GCP - Associate Cloud Engineer Exam
Study online at quizlet.com/_5vb8z0
1. When starting a Kubernetes
cluster in Kubernetes Engine do
you need to create a Master?
2. Does Kubernetes Engine support
multi-zone containers ?
3. Which platform would be best for
running containers both in the
datacenter and in the cloud?
4. The course introduces design
using a three-tier design model.
The three tiers are:
5. The design process includes which
steps?
6. What is it called when information
must be preserved to perform a
subsequent step?
7. What is the focus of
measurement?
8. What are the categories of
requirements described in
gathering requirements?
9. How does a microservices design
complicate business logic ?
10. Which GCP platform services are
identified as useful for the 12-
factor principle of "store
configuration information in the
environment"?
11. What tradeoff occurs with the 12-
factor principle of "store state
information in the environment"?
12. Which platform processing service
is designed to offer the lowest IT
overhead so you can focus on the
application?
No, the Master is 13. What advice is given on
created by Kubernetes horizontal scaling design?
Engine as part of the
interface that controls
14. What reason is given for the
the cluster.
design advice to "design first
Yes. It improves and dimension later"?
availability because if
one zone fails, the
others can pick up the
work. (CORRECT)
App Engine Flexible 15. What does Data Integrity
Environment mean?
Presentation layer,
Business-logic layer, 16. What is the difference between
and Data layer. * a proxied and a pass-through
load balancer?
Begin simple and
iterate. Plan for failure.
Measure. *
Stateful. State
information is stored. *
17. Which form of load balancing
enables you to load balance
Efficiency. An abstract behind an IP address that is
ratio representing only accessible to instances
resource utilization. * within your Virtual Private
Quantitative, Cloud (VPC)?
qualitative, scaling, and 18. What is the service provided by
size. * a third party (such as an ISP)
Key business logic is that enables you to connect
implemented as cross- another cloud directly to your
services Google cloud resources to
communication. * create hybrid cloud solutions?
Google Cloud Storage 19. What are the two main
and the Metadata categories of failures
Server. described?
20. To design to overcome a single
point of failure, the N+2
Storing state strategy is recommended. What
information in the is N+2?
environment is slower 21. What is a correlated failure?
than storing it locally
on SSD.
Google App Engine
(GAE) 22. How can a design to improve
reliability through failover
create an opportunity for
overload failure?
Prefer small stateless
servers. Keep servers
simple; do one thing well.
Trying to optimize cost or
optimize for size
(dimension) before the
design is fully developed
can lead to confusion and
ambiguities in the design
process. *
That users have access to
their data and that the
data persists without
being corrupted or lost.
A proxied load balancer
terminates the incoming
connection and initiates a
separate connection, a
pass-through redirects
traffic without terminating
it.
Internal load balancing.
Dedicated interconnect.
Failure due to loss of
resources, and failure due
to overload.
One alternative to ' N' to
handle an upgrade, and a
second to handle a
service outage.
When a group of related
items fail at the same
time; the group is a failure
domain.
If growth occurs and the
capacity is not increased
to accommodate the new
greater load during
failover.
23. What is a cascading
failure?
24. What is it called when you
are trying to make a
system more reliable by
adding retries and it
creates the opportunity
for an overload failure?
25. What is the recommended
action to help cope with
failure that involves
Objectives and Indicators?
26. Why is DNS recommended
for business continuity and
disaster recovery?
27. What is a lazy deletion
strategy?
28. What is a key technology
for scalable and resilient
design that enables both
scaling of capacity and
redirecting traffic to
alternate resources in the
event of a failure?
29. What does "pervasive
defense in depth" mean?
30. In most network devices
such as a firewall, the
network is subject to
overload of the capacity
of the interface. What is
the overload capacity of a
firewall in Google's
network?
When, due to an overload
failure, the system seeks
additional resources and
spreads the overload until the
system loses integrity.
Positive feedback cycle
overload failure.
Incorporate failure planning
including a margin of safety
and scheduled downtime into
the SLOs and SLIs.
Because you can use it to
redirect client requests to an
alternate backup service by
changing the DNS definition.
When a client deletes an
object, it is not annihilated
immediately, but concealed
and preserved for a period.
There may be multiple tiers in
the deletion strategy that
permit different kinds of
recovery of the object.
Load balancing.
Segregation of duties; Google
handles some things, others
are your responsibility.
The firewall is virtual,
implemented through software
defined networking, so there is
no physical interface to be
overloaded.
