Top Tips Of Update Associate-Cloud-Engineer Exam Topics

Exam Code: Associate-Cloud-Engineer (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Google Cloud Certified - Associate Cloud Engineer
Certification Provider: Google
Free Today! Guaranteed Training- Pass Associate-Cloud-Engineer Exam.

Online Google Associate-Cloud-Engineer free dumps demo Below:

NEW QUESTION 1
Your company has a Google Cloud Platform project that uses BigQuery for data warehousing. Your data science team changes frequently and has few members. You need to allow members of this team to perform queries. You want to follow Google-recommended practices. What should you do?

  • A. 1. Create an IAM entry for each data scientist's user account.2. Assign the BigQuery jobUser role to the group.
  • B. 1. Create an IAM entry for each data scientist's user account.2. Assign the BigQuery dataViewer user role to the group.
  • C. 1. Create a dedicated Google group in Cloud Identity.2. Add each data scientist's user account to the group.3. Assign the BigQuery jobUser role to the group.
  • D. 1. Create a dedicated Google group in Cloud Identity.2. Add each data scientist's user account to the group.3. Assign the BigQuery dataViewer user role to the group.

Answer: D

NEW QUESTION 2
You have a developer laptop with the Cloud SDK installed on Ubuntu. The Cloud SDK was installed from the Google Cloud Ubuntu package repository. You want to test your application locally on your laptop with Cloud Datastore. What should you do?

  • A. Export Cloud Datastore data using gcloud datastore export.
  • B. Create a Cloud Datastore index using gcloud datastore indexes create.
  • C. Install the google-cloud-sdk-datastore-emulator component using the apt get install command.
  • D. Install the cloud-datastore-emulator component using the gcloud components install command.

Answer: D

NEW QUESTION 3
You need to create a custom IAM role for use with a GCP service. All permissions in the role must be suitable for production use. You also want to clearly share with your organization the status of the custom role. This will be the first version of the custom role. What should you do?

  • A. Use permissions in your role that use the ‘supported’ support level for role permission
  • B. Set the role stage to ALPHA while testing the role permissions.
  • C. Use permissions in your role that use the ‘supported’ support level for role permission
  • D. Set the role stage to BETA while testing the role permissions.
  • E. Use permissions in your role that use the ‘testing’ support level for role permission
  • F. Set the role stage to ALPHA while testing the role permissions.
  • G. Use permissions in your role that use the ‘testing’ support level for role permission
  • H. Set the role stage to BETA while testing the role permissions.

Answer: C

NEW QUESTION 4
Your organization has strict requirements to control access to Google Cloud projects. You need to enable your Site Reliability Engineers (SREs) to approve requests from the Google Cloud support team when an SRE opens a support case. You want to follow Google-recommended practices. What should you do?

  • A. Add your SREs to roles/iam.roleAdmin role.
  • B. Add your SREs to roles/accessapproval approver role.
  • C. Add your SREs to a group and then add this group to roles/iam roleAdmin role.
  • D. Add your SREs to a group and then add this group to roles/accessapproval approver role.

Answer: A

NEW QUESTION 5
You need to create a copy of a custom Compute Engine virtual machine (VM) to facilitate an expected increase in application traffic due to a business acquisition. What should you do?

  • A. Create a Compute Engine snapshot of your base V
  • B. Create your images from that snapshot.
  • C. Create a Compute Engine snapshot of your base V
  • D. Create your instances from that snapshot.
  • E. Create a custom Compute Engine image from a snapsho
  • F. Create your images from that image.
  • G. Create a custom Compute Engine image from a snapsho
  • H. Create your instances from that image.

Answer: D

Explanation:
A custom image belongs only to your project. To create an instance with a custom image, you must first have a custom image.

NEW QUESTION 6
You are hosting an application from Compute Engine virtual machines (VMs) in us–central1–a. You want to adjust your design to support the failure of a single Compute Engine zone, eliminate downtime, and minimize cost. What should you do?

  • A. – Create Compute Engine resources in us–central1–b.–Balance the load across both us–central1–a and us–central1–b.
  • B. – Create a Managed Instance Group and specify us–central1–a as the zone.–Configure the Health Check with a short Health Interval.
  • C. – Create an HTTP(S) Load Balancer.–Create one or more global forwarding rules to direct traffic to your VMs.
  • D. – Perform regular backups of your application.–Create a Cloud Monitoring Alert and be notified if your application becomes unavailable.–Restore from backups when notified.

