

Solution concept -

Existing technical environment -

Business requirements -

HRL TMs owners want to expand their predictive capabilities and reduce latency for their viewers inemerging markets. Their requirements are:

Support ability to expose the predictive models to partners.Increase predictive capabilities during and before races:

--< Race results

--< Mechanical failures

--< Crowd sentiment

Increase telemetry and create additional insights. Measure fanengagement with new predictions. Enhance global availabilityand quality of the broadcasts. Increase the number of concurrentviewers.

Minimize operational complexity. Ensurecompliance with regulations.

Create a merchandising revenue stream.Technical requirements -

Maintain or increase prediction throughput and accuracy. Reduceviewer latency.

Increase transcoding performance.

Create real-time analytics of viewer consumption patterns and engagement. Create a data mart to enableprocessing of large volumes of race data.

Executive statement -

Our CEO, S. Hawke, wants to bring high-adrenaline racing to fans all around the world. We listen to our fans, and they want enhanced video streams that include predictions of events within the race (e.g., overtaking). Our current platform allows us to predict race outcomes but lacks the facility to support real- time predictions during races and the capacity to process season-long results. Question For this question, refer to the Helicopter Racing League(HRL) case study. Recently HRL started a new regional racing league in Cape Town, South Africa. In an effort to givecustomers in Cape Town a better user experience, HRL has partnered with the Content Delivery Network provider, Fastly. HRL needs to allow traffic coming from all of the Fastly IP address ranges into their Virtual Private Cloud network (VPC network). You are a member of the HRL security team and you need to configure the update that will allow only the Fastly IP address ranges through the External HTTP(S) load balancer. Which command should youuse?

A. gcloud compute security-policies rules update 1000 \ --security-policy from-fastly \ --src-ip-ranges * \ -- actionallow

B. gcloud compute firewall rules update sourceiplist-fastly \ --priority 100 \ --allow tcp:443

C. gcloud compute firewall rules update hir-policy \ --priority 100 \ --target-tags=sourceiplist-fastly \ -- allow tcp:443

D. gcloud compute security-policies rules update 1000 \ --security-policy hir-policy \ --expressionevaluatePreconfiguredExpr( ~sourceiplist-fastly TM) \ --action allow

Correct Answer: D

Section: (none)

QUESTION 337

Introductory Info Company overview -

Solution concept -

Existing technical environment -

Business requirements -

HRL TMs owners want to expand their predictive capabilities and reduce latency for their viewers inemerging markets. Their requirements are:

Support ability to expose the predictive models to partners.Increase predictive capabilities during and before races:

--< Race results

--< Mechanical failures

--< Crowd sentiment

Increase telemetry and create additional insights. Measure fanengagement with new predictions. Enhance global availabilityand quality of the broadcasts. Increase the number of concurrentviewers.

Minimize operational complexity. Ensurecompliance with regulations.

Create a merchandising revenue stream.

Technical requirements -

Maintain or increase prediction throughput and accuracy. Reduceviewer latency.

Increase transcoding performance.

Create real-time analytics of viewer consumption patterns and engagement. Create a data mart to enableprocessing of large volumes of race data.

Executive statement -

ticket holders. You need to implement a custom card tokenization service that meets the following requirements:

?It must provide low latency at minimal cost.

?It must be able to identify duplicate credit cards and must not store plaintext card numbers.

?It should support annual key rotation.

Which storage approach should you adopt for your tokenization service?

A. Store the card data in Secret Manager after running a query to identify duplicates.

B. Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode.

C. Encrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances.

D. Use column-level encryption to store the data in Cloud SQL.

Correct Answer: B

Section: (none)

QUESTION 338

Introductory Info Company Overview -

JencoMart is a global retailer with over 10,000 stores in 16 countries. The stores carry a range of goods, such as groceries, tires, and jewelry. One of the company TMs core values is excellent customer service. In addition, theyrecently introduced an environmental policy to reduce their carbon output by 50% over the next 5 years.

Company Background -

JencoMart started as a general store in 1931, and has grown into one of the world TMs leading brands, known forgreat value and customer service. Over time, the company transitioned from only physical stores to a stores and online hybrid model, with 25% of sales online. Currently, JencoMart has little presence in Asia, but considers thatmarket key for future growth.

Solution Concept -

JencoMart wants to migrate several critical applications to the cloud but has not completed a technical review todetermine their suitability for the cloud and the engineering required for migration. They currently host all of theseapplications on infrastructure that is at its end of life and is no longer supported.