31. Which edge features of Google's TCP/SSL proxy, Global
networking provide automatic Load Balancing, and
protections against Distributed Cloud CDN.
Denial of Service attacks (DDoS)
?
32. Which of the following describes Projects that are
Cross-project VPC network isolated in separate
peering? VPCs can only
communicate over the
internet and share
resources using a
tunneled address
space.
33. When would you use CSEK When you have a
(Customer Supplied Encryption requirement to use your
Keys) ? own AES-256 keys
rather than those
automatically
generated by Google.
34. What is the "principle of least Grant roles at the
privilege" as it relates to IAM smallest scope needed
Policies? for the individual or
service account to be
functional with the
services they require.
35. Sometimes it is easier for two or ...
more people to share a single
user account instead of having
individual accounts. When you
share an account, make sure that
it has the right privileges needed
for the shared activity.
36. What are the steps in the capacity Allocate. Approve.
planning cycle? Deploy. Forecast.
37. What are three methods for Sustained use
reducing the price of virtual discounts. Committed
machines (VMs) in GCP? use discounts.
Preemptible VMs
38. What is the key advice presented Automate everything
about GCP deployment? you can -- because
launch and release
automation has an
influence over
reliability.
39. What is the difference between In black box
black box monitoring and white monitoring you can
box monitoring? only monitor external
observable events,
whereas, in white box
monitoring, you can
also monitor the
system's internal events.
40. From the bottom up, what are
the first three layers in the Site
Reliability Engineering pyramid?
41. True or False: In Google Cloud
IAM, if a policy gives you Owner
permissions at the project level,
your access to an individual
resource in the project may be
restricted to View by applying a
more restrictive policy to that
resource.
42. True or False: All Google Cloud
Platform resources are
associated with a project.
43. Service accounts are used to
provide which of the following?
(Choose all that are correct.
Choose 3 responses.)
44. How do GCP customers and
Google Cloud Platform divide
responsibility for security?
45. Which of these values is globally
unique, permanent, and
unchangeable, but chosen by
the customer?
46. Consider a single hierarchy of
GCP resources. Which of these
situations is possible? (Choose
all that are correct. Choose 3
responses.)
47. What is the difference between
IAM primitive roles and IAM
predefined roles?
Incident Response.
Testing and Release
Procedures. Capacity
Planning.
False
True
Authentication between
Google Cloud Platform
services A way to restrict
the actions a resource
(such as a VM) can
perform A way to allow
users to act with service
account permissions
Google takes care of the
lower parts of the stack,
and customers are
responsible for the
higher parts.
The project ID
There are two or more
organization nodes There
is no organization node,
and there are no folders.
There is no organization
node, but there is at least
one folder.
Primitive roles affect all
resources in a GCP
project. Predefined roles
apply to a particular
service in a project.
48. True or False: In Google Cloud
IAM, if a policy gives you
Owner permissions at the
project level, your access to an
individual resource in the
project may be restricted to
View by applying a more
restrictive policy to that
resource.
49. Service accounts are used to
provide which of the following?
(Choose all that are correct.
Choose 3 responses.)
50. Which statement is true about
billing for solutions deployed
using Cloud Marketplace
(formerly known as Cloud
Launcher)?
51. You are developing an
application that transcodes
large video files. Which storage
option is the best choice for
your application?
52. Which statement is true about
objects in Cloud Storage?
53. You are building a small
application. If possible, you'd
like this application's data
storage to be at no additional
charge. Which service has a
free daily quota, separate from
any free trials?
54. How do the Nearline and
Coldline storage classes differ
from Multi-regional and
Regional? Choose all that are
correct (2 responses).
False - Policies are a union
of the parent and the
resource. If a parent policy
is less restrictive, it
overrides a more
restrictive resource policy.
A way to allow users to
act with service account
permissions A set of
predefined permissions
Authentication between
Google Cloud Platform
services
You pay only for the
underlying GCP resources
you use, with the possible
addition of extra fees for
commercially licensed
software.
Cloud Storage Cloud
Bigtable
They are immutable, and
new versions overwrite
old unless you turn on
versioning.
Cloud Datastore
Nearline and Coldline
assess lower storage fees.
Nearline and Coldline
have lower durability.
Nearline and Coldline
assess additional retrieval
fees. Nearline and
Coldline use a differently-
architected API.
