• Home
  • Articles
  • Pass Google Professional-Cloud-Architect Actual Free Exam Q&As Updated Dump Mar 29, 2024 [Q27-Q43]

Pass Google Professional-Cloud-Architect Actual Free Exam Q&As Updated Dump Mar 29, 2024 [Q27-Q43]

Share

Pass Google Professional-Cloud-Architect Actual Free Exam Q&As Updated Dump Mar 29, 2024

Latest Professional-Cloud-Architect Actual Free Exam Updated 278 Questions

NEW QUESTION # 27
For this question, refer to the Mountkirk Games case study. Which managed storage option meets Mountkirk's technical requirement for storing game activity in a time series database service?

  • A. BigQuery
  • B. Cloud Datastore
  • C. Cloud Bigtable
  • D. Cloud Spanner

Answer: A


NEW QUESTION # 28
For this question, refer to the TerramEarth case study.
To speed up data retrieval, more vehicles will be upgraded to cellular connections and be able to transmit data to the ETL process. The current FTP process is error-prone and restarts the data transfer from the start of the file when connections fail, which happens often. You want to improve the reliability of the solution and minimize data transfer time on the cellular connections. What should you do?

  • A. Directly transfer the files to different Google Cloud Multi-Regional Storage bucket locations in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process using the data in the bucket.
  • B. Use multiple Google Container Engine clusters running FTP servers located in different regions. Save the data to Multi-Regional buckets in us, eu, and asia. Run the ETL process using the data in the bucket.
  • C. Use one Google Container Engine cluster of FTP servers. Save the data to a Multi-Regional bucket. Run the ETL process using data in the bucket.
  • D. Directly transfer the files to a different Google Cloud Regional Storage bucket location in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process to retrieve the data from each Regional bucket.

Answer: D

Explanation:
Explanation
https://cloud.google.com/storage/docs/locations


NEW QUESTION # 29
For this question, refer to the TerramEarth case study. You are asked to design a new architecture for the ingestion of the data of the 200,000 vehicles that are connected to a cellular network. You want to follow Google-recommended practices.
Considering the technical requirements, which components should you use for the ingestion of the data?

  • A. Compute Engine with specific SSH keys
  • B. Compute Engine with project-wide SSH keys
  • C. Cloud IoT Core with public/private key pairs
  • D. Google Kubernetes Engine with an SSL Ingress

Answer: D

Explanation:
Explanation
https://cloud.google.com/solutions/iot-overview
https://cloud.google.com/iot/quotas


NEW QUESTION # 30
You are working in a highly secured environment where public Internet access from the Compute Engine VMs is not allowed. You do not yet have a VPN connection to access an on-premises file server. You need to install specific software on a Compute Engine instance. How should you install the software?

  • A. Upload the required installation files to Cloud Storage and use firewall rules to block all traffic except the IP address range for Cloud Storage. Download the files to the VM using gsutil.
  • B. Upload the required installation files to Cloud Source Repositories and use firewall rules to block all traffic except the IP address range for Cloud Source Repositories. Download the files to the VM using gsutil.
  • C. Upload the required installation files to Cloud Source Repositories. Configure the VM on a subnet with a Private Google Access subnet. Assign only an internal IP address to the VM. Download the installation files to the VM using gcloud.
  • D. Upload the required installation files to Cloud Storage. Configure the VM on a subnet with a Private Google Access subnet. Assign only an internal IP address to the VM. Download the installation files to the VM using gsutil.

Answer: A

Explanation:
Explanation/Reference:


NEW QUESTION # 31
You are designing a large distributed application with 30 microservices. Each of your distributed microservices needs to connect to a database back-end. You want to store the credentials securely. Where should you store the credentials?

  • A. In a secret management system
  • B. In the source code
  • C. In a config file that has restricted access through ACLs
  • D. In an environment variable

Answer: A

Explanation:
Reference:
https://cloud.google.com/docs/authentication/production#providing_credentials_to_your_application


NEW QUESTION # 32
You are migrating your on-premises solution to Google Cloud in several phases. You will use Cloud VPN to maintain a connection between your on-premises systems and Google Cloud until the migration is completed.
You want to make sure all your on-premises systems remain reachable during this period. How should you organize your networking in Google Cloud?