Existing Technical Environment -

JencoMart hosts all of its applications in 4 data centers: 3 in North American and 1 in Europe; most applications aredual-homed.

JencoMart understands the dependencies and resource usage metrics of their on-premises architecture.Application: Customer loyalty portal

LAMP (Linux, Apache, MySQL and PHP) application served from the two JencoMart-owned U.S. data centers.

Database -

Oracle Database stores user profiles

- 20 TB

- Complex table structure

- Well maintained, clean data

- Strong backup strategy

PostgreSQL database stores user credentials

- Single-homed in US West

- No redundancy

- Backed up every 12 hours

- 100% uptime service level agreement (SLA)

- Authenticates all users

Compute -

30 machines in US West Coast, each machine has:

- Twin, dual core CPUs

- 32 GB of RAM

- Twin 250 GB HDD (RAID 1)

20 machines in US East Coast, each machine has:

- Single, dual-core CPU

- 24 GB of RAM

- Twin 250 GB HDD (RAID 1)

Storage -

Access to shared 100 TB SAN in each location Tapebackup every week

Business Requirements -

Optimize for capacity during peak periods and value during off-peak periods Guarantee service availability andsupport

Reduce on-premises footprint and associated financial and environmental impact Move to outsourcing model toavoid large upfront costs associated with infrastructure purchase Expand services into Asia

Technical Requirements -

Assess key application for cloud suitability Modifyapplications for the cloud

Move applications to a new infrastructure Leverage managed services wherever feasible Sunset 20% ofcapacity in existing data centers Decrease latency inAsia

CEO Statement -

JencoMart will continue to develop personal relationships with our customers as more people access the web. The future of our retail business is in the global market and the connection between online and in- store experiences. Asa large, global company, we also have a responsibility to the environment through green initiatives and policies.

CTO Statement -

The challenges of operating data centers prevent focus on key technologies critical to our long-term success.Migrating our data services to a public cloud infrastructure will allow us to focus on big data and machine learning toimprove our service to customers.

CFO Statement -

Since its founding, JencoMart has invested heavily in our data services infrastructure. However, because of changing market trends, we need to outsource our infrastructure to ensure our long-term success. This model will allow us torespond to increasing customer demand during peak periods and reduce costs.

Question JencoMart wants to move their User Profiles database to Google Cloud Platform. WhichGoogle Database should they use?

A. Cloud Spanner

B. Google BigQuery

C. Google Cloud SQL

D. Google Cloud Datastore

Correct Answer: D

Section: (none)

QUESTION 339

The operations team in your company wants to save Cloud VPN log events for one year. You need to configure thecloud infrastructure to save the logs. What should you do?

A. Set up a Cloud Logging Dashboard titled Cloud VPN Logs, and then add a chart that queries for the VPNmetrics over a one-year time period.

B. Set up a filter in Cloud Logging and atopic in Pub/Sub to publish the logs

C. Enable the Compute Engine API, and then enable logging on the firewall rules that match the traffic you want tosave.

D. Set up a filter in Cloud Logging and a Cloud Storage bucket as an export target for the logs you want to save.

Correct Answer: D

Section: (none)

QUESTION 340

Your company has a Google Cloud project that uses BigQuery for data warehousing on a pay-per-use basis. Youwant to monitor queries in real time to discover the most costly queries and which users spend

the most. What should you do?

A. 1- Create a Cloud Logging sink to export BigQuery data access logs to BigQuery.

2- Perform a BigQuery query on the generated table to extract the information you need.

B. 1- Create a Cloud Logging sink to export BigQuery data access logs to Cloud Storage. 2-Develop a Dataflow pipeline to compute the cost of queries split by users.

C. 1- Activate billing export into BigQuery.

2- Perform a BigQuery query on the billing table to extract the information you need.

D. 1- In the BigQuery dataset that contains all the tables to be queried, add a label for each user that can launcha query.

2- Open the Billing page of the project. 3- Select Reports.

4- Select BigQuery as the product and filter by the user you want to check.

Correct Answer: C

Section: (none)

要將業務快速上雲？了解更多 小豬科技如何提供支援。

QUESTION 341

You want to store critical business information in Cloud Storage buckets. The information is regularly changed, butprevious versions need to be referenced on a regular basis. You want to ensure that there is a record of all changes to any information in these buckets. You want to ensure that accidental edits or deletions can be easily rolled backWhich feature should you enable?

