Question #220
During a recent audit of your existing Google Cloud resources, you discovered several users with email addresses outside of your Google Workspace domain. You want to ensure that your resources are only shared with users whose email addresses match your domain. You need to remove any mismatched users, and you want to avoid having to audit your resources to identify mismatched users. What should you do?
- A. Create a Cloud Scheduler task to regularly scan your projects and delete mismatched users.
- B. Create a Cloud Scheduler task to regularly scan your resources and delete mismatched users.
- C. Set an organizational policy constraint to limit identities by domain to automatically remove mismatched users.
- D. Set an organizational policy constraint to limit identities by domain, and then retroactively remove the existing mismatched users
Correct Answer: B
Community vote distribution
D (100%)
Question #221
Your application is running on Google Cloud in a managed instance group (MIG). You see errors in Cloud Logging for one VM that one of the processes is not responsive. You want to replace this VM in the MIG quickly. What should you do?
- A. Use the gcloud compute instances update command with a REFRESH action for the VM.
- B. Use the gcloud compute instance-groups managed recreate-instances command to recreate the VM.
- C. Select the MIG from the Compute Engine console and, in the menu, select Replace VMs.
- D. Update and apply the instance template of the MIG.
Correct Answer: D
Community vote distribution
B (88%)
13%
Question #222
You want to permanently delete a Pub/Sub topic managed by Config Connector in your Google Cloud project. What should you do?
- A. Use kubectl to create the label deleted-by-cnrm and to change its value to true for the topic resource.
- B. Use kubectl to delete the topic resource.
- C. Use gcloud CLI to delete the topic.
- D. Use gcloud CLI to update the topic label managed-by-cnrm to false.
Correct Answer: D
Community vote distribution
B (89%)
11%
Question #223
Your company is using Google Workspace to manage employee accounts. Anticipated growth will increase the number of personnel from 100 employees to 1,000 employees within 2 years. Most employees will need access to your company’s Google Cloud account. The systems and processes will need to support 10x growth without performance degradation, unnecessary complexity, or security issues. What should you do?
- A. Migrate the users to Active Directory. Connect the Human Resources system to Active Directory. Turn on Google Cloud Directory Sync (GCDS) for Cloud Identity. Turn on Identity Federation from Cloud Identity to Active Directory.
- B. Organize the users in Cloud Identity into groups. Enforce multi-factor authentication in Cloud Identity.
- C. Turn on identity federation between Cloud Identity and Google Workspace. Enforce multi-factor authentication for domain wide delegation.
- D. Use a third-party identity provider service through federation. Synchronize the users from Google Workplace to the third-party provider in real time.
Correct Answer: C
Community vote distribution
C (55%)
B (27%)
A (18%)
Question #224
You want to host your video encoding software on Compute Engine. Your user base is growing rapidly, and users need to be able to encode their videos at any time without interruption or CPU limitations. You must ensure that your encoding solution is highly available, and you want to follow Google-recommended practices to automate operations. What should you do?
- A. Deploy your solution on multiple standalone Compute Engine instances, and increase the number of existing instances when CPU utilization on Cloud Monitoring reaches a certain threshold.
- B. Deploy your solution on multiple standalone Compute Engine instances, and replace existing instances with high-CPU instances when CPU utilization on Cloud Monitoring reaches a certain threshold.
- C. Deploy your solution to an instance group, and increase the number of available instances whenever you see high CPU utilization in Cloud Monitoring.
- D. Deploy your solution to an instance group, and set the autoscaling based on CPU utilization.
Correct Answer: A
Community vote distribution
D (100%)
Question #225
Your managed instance group raised an alert stating that new instance creation has failed to create new instances. You need to solve the instance creation problem. What should you do?
- A. Create an instance template that contains valid syntax which will be used by the instance group. Delete any persistent disks with the same name as instance names.
- B. Create an instance template that contains valid syntax that will be used by the instance group. Verify that the instance name and persistent disk name values are not the same in the template.
- C. Verify that the instance template being used by the instance group contains valid syntax. Delete any persistent disks with the same name as instance names. Set the disks.autoDelete property to true in the instance template.
- D. Delete the current instance template and replace it with a new instance template. Verify that the instance name and persistent disk name values are not the same in the template. Set the disks.autoDelete property to true in the instance template.
Correct Answer: A
Community vote distribution
A (75%)
C (25%)
Question #226
You have created an application that is packaged into a Docker image. You want to deploy the Docker image as a workload on Google Kubernetes Engine. What should you do?
- A. Upload the image to Cloud Storage and create a Kubernetes Service referencing the image.
- B. Upload the image to Cloud Storage and create a Kubernetes Deployment referencing the image.
- C. Upload the image to Artifact Registry and create a Kubernetes Service referencing the image.
- D. Upload the image to Artifact Registry and create a Kubernetes Deployment referencing the image.
Correct Answer: D
Community vote distribution
D (100%)
Question #227
You are using Looker Studio to visualize a table from your data warehouse that is built on top of BigQuery. Data is appended to the data warehouse during the day. At night, the daily summary is recalculated by overwriting the table. You just noticed that the charts in Looker Studio are broken, and you want to analyze the problem. What should you do?
- A. In Cloud Logging, create a filter for your Looker Studio report.
- B. Use the open source CLI tool, Snapshot Debugger, to find out why the data was not refreshed correctly.
- C. Review the Error Reporting page in the Google Cloud console to find any errors.
