Practice Free Associate Cloud Engineer Exam Online Questions
Question #71
You are developing a financial trading application that will be used globally. Data is stored and queried using a relational structure, and clients from all over the world should get the exact identical state of the data. The application will be deployed in multiple regions to provide the lowest latency to end users. You need to select a storage option for the application data while minimizing latency.
What should you do?
- A . Use Cloud Bigtable for data storage.
- B . Use Cloud SQL for data storage.
- C . Use Cloud Spanner for data storage.
- D . Use Firestore for data storage.
Correct Answer: C
C
Explanation:
Keywords, Financial data (large data) used globally, data stored and queried using relational structure (SQL), clients should get exact identical copies (Strong Consistency), Multiple region, low latency to end user, select storage option to minimize latency.
C
Explanation:
Keywords, Financial data (large data) used globally, data stored and queried using relational structure (SQL), clients should get exact identical copies (Strong Consistency), Multiple region, low latency to end user, select storage option to minimize latency.
Question #72
Your company uses BigQuery to store and analyze data. Upon submitting your query in BigQuery, the query fails with a quotaExceeded error. You need to diagnose the issue causing the error.
What should you do? Choose 2 answers
- A . Search errors in Cloud Audit Logs to analyze the issue.
- B . Configure Cloud Trace to analyze the issue.
- C . View errors in Cloud Monitoring to analyze the issue.
- D . Use the information schema views to analyze the underlying issue.
- E . Use BigQuery Bl Engine to analyze the issue.
Correct Answer: AC
AC
Explanation:
When encountering a quotaExceeded error in BigQuery, you should follow these steps to diagnose
and mitigate the issue:
Understand the Error:
The error message indicates that a quota was exceeded (either a short-term rate limit or a longer-term limit).
The response payload contains information about which quota was reached.
Quotas can fall into two categories:
rateLimitExceeded: Short-term limits. Retry the operation after a few seconds using exponential backoff.
quotaExceeded: Longer-term limits. Wait 10 minutes or longer before retrying the operation.
Search Errors in Cloud Audit Logs (Option A):
Cloud Audit Logs provide detailed information about API requests and responses.
By searching the logs, you can identify the specific API call that triggered the quotaExceeded error.
This helps you understand which resource or operation exceeded the quota.
View Errors in Cloud Monitoring (Option C):
Cloud Monitoring (formerly known as Stackdriver) provides insights into your Google Cloud resources.
Check the monitoring dashboard for any alerts related to BigQuery quotas.
You can set up custom monitoring rules to track specific quotas and receive notifications.
Other Options:
B. Configure Cloud Trace: Cloud Trace is used for performance analysis and latency tracking. It’s not directly related to quota issues.
D. Use Information Schema Views: Information schema views provide metadata about your datasets and tables but won’t help diagnose quota errors.
E. Use BigQuery Bl Engine: There is no such tool called “BigQuery Bl Engine.” This option is invalid. Remember that some quotas replenish incrementally over a 24-hour period, so you don’t always need to wait a full 24 hours after reaching the limit. If you consistently hit longer-term quotas, consider workload optimization or requesting a quota increase
AC
Explanation:
When encountering a quotaExceeded error in BigQuery, you should follow these steps to diagnose
and mitigate the issue:
Understand the Error:
The error message indicates that a quota was exceeded (either a short-term rate limit or a longer-term limit).
The response payload contains information about which quota was reached.
Quotas can fall into two categories:
rateLimitExceeded: Short-term limits. Retry the operation after a few seconds using exponential backoff.
quotaExceeded: Longer-term limits. Wait 10 minutes or longer before retrying the operation.
Search Errors in Cloud Audit Logs (Option A):
Cloud Audit Logs provide detailed information about API requests and responses.
By searching the logs, you can identify the specific API call that triggered the quotaExceeded error.
This helps you understand which resource or operation exceeded the quota.
View Errors in Cloud Monitoring (Option C):
Cloud Monitoring (formerly known as Stackdriver) provides insights into your Google Cloud resources.
Check the monitoring dashboard for any alerts related to BigQuery quotas.
You can set up custom monitoring rules to track specific quotas and receive notifications.
Other Options:
B. Configure Cloud Trace: Cloud Trace is used for performance analysis and latency tracking. It’s not directly related to quota issues.
D. Use Information Schema Views: Information schema views provide metadata about your datasets and tables but won’t help diagnose quota errors.
E. Use BigQuery Bl Engine: There is no such tool called “BigQuery Bl Engine.” This option is invalid. Remember that some quotas replenish incrementally over a 24-hour period, so you don’t always need to wait a full 24 hours after reaching the limit. If you consistently hit longer-term quotas, consider workload optimization or requesting a quota increase
Question #73
You are deploying a web application using Compute Engine. You created a managed instance group (MIG) to host the application. You want to follow Google-recommended practices to implement a secure and highly available solution.
