Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
• For a full set of 750+ questions. Go to https://skillcertpro.com/product/google-cloud-certified-associate-cloud-engineer-practice-exam-set/ • SkillCertPro offers detailed explanations to each question which helps to understand the concepts better. • It is recommended to score above 85% in SkillCertPro exams before attempting a real exam. • SkillCertPro updates exam questions every 2 weeks. • You will get life time access and life time free updates.
Typology: Exercises
1 / 10
Google Associate Cloud Engineer Practice Tests 2023. Contains 750+ exam questions to pass the exam in first attempt. SkillCertPro offers real exam questions for practice for all major IT certifications.
For a full set of 7 50 + questions. Go to https://skillcertpro.com/product/google-cloud-certified-associate-cloud- engineer-practice-exam-set/ SkillCertPro offers detailed explanations to each question which helps to understand the concepts better. It is recommended to score above 85% in SkillCertPro exams before attempting a real exam. SkillCertPro updates exam questions every 2 weeks. You will get life time access and life time free updates SkillCertPro assures 100% pass guarantee in first attempt.
Below are the free 10 sample questions.
You are creating a Kubernetes Engine cluster to deploy multiple pods inside the cluster. All container logs must be stored in BigQuery for later analysis. You want to follow Google-recommended practices. Which two approaches can you take?
A. Turn on Stackdriver Logging during the Kubernetes Engine cluster creation. B. Turn on Stackdriver Monitoring during the Kubernetes Engine cluster creation. C. Develop a custom add-on that uses Cloud Logging API and BigQuery API. Deploy the add-on to your Kubernetes Engine cluster. D. Use the Stackdriver Logging export feature to create a sink to Cloud Storage. Create a Cloud Dataflow job that imports log files from Cloud Storage to BigQuery. E. Use the Stackdriver Logging export feature to create a sink to BigQuery. Specify a filter expression to export log records related to your Kubernetes Engine cluster only.
Option A as creating a cluster with Stack driver Logging option will enable all the container logs to be stored in Stack driver Logging.
Option E as Stackdriver Logging support exporting logs to BigQuery by creating sinks
Refer GCP documentation – Kubernetes logging
Option B is wrong as creating a cluster with Stackdriver Monitoring option will enable monitoring metrics to be gathered, but it has nothing to do with logging.
Option C is wrong as even if you can develop a Kubernetes addon that will send logs to BigQuery, this is not a Google-recommended practice.
Option D is wrong as this is not a Google recommended practice.
Your company has a mission-critical application that serves users globally. You need to select a transactional and relational data storage system for this application. Which two products should you choose?
A. BigQuery B. Cloud SQL C. Cloud Spanner D. Cloud Bigtable E. Cloud Datastore
Option B as because Cloud SQL is a relational and transactional database in the list.
Option C as Spanner is a relational and transactional database in the list.
Refer GCP documentation – Storage Options
Option A is wrong as BigQuery is not a transactional system.
Option D is wrong as Cloud Bigtable provides transactional support but it’ s not relational.
Option E is wrong as Datastore is not a relational data storage system.
You want to find out who in your organization has Owner access to a project called “my-project”. What should you do?
A. In the Google Cloud Platform Console, go to the IAM page for your organization and apply the filter Role:Owner. B. In the Google Cloud Platform Console, go to the IAM page for your project and apply the filter Role:Owner. C. Use gcloud iam list-grantable-role --project my-project from your Terminal. D. Use gcloud iam list-grantable-role from Cloud Shell on the project page.
Option A is wrong as it will give the org-wide owners, but you are interested in the project owners, which could be different.
Option C is wrong as this command is to list grantable roles for a resource, but does not return who has a specific role.
Option D is wrong as this command is to list grantable roles for a resource, but does not return who has a specific role.
You need to verify the assigned permissions in a custom IAM role. What should you do?
A. Use the GCP Console, IAM section to view the information. B. Use the gcloud init command to view the information. C. Use the GCP Console, Security section to view the information. D. Use the GCP Console, API section to view the information.
Correct answer is A as this is the correct console area to view permission assigned to a custom role in a particular project.
Option B is wrong as gcloud init will not provide the information required.
Options C and D are wrong as these are not the correct areas to view this information
You have an App Engine application serving as you’re front-end. It’s going to publish messages to Pub/Sub. The Pub/Sub API hasn’t been enabled yet. What is the fastest way to enable the API?
A. Use a service account with the Pub/Sub Admin role to auto-enable the API. B. Enable the API in the Console. C. Application's in App Engine don't require external APIs to be enabled. D. The API will be enabled the first time the code attempts to access Pub/Sub.
Correct answer is B as the simplest way to enable an API for the project is using the GCP console.
Refer GCP documentation – Enable/Disable APIs
The simplest way to enable an API for your project is to use the GCP Console, though you can also enable an API using gcloud or using the Service Usage API. You can find out more about these options in the Service Usage API docs.
