• Home
  • Blogs
  • 2022 The Most Effective Professional-Cloud-Architect with 262 Questions Answers [Q57-Q72]

2022 The Most Effective Professional-Cloud-Architect with 262 Questions Answers [Q57-Q72]

Share

2022 The Most Effective Professional-Cloud-Architect with 262 Questions Answers

Try Free and Start Using Realistic Verified Professional-Cloud-Architect Dumps Instantly.


Then, candidates can use different books, like the following:

  • The Ultimate Guide for Beginners [Google Cloud Platform] by Adney Ainsley
  • Google Cloud Certified Professional Cloud Architect (3rd Edition) by Soumen Chatterjee
  • Professional Cloud Architect – Google Cloud Certification Guide written by Konrad Clapa & Brian Gerrard

All of them are available on Amazon and throw light on major Google Cloud concepts. They allow one to not just learn all the topics but also understand how to solve real-world tasks related to the implementation of GCP. Various scenarios explained and questions for self-assessment are included too.

To familiarize the applicants with daily issues the professionals face in the workplace, the vendor has provided some detailed case studies to refer to. These relate to Mountkirk Games, Dress4Win, and TerramEarth. Finally, one can join an on-demand webinar “Architecting Hybrid Cloud Infrastructure with Anthos” that provides valuable exam tips.

 

NEW QUESTION 57
Case Study: 5 - Dress4win
Company Overview
Dress4win is a web-based company that helps their users organize and manage their personal wardrobe using a website and mobile application. The company also cultivates an active social network that connects their users with designers and retailers. They monetize their services through advertising, e-commerce, referrals, and a freemium app model. The application has grown from a few servers in the founder's garage to several hundred servers and appliances in a collocated data center. However, the capacity of their infrastructure is now insufficient for the application's rapid growth. Because of this growth and the company's desire to innovate faster.
Dress4Win is committing to a full migration to a public cloud.
Solution Concept
For the first phase of their migration to the cloud, Dress4win is moving their development and test environments. They are also building a disaster recovery site, because their current infrastructure is at a single location. They are not sure which components of their architecture they can migrate as is and which components they need to change before migrating them.
Existing Technical Environment
The Dress4win application is served out of a single data center location. All servers run Ubuntu LTS v16.04.
Databases:
MySQL. 1 server for user data, inventory, static data:
* - MySQL 5.8
- 8 core CPUs
- 128 GB of RAM
- 2x 5 TB HDD (RAID 1)
Redis 3 server cluster for metadata, social graph, caching. Each server is:
* - Redis 3.2
- 4 core CPUs
- 32GB of RAM
Compute:
40 Web Application servers providing micro-services based APIs and static content.
* - Tomcat - Java
- Nginx
- 4 core CPUs
- 32 GB of RAM
20 Apache Hadoop/Spark servers:
* - Data analysis
- Real-time trending calculations
- 8 core CPUS
- 128 GB of RAM
- 4x 5 TB HDD (RAID 1)
3 RabbitMQ servers for messaging, social notifications, and events:
* - 8 core CPUs
- 32GB of RAM
Miscellaneous servers:
* - Jenkins, monitoring, bastion hosts, security scanners
- 8 core CPUs
- 32GB of RAM
Storage appliances:
iSCSI for VM hosts
* Fiber channel SAN - MySQL databases
* - 1 PB total storage; 400 TB available
NAS - image storage, logs, backups
* - 100 TB total storage; 35 TB available
Business Requirements
Build a reliable and reproducible environment with scaled parity of production.
* Improve security by defining and adhering to a set of security and Identity and Access
* Management (IAM) best practices for cloud.
Improve business agility and speed of innovation through rapid provisioning of new resources.
* Analyze and optimize architecture for performance in the cloud.
* Technical Requirements
Easily create non-production environment in the cloud.
* Implement an automation framework for provisioning resources in cloud.
* Implement a continuous deployment process for deploying applications to the on-premises
* datacenter or cloud.
Support failover of the production environment to cloud during an emergency.
* Encrypt data on the wire and at rest.
* Support multiple private connections between the production data center and cloud
* environment.
Executive Statement
Our investors are concerned about our ability to scale and contain costs with our current infrastructure. They are also concerned that a competitor could use a public cloud platform to offset their up-front investment and free them to focus on developing better features. Our traffic patterns are highest in the mornings and weekend evenings; during other times, 80% of our capacity is sitting idle.
Our capital expenditure is now exceeding our quarterly projections. Migrating to the cloud will likely cause an initial increase in spending, but we expect to fully transition before our next hardware refresh cycle. Our total cost of ownership (TCO) analysis over the next 5 years for a public cloud strategy achieves a cost reduction between 30% and 50% over our current model.
For this question, refer to the Dress4Win case study. You are responsible for the security of data stored in Cloud Storage for your company, Dress4Win. You have already created a set of Google Groups and assigned the appropriate users to those groups. You should use Google best practices and implement the simplest design to meet the requirements.
Considering Dress4Win's business and technical requirements, what should you do?