What should you do?
- A . Use a proxy Network Load Balancer for the MIG and an A record in your DNS private zone with the load balancer’s IP address.
- B . Use a proxy Network Load Balancer for the MIG and a CNAME record in your DNS public zone with the load balancer’s IP address.
- C . Use an Application Load Balancer for the MIG and a CNAME record in your DNS private zone with the load balancer’s IP address.
- D . Use an Application Load Balancer for the MIG and an A record in your DNS public zone with the load balancer’s IP address.
Correct Answer: D
D
Explanation:
For a web application (typically using HTTP/HTTPS), an Application Load Balancer is the recommended choice as it operates at Layer 7, providing features like content-based routing, SSL termination, and improved security. To expose the application publicly, you would need to use a public DNS zone. An A record in a public DNS zone maps a domain name to the public IP address of the Application Load Balancer. Using a CNAME record would also work but is generally recommended for aliasing one domain name to another, not directly to an IP address.
Option A & B: Network Load Balancers operate at Layer 4 (TCP/UDP) and lack the application-level features of an Application Load Balancer. Private DNS zones are for internal name resolution within your VPC, not for public access.
Option C: While an Application Load Balancer is the correct type, using a private DNS zone wouldn’t make the web application publicly accessible.
Reference to Google Cloud Certified – Associate Cloud Engineer Documents:
The best practices for load balancing web applications on Google Cloud, including the use of Application Load Balancers for Layer 7 traffic and the configuration of public DNS records (A or CNAME) for public access, are detailed in the Google Cloud Load Balancing and Cloud DNS documentation, both important for the Associate Cloud Engineer certification.
D
Explanation:
For a web application (typically using HTTP/HTTPS), an Application Load Balancer is the recommended choice as it operates at Layer 7, providing features like content-based routing, SSL termination, and improved security. To expose the application publicly, you would need to use a public DNS zone. An A record in a public DNS zone maps a domain name to the public IP address of the Application Load Balancer. Using a CNAME record would also work but is generally recommended for aliasing one domain name to another, not directly to an IP address.
Option A & B: Network Load Balancers operate at Layer 4 (TCP/UDP) and lack the application-level features of an Application Load Balancer. Private DNS zones are for internal name resolution within your VPC, not for public access.
Option C: While an Application Load Balancer is the correct type, using a private DNS zone wouldn’t make the web application publicly accessible.
Reference to Google Cloud Certified – Associate Cloud Engineer Documents:
The best practices for load balancing web applications on Google Cloud, including the use of Application Load Balancers for Layer 7 traffic and the configuration of public DNS records (A or CNAME) for public access, are detailed in the Google Cloud Load Balancing and Cloud DNS documentation, both important for the Associate Cloud Engineer certification.
Question #73
You are deploying a web application using Compute Engine. You created a managed instance group (MIG) to host the application. You want to follow Google-recommended practices to implement a secure and highly available solution.
What should you do?
- A . Use a proxy Network Load Balancer for the MIG and an A record in your DNS private zone with the load balancer’s IP address.
- B . Use a proxy Network Load Balancer for the MIG and a CNAME record in your DNS public zone with the load balancer’s IP address.
- C . Use an Application Load Balancer for the MIG and a CNAME record in your DNS private zone with the load balancer’s IP address.
- D . Use an Application Load Balancer for the MIG and an A record in your DNS public zone with the load balancer’s IP address.
Correct Answer: D
D
Explanation:
For a web application (typically using HTTP/HTTPS), an Application Load Balancer is the recommended choice as it operates at Layer 7, providing features like content-based routing, SSL termination, and improved security. To expose the application publicly, you would need to use a public DNS zone. An A record in a public DNS zone maps a domain name to the public IP address of the Application Load Balancer. Using a CNAME record would also work but is generally recommended for aliasing one domain name to another, not directly to an IP address.
Option A & B: Network Load Balancers operate at Layer 4 (TCP/UDP) and lack the application-level features of an Application Load Balancer. Private DNS zones are for internal name resolution within your VPC, not for public access.
Option C: While an Application Load Balancer is the correct type, using a private DNS zone wouldn’t make the web application publicly accessible.
Reference to Google Cloud Certified – Associate Cloud Engineer Documents:
The best practices for load balancing web applications on Google Cloud, including the use of Application Load Balancers for Layer 7 traffic and the configuration of public DNS records (A or CNAME) for public access, are detailed in the Google Cloud Load Balancing and Cloud DNS documentation, both important for the Associate Cloud Engineer certification.
