Google Professional Cloud Architect Exam Practice Test Instant Access

Question 1

For this question, refer to the TerramEarth case study. You are building a microservice-based application for TerramEarth. The application is based on Docker containers. You want to follow Google-recommended practices to build the application continuously and store the build artifacts. What should you do?

A1. Configure a trigger in Cloud Build for new source changes.
2. Invoke Cloud Build to build one container image, and tag the image with the label 'latest.'
3. Push the image to the Artifact Registry.

B1. Configure a trigger in Cloud Build for new source changes.
2. Invoke Cloud Build to build container images for each microservice, and tag them using the code commit hash.
3. Push the images to the Artifact Registry.

C1 Create a Scheduler job to check the repo every minute.
2. For any new change, invoke Cloud Build to build container images for the microservices.
3. Tag the images using the current timestamp, and push them to the Artifact Registry.

D1. Configure a trigger in Cloud Build for new source changes.
2. The trigger invokes build jobs and build container images for the microservices.
3. Tag the images with a version number, and push them to Cloud Storage.

Answer : C

Question 2

Your company is planning to upload several important files to Cloud Storage. After the upload is completed, they want to verify that the upload content is identical to what they have on- premises. You want to minimize the cost and effort of performing this check. What should you do?

A1) Use gsutil -m to upload all the files to Cloud Storage.
2) Use gsutil cp to download the uploaded files
3) Use Linux diff to compare the content of the files

B1) Use gsutil -m to upload all the files to Cloud Storage.
2) Develop a custom Java application that computes CRC32C hashes
3) Use gsutil ls -L gs://[YOUR_BUCKET_NAME] to collect CRC32C hashes of the uploaded files
4) Compare the hashes

C1) Use Linux shasum to compute a digest of files you want to upload
2) Use gsutil -m to upload all the files to the Cloud Storage
3) Use gsutil cp to download the uploaded files
4) Use Linux shasum to compute a digest of the downloaded files 5.Compre the hashes

D1) Use gsutil -m to upload all the files to Cloud Storage.
2) Use gsutil hash -c FILE_NAME to generate CRC32C hashes of all on-premises files
3) Use gsutil ls -L gs://[YOUR_BUCKET_NAME] to collect CRC32C hashes of the uploaded files
4) Compare the hashes

Answer : D

https://cloud.google.com/storage/docs/gsutil/commands/hash

Question 3

Your company has a stateless web API that performs scientific calculations. The web API runs on a single Google Kubernetes Engine (GKE) cluster. The cluster is currently deployed in us-central1. Your company has expanded to offer your API to customers in Asi

a. You want to reduce the latency for the users in Asia. What should you do?

AUse a global HTTP(s) load balancer with Cloud CDN enabled

BCreate a second GKE cluster in asia-southeast1, and expose both API's using a Service of
type Load Balancer. Add the public Ips to the Cloud DNS zone

CIncrease the memory and CPU allocated to the application in the cluster

DCreate a second GKE cluster in asia-southeast1, and use kubemci to create a global HTTP(s) load balancer

Answer : D

https://cloud.google.com/kubernetes-engine/docs/concepts/multi-cluster-ingress#how_works

https://github.com/GoogleCloudPlatform/k8s-multicluster-ingress

https://cloud.google.com/blog/products/gcp/how-to-deploy-geographically-distributed-services-on-kubernetes-engine-with-kubemci

Question 4

You are migrating third-party applications from optimized on-premises virtual machines to Google Cloud. You are unsure about the optimum CPU and memory options. The application have a consistent usage patterns across multiple weeks. You want to optimize resource usage for the lowest cost. What should you do?

ACreate a Compute engine instance with CPU and Memory options similar to your application's current on-premises virtual machine. Install the cloud monitoring agent, and deploy the third party application. Run a load with normal traffic levels on third party application and follow the Rightsizing Recommendations in the Cloud Console

BCreate an App Engine flexible environment, and deploy the third party application using a Docker file and a custom runtime. Set CPU and memory options similar to your application's current on-premises virtual machine in the app.yaml file.

CCreate an instance template with the smallest available machine type, and use an image of the third party application taken from the current on-premises virtual machine. Create a managed instance group that uses average CPU to autoscale the number of instances in the group. Modify the average CPU utilization threshold to optimize the number of instances running.