Answer: C

NEW QUESTION 7
A team of data scientists infrequently needs to use a Google Kubernetes Engine (GKE) cluster that you manage. They require GPUs for some long-running, non-restartable jobs. You want to minimize cost. What should you do?

  • A. Enable node auto-provisioning on the GKE cluster.
  • B. Create a VerticalPodAutscaler for those workloads.
  • C. Create a node pool with preemptible VMs and GPUs attached to those VMs.
  • D. Create a node pool of instances with GPUs, and enable autoscaling on this node pool with a minimum size of 1.

Answer: C

NEW QUESTION 8
You need to create a new billing account and then link it with an existing Google Cloud Platform project. What should you do?

  • A. Verify that you are Project Billing Manager for the GCP projec
  • B. Update the existing project to link it to the existing billing account.
  • C. Verify that you are Project Billing Manager for the GCP projec
  • D. Create a new billing account and linkthe new billing account to the existing project.
  • E. Verify that you are Billing Administrator for the billing accoun
  • F. Create a new project and link the new project to the existing billing account.
  • G. Verify that you are Billing Administrator for the billing accoun
  • H. Update the existing project to link it to the existing billing account.

Answer: C

NEW QUESTION 9
You have a project for your App Engine application that serves a development environment. The required testing has succeeded and you want to create a new project to serve as your production environment. What should you do?

  • A. Use gcloud to create the new project, and then deploy your application to the new project.
  • B. Use gcloud to create the new project and to copy the deployed application to the new project.
  • C. Create a Deployment Manager configuration file that copies the current App Engine deployment into a new project.
  • D. Deploy your application again using gcloud and specify the project parameter with the new project name to create the new project.

Answer: C

NEW QUESTION 10
Your company uses a large number of Google Cloud services centralized in a single project. All teams have specific projects for testing and development. The DevOps team needs access to all of the production services in order to perform their job. You want to prevent Google Cloud product changes from broadening their permissions in the future. You want to follow Google-recommended practices. What should you do?

  • A. Grant all members of the DevOps team the role of Project Editor on the organization level.
  • B. Grant all members of the DevOps team the role of Project Editor on the production project.
  • C. Create a custom role that combines the required permission
  • D. Grant the DevOps team the custom role on the production project.
  • E. Create a custom role that combines the required permission
  • F. Grant the DevOps team the custom role on the organization level.

Answer: A

NEW QUESTION 11
A colleague handed over a Google Cloud Platform project for you to maintain. As part of a security checkup, you want to review who has been granted the Project Owner role. What should you do?

  • A. In the console, validate which SSH keys have been stored as project-wide keys.
  • B. Navigate to Identity-Aware Proxy and check the permissions for these resources.
  • C. Enable Audit Logs on the IAM & admin page for all resources, and validate the results.
  • D. Use the command gcloud projects get–iam–policy to view the current role assignments.

Answer: B

NEW QUESTION 12
You are building a product on top of Google Kubernetes Engine (GKE). You have a single GKE cluster. For each of your customers, a Pod is running in that cluster, and your customers can run arbitrary code inside their Pod. You want to maximize the isolation between your customers’ Pods. What should you do?

  • A. Use Binary Authorization and whitelist only the container images used by your customers’ Pods.
  • B. Use the Container Analysis API to detect vulnerabilities in the containers used by your customers’ Pods.
  • C. Create a GKE node pool with a sandbox type configured to gviso
  • D. Add the parameter runtimeClassName: gvisor to the specification of your customers’ Pods.
  • E. Use the cos_containerd image for your GKE node
  • F. Add a nodeSelector with the value cloud.google.com/gke-os-distribution: cos_containerd to the specification of your customers’ Pods.

Answer: C

NEW QUESTION 13
An employee was terminated, but their access to Google Cloud Platform (GCP) was not removed until 2 weeks later. You need to find out this employee accessed any sensitive customer information after their termination. What should you do?

  • A. View System Event Logs in Stackdrive
  • B. Search for the user’s email as the principal.
  • C. View System Event Logs in Stackdrive
  • D. Search for the service account associated with the user.
  • E. View Data Access audit logs in Stackdrive
  • F. Search for the user’s email as the principal.
  • G. View the Admin Activity log in Stackdrive
  • H. Search for the service account associated with the user.

Answer: B

NEW QUESTION 14
You need to run an important query in BigQuery but expect it to return a lot of records. You want to find out how much it will cost to run the query. You are using on-demand pricing. What should you do?