A. Bucket Lock

B. Object Versioning

C. Object change notification

D. Object Lifecycle Management

Correct Answer: B

Section: (none)

QUESTION 342

Your company has an application running on Google Cloud that is collecting data from thousands of physicaldevices that are globally distributed. Data is published to Pub/Sub and streamed in real time into an SSD Cloud Bigtable cluster via a Dataflow pipeline. The operations team informs you that your Cloud Bigtable cluster has a hotspot, and queries are taking longer than expected. You need to resolve the problem and prevent it fromhappening in the future. What should you do?

A. Advise your clients to use HBase APIs instead of NodeJS APIs.

B. Review your RowKey strategy and ensure that keys are evenly spread across the alphabet

C. Double the number of nodes you currently have.

D. Delete records older than 30 days.

Correct Answer: B

Section: (none)

QUESTION 343

Your company is planning to migrate their Windows Server 2008 R2 and 2012 R2 from their on-premises datacenter to Google Cloud. You need to bring the licenses that are currently in use in on-premises virtual machines intothe target cloud environment.

What should you do?

A. 1- Create standard instances on Compute Engine.

2- Select as the OS the same Microsoft Windows version that is currently in use in the on-premisesenvironment.

B. 1- Create an image of the on-premises virtual machines and upload into Cloud Storage. 2- Import the image as a virtual disk on Compute Engine.

C. 1- Create an image of the on-premises virtual machine. 2-Import the image as a virtual disk on Compute Engine.

3- Create a standard instance on Compute Engine, selecting as the OS the same Microsoft Windows

version that is currently in use in the on-premises environment

4- Attach a data disk that includes data that matches the created image.

D. 1- Create an image of the on-premises virtual machines.

2- Import the image as a virtual disk on Compute Engine using --os=windows-2008r2-byol,

3- Create a sole-tenancy instance on Compute Engine that uses the imported disk as a boot disk.

Correct Answer: B

Section: (none)

QUESTION 344

You are deploying an application to Google Cloud. The application is part of a system. The application in Google Cloud must communicate over a private network with applications in a non-Google Cloud environment. The expected average throughput is 200 kbps. The business requires:.as close to 100% system availability as possible. cost optimization.

You need to design the connectivity between the locations to meet the business requirements. What should youprovision?

A. A single Cloud VPN gateway connected to an on-premises VPN gateway.

B. An HA Cloud VPN gateway connected with two tunnels to an on-premises VPN gateway.

C. Two Classic Cloud VPN gateways connected to two on-premises VPN gateways. Configure each Classic Cloud VPN gateway to have two tunnels, each connected to different on-premises VPN gateways.

D. Two HA Cloud VPN gateways connected to two on-premises VPN gateways. Configure each HA Cloud VPNgateway to have two tunnels, each connected to different on-premises VPN gateways.

Correct Answer: A

Section: (none)

QUESTION 345

You have a Compute Engine managed instance group that adds and removes Compute Engine instances from the group in response to the load on your application. The instances have a shutdown script that removes REDIS database entries associated with the instance. You see that many database entries have not been removed, and you suspect that the shutdown script is the problem. You need to ensure that the commands in the shutdownscript are run reliably every time an instance is shut down. You create a Cloud Function to remove the databaseentries. What should you do next?

A. Do not use the Cloud Function. Modify the shutdown script to restart if it has not completed in 30seconds

B. Modify the shutdown script to wait for 30 seconds before triggering the Cloud Function

C. Modify the shutdown script to wait for 30 seconds and then publish a message to a Pub/Sub queue.

D. Set up a Cloud Monitoring sink that triggers the Cloud Function after an instance removal log message arrivesin Cloud Logging

Correct Answer: C

Section: (none)

想要擁有專業的雲端解決方案？立即註冊 小豬科技！

QUESTION 346

You are configuring the cloud network architecture for a newly created project in Google Cloud that will hostapplications in Compute Engine. Compute Engine virtual machine instances will be created in two different subnets(sub-a and sub-b) within a single region.

.Instances in sub-a will have public IP addresses.

.Instances in sub-b will have only private IP addresses.

To download updated packages, instances must connect to a public repository outside the boundaries of GoogleCloud. You need to allow sub-b to access the external repository. What should you do?