  • A. Use an IP range on Google Cloud that does not overlap with the range you use on-premises for your primary IP range and use a secondary range with the same IP range as you use on-premises
  • B. Use the same IP range on Google Cloud as you use on-premises for your primary IP range and use a secondary range that does not overlap with the range you use on-premises
  • C. Use the same IP range on Google Cloud as you use on-premises
  • D. Use an IP range on Google Cloud that does not overlap with the range you use on-premises

Answer: D


NEW QUESTION # 33
Case Study: 3 - JencoMart Case Study
Company Overview
JencoMart is a global retailer with over 10,000 stores in 16 countries. The stores carry a range of goods, such as groceries, tires, and jewelry. One of the company's core values is excellent customer service. In addition, they recently introduced an environmental policy to reduce their carbon output by 50% over the next 5 years.
Company Background
JencoMart started as a general store in 1931, and has grown into one of the world's leading brands known for great value and customer service. Over time, the company transitioned from only physical stores to a stores and online hybrid model, with 25% of sales online. Currently, JencoMart has little presence in Asia, but considers that market key for future growth.
Solution Concept
JencoMart wants to migrate several critical applications to the cloud but has not completed a technical review to determine their suitability for the cloud and the engineering required for migration. They currently host all of these applications on infrastructure that is at its end of life and is no longer supported.
Existing Technical Environment
JencoMart hosts all of its applications in 4 data centers: 3 in North American and 1 in Europe, most applications are dual-homed.
JencoMart understands the dependencies and resource usage metrics of their on-premises architecture.
Application Customer loyalty portal
LAMP (Linux, Apache, MySQL and PHP) application served from the two JencoMart-owned U.S.
data centers.
Database
* Oracle Database stores user profiles
B




* PostgreSQL database stores user credentials
-homed in US West





Authenticates all users
Compute
* 30 machines in US West Coast, each machine has:



* 20 machines in US East Coast, each machine has:
-core CPU


B HDD (RAID 1)

Storage
* Access to shared 100 TB SAN in each location
* Tape backup every week
Business Requirements
* Optimize for capacity during peak periods and value during off-peak periods
* Guarantee service availably and support
* Reduce on-premises footprint and associated financial and environmental impact.
* Move to outsourcing model to avoid large upfront costs associated with infrastructure purchase
* Expand services into Asia.
Technical Requirements
* Assess key application for cloud suitability.
* Modify application for the cloud.
* Move applications to a new infrastructure.
* Leverage managed services wherever feasible
* Sunset 20% of capacity in existing data centers
* Decrease latency in Asia
CEO Statement
JencoMart will continue to develop personal relationships with our customers as more people access the web. The future of our retail business is in the global market and the connection between online and in-store experiences. As a large global company, we also have a responsibility to the environment through 'green' initiatives and polices.
CTO Statement
The challenges of operating data centers prevents focus on key technologies critical to our long- term success. Migrating our data services to a public cloud infrastructure will allow us to focus on big data and machine learning to improve our service customers.
CFO Statement
Since its founding JencoMart has invested heavily in our data services infrastructure. However, because of changing market trends, we need to outsource our infrastructure to ensure our long- term success. This model will allow us to respond to increasing customer demand during peak and reduce costs.
For this question, refer to the JencoMart case study.
The JencoMart security team requires that all Google Cloud Platform infrastructure is deployed using a least privilege model with separation of duties for administration between production and development resources. What Google domain and project structure should you recommend?

  • A. Create two G Suite accounts to manage users: one for development/test/staging and one for production. Each account should contain one project for every application.
  • B. Create a single G Suite account to manage users with each stage of each application in its own project.
  • C. Create two G Suite accounts to manage users: one with a single project for all development applications and one with a single project for all production applications.
  • D. Create a single G Suite account to manage users with one project for the development/test/staging environment and one project for the production environment.