  • A. Arrange to switch to Flat-Rate pricing for this query, then move back to on-demand.
  • B. Use the command line to run a dry run query to estimate the number of bytes rea
  • C. Then convert that bytes estimate to dollars using the Pricing Calculator.
  • D. Use the command line to run a dry run query to estimate the number of bytes returne
  • E. Then convert that bytes estimate to dollars using the Pricing Calculator.
  • F. Run a select count (*) to get an idea of how many records your query will look throug
  • G. Then convert that number of rows to dollars using the Pricing Calculator.

Answer: B

NEW QUESTION 15
You have an application running in Google Kubernetes Engine (GKE) with cluster autoscaling enabled. The application exposes a TCP endpoint. There are several replicas of this application. You have a Compute Engine instance in the same region, but in another Virtual Private Cloud (VPC), called gce-network, that has no overlapping IP ranges with the first VPC. This instance needs to connect to the application on GKE. You want to minimize effort. What should you do?

  • A. 1. In GKE, create a Service of type LoadBalancer that uses the application's Pods as backend.2. Set the service's externalTrafficPolicy to Cluster.3. Configure the Compute Engine instance to use the address of the load balancer that has been created.
  • B. 1. In GKE, create a Service of type NodePort that uses the application's Pods as backend.2. Create a Compute Engine instance called proxy with 2 network interfaces, one in each VPC.3. Use iptables on this instance to forward traffic from gce-network to the GKE nodes.4. Configure the Compute Engine instance to use the address of proxy in gce-network as endpoint.
  • C. 1. In GKE, create a Service of type LoadBalancer that uses the application's Pods as backend.2. Add an annotation to this service: cloud.google.com/load-balancer-type: Internal3. Peer the two VPCs together.4. Configure the Compute Engine instance to use the address of the load balancer that has been created.
  • D. 1. In GKE, create a Service of type LoadBalancer that uses the application's Pods as backend.2. Add a Cloud Armor Security Policy to the load balancer that whitelists the internal IPs of the MIG's instances.3. Configure the Compute Engine instance to use the address of the load balancer that has been created.

Answer: A

NEW QUESTION 16
You need to set up a policy so that videos stored in a specific Cloud Storage Regional bucket are moved to Coldline after 90 days, and then deleted after one year from their creation. How should you set up the policy?

  • A. Use Cloud Storage Object Lifecycle Management using Age conditions with SetStorageClass andDelete action
  • B. Set the SetStorageClass action to 90 days and the Delete action to 275 days (365 – 90)
  • C. Use Cloud Storage Object Lifecycle Management using Age conditions with SetStorageClass and Delete action
  • D. Set the SetStorageClass action to 90 days and the Delete action to 365 days.
  • E. Use gsutil rewrite and set the Delete action to 275 days (365-90).
  • F. Use gsutil rewrite and set the Delete action to 365 days.

Answer: A

NEW QUESTION 17
You are configuring service accounts for an application that spans multiple projects. Virtual machines (VMs) running in the web-applications project need access to BigQuery datasets in crm-databases-proj. You want to follow Google-recommended practices to give access to the service account in the web-applications project. What should you do?

  • A. Give “project owner” for web-applications appropriate roles to crm-databases- proj
  • B. Give “project owner” role to crm-databases-proj and the web-applications project.
  • C. Give “project owner” role to crm-databases-proj and bigquery.dataViewer role to web-applications.
  • D. Give bigquery.dataViewer role to crm-databases-proj and appropriate roles to web-applications.

Answer: D

NEW QUESTION 18
You have been asked to set up Object Lifecycle Management for objects stored in storage buckets. The objects are written once and accessed frequently for 30 days. After 30 days, the objects are not read again unless there is a special need. The object should be kept for three years, and you need to minimize cost. What should you do?

  • A. Set up a policy that uses Nearline storage for 30 days and then moves to Archive storage for three years.
  • B. Set up a policy that uses Standard storage for 30 days and then moves to Archive storage for three years.
  • C. Set up a policy that uses Nearline storage for 30 days, then moves the Coldline for one year, and then moves to Archive storage for two years.
  • D. Set up a policy that uses Standard storage for 30 days, then moves to Coldline for one year, and then moves to Archive storage for two years.

Answer: A

NEW QUESTION 19
......

100% Valid and Newest Version Associate-Cloud-Engineer Questions & Answers shared by Surepassexam, Get Full Dumps HERE: https://www.surepassexam.com/Associate-Cloud-Engineer-exam-dumps.html (New 190 Q&As)