Google Professional Cloud Architect Exam Practice Test Instant Access

Question 1

Your company has a Google Cloud project that uses BigQuery for data warehousing on a pay-per-use basis. You want to monitor queries in real time to discover the most costly queries and which users spend the most. What should you do?

A1. Create a Cloud Logging sink to export BigQuery data access logs to Cloud Storage. 2. Develop a Dataflow pipeline to compute the cost of queries split by users.

B1. Create a Cloud Logging sink to export BigQuery data access logs to BigQuery.
2. Perform a BigQuery query on the generated table to extract the information you need.

C1. Activate billing export into BigQuery.
2. Perform a BigQuery query on the billing table to extract the information you need.

D1. In the BigQuery dataset that contains all the tables to be queried, add a label for each user that can launch a query.
2. Open the Billing page of the project.
3. Select Reports.
4. Select BigQuery as the product and filter by the user you want to check.

Answer : C

https://cloud.google.com/blog/products/data-analytics/taking-a-practical-approach-to-bigquery-cost-monitoring

Question 2

You are responsible for the Google Cloud environment in your company Multiple departments need access to their own projects and the members within each department will have the same project responsibilities You want to structure your Google Cloud environment for minimal maintenance and maximum overview of 1AM permissions as each department's projects start and end You want to follow Google-recommended practices What should you do?

ACreate a Google Group per department and add all department members to their respective groups Create a folder per department
and grant the respective group the required 1AM permissions at the folder level Add the projects under the respective folders

BGrant all department members the required 1AM permissions for their respective projects

CCreate a Google Group per department and add all department members to their respective groups Grant each group the required I AM permissions for their respective projects

DCreate a folder per department and grant the respective members of the department the required 1AM permissions at the folder level. Structure all projects for each department under the respective folders

Answer : A

This option follows the Google-recommended practices for structuring a Google Cloud environment for minimal maintenance and maximum overview of IAM permissions. By creating a Google Group per department and adding all department members to their respective groups, you can simplify user management and avoid granting IAM permissions to individual users. By creating a folder per department and granting the respective group the required IAM permissions at the folder level, you can enforce consistent policies across all projects within each department and avoid granting IAM permissions at the project level. By adding the projects under the respective folders, you can organize your resources hierarchically and leverage inheritance of IAM policies from folders to projects. The other options are not optimal for this scenario, because they either require granting IAM permissions to individual users (B, C), or do not use Google Groups to manage users (D). Reference:

https://cloud.google.com/architecture/framework/system-design

https://cloud.google.com/architecture/identity/best-practices-for-planning

https://cloud.google.com/resource-manager/docs/creating-managing-folders

Question 3

Your company wants to migrate their 10-TB on-premises database export into Cloud Storage You want to minimize the time it takes to complete this activity, the overall cost and database load The bandwidth between the on-premises environment and Google Cloud is 1 Gbps You want to follow Google-recommended practices What should you do?

AUse the Data Transfer appliance to perform an offline migration

BUse a commercial partner ETL solution to extract the data from the on-premises database and upload it into Cloud Storage

CDevelop a Dataflow job to read data directly from the database and write it into Cloud Storage

DCompress the data and upload it with gsutii -m to enable multi-threaded copy

Answer : A

The Data Transfer appliance is a Google-provided hardware device that can be used to transfer large amounts of data from on-premises environments to Cloud Storage. It is suitable for scenarios where the bandwidth between the on-premises environment and Google Cloud is low or insufficient, and the data size is large. The Data Transfer appliance can minimize the time it takes to complete the migration, the overall cost and database load, by avoiding network bottlenecks and reducing bandwidth consumption. The Data Transfer appliance also encrypts the data at rest and in transit, ensuring data security and privacy. The other options are not optimal for this scenario, because they either require a high-bandwidth network connection (B, C, D), or incur additional costs and complexity (B, C). Reference:

https://cloud.google.com/data-transfer-appliance/docs/overview

https://cloud.google.com/blog/products/storage-data-transfer/introducing-storage-transfer-service-for-on-premises-data

Question 4

You are working with a data warehousing team that performs data analysis. The team needs to process data from external partners, but the data contains personally identifiable information (PlI). You need to process and store the data without storing any of the Pll dat

a. What should you do?