  • A. Assign custom IAM roles to the Google Groups you created in order to enforce security requirements.
    Encrypt data with a customer-supplied encryption key when storing files in Cloud Storage.
  • B. Assign predefined IAM roles to the Google Groups you created in order to enforce security requirements. Utilize Google's default encryption at rest when storing files in Cloud Storage.
  • C. Assign predefined IAM roles to the Google Groups you created in order to enforce security requirements. Ensure that the default Cloud KMS key is set before storing files in Cloud Storage.
  • D. Assign custom IAM roles to the Google Groups you created in order to enforce security requirements.
    Enable default storage encryption before storing files in Cloud Storage.

Answer: A

 

NEW QUESTION 58
For this question, refer to the TerramEarth case study. Considering the technical requirements, how should
you reduce the unplanned vehicle downtime in GCP?

  • A. Use BigQuery as the data warehouse. Connect all vehicles to the network and stream data into
    BigQuery using Cloud Pub/Sub and Cloud Dataflow. Use Google Data Studio for analysis and
    reporting.
  • B. Use BigQuery as the data warehouse. Connect all vehicles to the network and upload gzip files to a
    Multi-Regional Cloud Storage bucket using gcloud. Use Google Data Studio for analysis and reporting.
  • C. Use Cloud Dataproc Hive as the data warehouse. Directly stream data into prtitioned Hive tables. Use
    Pig scripts to analyze data.
  • D. Use Cloud Dataproc Hive as the data warehouse. Upload gzip files to a MultiRegional Cloud Storage
    bucket. Upload this data into BigQuery using gcloud. Use Google data Studio for analysis and
    reporting.

Answer: A

 

NEW QUESTION 59
You have an application deployed on Kubernetes Engine using a Deployment named echo-deployment. The deployment is exposed using a Service called echo-service. You need to perform an update to the application with minimal downtime to the application. What should you do?

  • A. Update the service yaml file which the new container image. Use kubectl delete service/echoservice and kubectl create -f <yaml-file>
  • B. Use the rolling update functionality of the Instance Group behind the Kubernetes cluster
  • C. Use kubectl set image deployment/echo-deployment <new-image>
  • D. Update the deployment yaml file with the new container image. Use kubectl delete deployment/ echo-deployment and kubectl create -f <yaml-file>

Answer: B

Explanation:
Reference: https://cloud.google.com/kubernetes-engine/docs/how-to/updating-apps

 

NEW QUESTION 60
For this question, refer to the Mountkirk Games case study.
Mountkirk Games wants to set up a real-time analytics platform for their new game. The new platform must meet their technical requirements. Which combination of Google technologies will meet all of their requirements?

  • A. Container Engine, Cloud Pub/Sub, and Cloud SQL
  • B. Cloud Dataflow, Cloud Storage, Cloud Pub/Sub, and BigQuery
  • C. Cloud Pub/Sub, Compute Engine, Cloud Storage, and Cloud Dataproc
  • D. Cloud SQL, Cloud Storage, Cloud Pub/Sub, and Cloud Dataflow
  • E. Cloud Dataproc, Cloud Pub/Sub, Cloud SQL, and Cloud Dataflow

Answer: B

 

NEW QUESTION 61
You need to develop procedures to test a disaster plan for a mission-critical application. You want to use Google-recommended practices and native capabilities within GCP.
What should you do?

  • A. Use gcloud scripts to automate service provisioning. Use Activity Logs monitor and debug your tests.
  • B. Use Deployment Manager to automate service provisioning. Use Activity Logs to monitor and debug your tests.
  • C. Use gcloud scripts to automate service provisioning. Use Stackdriver to monitor and debug your tests.
  • D. Use Deployment Manager to automate provisioning. Use Stackdriver to monitor and debug your tests.