A. Enable Private Google Access on sub-b.

B. Configure Cloud NAT and select sub-b in the NAT mapping section

C. Configure a bastion host instance in sub-a to connect to instances in sub-b

D. Enable Identity-Aware Proxy for TCP forwarding for instances in sub-b

Correct Answer: C

Section: (none)

QUESTION 347

You are managing several projects on Google Cloud and need to interact on a daily basis with BigQuery. Bigtable, and Kubernetes Engine using the gcloud Cll tool. You are travelling a lot and work on different workstations duringthe week. You want to avoid having to manage the gcloud CU manually. What should you do?

A. Install gcloud on all of your workstations. Run the command gcloud components auto-update on eachworkstation

B. Use a package manager to install gcloud on your workstations instead of installing it manually.

C. Create a Compute Engine instance and install gcloud on the instance. Connect to this instance via SSH toalways use the same gcloud installation when interacting with Google Cloud

D. O Use Google Cloud Shell in the Google Cloud Console to interact with Google Cloud.

Correct Answer: D

Section: (none)

QUESTION 348

You want to allow your operations team to store logs from all the production projects in your Organization, without including logs from other projects. All of the production projects are contained in a folder. You want to ensure that alllogs for existing and new production projects are captured automatically. What should you do?

A. Create an aggregated export on the Production folder. Set the log sink to be a Cloud Storage bucket in anoperations project

B. Create an aggregated export on the Organization resource. Set the log sink to be a Cloud Storage bucketin an operations project

C. Create log exports in the production projects. Set the log sinks to be a Cloud Storage bucket in anoperations project.

D. Create log exports in the production projects.Set the log sinks to be BigQuery datasets in the productionprojects, and grant IAM access to the operations team to run queries on the datasets.

Correct Answer: A

Section: (none)

QUESTION 349

Your company and one of its partners each have a Google Cloud project in separate organizations. Yourcompany's project (pri-a) runs in Virtual Private Cloud (vpc-a). The partner's project (prj-b) runs in vpc-b. There are two instances running on vpc-a and one instance running on vpc-b. Subnets defined in both VPCs are notoverlapping. You need to ensure that all instances communicate with each other via internal IPs, minimizing latencyand maximizing throughput. What should you do?

A. Setup a network peering between vpc-a and vpc-b

B. Set up a VPN between vpc-a and vpc-b using Cloud VPN

C. Configure IAP TCP forwarding on the instance in vpc-b, and then launch thefollowing gcloud command from one of the instances in vpc-a gcloud:

gcloud compute start-iap-tunnel INSTANCE_NAME_IN_VPC_B 22 \ --local-host-port=localhost:22

D. \1. Create an additional instance in vpc-a.

\2. Create an additional instance in vpc-b.

\3. Install OpenVPN in newly created instances.

\4. Configure a VPN tunnel between vpc-a and vpc-b with the help of OpenVPN.

Correct Answer: D

Section: (none)

QUESTION 350

Your company recently acquired a company that has infrastructure in Google Cloud. Each company has its own Google Cloud organization. Each company is using a Shared Virtual Private Cloud (VPC) to provide networkconnectivity for its applications. Some of the subnets used by both companies overlap. In order for

both businesses to integrate,the applications need to have private network connectivity. These applications are noton overlapping subnets. You want to provide connectivity with minimal re-engineering. What should you do?

A. Migrate the projects from the acquired company into your company's Google Cloud organization. Re- launchthe instances in your companies Shared VPC

B. Configure SSH port forwarding on each application to provide connectivity between applications in thedifferent Shared VPCs

C. Set up a Cloud VPN gateway in each Shared VPC and peer Cloud VPNs.

D. Set up VPC peering and peer each Shared VPC together.

Correct Answer: B

Section: (none)

有關雲端服務的任何問題，點擊這裡，聯絡我們的小豬科技專員！

QUESTION 351

Your company has an application running on App Engine that allows users to upload music files and share them with other people. You want to allow users to upload files directly into Cloud Storage from their browser session. Thepayload should not be passed through the backend.

What should you do?

A. Seta CORS configuration in the target Cloud Storage bucket where the base URL of the App Engineapplication is an allowed origin. Use the Cloud Storage Signed URL feature to generate a POST URL

B. Set a CORS configuration in the target Cloud Storage bucket where the base URL of the App Engineapplication is an allowed origin. Assign the Cloud Storage WRITER role to users who upload files

C. Use the Cloud Storage Signed URL feature to generate a POST URL Use App Engine defaultcredentials to sign requests against Cloud Storage

D. Assign the Cloud Storage WRITER role to users who upload files; use App Engine default credentials to signrequests against Cloud Storage.