D
Explanation:
For a web application (typically using HTTP/HTTPS), an Application Load Balancer is the recommended choice as it operates at Layer 7, providing features like content-based routing, SSL termination, and improved security. To expose the application publicly, you would need to use a public DNS zone. An A record in a public DNS zone maps a domain name to the public IP address of the Application Load Balancer. Using a CNAME record would also work but is generally recommended for aliasing one domain name to another, not directly to an IP address.
Option A & B: Network Load Balancers operate at Layer 4 (TCP/UDP) and lack the application-level features of an Application Load Balancer. Private DNS zones are for internal name resolution within your VPC, not for public access.
Option C: While an Application Load Balancer is the correct type, using a private DNS zone wouldn’t make the web application publicly accessible.
Reference to Google Cloud Certified – Associate Cloud Engineer Documents:
The best practices for load balancing web applications on Google Cloud, including the use of Application Load Balancers for Layer 7 traffic and the configuration of public DNS records (A or CNAME) for public access, are detailed in the Google Cloud Load Balancing and Cloud DNS documentation, both important for the Associate Cloud Engineer certification.
Question #75
You need to track and verity modifications to a set of Google Compute Engine instances in your Google Cloud project. In particular, you want to verify OS system patching events on your virtual machines (VMs).
What should you do?
- A . Review the Compute Engine activity logs Select and review the Admin Event logs
- B . Review the Compute Engine activity logs Select and review the System Event logs
- C . Install the Cloud Logging Agent In Cloud Logging review the Compute Engine syslog logs
- D . Install the Cloud Logging Agent In Cloud Logging, review the Compute Engine operation logs
Correct Answer: A
Question #75
You need to track and verity modifications to a set of Google Compute Engine instances in your Google Cloud project. In particular, you want to verify OS system patching events on your virtual machines (VMs).
What should you do?
- A . Review the Compute Engine activity logs Select and review the Admin Event logs
- B . Review the Compute Engine activity logs Select and review the System Event logs
- C . Install the Cloud Logging Agent In Cloud Logging review the Compute Engine syslog logs
- D . Install the Cloud Logging Agent In Cloud Logging, review the Compute Engine operation logs
Correct Answer: A
Question #77
You are deploying an application on Google Cloud that requires a relational database for storage. To satisfy your company’s security policies, your application must connect to your database through an encrypted and authenticated connection that requires minimal management and integrates with Identity and Access Management (IAM).
What should you do?
- A . Deploy a Cloud SQL database with the SSL mode set to encrypted only, configure SSL/TLS client certificates, and configure a database user and password.
- B . Deploy a Cloud SOL database and configure IAM database authentication. Access the database through the Cloud SQL Auth Proxy.
- C . Deploy a Cloud SQL database with the SSL mode set to encrypted only, configure SSL/TLS client certificates, and configure IAM database authentication.
- D . Deploy a Cloud SQL database and configure a database user and password. Access the database through the Cloud SQL Auth Proxy.
Correct Answer: B
B
Explanation:
Cloud SQL Auth Proxy: This proxy ensures secure connections to your Cloud SQL database by automatically handling encryption (SSL/TLS) and IAM-based authentication. It simplifies the management of secure connections without needing to manage SSL/TLS certificates manually. IAM Database Authentication: This allows you to use IAM credentials to authenticate to the database, providing a unified and secure authentication mechanism that integrates seamlessly with Google Cloud IAM.
B
Explanation:
Cloud SQL Auth Proxy: This proxy ensures secure connections to your Cloud SQL database by automatically handling encryption (SSL/TLS) and IAM-based authentication. It simplifies the management of secure connections without needing to manage SSL/TLS certificates manually. IAM Database Authentication: This allows you to use IAM credentials to authenticate to the database, providing a unified and secure authentication mechanism that integrates seamlessly with Google Cloud IAM.
Question #78
Your company was recently impacted by a service disruption that caused multiple Dataflow jobs to get stuck, resulting in significant downtime in downstream applications and revenue loss. You were able to resolve the issue by identifying and fixing an error you found in the code. You need to design a solution with minimal management effort to identify when jobs are stuck in the future to ensure that this issue does not occur again.
What should you do?
- A . Set up Error Reporting to identify stack traces that indicate slowdowns in Dataflow jobs. Set up alerts based on these log entries.
- B . Use the Personalized Service Health dashboard to identify issues with Dataflow jobs across regions.
- C . Update the Dataflow job configurations to send messages to a Pub/Sub topic when there are delays. Configure a backup Dataflow job to process jobs that are delayed. Use Cloud Tasks to trigger an alert when messages are pushed to the Pub/Sub topic.
- D . Set up Cloud Monitoring alerts on the data freshness metric for the Dataflow jobs to receive a notification when a certain threshold is reached.