Answer: D

Explanation:
Note: The principle of least privilege and separation of duties are concepts that, although semantically different, are intrinsically related from the standpoint of security. The intent behind both is to prevent people from having higher privilege levels than they actually need Principle of Least Privilege: Users should only have the least amount of privileges required to

perform their job and no more. This reduces authorization exploitation by limiting access to resources such as targets, jobs, or monitoring templates for which they are not authorized.
Separation of Duties: Beyond limiting user privilege level, you also limit user duties, or the

specific jobs they can perform. No user should be given responsibility for more than one related function. This limits the ability of a user to perform a malicious action and then cover up that action.
References: https://cloud.google.com/kms/docs/separation-of-duties


NEW QUESTION # 34
Your company wants to track whether someone is present in a meeting room reserved for a scheduled meeting. There are 1000 meeting rooms across 5 offices on 3 continents. Each room is equipped with a motion sensor that reports its status every second. The data from the motion detector includes only a sensor ID and several different discrete items of information. Analysts will use this data, together with information about account owners and office locations. Which database type should you use?

  • A. NoSQL
  • B. Relational
  • C. Flat file
  • D. Blobstore

Answer: A

Explanation:
Relational databases were not designed to cope with the scale and agility challenges that face modern applications, nor were they built to take advantage of the commodity storage and processing power available today.
NoSQL fits well for:
Developers are working with applications that create massive volumes of new, rapidly changing
* data types - structured, semi-structured, unstructured and polymorphic data.
Incorrect Answers:
D: The Blobstore API allows your application to serve data objects, called blobs, that are much larger than the size allowed for objects in the Datastore service. Blobs are useful for serving large files, such as video or image files, and for allowing users to upload large data files.
References: https://www.mongodb.com/nosql-explained


NEW QUESTION # 35
You need to set up Microsoft SQL Server on GCP. Management requires that there's no downtime in case of a data center outage in any of the zones within a GCP region. What should you do?

  • A. Configure a Cloud Spanner instance with a regional instance configuration.
  • B. Set up SQL Server on Compute Engine, using Always On Availability Groups using Windows Failover Clustering. Place nodes in different subnets.
  • C. Set up SQL Server Always On Availability Groups using Windows Failover Clustering. Place nodes in different zones.
  • D. Configure a Cloud SQL instance with high availability enabled.

Answer: C

Explanation:
Explanation
https://cloud.google.com/vpc/docs/vpc


NEW QUESTION # 36
For this question, refer to the TerramEarth case study
Your development team has created a structured API to retrieve vehicle data. They want to allow third parties to develop tools for dealerships that use this vehicle event data. You want to support delegated authorization against this data. What should you do?

  • A. Build or leverage an OAuth-compatible access control system.
  • B. Restrict data access based on the source IP address of the partner systems.
  • C. Create secondary credentials for each dealer that can be given to the trusted third party.
  • D. Build SAML 2.0 SSO compatibility into your authentication system.

Answer: A

Explanation:
https://cloud.google.com/appengine/docs/flexible/go/authorizing-apps
https://cloud.google.com/docs/enterprise/best-practices-for-enterprise- organizations#delegate_application_authorization_with_oauth2


NEW QUESTION # 37
Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a
99.99% availability SLA under these conditions However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load. What should you do?

  • A. Expose the new system to a larger group of users, and increase group ' size each day until autoscale logic is tnggered on all layers. At the same time, terminate random resources on both zones.
  • B. Create synthetic random user input, replay synthetic load until autoscale logic is triggered on at least one layer, and introduce "chaos" to the system by terminating random resources on both zones.
  • C. Capture existing users input, and replay captured user load until resource utilization crosses 80%. Also, derive estimated number of users based on existing users usage of the app, and deploy enough resources to handle 200% of expected load.
  • D. Capture existing users input, and replay captured user load until autoscale is triggered on all layers. At the same time, terminate all resources in one of the zones.

Answer: D


NEW QUESTION # 38
You want your Google Kubernetes Engine cluster to automatically add or remove nodes based on CPUload.
What should you do?