Correct Answer: B

Section: (none)

QUESTION 352

You are working with a data warehousing team that performs data analysis. The team needs to process data from external partners, but the data contains personally identifiable information (ll) You need to process and store thedata without storing any of the PII data. What should you do?

A. Create a Dataflow pipeline to retrieve the data from the external sources. As part of the pipeline, use the CloudData Loss Prevention (Cloud DLP) API to remove any PII data. Store the result in BigQuery

B. Create a Dataflow pipeline to retrieve the data from the external sources. As part of the pipeline, store allnon-PII data in BigQuery and store all PII data in a Cloud Storage bucket that has a retention policy set.

C. Ask the external partners to upload all data on Cloud Storage. Configure Bucket Lock for the bucket. Createa Dataflow pipeline to read the data from the bucket.As part of the pipeline, use the Cloud Data LossPrevention (Cloud DLP) API to remove any PII data. Store the result in BigQuery

D. Ask the external partners to import all data in your BigQuery dataset. Create a dataflow pipeline to copy thedata into a new table.As part of the Dataflow bucket, skip all data in columns that have PII data.

Correct Answer: C

Section: (none)

QUESTION 353

-- Instances in sub-a will have public IP addresses.

-- Instances in sub-b will have only private IP addresses.

To download updated packages, instances must connect to a public repository outside the boundaries of GoogleCloud. You need to allow sub-b to access the external repository. What should you do?

A. Enable Private Google Access on sub-b

B. Configure Clobd NAT and select sub-b in the NAT mapping section.

C. Configure a bastion host instance in sub-a to connect to instances in sub-b

D. Enable Identity-Aware Proxy for TCP forwarding for instances in sub-b

Correct Answer: C

Section: (none)

QUESTION 354

Your company has just recently activated Cloud Identity to manage users. The Google Cloud Organization has been configured as well The security team needs to secure projects that will be part of the Organization. They want to prohibit IAM users outside the domain from gaining permissions from now on. What should they do?

A. Configure an organization policy to restrict identities by domain.

B. Configure an organization policy to block creation of service accounts.

C. Configure Cloud Scheduler to trigger a Cloud Function every hour that removes all users that don't belongto the Cloud Identity domain from all projects ha

D. Create a technical user (e.g., [email protected]),and give it the project owner role at rootorganization level. Write a bash script that :

-- Lists all the IAM rules of all projects within the organization.

-- Deletes all users that do not belong to the company domain.

Create a Compute Engine instance in a project within the Organization and configure gcloud to be executedwith technical user credentials. Configure a cron job that executes the bash script every hour

Correct Answer: D

Section: (none)

QUESTION 355

You are managing several internal applications that are deployed on Compute Engine. Business users inform youthat an application has become very slow over the past few days. You want to find the underlying cause in order tosolve the problem. What should you do first?

A. Restore a backup of the application database from a time before the application became slow

B. Deploy the applications on a managed instance group with auto scaling enabled. Add a load balancer in front of the managed instance group, and have the users connect to the IP of the load balancer.

C. Inspect the logs and metrics from the instances in Cloud Logging and Cloud Monitoring.

D. Change the Compute Engine Instances behind the application to a machine type with more CPU andmemory.

Correct Answer: B

Section: (none)

想提升業務效率？了解更多 關於小豬科技的高效雲端服務。

QUESTION 356

For this question, refer to the Mountkirk Games case study. You need to optimize batch file transfers into Cloud Storage for Mountkirk Games' new Google Cloud solution. The batch files contain game statistics that need to bestaged in Cloud Storage and be processed by an extract transform load (ETL) tool. What should you do?

A. Use gsutil to load the files as the last part of ETL

B. Use gsutil to batch copy the files in parallel

C. Use gsutil to batch move files in sequence

D. Use gsutil to extract the files as the first part of ETL

Correct Answer: C

Section: (none)

QUESTION 357

Your company and one of its partners each have a Google Cloud project in separate organizations. Your company's project (prj-a) runs in Virtual Private Cloud (ypc-a).The partner's project (prj-b) runs in vpc-b, There are twoinstances running on vpc-a and one instance running on vpc-b. Subnets defined in both

VPCs are not overlapping. You need to ensure that all instances communicate with each other via internal IPs,minimizing latency and maximizing throughput. What should you do?