Answer: B

 

NEW QUESTION 62
You are using Cloud CDN to deliver static HTTP(S) website content hosted on a Compute Engine instance group. You want to improve the cache hit ratio.
What should you do?

  • A. Make sure the HTTP(S) header "Cache-Region" points to the closest region of your users.
  • B. Shorten the expiration time of the cached objects.
  • C. Customize the cache keys to omit the protocol from the key.
  • D. Replicate the static content in a Cloud Storage bucket. Point CloudCDN toward a load balancer on that bucket.

Answer: C

Explanation:
https://cloud.google.com/cdn/docs/best-
practices#using_custom_cache_keys_to_improve_cache_hit_ratio

 

NEW QUESTION 63
All compute Engine instances in your VPC should be able to connect to an Active Directory server on specific ports. Any other traffic emerging from your instances is not allowed. You want to enforce this using VPC firewall rules.
How should you configure the firewall rules?

  • A. Create an egress rule with priority 1000 to deny all traffic for all instances. Create another egress rule with priority 100 to allow the Active Directory traffic for all instances.
  • B. Create an egress rule with priority 100 to allow the Active Directory traffic. Rely on the implied deny egress rule with priority 1000 to block all traffic for all instances.
  • C. Create an egress rule with priority 100 to deny all traffic for all instances. Create another egress rule with priority 1000 to allow the Active Directory traffic for all instances.
  • D. Create an egress rule with priority 1000 to allow the Active Directory traffic. Rely on the implied deny egress rule with priority 100 to block all traffic for all instances.

Answer: C

Explanation:
https://cloud.google.com/vpc/docs/firewalls

 

NEW QUESTION 64
For this question, refer to the TerramEarth case study
Your development team has created a structured API to retrieve vehicle data. They want to allow third parties to develop tools for dealerships that use this vehicle event data. You want to support delegated authorization against this data. What should you do?

  • A. Build SAML 2.0 SSO compatibility into your authentication system.
  • B. Restrict data access based on the source IP address of the partner systems.
  • C. Build or leverage an OAuth-compatible access control system.
  • D. Create secondary credentials for each dealer that can be given to the trusted third party.

Answer: C

Explanation:
Explanation
https://cloud.google.com/appengine/docs/flexible/go/authorizing-apps
https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#delegate_application_autho Delegate application authorization with OAuth2 Cloud Platform APIs support OAuth 2.0, and scopes provide granular authorization over the methods that are supported. Cloud Platform supports both service-account and user-account OAuth, also called three-legged OAuth.
References:
https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#delegate_application_autho
https://cloud.google.com/appengine/docs/flexible/go/authorizing-apps

 

NEW QUESTION 65
Your company has multiple on-premises systems that serve as sources for reporting. The data has not been maintained well and has become degraded over time. You want to use Google-recommended practices to detect anomalies in your company dat a. What should you do?

  • A. Connect Cloud Datalab to your on-premises systems. Use Cloud Datalab to explore and clean your data.
  • B. Upload your files into Cloud Storage. Use Cloud Dataprep to explore and clean your data.
  • C. Upload your files into Cloud Storage. Use Cloud Datalab to explore and clean your data.
  • D. Connect Cloud Dataprep to your on-premises systems. Use Cloud Dataprep to explore and clean your

Answer: B

Explanation:
data.
Explanation:
https://cloud.google.com/dataprep/

 

NEW QUESTION 66
Your applications will be writing their logs to BigQuery for analysis. Each application should have its own table.
Any logs older than 45 days should be removed. You want to optimize storage and follow Google recommended practices. What should you do?

  • A. Make the tables time-partitioned, and configure the partition expiration at 45 days
  • B. Rely on BigQuery's default behavior to prune application logs older than 45 days
  • C. Create a script that uses the BigQuery command line tool (bq) to remove records older than 45 days
  • D. Configure the expiration time for your tables at 45 days

Answer: A

Explanation:
Reference:
https://cloud.google.com/bigquery/docs/managing-partitioned-tables

 

NEW QUESTION 67
For this question, refer to the TerramEarth case study. To be compliant with European GDPR regulation, TerramEarth is required to delete data generated from its European customers after a period of 36 months when it contains personal data. In the new architecture, this data will be stored in both Cloud Storage and BigQuery. What should you do?