ACreate a Dataflow pipeline to retrieve the data from the external sources. As part of the pipeline use the Cloud Data Loss Prevention (Cloud DLP) API to remove any Pll data Store the result in BigQuery

BCreate a Dataflow pipeline to retrieve the data from the external sources. As part of the pipeline store all non-PII data in BigQuery and store all Pll data in a Cloud Storage bucket that has a retention policy set.

CAsk the external partners to upload an data on Cloud Storage Configure Bucket Lock for the bucket Create a Dataflow pipeline to read the data from the bucket As part of the pipeline, use the Cloud Data Loss Prevention (Cloud DIP) API to remove any Pll data Store the result in BigQuery

DAsk the external partners to import ail data in your BigQuery dataset Create a dataflow pipeline to copy the data into a new table As part of the Dataflow bucket skip all data in columns that have Pll data

Answer : A

Create a Dataflow pipeline to retrieve the data from the external sources, he did not specify the way he is going to create it, it might be a pub/sub or external table or whatever.

Question 5

You are configuring the cloud network architecture for a newly created project m Google Cloud that will host applications in Compote Engine Compute Engine virtual machine instances will be created in two different subnets (sub-a and sub-b) within a single region

* Instances in sub-a win have public IP addresses

* Instances in sub-b will have only private IP addresses

To download updated packages, instances must connect to a public repository outside the boundaries of Google Cloud You need to allow sub-b to access the external repository. What should you do?

AEnable Private Google Access on sub-b

BConfigure Cloud NAT and select sub b m the NAT mapping section

CConfigure a bastion host instance in sub a to connect to instances in sub-b

DEnable Identity Aware Proxy for TCP forwarding for instances in sub-b

Answer : B

Question 6

Your company has developed a monolithic, 3-tier application to allow external users to upload and share files. The solution cannot be easily enhanced and lacks reliability. The development team would like to re-architect the application to adopt microservices and a fully managed service approach, but they need to convince their leadership that the effort is worthwhile. Which advantage(s) should they highlight to leadership?

AThe new approach will be significantly less costly, make it easier to manage the underlying infrastructure, and automatically manage the CI/CD pipelines.

BThe monolithic solution can be converted to a container with Docker. The generated container can then be deployed into a Kubernetes cluster.

CThe new approach will make it easier to decouple infrastructure from application, develop and release new features, manage the underlying infrastructure, manage CI/CD pipelines and perform A/B testing, and scale the solution if necessary.

DThe process can be automated with Migrate for Compute Engine.

Answer : C

The new approach will make it easier to decouple infrastructure from an application, develop and release new features, manage the underlying infrastructure, manage CI/CD pipelines and perform A/B testing, and scale the solution if necessary.

Question 7

Your company provides a recommendation engine for retail customers. You are providing retail customers with an API where they can submit a user ID and the API returns a list of recommendations for that user. You are responsible for the API lifecycle and want to ensure stability for your customers in case the API makes backward-incompatible changes. You want to follow Google-recommended practices. What should you do?

ACreate a distribution list of all customers to inform them of an upcoming backward-incompatible change at least one month before replacing the old API with the new API.

BCreate an automated process to generate API documentation, and update the public API documentation as part of the CI/CD process when deploying an update to the API.

CUse a versioning strategy for the APIs that increases the version number on every backward-incompatible change.

DUse a versioning strategy for the APIs that adds the suffix ''DEPRECATED'' to the current API version number on every backward-incompatible change. Use the current version number for the new API.

Answer : C

https://cloud.google.com/apis/design/versioning

All Google API interfaces must provide a major version number, which is encoded at the end of the protobuf package, and included as the first part of the URI path for REST APIs. If an API introduces a breaking change, such as removing or renaming a field, it must increment its API version number to ensure that existing user code does not suddenly break.

Google Professional Cloud Architect Google Cloud Architect Professional Exam Practice Test