Latest [Feb 15, 2022] 100% Passing Guarantee - Brilliant Professional-Cloud-Architect Exam Questions PDF Professional-Cloud-Architect Certification – Valid Exam Dumps Questions Study Guide! (Updated 230 Questions) Section #3. Designing for (and adhering to) security and rules This section assesses the examinee’s knowledge of the concepts like separation of duties, IAM (Identity access management), [...]

All Products Contact now

Latest [Feb 15, 2022] 100% Passing Guarantee - Brilliant Professional-Cloud-Architect Exam Questions PDF [Q47-Q62]

Share

Latest [Feb 15, 2022] 100% Passing Guarantee - Brilliant Professional-Cloud-Architect Exam Questions PDF

Professional-Cloud-Architect Certification – Valid Exam Dumps Questions Study Guide! (Updated 230 Questions)


Section #3. Designing for (and adhering to) security and rules

This section assesses the examinee’s knowledge of the concepts like separation of duties, IAM (Identity & access management), resource hierarchy, data security, key security controls, handling customer-managed encryption, remote access, and compliance designing. Legislation, industry certification, and auditing skills are also well covered in this section.

 

NEW QUESTION 47
You set up an autoscaling instance group to serve web traffic for an upcoming launch. After configuring the instance group as a backend service to an HTTP(S) load balancer, you notice that virtual machine (VM) instances are being terminated and re-launched every minute. The instances do not have a public IP address. You have verified the appropriate web response is coming from each instance using the curl command. You want to ensure the backend is configured correctly. What should you do?

  • A. Assign a public IP to each instance and configure a firewall rule to allow the load balancer to reach the instance public IP.
  • B. Ensure that a firewall rule exists to allow source traffic on HTTP/HTTPS to reach the load balancer.
  • C. Ensure that a firewall rule exists to allow load balancer health checks to reach the instances in the instance group.
  • D. Create a tag on each instance with the name of the load balancer. Configure a firewall rule with the name of the load balancer as the source and the instance tag as the destination.

Answer: C

Explanation:
The best practice when configuration a health check is to check health and serve traffic on the same port. However, it is possible to perform health checks on one port, but serve traffic on another. If you do use two different ports, ensure that firewall rules and services running on instances are configured appropriately. If you run health checks and serve traffic on the same port, but decide to switch ports at some point, be sure to update both the backend service and the health check.
Backend services that do not have a valid global forwarding rule referencing it will not be health checked and will have no health status.
References: https://cloud.google.com/compute/docs/load-balancing/http/backend-service Reference:
https://cloud.google.com/vpc/docs/using-firewalls

 

NEW QUESTION 48
Your team is developing a web application that will be deployed on Google Kubernetes Engine (GKE). Your CTO expects a successful launch and you need to ensure your application can handle the expected load of tens of thousands of users. You want to test the current deployment to ensure the latency of your application stays below a certain threshold. What should you do?

  • A. Replicate the application over multiple GKE clusters in every Google Cloud region. Configure a global HTTP (S) load balancer to expose the different clusters over a single global IP address.
  • B. Enable autoscaling on the GKE cluster and enable horizontal pod autoscaling on your application deployments. Send curl requests to your application, and validate if the auto scaling works.
  • C. Use a load testing tool to simulate the expected number of concurrent users and total requests to your application, and inspect the results.
  • D. Use Cloud Debugger in the development environment to understand the latency between the different microservices.

Answer: B

 

NEW QUESTION 49
For this question, refer to the TerramEarth case study.
To speed up data retrieval, more vehicles will be upgraded to cellular connections and be able to transmit data to the ETL process. The current FTP process is error-prone and restarts the data transfer from the start of the file when connections fail, which happens often. You want to improve the reliability of the solution and minimize data transfer time on the cellular connections. What should you do?