  • A. Create a BigQuery time-partitioned table for the European data, and set the partition period to 36 months. For Cloud Storage, use gsutil to create a SetStorageClass to NONE action with an Age condition of 36 months.
  • B. Create a BigQuery table for the European data, and set the table retention period to 36 months. For Cloud Storage, use gsutil to create a SetStorageClass to NONE action when with an Age condition of 36 months.
  • C. Create a BigQuery table for the European data, and set the table retention period to 36 months. For Cloud Storage, use gsutil to enable lifecycle management using a DELETE action with an Age condition of 36 months.
  • D. Create a BigQuery time-partitioned table for the European data, and set the partition expiration period to
    36 months. For Cloud Storage, use gsutil to enable lifecycle management using a DELETE action with an Age condition of 36 months.

Answer: D

 

NEW QUESTION 68
For this question, refer to the TerramEarth case study. You are asked to design a new architecture for the ingestion of the data of the 200,000 vehicles that are connected to a cellular network. You want to follow Google-recommended practices.
Considering the technical requirements, which components should you use for the ingestion of the data?

  • A. Cloud IoT Core with public/private key pairs
  • B. Compute Engine with project-wide SSH keys
  • C. Google Kubernetes Engine with an SSL Ingress
  • D. Compute Engine with specific SSH keys

Answer: A

Explanation:
Explanation
https://cloud.google.com/solutions/iot-overview

 

NEW QUESTION 69
You are running a cluster on Kubernetes Engine to serve a web application. Users are reporting that a
specific part of the application is not responding anymore. You notice that all pods of your deployment
keep restarting after 2 seconds. The application writes logs to standard output. You want to inspect the
logs to find the cause of the issue. Which approach can you take?

  • A. Review the Stackdriver logs for the specific Kubernetes Engine container that is serving the
    unresponsive part of the application.
  • B. Review the Serial Port logs for each Compute Engine instance that is serving as a node in the cluster.
  • C. Connect to the cluster using gcloud credentials and connect to a container in one of the pods to read
    the logs.
  • D. Review the Stackdriver logs for each Compute Engine instance that is serving as a node in the cluster.

Answer: C

 

NEW QUESTION 70
Your application needs to process credit card transactions. You want the smallest scope of Payment Card Industry (PCI) compliance without compromising the ability to analyze transactional data and trends relating to which payment methods are used.
How should you design your architecture?

  • A. Streamline the audit discovery phase by labeling all of the virtual machines (VMs) that process PCI data
  • B. Create a tokenizer service and store only tokenized data
  • C. Create separate subnetworks and isolate the components that process credit card data
  • D. Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor
  • E. Create separate projects that only process credit card data

Answer: B

Explanation:
Explanation
Explanation/Reference:
https://www.sans.org/reading-room/whitepapers/compliance/ways-reduce-pci-dss-audit-scope-tokenizing- cardholder-data-33194

 

NEW QUESTION 71
Your company is designing its data lake on Google Cloud and wants to develop different ingestion pipelines to collect unstructured data from different sources. After the data is stored in Google Cloud, it will be processed in several data pipelines to build a recommendation engine for end users on the website. The structure of the data retrieved from the source systems can change at any time. The data must be stored exactly as it was retrieved for reprocessing purposes in case the data structure is incompatible with the current processing pipelines. You need to design an architecture to support the use case after you retrieve the dat a. What should you do?

  • A. Store the data in a BigQuery table. Design the processing pipelines to retrieve the data from the table.
  • B. Store the data in a Cloud Storage bucket. Design the processing pipelines to retrieve the data from the bucket
  • C. Send the data through the processing pipeline, and then store the processed data in a Cloud Storage bucket for reprocessing.
  • D. Send the data through the processing pipeline, and then store the processed data in a BigQuery table for reprocessing.

Answer: B

 

NEW QUESTION 72
......


Professionals willing to become a part of Google and excel at every career front can make this happen if they earn the Google Professional Cloud Architect certification. Passing its associated exam is the easiest way to leverage their abilities in Google Cloud Technologies and cement feet in the industry.

 

Download Free Latest Exam Professional-Cloud-Architect Certified Sample Questions: https://simplilearn.lead1pass.com/Google/Professional-Cloud-Architect-practice-exam-dumps.html

Related Blogs

more
Google Professional-Cloud-Architect Certification Practice Exam