






Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
• For a full set of 750+ questions. Go to https://skillcertpro.com/product/google-cloud-certified-associate-cloud-engineer-practice-exam-set/ • SkillCertPro offers detailed explanations to each question which helps to understand the concepts better. • It is recommended to score above 85% in SkillCertPro exams before attempting a real exam. • SkillCertPro updates exam questions every 2 weeks. • You will get life time access and life time free updates.
Typology: Exercises
1 / 10
This page cannot be seen from the preview
Don't miss anything!







Google Associate Cloud Engineer Practice Tests 2023. Contains 750+ exam questions to pass the exam in first attempt. SkillCertPro offers real exam questions for practice for all major IT certifications.
For a full set of 7 50 + questions. Go to https://skillcertpro.com/product/google-cloud-certified-associate-cloud- engineer-practice-exam-set/ SkillCertPro offers detailed explanations to each question which helps to understand the concepts better. It is recommended to score above 85% in SkillCertPro exams before attempting a real exam. SkillCertPro updates exam questions every 2 weeks. You will get life time access and life time free updates SkillCertPro assures 100% pass guarantee in first attempt.
Below are the free 10 sample questions.
You are creating a Kubernetes Engine cluster to deploy multiple pods inside the cluster. All container logs must be stored in BigQuery for later analysis. You want to follow Google-recommended practices. Which two approaches can you take?
A. Turn on Stackdriver Logging during the Kubernetes Engine cluster creation. B. Turn on Stackdriver Monitoring during the Kubernetes Engine cluster creation. C. Develop a custom add-on that uses Cloud Logging API and BigQuery API. Deploy the add-on to your Kubernetes Engine cluster. D. Use the Stackdriver Logging export feature to create a sink to Cloud Storage. Create a Cloud Dataflow job that imports log files from Cloud Storage to BigQuery. E. Use the Stackdriver Logging export feature to create a sink to BigQuery. Specify a filter expression to export log records related to your Kubernetes Engine cluster only.
Option A as creating a cluster with Stack driver Logging option will enable all the container logs to be stored in Stack driver Logging.
Option E as Stackdriver Logging support exporting logs to BigQuery by creating sinks
Refer GCP documentation – Kubernetes logging
Option B is wrong as creating a cluster with Stackdriver Monitoring option will enable monitoring metrics to be gathered, but it has nothing to do with logging.
Option C is wrong as even if you can develop a Kubernetes addon that will send logs to BigQuery, this is not a Google-recommended practice.
Option D is wrong as this is not a Google recommended practice.
Your company has a mission-critical application that serves users globally. You need to select a transactional and relational data storage system for this application. Which two products should you choose?
A. BigQuery B. Cloud SQL C. Cloud Spanner D. Cloud Bigtable E. Cloud Datastore
Option B as because Cloud SQL is a relational and transactional database in the list.
You need to verify the assigned permissions in a custom IAM role. What should you do?
A. Use the GCP Console, IAM section to view the information. B. Use the gcloud init command to view the information. C. Use the GCP Console, Security section to view the information. D. Use the GCP Console, API section to view the information.
Correct answer is A as this is the correct console area to view permission assigned to a custom role in a particular project.
Option B is wrong as gcloud init will not provide the information required.
Options C and D are wrong as these are not the correct areas to view this information
You have an App Engine application serving as you’re front-end. It’s going to publish messages to Pub/Sub. The Pub/Sub API hasn’t been enabled yet. What is the fastest way to enable the API?
A. Use a service account with the Pub/Sub Admin role to auto-enable the API. B. Enable the API in the Console. C. Application's in App Engine don't require external APIs to be enabled. D. The API will be enabled the first time the code attempts to access Pub/Sub.
Correct answer is B as the simplest way to enable an API for the project is using the GCP console.
Refer GCP documentation – Enable/Disable APIs
The simplest way to enable an API for your project is to use the GCP Console, though you can also enable an API using gcloud or using the Service Usage API. You can find out more about these options in the Service Usage API docs.
To enable an API for your project using the console:
For a full set of 750+ questions. Go to https://skillcertpro.com/product/google-cloud-certified-associate-cloud- engineer-practice-exam-set/ SkillCertPro offers detailed explanations to each question which helps to understand the concepts better. It is recommended to score above 85% in SkillCertPro exams before attempting a real exam. SkillCertPro updates exam questions every 2 weeks. You will get life time access and life time free updates SkillCertPro assures 100% pass guarantee in first attempt.
Your development team has asked you to set up an external TCP load balancer with SSL offload. Which load balancer should you use?
A. SSL proxy B. HTTP load balancer
Correct answer is A as connecting to Windows instance involves installation of the RDP client. GCP does not provide RDP client and it needs to be installed. Generate Windows instance password to connect to the instance.
Option B is wrong as GCP Console does not have a direct RDP connectivity.
Option C is wrong as a separate windows password needs to be generate. Google Cloud username password cannot be used.
Option D is wrong as you cannot connect to Windows instance using SSH.
You need to create a new development Kubernetes cluster with 3 nodes. The cluster will be named project-1-cluster. Which of the following truncated commands will create a cluster?
A. gcloud container clusters create project-1-cluster --num-nodes 3 B. kubectl clusters create project-1-cluster 3 C. kubectl clusters create project-1-cluster --num-nodes 3 D. gcloud container clusters create project-1-cluster 3
Correct answer is A as Kubernetes cluster can be created using the gcloud command only, with the cluster name and –num-nodes parameter.
gcloud container clusters create my-regional-cluster –num-nodes 2 \ –region us- west
Options B & C are wrong as kubectl cannot be used to create Kubernetes cluster.
Option D is wrong as the 3 parameter is invalid and needs to follow a parameter.
Your security team wants to be able to audit network traffic inside of your network. What's the best way to ensure they have access to the data they need?
A. Disable flow logs. B. Enable flow logs. C. Enable VPC Network logs D. Add a firewall capture filter.
Correct answer is B as VPC Flow logs track all the network flows and needs to be enabled.
VPC Flow Logs record a sample of network flows sent from and received by VM instances. These logs can be used for network monitoring, forensics, real-time security analysis, and expense optimization.
Flow logs are aggregated by connection, at 5-second intervals, from Compute Engine VMs and exported in real time. By subscribing to Cloud Pub/Sub, you can analyze flow logs using real-time streaming APIs.
Option A is wrong as the VPC logs need to enabled and are disabled by default.
Option C is wrong as there is no VPC Network logs.
Option D is wrong as there is no firewall capture filter.
While looking at your application’ s source code in your private Github repo, you’ ve noticed that a service account key has been committed to git. What steps should you take next?