A. Set up a network peering between vpc-a and vpc-b

B. Set up a VPN between vpc-a and vpc-b using Cloud VPN

C. Configure IAP TCP forwarding on the instance in vpc-b, and then launch the following gcloud command from one of the instances in vpc-a gcloud gcloud compute start-iap- tunnelINSTANce_NAME_IN_VPc_B22--local-host-port=localhost:22

D. \1. Create an additional instance in vpc-a

\2. Create an additional instance in vpc-b

\3.Install OpenVPN in newly created instances

\4.Configure a VPN tunnel between vpc-a and vpc-b with the help of OpenVPN

Correct Answer: A

Section: (none)

QUESTION 358

Your operations team currently stores 1O TB of data in an object storage service from a third-party provider. They want to move this data to a Cloud Storage bucket as quickly as possible, following Google- recommended practices.They want to minimize the cost of this data migration. Which approach should they use?

A. Use the gsutil mv command to move the data

B. Use the Storage Transfer Service to move the data

C. Download the data to a Transfer Appliance, and ship it to Google.

D. Download the data to the on-premises data center, and upload it to the Cloud Storage bucket

Correct Answer: B

Section: (none)

QUESTION 359

You have a Compute Engine application that you want to autoscale when total memory usage exceeds 80%

. You have installed the Cloud Monitoring agent and configured the autoscaling policy as follows:

-- Metricidentifier:agent.googleapis.com/memory/percent_used

-- Filtermetric.label.state = 'used'

-- Target utilization level:80

-- Target type:GAUGE

You observe that the application does not scale under high load. You want to resolve this. What should you do?

A. Change the Meticidentifier to agent.googleapis.com/memory/bytes_used

B. Change the filter to metric.label.state = 'free' and the Target utilization to 20

C. Change the Target type to DELTA_PER MINUTE

D. Changethe filter to metric.label.state = 'used' AND metric.label.state = 'buffered' AND metric.label.state

= 'cached' AND metric.label.state = 'slab'

Correct Answer: C

Section: (none)

QUESTION 360

Your company has an application running on Compute Engine that allows users to play their favorite music. There are a fixed number of instances. Files are stored in Cloud Storage, and data is streamed directly to users. Usersare reporting that they sometimes need to attempt to play popular songs multiple times before they are successful.You need to improve the performance of the application. What should you do?

A. \1. Mount the Cloud Storage bucket using gcsfuse on all backend Compute Engine instances

\2. Serve music files directly from the backend Compute Engine instance

B. \1.Create a Cloud Filestore NFS volume and attach it to the backend Compute Engine instances

\2. Download popular songs in Cloud Filestore

\3. Serve music files directly from the backend Compute Engine instance

C. \1. Create a managed instance group with Compute Engine instances

\2. Create a global load balancer and configure it with two backends:

-- Managed instance group

-- Cloud Storage bucket

\3.Enable Cloud CDN on the bucket backend

D. \1. Copy popular songs into CloudSQL as a blob

\2. Update application code to retrieve data from CloudSQL when Cloud Storage is overloaded

Correct Answer: A

Section: (none)

現在就加入小豬科技，立即註冊，享受專業雲端服務！

QUESTION 361

You are deploying an application to Google Cloud. The application is part of a system.The application in Google Cloud must communicate over a private network with applications in a non-Google Cloud environment. Theexpected average throughput is 200 kbps.The business requires:

-- as close to 100% system availability as possible .cost optimization.

You need to design the connectivity between the locations to meet the business requirements. What should youprovision?

A. Two Classic Cloud VPN gateways connected to two on-premises VPN gateways. Configure each Classic Cloud VPN gateway to have two tunnels, each connected to different onpremises VPN gateways

B. A single Cloud VPN gateway connected to an on-premises VPN gateway

C. An HA Cloud VPN gateway connected with two tunnels to an on-premises VPN gateway

D. Two HA Cloud VPN gateways connected to two on-premises VPN gateways. Configure each HA Cloud VPNgateway to have two tunnels,each connected to different on-premises VPN gateways

Correct Answer: C

Section: (none)

QUESTION 362

Your company uses Google Kubernetes Engine (GKE) as a platform for all workloads. Your company has a single large GKE cluster that contains batch, stateful, and stateless workloads. The GKE cluster is configured with a single node pool with 200 nodes. Your company needs to reduce the cost of this cluster but does not want tocompromise availability. What should you do?