55. Your application needs a Cloud SQL 63. Which It is possible for an App Engine
relational database, and it statements are application's daily billing to drop to zero.
expects to talk to MySQL. true about App App Engine charges you based on the
Which storage option is Engine? Choose resources you pre-allocate rather than
the best choice for your all that are true based on the resources you use.
application? (2 correct Developers who write for App Engine do
answers). not need to code their applications in any
56. Your application needs to Cloud Spanner
particular way to use the service. App
store data with strong
Engine manages the hardware and
transactional consistency,
networking infrastructure required to run
and you want seamless
your code.
scaling up. Which storage
option is the best choice 64. Name 3 You can SSH in to your application You
for your application? advantages of can install third-party binaries Google
using the App provides automatic in-place security
57. Which GCP storage Cloud Storage
Engine Flexible patches Your application can execute
service is often the
Environment code in background threads
ingestion point for data
over App
being moved into the
Engine
cloud, and is frequently
Standard.
the long-term storage
location for data? 65. Name 3 You can install third-party binaries Billing
advantages of can drop to zero if your application is idle
58. Identify two reasons for Consistency across
using the App You can choose any programming
deploying applications development, testing,
Engine Standard language Google provides and maintains
using containers. (Choose production environments
Environment runtime binaries
2 responses.) Simpler to migrate workloads
over App
No need to allocate resources
Engine Flexible.
in which to run containers Tight
coupling between applications 66. You want to Cloud Endpoints
and operating systems support
developers who
59. True or False: Kubernetes True
are building
allows you to manage
services in GCP
container clusters in
through API
multiple cloud providers.
logging and
60. True or False: Google True monitoring.
Cloud Platform provides a Which GCP
secure, high-speed service should
container image storage you choose?
service for use with
67. You want to Apigee Edge
Kubernetes Engine.
gradually
61. In Kubernetes, what does A group of containers that work decompose a
"pod" refer to? together pre-existing
62. Does Google Cloud Yes; the GCP-provided tool is monolithic
Platform offer its own an option, but customers may application, not
tool for building choose not use it. implemented in
containers (other than the GCP, into
ordinary docker microservices.
command)? Which GCP
service should
you choose?
68. Why might a GCP They don't want to host their own git 75. Which BigQuery is a good choice for online
customer choose instance, and they want to integrate with statements transaction processing. BigQuery requires that
to use Cloud IAM permissions. are true you provision database instances ahead of
Source about use. BigQuery lets you run fast SQL queries
Repositories? BigQuery? against large databases. BigQuery is a good
Choose all choice for data analytics warehousing. Once
69. Why might a GCP Their application contains event-driven
that are true in BigQuery, data is not accessible from other
customer choose code that they don't want to have to
(2 GCP services.
to use Cloud provision compute resources for.
statements).
Functions?
76. Name three Internet of Things applications, Storage of
70. You want to Stackdriver Monitoring
use cases binary web content, Decoupling systems,
define alerts on
for Cloud Executing ad-hoc SQL queries
your GCP
Pub/Sub
resources, such
(Select 3
as when health
answers).
checks fail. Which
is the best GCP 77. What does It analyzes text to reveal its structure and
product to use? the Cloud meaning.
Natural
71. Which statements Stackdriver Logging requires the use of a
Language
are true about third-party monitoring agent. Stackdriver
API do?
Stackdriver Logging lets you define uptime checks.
Logging? Choose Stackdriver Logging lets you view logs 78. Name two Data mining and analysis in datasets of known
all that are true from your applications, and filter and use cases size Manage datasets of unpredictable size
(2 statements) search on them. Stackdriver Logging lets for Google Migrate on-premises Hadoop jobs to the
you define metrics based on your logs. Cloud cloud Manage data that arrives in realtime
Dataproc
72. Name two use Manage data that arrives in realtime
(Select 2
cases for Google Data mining and analysis in datasets of
answers).
Cloud Dataproc known size Migrate on-premises Hadoop
(Select 2 jobs to the cloud Manage datasets of 79. Name two Reserved compute instances Manual resource
answers). unpredictable size use cases management Extract, Transform, and Load
for Google (ETL) Orchestration
73. Name two use Reserved compute instances Manual
Cloud
cases for Google resource management Orchestration
Dataflow
Cloud Dataflow Extract, Transform, and Load (ETL)
(Select 2
(Select 2
answers).
answers).
80. Name three Data preparation, Fraud detection, Sentiment
74. Name three use Sentiment analysis Data preparation
use cases analysis
cases for the Fraud detection Query architecture
for the
Google Cloud Content personalization
Google
Machine Learning
Cloud
Platform (Select
Machine
3 answers).
Learning
Platform
(Select 3
answers).