  • A. Directly transfer the files to different Google Cloud Multi-Regional Storage bucket locations in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process using the data in the bucket.
  • B. Use one Google Container Engine cluster of FTP servers. Save the data to a Multi- Regional bucket. Run the ETL process using data in the bucket.
  • C. Directly transfer the files to a different Google Cloud Regional Storage bucket location in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process to retrieve the data from each Regional bucket.
  • D. Use multiple Google Container Engine clusters running FTP servers located in different regions. Save the data to Multi-Regional buckets in us, eu, and asia. Run the ETL process using the data in the bucket.

Answer: C

 

NEW QUESTION 50
For this question, refer to the Dress4Win case study.
The Dress4Win security team has disabled external SSH access into production virtual machines (VMs) on Google Cloud Platform (GCP). The operations team needs to remotely manage the VMs, build and push Docker containers, and manage Google Cloud Storage objects. What can they do?

  • A. Configure a VPN connection to GCP to allow SSH access to the cloud VMs.
  • B. Have the development team build an API service that allows the operations team to execute specific remote procedure calls to accomplish their tasks.
  • C. Develop a new access request process that grants temporary SSH access to cloud VMs when an operations engineer needs to perform a task.
  • D. Grant the operations engineers access to use Google Cloud Shell.

Answer: A

 

NEW QUESTION 51
For this question, refer to the JencoMart case study.
JencoMart wants to move their User Profiles database to Google Cloud Platform. Which Google Database should they use?

  • A. Google Cloud Datastore
  • B. Google Cloud SQL
  • C. Cloud Spanner
  • D. Google BigQuery

Answer: A

 

NEW QUESTION 52
Your web application has several VM instances running within a VPC. You want to restrict communications between instances to only the paths and ports you authorize, but you don't want to rely on static IP addresses or subnets because the app can autoscale. How should you restrict communications?

  • A. Use service accounts and configure the web application to authorize particular service accounts to have access
  • B. Use Cloud DNS and only allow connections from authorized hostnames
  • C. Use firewall rules based on network tags attached to the compute instances
  • D. Use separate VPCs to restrict traffic

Answer: C

 

NEW QUESTION 53
Your company has multiple on-premises systems that serve as sources for reporting. The data has not been maintained well and has become degraded over time. You want to use Google-recommended practices to detect anomalies in your company data. What should you do?

  • A. Upload your files into Cloud Storage. Use Cloud Datalab to explore and clean your data.
  • B. Connect Cloud Datalab to your on-premises systems. Use Cloud Datalab to explore and clean your data.
  • C. Connect Cloud Dataprep to your on-premises systems. Use Cloud Dataprep to explore and clean your data.
  • D. Upload your files into Cloud Storage. Use Cloud Dataprep to explore and clean your data.

Answer: D

Explanation:
https://cloud.google.com/dataprep/

 

NEW QUESTION 54
For this question, refer to the TerramEarth case study.
TerramEarth's 20 million vehicles are scattered around the world. Based on the vehicle's location its telemetry data is stored in a Google Cloud Storage (GCS) regional bucket (US. Europe, or Asia). The CTO has asked you to run a report on the raw telemetry data to determine why vehicles are breaking down after 100 K miles.
You want to run this job on all the data. What is the most cost-effective way to run this job?

  • A. Launch a cluster in each region to preprocess and compress the raw data, then move the data into a regional bucket and use a Cloud Dataproc cluster .....
  • B. Move all the data into 1 region, then launch a Google Cloud Dataproc cluster to run the job.
  • C. Move all the data into 1 zone, then launch a Cloud Dataproc cluster to run the job.
  • D. Launch a cluster in each region to preprocess and compress the raw data, then move the data into a multi region bucket and use a Dataproc cluster to finish the job.