To enable an API for your project using the console:
For a full set of 750+ questions. Go to https://skillcertpro.com/product/google-cloud-certified-associate-cloud- engineer-practice-exam-set/ SkillCertPro offers detailed explanations to each question which helps to understand the concepts better. It is recommended to score above 85% in SkillCertPro exams before attempting a real exam. SkillCertPro updates exam questions every 2 weeks. You will get life time access and life time free updates SkillCertPro assures 100% pass guarantee in first attempt.
Your development team has asked you to set up an external TCP load balancer with SSL offload. Which load balancer should you use?
A. SSL proxy B. HTTP load balancer
C. TCP proxy D. HTTPS load balancer
Google Cloud SSL Proxy Load Balancing terminates user SSL (TLS) connections at the load balancing layer, then balances the connections across your instances using the SSL or TCP protocols. Cloud SSL proxy is intended for non-HTTP(S) traffic. For HTTP(S) traffic, HTTP(S) load balancing is recommended instead.
SSL Proxy Load Balancing supports both IPv4 and IPv6 addresses for client traffic. Client IPv6 requests are terminated at the load balancing layer, then proxies over IPv4 to your backends.
Options B & D are wrong as they are recommended for HTTP or HTTPS traffic only
Option C is wrong as TCP proxy does not support SSL offload.
Your manager needs you to test out the latest version of MS-SQL on a Windows instance. You've created the VM and need to connect into the instance. What steps should you follow to connect to the instance?
A. Generate a Windows password in the console, then use a client capable of communicating via RDP and provide the credentials. B. Generate a Windows password in the console, and then use the RDP button to connect in through the console. C. Connect in with your own RDP client using your Google Cloud username and password. D. From the console click the SSH button to automatically connect.
Correct answer is A as connecting to Windows instance involves installation of the RDP client. GCP does not provide RDP client and it needs to be installed. Generate Windows instance password to connect to the instance.
Option B is wrong as GCP Console does not have a direct RDP connectivity.
Option C is wrong as a separate windows password needs to be generate. Google Cloud username password cannot be used.
Option D is wrong as you cannot connect to Windows instance using SSH.
You need to create a new development Kubernetes cluster with 3 nodes. The cluster will be named project-1-cluster. Which of the following truncated commands will create a cluster?
A. gcloud container clusters create project-1-cluster --num-nodes 3 B. kubectl clusters create project-1-cluster 3 C. kubectl clusters create project-1-cluster --num-nodes 3 D. gcloud container clusters create project-1-cluster 3
Correct answer is A as Kubernetes cluster can be created using the gcloud command only, with the cluster name and –num-nodes parameter.
gcloud container clusters create my-regional-cluster –num-nodes 2 \ –region us- west
Options B & C are wrong as kubectl cannot be used to create Kubernetes cluster.
Option D is wrong as the 3 parameter is invalid and needs to follow a parameter.
Your security team wants to be able to audit network traffic inside of your network. What's the best way to ensure they have access to the data they need?
A. Disable flow logs. B. Enable flow logs. C. Enable VPC Network logs D. Add a firewall capture filter.
Correct answer is B as VPC Flow logs track all the network flows and needs to be enabled.
VPC Flow Logs record a sample of network flows sent from and received by VM instances. These logs can be used for network monitoring, forensics, real-time security analysis, and expense optimization.
Flow logs are aggregated by connection, at 5-second intervals, from Compute Engine VMs and exported in real time. By subscribing to Cloud Pub/Sub, you can analyze flow logs using real-time streaming APIs.
Option A is wrong as the VPC logs need to enabled and are disabled by default.
Option C is wrong as there is no VPC Network logs.
Option D is wrong as there is no firewall capture filter.
While looking at your application’ s source code in your private Github repo, you’ ve noticed that a service account key has been committed to git. What steps should you take next?
A. Delete the project and create a new one. B. Do nothing. Git is fine for keys if the repo is private. C. Revoke the key, remove the key from Git, purge the Git history to remove all traces of the file, ensure the key is added to the .gitignore file. D. Contact Google Cloud Support
Correct answer is C as all the traces of the keys needs to removed and add the key to .gitignore file.
Option A is wrong as deleting project does not remove the keys from Git.
Option B is wrong as it is bad practice to store keys in Git, irrespective of private repo.
Option D is wrong as Google Cloud support cannot help.
For a full set of 750+ questions. Go to https://skillcertpro.com/product/google-cloud-certified-associate-cloud- engineer-practice-exam-set/ SkillCertPro offers detailed explanations to each question which helps to understand the concepts better. It is recommended to score above 85% in SkillCertPro exams before attempting a real exam. SkillCertPro updates exam questions every 2 weeks. You will get life time access and life time free updates SkillCertPro assures 100% pass guarantee in first attempt.