A. Create a second GKE cluster for the batch workloads only. Allocate the 200 original nodes across bothclusters

B. Configure a HorizontalPodAutoscaler for all stateless workloads and for all compatible statefulworkloads. Configure the cluster to use node auto scaling

C. Change the node pool to use preemptible VMs

D. Configure CPU and memory limits on the namespaces in the cluster. Configure all Pods to have a CPU andmemory limits

Correct Answer: D

Section: (none)

QUESTION 363

Your company has just recently activated Cloud Identity to manage users. The Google Cloud Organization has been configured as well ,The security team needs to secure projects that will be part of the Organization. They want to prohibit IAM users outside the domain from gaining permissions from now on. What should they do?

A. Configure an organization policy to restrict identities by domain.

B. Configure an organization policy to block creation of service accounts

C. Configure Cloud Scheduler to trigger a Cloud Function every hour that removes all users that don't belongto the Cloud Identity domain from all projects

D. Create a technical user (e.g, [email protected]), and give it the project owner role at rootorganization level. Write a bash script that

-- Lists all the IAM rules of all projects within the organization.

-- Deletes all users that do not belong to the company domain.

Create a Compute Engine instance in a project within the Organization and configure gcloud to be executedwith technical user credentials. Configure a cron job that executes the bash script every hour,

Correct Answer: A

Section: (none)

QUESTION 364

Your company has a Google Workspace account and Google Cloud Organization. Some developers in the companyhave created Google Cloud projects outside of the Google Cloud Organization.

You want to create an Organization structure that allows developers to create projects, but prevents them frommodifying production projects. You want to manage policies for all projects centrally and be able to set morerestrictive policies for production projects.

You want to minimize disruption to users and developers when business needs change in the future. You want tofollow Google-recommended practices. How should you design the Organization structure?

A. \1. Create a second Google Workspace account and Organization

\2.Grant all developers the Project Creator IAM role on the new Organization

\3. Move the developer projects into the new Organization

\4.Set the policies for all projects on both Organizations

\5.Additionally, set the production policies on the original Organization

B. \1. Create a folder under the Organization resource named "Production.'

\2. Grant all developers the Project Creator IAM role on the Organization

\3. Move the developer projects into the Organization

\4.Set the policies for all projects on the Organization

\5. Additionally, set the production policies on the "Production"” folder

C. \1. Create folders under the Organization resource named “Development" and "Production.'

\2. Grant all developers the Project Creator IAM role on the "Development" folder,

\3. Move the developer projects into the “Development" folder

\4.Set the policies for all projects on the Organization

\5. Additionally, set the production policies on the "Production"” folder

D. \1. Designate the Organization for production projects only

\2. Ensure that developers do not have the Project Creator IAM role on the Organization

\3. Create development projects outside of the Organization using the developer Google Workspace accounts

\4. Set the policies for all projects on the Organization

\5. Additionally, set the production policies on the individual production projects

Correct Answer: C

Section: (none)

QUESTION 365

Your company has an application running as a Deployment in a Google Kubernetes Engine(GKE) cluster. When releasing new versions of the application via a rolling deployment, the team has been causing outages. The root cause of the outages is misconfigurations with parameters that are only used in production. You want to put preventive measures for this in the platform to prevent outages. What should you do?

A. Configure health checks on the managed instance group

B. Configure an uptime alert in Cloud Monitoring

C. Create a Scheduled Task to check whether the application is available

D. Configure liveness and readiness probes in the Pod specification

Correct Answer: D

Section: (none)

QUESTION 366

Your company recently acquired a company that has infrastructure in Google Cloud. Each company has its own Google Cloud organization. Each company is using a Shared Virtual Private Cloud (VPC) to provide network connectivity for its applications. Some of the subnets used by both companies overlap In order for both businessesto integrate, the applications need to have private network connectivity,

These applications are not on overlapping subnets. You want to provide connectivity with minimal re- engineering.What should you do?

A. Set up a Cloud VPN gateway in each Shared VPC and peer Cloud VPNs

B. Migrate the projects from the acquired company into your company's Google Cloud organization. Re- launchthe instances in your companies Shared VPC

C. Configure SSH port forwarding on each application to provide connectivity between applications in thedifferent Shared VPCs

D. Set up VPC peering and peer each Shared VPC together.

Correct Answer: A

Section: (none)

讓我們幫助您完成雲端轉型，立即聯絡，獲得專業支援！