- D. Use the BigQuery interface to review the nightly job and look for any errors.
Correct Answer: A
Community vote distribution
D (100%)
Question #228
You have a batch workload that runs every night and uses a large number of virtual machines (VMs). It is fault-tolerant and can tolerate some of the VMs being terminated. The current cost of VMs is too high. What should you do?
- A. Run a test using simulated maintenance events. If the test is successful, use Spot N2 Standard VMs when running future jobs.
- B. Run a test using simulated maintenance events. If the test is successful, use N2 Standard VMs when running future jobs.
- C. Run a test using a managed instance group. If the test is successful, use N2 Standard VMs in the managed instance group when running future jobs.
- D. Run a test using N1 standard VMs instead of N2. If the test is successful, use N1 Standard VMs when running future jobs.
Correct Answer: D
Community vote distribution
A (100%)
Question #229
You created several resources in multiple Google Cloud projects. All projects are linked to different billing accounts. To better estimate future charges, you want to have a single visual representation of all costs incurred. You want to include new cost data as soon as possible. What should you do?
- A. Fill all resources in the Pricing Calculator to get an estimate of the monthly cost.
- B. Use the Reports view in the Cloud Billing Console to view the desired cost information.
- C. Visit the Cost Table page to get a CSV export and visualize it using Looker Studio.
- D. Configure Billing Data Export to BigQuery and visualize the data in Looker Studio.
Correct Answer: D
Community vote distribution
D (100%)
Question #230
Your company has a large quantity of unstructured data in different file formats. You want to perform ETL transformations on the data. You need to make the data accessible on Google Cloud so it can be processed by a Dataflow job. What should you do?
- A. Upload the data to BigQuery using the bq command line tool.
- B. Upload the data to Cloud Storage using the gcloud storage command.
- C. Upload the data into Cloud SQL using the import function in the Google Cloud console.
- D. Upload the data into Cloud Spanner using the import function in the Google Cloud console.
Correct Answer: B
Community vote distribution
B (100%)
Question #231
You have deployed an application on a single Compute Engine instance. The application writes logs to disk. Users start reporting errors with the application. You want to diagnose the problem. What should you do?
- A. Navigate to Cloud Logging and view the application logs.
- B. Configure a health check on the instance and set a “consecutive successes” Healthy threshold value of 1.
- C. Connect to the instance’s serial console and read the application logs.
- D. Install and configure the Ops agent and view the logs from Cloud Logging.
Correct Answer: D
Community vote distribution
D (90%)
Question #232
You recently received a new Google Cloud project with an attached billing account where you will work. You need to create instances, set firewalls, and store data in Cloud Storage. You want to follow Google-recommended practices. What should you do?
- A. Use the gcloud CLI services enable cloudresourcemanager.googleapis.com command to enable all resources.
- B. Use the gcloud services enable compute.googleapis.com command to enable Compute Engine and the gcloud services enable storage-api.googleapis.com command to enable the Cloud Storage APIs.
- C. Open the Google Cloud console and enable all Google Cloud APIs from the API dashboard.
- D. Open the Google Cloud console and run gcloud init –project in a Cloud Shell.
Correct Answer: B
Community vote distribution
B (100%)
Question #233
Your application development team has created Docker images for an application that will be deployed on Google Cloud. Your team does not want to manage the infrastructure associated with this application. You need to ensure that the application can scale automatically as it gains popularity. What should you do?
- A. Create an instance template with the container image, and deploy a Managed Instance Group with Autoscaling.
- B. Upload Docker images to Artifact Registry, and deploy the application on Google Kubernetes Engine using Standard mode.
- C. Upload Docker images to the Cloud Storage, and deploy the application on Google Kubernetes Engine using Standard mode.
- D. Upload Docker images to Artifact Registry, and deploy the application on Cloud Run.
Correct Answer: B
Community vote distribution
D (100%)
Question #234
You are migrating a business critical application from your local data center into Google Cloud. As part of your high-availability strategy, you want to ensure that any data used by the application will be immediately available if a zonal failure occurs. What should you do?
- A. Store the application data on a zonal persistent disk. Create a snapshot schedule for the disk. If an outage occurs, create a new disk from the most recent snapshot and attach it to a new VM in another zone.
- B. Store the application data on a zonal persistent disk. If an outage occurs, create an instance in another zone with this disk attached.
- C. Store the application data on a regional persistent disk. Create a snapshot schedule for the disk. If an outage occurs, create a new disk from the most recent snapshot and attach it to a new VM in another zone.
- D. Store the application data on a regional persistent disk. If an outage occurs, create an instance in another zone with this disk attached.
Correct Answer: A
Community vote distribution
D (77%)
C (23%)
Question #235
The DevOps group in your organization needs full control of Compute Engine resources in your development project. However, they should not have permission to create or update any other resources in the project. You want to follow Google’s recommendations for setting permissions for the DevOps group. What should you do?
- A. Grant the basic role roles/viewer and the predefined role roles/compute.admin to the DevOps group.
- B. Create an IAM policy and grant all compute.instanceAdmin.* permissions to the policy. Attach the policy to the DevOps group.
- C. Create a custom role at the folder level and grant all compute.instanceAdmin.* permissions to the role. Grant the custom role to the DevOps group.
- D. Grant the basic role roles/editor to the DevOps group.
Correct Answer: B
Community vote distribution
A (47%)
B (32%)
C (21%)