81. Which statements BigQuery lets you run fast SQL 88. For what kind of traffic would TCP/SSL traffic on popular
are true about queries against large databases. Once the regional load balancer well-known port numbers
BigQuery? Choose in BigQuery, data is not accessible be the first choice? Choose UDP traffic, TCP traffic on
all that are true (2 from other GCP services. BigQuery is all that are correct (2 arbitrary port numbers, TCP
statements). a good choice for online transaction answers). traffic (non-SSL) on popular
processing. BigQuery requires that well-known port numbers
you provision database instances
89. A simple way to let a VPN Cloud Router
ahead of use. BigQuery is a good
into your Google VPC
choice for data analytics warehousing.
continue to work in spite of
82. Name three use Decoupling systems, Internet of routing changes
cases for Cloud Things applications, Executing ad-hoc
90. Which of these storage Structured objects, with
Pub/Sub (Select 3 SQL queries, Storage of binary web
needs is best addressed by transactions and SQL-like
answers). content Analyzing streaming data
Cloud Datastore? queries
83. What is TensorFlow? An open-source software library that's
91. Which of these storage A relational database with
useful for building machine learning
needs is best addressed by SQL queries and horizontal
applications
Cloud Spanner? scalability
84. Which compute Compute Engine
92. Which of these storage Structured objects, with
service lets
needs is best addressed by lookups based on a single
customers run
Cloud Bigtable? key
virtual machines
that run on Google's 93. Which of these storage Immutable binary objects
infrastructure? needs is best addressed by
Cloud Storage?
85. Which compute Kubernetes Engine
service lets 94. a fully managed object store Cloud Storage
customers deploy 95. relational database with Cloud Spanner
their applications in global scale and high
containers that run reliability financial and retail
in clusters on (TRANACTIONAL
Google's CONSISTENCY)
infrastructure?
96. fully managed no SQL wide Cloud Bigtable
86. Which compute App Engine column database (maps gmail
service lets etc)
customers focus on
97. fully managed mysql or Cloud SQL
their applications,
postgres sql database
leaving most
service
infrastructure and
provisioning to 98. fully managed no SQL Cloud Datastore
Google, while still document database
offering various 99. Which statement is true of A VM in Compute Engine
choices of runtime? Virtual Machine Instances in always maps to a single
87. Which compute Cloud Functions Google Compute Engine? hardware computer in a
service lets rack.
customers supply 100. What data storage service Cloud SQL
chunks of code, might you select if you just
which get run on- needed to migrate a
demand in response standard relational database
to events, on running on a single machine
infrastructure in a datacenter to the cloud?
wholly managed by
Google?
101. Which GCP data storage service Cloud Spanner 111.
offers ACID transactions and can
scale globally?
102. No resources in GCP can be used ... a project
without being associated with...
103. A budget is set at $500 and an A notification email is
112.
alert is set at 100%. What happens sent to the Billing
when the full amount is used? Administrator.
104. What is the purpose of Virtual To enable a secure
Private Networking (VPN)? communication
method (a tunnel) to
113.
connect two trusted
environments through
an untrusted
environment, such as
the Internet.
105. Why might you use Cloud Cloud Interconnect
Interconnect or Direct Peering and Direct Peering
instead of VPN? can provide higher
availability, lower
114.
latency, and lower
cost for data-
intensive applications.
106. What is the purpose of a Cloud It implements
Router and why does that matter? dynamic VPN that
allows topology to
be discovered and
115.
shared automatically,
which reduces manual
static route
maintenance.
107. What are the three categories of Global external load
GCP load balancing as described in balancing, regional
the course materials? external load
balancing, and
116.
regional internal load
balancing
108. Which form of load balancing Network Load
distributes traffic among a pool of Balancing
instances within a region?
109. Which form of Load Balancing uses Content-based Load
path rules to send traffic to Balancing
backend services based on type?
110. You are a project owner and need App Engine Deployer
your co-worker to deploy a new
version of your application to App
Engine. You want to follow
Google's recommended practices.
Which IAM roles should you grant
your co-worker?
Your company has reserved a monthly Create a
budget for your project. You want to be budget alert for
informed automatically of your project 50%, 90%, and
spend so that you can take action when 100% of your
you approach the limit. What should you total monthly
do? budget.
You have a project using BigQuery. You Use "gcloud
want to list all BigQuery jobs for that config set
project. You want to set this project as project" to set
the default for the bq command-line the default
tool. What should you do? project.
Your project has all its Compute Engine Use "gcloud
resources in the europe-west1 region. config set
You want to set europe-west1 as the compute/region
default region for gcloud commands. europe-west1"
What should you do? to set the
default region
for future
gcloud
commands.