Correct Answer: D
D
Explanation:
The goal is to proactively identify stuck Dataflow jobs with minimal management effort. Let’s analyze each option:
D
Explanation:
The goal is to proactively identify stuck Dataflow jobs with minimal management effort. Let’s analyze each option:
Question #79
You are hosting an application from Compute Engine virtual machines (VMs) in usCcentral1Ca. You want to adjust your design to support the failure of a single Compute Engine zone, eliminate downtime, and minimize cost.
What should you do?
- A . C Create Compute Engine resources in usCcentral1Cb.
CBalance the load across both usCcentral1Ca and usCcentral1Cb. - B . C Create a Managed Instance Group and specify usCcentral1Ca as the zone.
C Configure the Health Check with a short Health Interval. - C . C Create an HTTP(S) Load Balancer.
C Create one or more global forwarding rules to direct traffic to your VMs. - D . C Perform regular backups of your application.
CCreate a Cloud Monitoring Alert and be notified if your application becomes unavailable.
CRestore from backups when notified.
Correct Answer: A
A
Explanation:
Choosing a region and zone You choose which region or zone hosts your resources, which controls where your data is stored and used. Choosing a region and zone is important for several reasons: Handling failures
Distribute your resources across multiple zones and regions to tolerate outages. Google designs zones to be independent from each other: a zone usually has power, cooling, networking, and control planes that are isolated from other zones, and most single failure events will affect only a single zone. Thus, if a zone becomes unavailable, you can transfer traffic to another zone in the same region to keep your services running. Similarly, if a region experiences any disturbances, you should have backup services running in a different region. For more information about distributing your resources and designing a robust system, see Designing Robust Systems. Decreased network latency To decrease network latency, you might want to choose a region or zone that is close to your point of service. https://cloud.google.com/compute/docs/regions-zones#choosing_a_region_and_zone
A
Explanation:
Choosing a region and zone You choose which region or zone hosts your resources, which controls where your data is stored and used. Choosing a region and zone is important for several reasons: Handling failures
Distribute your resources across multiple zones and regions to tolerate outages. Google designs zones to be independent from each other: a zone usually has power, cooling, networking, and control planes that are isolated from other zones, and most single failure events will affect only a single zone. Thus, if a zone becomes unavailable, you can transfer traffic to another zone in the same region to keep your services running. Similarly, if a region experiences any disturbances, you should have backup services running in a different region. For more information about distributing your resources and designing a robust system, see Designing Robust Systems. Decreased network latency To decrease network latency, you might want to choose a region or zone that is close to your point of service. https://cloud.google.com/compute/docs/regions-zones#choosing_a_region_and_zone
Question #79
You are hosting an application from Compute Engine virtual machines (VMs) in usCcentral1Ca. You want to adjust your design to support the failure of a single Compute Engine zone, eliminate downtime, and minimize cost.
What should you do?
- A . C Create Compute Engine resources in usCcentral1Cb.
CBalance the load across both usCcentral1Ca and usCcentral1Cb. - B . C Create a Managed Instance Group and specify usCcentral1Ca as the zone.
C Configure the Health Check with a short Health Interval. - C . C Create an HTTP(S) Load Balancer.
C Create one or more global forwarding rules to direct traffic to your VMs. - D . C Perform regular backups of your application.
CCreate a Cloud Monitoring Alert and be notified if your application becomes unavailable.
CRestore from backups when notified.
Correct Answer: A
A
Explanation:
Choosing a region and zone You choose which region or zone hosts your resources, which controls where your data is stored and used. Choosing a region and zone is important for several reasons: Handling failures
Distribute your resources across multiple zones and regions to tolerate outages. Google designs zones to be independent from each other: a zone usually has power, cooling, networking, and control planes that are isolated from other zones, and most single failure events will affect only a single zone. Thus, if a zone becomes unavailable, you can transfer traffic to another zone in the same region to keep your services running. Similarly, if a region experiences any disturbances, you should have backup services running in a different region. For more information about distributing your resources and designing a robust system, see Designing Robust Systems. Decreased network latency To decrease network latency, you might want to choose a region or zone that is close to your point of service. https://cloud.google.com/compute/docs/regions-zones#choosing_a_region_and_zone
A
Explanation:
Choosing a region and zone You choose which region or zone hosts your resources, which controls where your data is stored and used. Choosing a region and zone is important for several reasons: Handling failures
Distribute your resources across multiple zones and regions to tolerate outages. Google designs zones to be independent from each other: a zone usually has power, cooling, networking, and control planes that are isolated from other zones, and most single failure events will affect only a single zone. Thus, if a zone becomes unavailable, you can transfer traffic to another zone in the same region to keep your services running. Similarly, if a region experiences any disturbances, you should have backup services running in a different region. For more information about distributing your resources and designing a robust system, see Designing Robust Systems. Decreased network latency To decrease network latency, you might want to choose a region or zone that is close to your point of service. https://cloud.google.com/compute/docs/regions-zones#choosing_a_region_and_zone