Answer: D

Explanation:
Explanation
Storageguarantees 2 replicates which are geo diverse (100 miles apart) which can get better remote latency and availability.
More importantly, is that multiregional heavily leverages Edge caching and CDNs to provide the content to the end users.
All this redundancy and caching means that Multiregional comes with overhead to sync and ensure consistency between geo-diverse areas. As such, it's much better for write-once-read-many scenarios. This means frequently accessed (e.g. "hot" objects) around the world, such as website content, streaming videos, gaming or mobile applications.
References:
https://medium.com/google-cloud/google-cloud-storage-what-bucket-class-for-the-best-performance-5c847ac8f9

 

NEW QUESTION 55
You set up an autoscaling instance group to serve web traffic for an upcoming launch. After configuring the instance group as a backend service to an HTTP(S) load balancer, you notice that virtual machine (VM) instances are being terminated and re-launched every minute. The instances do not have a public IP address. You have verified the appropriate web response is coming from each instance using the curl command. You want to ensure the backend is configured correctly. What should you do?

  • A. Assign a public IP to each instance and configure a firewall rule to allow the load balancer to reach the instance public IP.
  • B. Ensure that a firewall rule exists to allow source traffic on HTTP/HTTPS to reach the load balancer.
  • C. Ensure that a firewall rule exists to allow load balancer health checks to reach the instances in the instance group.
  • D. Create a tag on each instance with the name of the load balancer. Configure a firewall rule with the name of the load balancer as the source and the instance tag as the destination.

Answer: C

Explanation:
The best practice when configuration a health check is to check health and serve traffic on the same port. However, it is possible to perform health checks on one port, but serve traffic on another. If you do use two different ports, ensure that firewall rules and services running on instances are configured appropriately. If you run health checks and serve traffic on the same port, but decide to switch ports at some point, be sure to update both the backend service and the health check.
Backend services that do not have a valid global forwarding rule referencing it will not be health checked and will have no health status.
References: https://cloud.google.com/compute/docs/load-balancing/http/backend-service

 

NEW QUESTION 56
For this question, refer to the TerramEarth case study.
To speed up data retrieval, more vehicles will be upgraded to cellular connections and be able to transmit data to the ETL process. The current FTP process is error-prone and restarts the data transfer from the start of the file when connections fail, which happens often. You want to improve the reliability of the solution and minimize data transfer time on the cellular connections. What should you do?

  • A. Use one Google Container Engine cluster of FTP servers. Save the data to a Multi-Regional bucket. Run the ETL process using data in the bucket.
  • B. Directly transfer the files to different Google Cloud Multi-Regional Storage bucket locations in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process using the data in the bucket.
  • C. Directly transfer the files to a different Google Cloud Regional Storage bucket location in us, eu, and asia using Google APIs over HTTP(S). Run the ETL process to retrieve the data from each Regional bucket.
  • D. Use multiple Google Container Engine clusters running FTP servers located in different regions. Save the data to Multi-Regional buckets in us, eu, and asia. Run the ETL process using the data in the bucket.

Answer: C

Explanation:
Reference:
https://cloud.google.com/storage/docs/locations

 

NEW QUESTION 57
A development team at your company has created a dockerized HTTPS web application. You need to deploy the application on Google Kubernetes Engine (GKE) and make sure that the application scales automatically.
How should you deploy to GKE?

  • A. Enable autoscaling on the Compute Engine instance group. Use an Ingress resource to load-balance the HTTPS traffic.
  • B. Enable autoscaling on the Compute Engine instance group. Use a Service resource of type LoadBalancer to load-balance the HTTPS traffic.
  • C. Use the Horizontal Pod Autoscaler and enable cluster autoscaling. Use an Ingress resource to load-balance the HTTPS traffic.
  • D. Use the Horizontal Pod Autoscaler and enable cluster autoscaling on the Kubernetes cluster. Use a Service resource of type LoadBalancer to load-balance the HTTPS traffic.