DCreate multiple Compute Engine instances with varying CPU and memory options. Install the cloud monitoring agent and deploy the third-party application on each of them. Run a load test with high traffic levels on the application and use the results to determine the optimal settings.

Answer : A

Create a Compute engine instance with CPU and Memory options similar to your application's current on-premises virtual machine. Install the cloud monitoring agent, and deploy the third party application. Run a load with normal traffic levels on third party application and follow the Rightsizing Recommendations in the Cloud Console

https://cloud.google.com/migrate/compute-engine/docs/4.9/concepts/planning-a-migration/cloud-instance-rightsizing?hl=en

Question 5

You have deployed an application on Anthos clusters (formerly Anthos GKE). According to the SRE practices at your company you need to be alerted if the request latency is above a certain threshold for a specified amount of time. What should you do?

AEnable the Cloud Trace API on your project and use Cloud Monitoring Alerts to send an alert based on the Cloud Trace metrics

BConfigure Anthos Config Management on your cluster and create a yaml file that defines the SLO and alerting policy you want to deploy in your cluster

CUse Cloud Profiler to follow up the request latency. Create a custom metric in Cloud Monitoring based on the results of Cloud Profiler, and create an Alerting Policy in case this metric exceeds the threshold

DInstall Anthos Service Mesh on your cluster. Use the Google Cloud Console to define a Service Level Objective (SLO)

Answer : D

https://cloud.google.com/service-mesh/docs/overview

https://cloud.google.com/service-mesh/docs/observability/slo-overview

Question 6

Your company wants you to build a highly reliable web application with a few public APIs as the backend. You don't expect a lot of user traffic, but traffic could spike occasionally. You want to leverage Cloud Load Balancing, and the solution must be cost-effective for users. What should you do?

AStore static content such as HTML and images in Cloud CDN. Host the APIs on App Engine and store the user data in Cloud SQL.

BStore static content such as HTML and images in a Cloud Storage bucket. Host the APIs on a zonal Google Kubernetes Engine cluster with worker nodes in multiple zones, and save the user data in Cloud Spanner.

CStore static content such as HTML and images in Cloud CDN. Use Cloud Run to host the APIs and save the user data in Cloud SQL.

DStore static content such as HTML and images in a Cloud Storage bucket. Use Cloud Functions to host the APIs and save the user data in Firestore.

Answer : D

https://cloud.google.com/load-balancing/docs/https/setting-up-https-serverless#gcloud:-cloud-functions

https://cloud.google.com/blog/products/networking/better-load-balancing-for-app-engine-cloud-run-and-functions

Question 7

Your company has a networking team and a development team. The development team runs applications on Compute Engine instances that contain sensitive dat

a. The development team requires administrative permissions for Compute Engine. Your company requires all network resources to be managed by the networking team. The development team does not want the networking team to have access to the sensitive data on the instances. What should you do?

A1. Create a project with a standalone VPC and assign the Network Admin role to the networking team.
2. Create a second project with a standalone VPC and assign the Compute Admin role to the development team.
3. Use Cloud VPN to join the two VPCs.

B1. Create a project with a standalone Virtual Private Cloud (VPC), assign the Network Admin role to the networking team, and assign the Compute Admin role to the development team.

C1. Create a project with a Shared VPC and assign the Network Admin role to the networking team.
2. Create a second project without a VPC, configure it as a Shared VPC service project, and assign the Compute Admin role to the development team.

D1. Create a project with a standalone VPC and assign the Network Admin role to the networking team.
2. Create a second project with a standalone VPC and assign the Compute Admin role to the development team.
3. Use VPC Peering to join the two VPCs.

Answer : C

In this scenario, a large organization has a central team that manages security and networking controls for the entire organization. Developers do not have permissions to make changes to any network or security settings defined by the security and networking team but they are granted permission to create resources such as virtual machines in shared subnets. To facilitate this the organization makes use of a shared VPC (Virtual Private Cloud). A shared VPC allows creation of a VPC network of RFC 1918 IP spaces that associated projects (service projects) can then use. Developers using the associated projects can create VM instances in the shared VPC network spaces. The organization's network and security admins can create subnets, VPNs, and firewall rules usable by all the projects in the VPC network. https://cloud.google.com/iam/docs/job-functions/networking#single_team_manages_security_network_for_organization

Google Professional Cloud Architect Google Cloud Architect Professional Exam Practice Test