You developed a new application for Use the pricing
App Engine and are ready to deploy it calculator for
to production. You need to estimate the App Engine to
costs of running your application on get an accurate
Google Cloud Platform as accurately as estimation of
possible. What should you do? the expected
charges.
Your company processes high volumes of Cloud Bigtable
IoT data that are time-stamped. The total
data volume can be several petabytes.
The data needs to be written and
changed at a high speed. You want to use
the most performant storage option for
your data. Which product should you
use?
Your application has a large international A multi-regional
audience and runs stateless virtual Cloud Storage
machines within a managed instance bucket.
group across multiple locations. One
feature of the application lets users
upload files and share them with other
users. Files must be available for 30 days;
after that, they are removed from the
system entirely. Which storage solution
should you choose?
117. You have a definition for an
instance template that contains
a web application. You are asked
to deploy the application so that
it can scale based on the HTTP
traffic it receives. What should
you do?
118. You are creating a Kubernetes
Engine cluster to deploy
multiple pods inside the cluster.
All container logs must be
stored in BigQuery for later
analysis. You want to follow
Google-recommended
practices. Which two approaches
can you take?
119. E. Use the Stackdriver Logging
export feature to create a sink
to BigQuery. Specify a filter
expression to export log records
related to your Kubernetes
Engine cluster only.
120. You need to create a new
Kubernetes Cluster on Google
Cloud Platform that can
autoscale the number of worker
nodes. What should you do?
121. You have an application server
running on Compute Engine in
the europe-west1-d zone. You
need to ensure high availability
and replicate the server to the
europe-west2-c zone using the
fewest steps possible. What
should you do?
122. Your company has a mission-
critical application that serves
users globally. You need to
select a transactional and
relational data storage system
for this application. Which two
products should you choose?
123. You have a Kubernetes cluster
with 1 node-pool. The cluster
receives a lot of traffic and
needs to grow. You decide to
add a node. What should you
do?
Create a managed 124.
instance group based on
the instance template.
Configure autoscaling
based on HTTP traffic
and configure the
instance group as the
backend service of an
125.
HTTP load balancer.
A. Turn on Stackdriver
Logging during the
Kubernetes Engine
cluster creation.
126.
...
Create a cluster on
Kubernetes Engine and
enable autoscaling on
Kubernetes Engine.
127.
Create a snapshot from
the disk. Create a disk
from the snapshot in the
europe-west2-c zone.
Create a new VM with
that disk.
128.
Cloud Spanner Cloud
SQL
D. Edit the managed
instance group of the
129.
cluster and enable
autoscaling.
You created an update for your
application on App Engine. You
want to deploy the update
without impacting your users. You
want to be able to roll back as
quickly as possible if it fails.
What should you do?
You have created a Kubernetes
deployment, called
Deployment-A, with 3 replicas
on your cluster. Another
deployment, called
Deployment-B, needs access to
Deployment-A. You cannot
expose Deployment-A outside
of the cluster. What should you
do?
You need to estimate the annual
cost of running a Bigquery query
that is scheduled to run nightly.
What should you do?
You want to find out who in your
organization has Owner access
to a project called "my-
project".What should you do?
You want to create a new role
for your colleagues that will
apply to all current and future
projects created in your
organization. The role should
have the permissions of the
BigQuery Job User and Cloud
Bigtable User roles. You want to
follow Google's recommended
practices. How should you create
the new role?
You work in a small company
where everyone should be able
to view all resources of a specific
project. You want to grant them
access following Google's
recommended practices. What
should you do?
A. Use "gcloud
container clusters
resize" with the desired
number of nodes.
D. Create a Service of
type ClusterIP for
Deployment A. Have
Deployment B use the
Service IP address.
You need to estimate
the annual cost of
running a Bigquery
query that is scheduled
to run nightly. What
should you do? B. Use
"bq query --dry_run" to
determine the number
of bytes read by the
query. Use this number
in the Pricing
Calculator.
In the Google Cloud
Platform Console, go
to the IAM page for
your organization and
apply the filter
"Role:Owner".
D. For your
organization, in the
Google Cloud Platform
Console under Roles,
select both roles and
combine them into a
new custom role.
C. Create a new
Google Group and add
all users to the group.
Use "gcloud projects
add-iam-policy-
binding" with the Project
Viewer role and Group
email address.
130. You need to verify the assigned permissions in a custom IAM role. What A. Use the GCP Console, IAM section to view the
should you do? information.