  • A. Create a deployment and set the maxUnavailable and maxSurge properties. Enable autoscaling on the cluster managed instance group from the GCP Console.
  • B. Configure a HorizontalPodAutoscaler with a target CPU usage. Enable autoscaling on the managed instance group for the cluster using the gcloud command.
  • C. Create a deployment and set the maxUnavailable and maxSurge properties. Enable the Cluster Autoscaler using the gcloud command.
  • D. Configure a HorizontalPodAutoscaler with a target CPU usage. Enable the Cluster Autoscaler from the GCP Console.

Answer: B


NEW QUESTION # 39
Dress4Win has configured a new uptime check with Google Stackdriver for several of their legacy
services. The Stackdriver dashboard is not reporting the services as healthy.
What should they do?

  • A. Install the Stackdriver agent on all of the legacy web servers.
  • B. Configure their legacy web servers to allow requests that contain user-Agent HTTP header when the
    value matches GoogleStackdriverMonitoring-UptimeChecks (https://cloud.google.com/monitoring)
  • C. Configure their load balancer to pass through the User-Agent HTTP header when the value matches
    GoogleStackdriverMonitoring-UptimeChecks (https://cloud.google.com/monitoring)
  • D. In the Cloud Platform Console download the list of the uptime servers' IP addresses and create an
    inbound firewall rule

Answer: B


NEW QUESTION # 40
Your company operates nationally and plans to use GCP for multiple batch workloads, including some that are not time-critical. You also need to use GCP services that are HIPAA-certified and manage service costs.
How should you design to meet Google best practices?

  • A. Provision standard VMs to the same region to reduce cost. Disable and then discontinue use of all GCP services and APIs that are not HIPAA-compliant.
  • B. Provision standard VMs in the same region to reduce cost. Discontinue use of all GCP services and APIs that are not HIPAA-compliant.
  • C. Provisioning preemptible VMs to reduce cost. Discontinue use of all GCP services and APIs that are not HIPAA-compliant.
  • D. Provisioning preemptible VMs to reduce cost. Disable and then discontinue use of all GCP and APIs that are not HIPAA-compliant.

Answer: D


NEW QUESTION # 41
Your customer runs a web service used by e-commerce sites to offer product recommendations to users. The company has begun experimenting with a machine learning model on Google Cloud Platform to improve the quality of results.
What should the customer do to improve their model's results over time?

  • A. Export Cloud Machine Learning Engine performance metrics from Stackdriver to BigQuery, to be used to analyze the efficiency of the model.
  • B. Build a roadmap to move the machine learning model training from Cloud GPUs to Cloud TPUs, which offer better results.
  • C. Monitor Compute Engine announcements for availability of newer CPU architectures, and deploy the model to them as soon as they are available for additional performance.
  • D. Save a history of recommendations and results of the recommendations in BigQuery, to be used as training data.

Answer: D

Explanation:
Explanation
https://cloud.google.com/solutions/building-a-serverless-ml-model


NEW QUESTION # 42
Your company uses the Firewall Insights feature in the Google Network Intelligence Center. You have several firewall rules applied to Compute Engine instances. You need to evaluate the efficiency of the applied firewall ruleset. When you bring up the Firewall Insights page in the Google Cloud Console, you notice that there are no log rows to display. What should you do to troubleshoot the issue?

  • A. Enable Firewall Rules Logging for the firewall rules you want to monitor.
  • B. Verify that your user account is assigned the compute.networkAdmin Identity and Access Management (IAM) role.
  • C. Install the Google Cloud SDK, and verify that there are no Firewall logs in the command line output.
  • D. Enable Virtual Private Cloud (VPC) flow logging.

Answer: A

Explanation:
Reference: https://cloud.google.com/network-intelligence-center/docs/firewall-insights/how-to/using-firewall- insights


NEW QUESTION # 43
......

Online Questions - Valid Practice Professional-Cloud-Architect Exam Dumps Test Questions: https://www.trainingdump.com/Google/Professional-Cloud-Architect-practice-exam-dumps.html

100% Real Professional-Cloud-Architect dumps  - Brilliant Professional-Cloud-Architect Exam Questions PDF: https://drive.google.com/open?id=1FN3YrdZesRiC9iEv9oO3B9W70H1cd0pP

Related Articles

more
Go To Professional-Cloud-Architect Questions
0
0
0
0