Answer: D

Explanation:
Explanation/Reference: https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-autoscaler

 

NEW QUESTION 58
Case Study: 7 - Mountkirk Games
Company Overview
Mountkirk Games makes online, session-based, multiplayer games for mobile platforms. They build all of their games using some server-side integration. Historically, they have used cloud providers to lease physical servers.
Due to the unexpected popularity of some of their games, they have had problems scaling their global audience, application servers, MySQL databases, and analytics tools.
Their current model is to write game statistics to files and send them through an ETL tool that loads them into a centralized MySQL database for reporting.
Solution Concept
Mountkirk Games is building a new game, which they expect to be very popular. They plan to deploy the game's backend on Google Compute Engine so they can capture streaming metrics, run intensive analytics, and take advantage of its autoscaling server environment and integrate with a managed NoSQL database.
Business Requirements
Increase to a global footprint.

Improve uptime - downtime is loss of players.

Increase efficiency of the cloud resources we use.

Reduce latency to all customers.

Technical Requirements
Requirements for Game Backend Platform
Dynamically scale up or down based on game activity.

Connect to a transactional database service to manage user profiles and game state.

Store game activity in a timeseries database service for future analysis.

As the system scales, ensure that data is not lost due to processing backlogs.

Run hardened Linux distro.

Requirements for Game Analytics Platform
Dynamically scale up or down based on game activity

Process incoming data on the fly directly from the game servers

Process data that arrives late because of slow mobile networks

Allow queries to access at least 10 TB of historical data

Process files that are regularly uploaded by users' mobile devices

Executive Statement
Our last successful game did not scale well with our previous cloud provider, resulting in lower user adoption and affecting the game's reputation. Our investors want more key performance indicators (KPIs) to evaluate the speed and stability of the game, as well as other metrics that provide deeper insight into usage patterns so we can adapt the game to target users.
Additionally, our current technology stack cannot provide the scale we need, so we want to replace MySQL and move to an environment that provides autoscaling, low latency load balancing, and frees us up from managing physical servers.
For this question, refer to the Mountkirk Games case study. You need to analyze and define the technical architecture for the database workloads for your company, Mountkirk Games.
Considering the business and technical requirements, what should you do?

  • A. Use Cloud SQL to replace MySQL, and use Cloud Spanner for historical data queries.
  • B. Use Cloud Bigtable to replace MySQL, and use BigQuery for historical data queries.
  • C. Use Cloud SQL for time series data, and use Cloud Bigtable for historical data queries.
  • D. Use Cloud Bigtable for time series data, use Cloud Spanner for transactional data, and use BigQuery for historical data queries.

Answer: D

 

NEW QUESTION 59
Case Study: 3 - JencoMart Case Study
Company Overview
JencoMart is a global retailer with over 10,000 stores in 16 countries. The stores carry a range of goods, such as groceries, tires, and jewelry. One of the company's core values is excellent customer service. In addition, they recently introduced an environmental policy to reduce their carbon output by 50% over the next 5 years.
Company Background
JencoMart started as a general store in 1931, and has grown into one of the world's leading brands known for great value and customer service. Over time, the company transitioned from only physical stores to a stores and online hybrid model, with 25% of sales online. Currently, JencoMart has little presence in Asia, but considers that market key for future growth.
Solution Concept
JencoMart wants to migrate several critical applications to the cloud but has not completed a technical review to determine their suitability for the cloud and the engineering required for migration. They currently host all of these applications on infrastructure that is at its end of life and is no longer supported.
Existing Technical Environment
JencoMart hosts all of its applications in 4 data centers: 3 in North American and 1 in Europe, most applications are dual-homed.
JencoMart understands the dependencies and resource usage metrics of their on-premises architecture.
Application Customer loyalty portal
LAMP (Linux, Apache, MySQL and PHP) application served from the two JencoMart-owned U.S.
data centers.
Database
* Oracle Database stores user profiles




* PostgreSQL database stores user credentials
-homed in US West





Authenticates all users
Compute
* 30 machines in US West Coast, each machine has:



