PROFESSIONAL-CLOUD-ARCHITECT Online Practice Questions and Answers

A recent audit revealed that a new network was created in your GCP project. In this network, a GCE instance has an SSH port open to the world. You want to discover this network's origin.

What should you do?

A. Search for Create VM entry in the Stackdriver alerting console

B. Navigate to the Activity page in the Home section. Set category to Data Access and search for Create VM entry

C. In the Logging section of the console, specify GCE Network as the logging section. Search for the Create Insert entry

D. Connect to the GCE instance using project SSH keys. Identify previous logins in system logs, and match these with the project owners list

Your application needs to process credit card transactions. You want the smallest scope of Payment Card Industry (PCI) compliance without compromising the ability to analyze transactional data and trends relating to which payment methods are used.

How should you design your architecture?

A. Create a tokenizer service and store only tokenized data

B. Create separate projects that only process credit card data

C. Create separate subnetworks and isolate the components that process credit card data

D. Streamline the audit discovery phase by labeling all of the virtual machines (VMs) that process PCI data

E. Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor

As part of implementing their disaster recovery plan, your company is trying to replicate their production MySQL database from their private data center to their GCP project using a Google Cloud VPN connection. They are experiencing latency issues and a small amount of packet loss that is disrupting the replication. What should they do?

A. Configure their replication to use UDP.

B. Configure a Google Cloud Dedicated Interconnect.

C. Restore their database daily using Google Cloud SQL.

D. Add additional VPN connections and load balance them.

E. Send the replicated transaction to Google Cloud Pub/Sub.

You are using Cloud SQL as the database backend for a large CRM deployment. You want to scale as usage increases and ensure that you don't run out of storage, maintain 75% CPU usage cores, and keep replication lag below 60 seconds. What are the correct steps to meet your requirements?

A. 1. Enable automatic storage increase for the instance.

2.

Create a Stackdriver alert when CPU usage exceeds 75%, and change the instance type to reduce CPU usage.

3.

Create a Stackdriver alert for replication lag, and shard the database to reduce replication time.

B. 1. Enable automatic storage increase for the instance.

2.

Change the instance type to a 32-core machine type to keep CPU usage below 75%.

3.

Create a Stackdriver alert for replication lag, and shard the database to reduce replication time.

C. 1. Create a Stackdriver alert when storage exceeds 75%, and increase the available storage on the instance to create more space.

2.

Deploy memcached to reduce CPU load.

3.

Change the instance type to a 32-core machine type to reduce replication lag.

D. 1. Create a Stackdriver alert when storage exceeds 75%, and increase the available storage on the instance to create more space.

2.

Deploy memcached to reduce CPU load.

3.

Create a Stackdriver alert for replication lag, and change the instance type to a 32-core machine type to reduce replication lag.

Your operations team has asked you to help diagnose a performance issue in a production application that runs on Compute Engine. The application is dropping requests that reach it when under heavy load. The process list for affected instances shows a single application process that is consuming all available CPU, and autoscaling has reached the upper limit of instances. There is no abnormal load on any other related systems, including the database. You want to allow production traffic to be served again as quickly as possible. Which action should you recommend?

A. Change the autoscaling metric to agent.googleapis.com/memory/percent_used.

B. Restart the affected instances on a staggered schedule.

C. SSH to each instance and restart the application process.

D. Increase the maximum number of instances in the autoscaling group.

Your company has developed a monolithic, 3-tier application to allow external users to upload and share files. The solution cannot be easily enhanced and lacks reliability. The development team would like to re-architect the application to adopt microservices and a fully managed service approach, but they need to convince their leadership that the effort is worthwhile. Which advantage(s) should they highlight to leadership?

A. The new approach will be significantly less costly, make it easier to manage the underlying infrastructure, and automatically manage the CI/CD pipelines.

B. The monolithic solution can be converted to a container with Docker. The generated container can then be deployed into a Kubernetes cluster.

C. The new approach will make it easier to decouple infrastructure from application, develop and release new features, manage the underlying infrastructure, manage CI/CD pipelines and perform A/B testing, and scale the solution if necessary.

D. The process can be automated with Migrate for Compute Engine.

Your operations team currently stores 10 TB of data in an object storage service from a third-party provider. They want to move this data to a Cloud Storage bucket as quickly as possible, following Google-recommended practices. They want to minimize the cost of this data migration. Which approach should they use?

A. Use the gsutil mv command to move the data.

B. Use the Storage Transfer Service to move the data.

C. Download the data to a Transfer Appliance, and ship it to Google.

D. Download the data to the on-premises data center, and upload it to the Cloud Storage bucket.

Dress4Win would like to become familiar with deploying applications to the cloud by successfully deploying some applications quickly, as is. They have asked for your recommendation. What should you advise?

A. Identify self-contained applications with external dependencies as a first move to the cloud.

B. Identify enterprise applications with internal dependencies and recommend these as a first move to the cloud.

C. Suggest moving their in-house databases to the cloud and continue serving requests to on-premise applications.

D. Recommend moving their message queuing servers to the cloud and continue handling requests to on-premise applications.

For this question, refer to the TerramEarth case study. You have broken down a legacy monolithic application into a few containerized RESTful microservices. You want to run those microservices on Cloud Run. You also want to make sure the services are highly available with low latency to your customers. What should you do?

A. Deploy Cloud Run services to multiple availability zones. Create Cloud Endpoints that point to the services. Create a global HTTP(S) Load Balancing instance and attach the Cloud Endpoints to its backend.

B. Deploy Cloud Run services to multiple regions. Create serverless network endpoint groups pointing to the services. Add the serverless NEGs to a backend service that is used by a global HTTP(S) Load Balancing instance.

C. Deploy Cloud Run services to multiple regions. In Cloud DNS, create a latency-based DNS name that points to the services.

D. Deploy Cloud Run services to multiple availability zones. Create a TCP/IP global load balancer. Add the Cloud Run Endpoints to its backend service.

You are implementing Firestore for Mountkirk Games. Mountkirk Games wants to give a new game programmatic access to a legacy game's Firestore database. Access should be as restricted as possible. What should you do?

A. Create a service account (SA) in the legacy game's Google Cloud project, add a second SA in the new game's IAM page, and then give the Organization Admin role to both SAs.

B. Create a service account (SA) in the legacy game's Google Cloud project, give the SA the Organization Admin role, and then give it the Firebase Admin role in both projects.

C. Create a service account (SA) in the legacy game's Google Cloud project, add this SA in the new game's IAM page, and then give it the Firebase Admin role in both projects.

D. Create a service account (SA) in the legacy game's Google Cloud project, give it the Firebase Admin role, and then migrate the new game to the legacy game's project.