* 20 machines in US East Coast, each machine has:
-core CPU



Storage
* Access to shared 100 TB SAN in each location
* Tape backup every week
Business Requirements
* Optimize for capacity during peak periods and value during off-peak periods
* Guarantee service availably and support
* Reduce on-premises footprint and associated financial and environmental impact.
* Move to outsourcing model to avoid large upfront costs associated with infrastructure purchase
* Expand services into Asia.
Technical Requirements
* Assess key application for cloud suitability.
* Modify application for the cloud.
* Move applications to a new infrastructure.
* Leverage managed services wherever feasible
* Sunset 20% of capacity in existing data centers
* Decrease latency in Asia
CEO Statement
JencoMart will continue to develop personal relationships with our customers as more people access the web. The future of our retail business is in the global market and the connection between online and in-store experiences. As a large global company, we also have a responsibility to the environment through 'green' initiatives and polices.
CTO Statement
The challenges of operating data centers prevents focus on key technologies critical to our long- term success. Migrating our data services to a public cloud infrastructure will allow us to focus on big data and machine learning to improve our service customers.
CFO Statement
Since its founding JencoMart has invested heavily in our data services infrastructure. However, because of changing market trends, we need to outsource our infrastructure to ensure our long- term success. This model will allow us to respond to increasing customer demand during peak and reduce costs.
For this question, refer to the JencoMart case study.
JencoMart wants to move their User Profiles database to Google Cloud Platform. Which Google Database should they use?

  • A. Google Cloud Datastore
  • B. Google Cloud SQL
  • C. Cloud Spanner
  • D. Google BigQuery

Answer: A

Explanation:
Common workloads for Google Cloud Datastore:
User profiles
* Product catalogs
* Game state
* References: https://cloud.google.com/storage-options/
https://cloud.google.com/datastore/docs/concepts/overview

 

NEW QUESTION 60
Your company is building a new architecture to support its data-centric business focus. You are responsible for setting up the network. Your company's mobile and web-facing applications will be deployed on-premises, and all data analysis will be conducted in GCP. The plan is to process and load 7 years of archived .csv files totaling 900 TB of data and then continue loading 10 TB of data daily. You currently have an existing 100-MB internet connection.
What actions will meet your company's needs?

  • A. Lease a Transfer Appliance, upload archived files to it, and send it, and send it to Google to transfer archived data to Cloud Storage. Establish one Cloud VPN Tunnel to VPC networks over the public internet, and compares and upload files daily using the gsutil -m option.
  • B. Lease a Transfer Appliance, upload archived files to it, and send it to Google to transfer archived data to Cloud Storage. Establish a Cloud VPN Tunnel to VPC networks over the public internet, and compress and upload files daily.
  • C. Lease a Transfer Appliance, upload archived files to it, and send it, and send it to Google to transfer archived data to Cloud Storage. Establish a connection with Google using a Dedicated Interconnect or Direct Peering connection and use it to upload files daily.
  • D. Compress and upload both achieved files and files uploaded daily using the qsutil -m option.

Answer: D

 

NEW QUESTION 61
You want to make a copy of a production Linux virtual machine in the US-Central region. You want to manage and replace the copy easily if there are changes on the production virtual machine. You will deploy the copy as a new instance in a different project in the US-East region.
What steps must you take?

  • A. Create an image file from the root disk with Linux dd command, create a new virtual machine instance in the US-East region
  • B. Create a snapshot of the root disk, create an image file in Google Cloud Storage from the snapshot, and create a new virtual machine instance in the US-East region using the image file the root disk.
  • C. Create a snapshot of the root disk and select the snapshot as the root disk when you create a new virtual machine instance in the US-East region.
  • D. Use the Linux dd and netcat commands to copy and stream the root disk contents to a new virtual machine instance in the US-East region.

Answer: B

Explanation:
Explanation/Reference:

 

NEW QUESTION 62
......

Professional-Cloud-Architect are Available for Instant Access: https://testking.guidetorrent.com/Professional-Cloud-Architect-dumps-questions.html

Related Articles

more
Google Professional-Cloud-Architect Certification Practice Exam