Dec-2021 Google Professional-Cloud-Architect Certification Real 2021 Mock Exam [Q113-Q128]

Share

Dec-2021 Google Professional-Cloud-Architect Certification Real 2021 Mock Exam

Professional-Cloud-Architect Exam Questions and Valid PMP Dumps PDF 


What Are Topics Covered by Google Professional Cloud Architect?

To increase your chances of success in this certification exam, you need to master its topics beforehand. This test covers six domains:

  • Developing & Planning Cloud Solution Infrastructure

The Google Professional Cloud Architect exam is premised on issues to do with developing solution architectures that comply with business demands. The considerations included here are such as business use scenarios as well as product strategy, cost optimization, data movement, success measurements, and compliance with observability. It also scrutinizes how to develop infrastructure that complies with technical specifications. This is where factors like high availability, elasticity, failover design, scalability, performance as well as latency are covered. The next segments are about developing network, compute, and storage resources, creating a plan for migration and envisioning future improvements in solutions. The last bit looks at improvements on cloud in addition to technology, the evolution of enterprise needs, and advocacy and evangelism.

  • Managing & Provisioning Solution Infrastructure

To manage and provision architectural solutions, candidates must focus on mastering how to configure topologies on networks. Concerned here are matters like hybrid networking, extending to environments like multi-cloud, data protection, and security. The next part concerns configuring storage systems and has considerations like allocation for data storage, data processing, access management and security, data retention, and growth management for data. Mastering abilities in compute systems is another tested area. It has considerations like provisioning for compute systems, the configuration of compute volatility, network configuration targeting compute nodes, and container orchestration using Kubernetes.

  • Developing for Security & Compliance

The Professional Cloud Architect exam also concerns developing for security & compliance. The first part regarding security includes considerations like IAM, resource hierarchy such as folders, organizations, and projects, data security, penetration testing, separation of duties, and managing customers and their encryption keys. The second piece focuses on developing for compliance and considers matters like legislation, commercial, industry certifications like SOC 2, and audits with logs.

  • Analyzing & Enhancing Technical & Business Processes

The first task is to analyze and define technical processes where considerations are such as SDLC (Software Development Life Cycle), continuous integration and deployment, troubleshooting, testing as well as validation, service catalogs, disaster recovery, and business continuity. Next is to study how to analyze and define business processes. This considers stakeholder management, change management, team assessment, the management of customer success, and cost optimization. To close this domain is creating procedures to make sure that there is resilience during solution production. An issue to consider in this case is, for example, chaos engineering.

  • Managing Implementation

The Google Professional Cloud Architect exam is also about managing implementation. Thus, included here are matters like advising development or operation teams to make sure that solution deployment is successful. Additionally, issues to consider are such as application development, best practices for API, testing frameworks, and system & data migration tooling. This section also scrutinizes how to interact with the cloud by using GCP SDK (gcloud, gsutil, as well as bq), where the deliberations involved are location installation and Google Cloud Shell.

  • Ensuring Reliability in Solutions & Operations

This concluding topic concerns such notions as controlling, profiling, logging, and alerting solutions. In addition, candidates will have to be aware of deploying and releasing management and should be equipped with the knowledge of offering assistance by supporting solutions that currently are in operation. To close this area there is an evaluation of measures for quality control.

 

NEW QUESTION 113
You are migrating your on-premises solution to Google Cloud in several phases. You will use Cloud VPN to maintain a connection between your on-premises systems and Google Cloud until the migration is completed.
You want to make sure all your on-premise systems remain reachable during this period. How should you organize your networking in Google Cloud?

  • A. Use the same IP range on Google Cloud as you use on-premises
  • B. Use an IP range on Google Cloud that does not overlap with the range you use on-premises for your primary IP range and use a secondary range with the same IP range as you use on-premises
  • C. Use the same IP range on Google Cloud as you use on-premises for your primary IP range and use a secondary range that does not overlap with the range you use on-premises
  • D. Use an IP range on Google Cloud that does not overlap with the range you use on-premises

Answer: B

 

NEW QUESTION 114
Your company just finished a rapid lift and shift to Google Compute Engine for your compute needs. You have another 9 months to design and deploy a more cloud-native solution. Specifically, you want a system that is no-ops and auto-scaling. Which two compute products should you choose? Choose 2 answers

  • A. Google App Engine Standard Environment
  • B. Google Kubernetes Engine with containers
  • C. Compute Engine with containers
  • D. Compute Engine with managed instance groups
  • E. Compute Engine with custom instance types

Answer: A,B

Explanation:
B: With Container Engine, Google will automatically deploy your cluster for you, update, patch, secure the nodes.
Kubernetes Engine's cluster autoscaler automatically resizes clusters based on the demands of the workloads you want to run.
C: Solutions like Datastore, BigQuery, AppEngine, etc are truly NoOps.
App Engine by default scales the number of instances running up and down to match the load, thus providing consistent performance for your app at all times while minimizing idle instances and thus reducing cost.
Note: At a high level, NoOps means that there is no infrastructure to build out and manage during usage of the platform. Typically, the compromise you make with NoOps is that you lose control of the underlying infrastructure.
References:
https://www.quora.com/How-well-does-Google-Container-Engine-support-Google-Cloud-Platform%E2%80%99s-NoOps-claim

 

NEW QUESTION 115
A small number of API requests to your microservices-based application take a very long time. You know that each request to the API can traverse many services. You want to know which service takes the longest in those cases. What should you do?

  • A. Send custom metrics for each of your requests to Stackdriver Monitoring.
  • B. Instrument your application with Stackdnver Trace in order to break down the request latencies at each microservice.
  • C. Use Stackdriver Monitoring to look for insights that show when your API latencies are high.
  • D. Set timeouts on your application so that you can fail requests faster.

Answer: B

Explanation:
https://cloud.google.com/trace/docs/overview

 

NEW QUESTION 116
Case Study: 1 - Mountkirk Games Case Study
Company Overview
Mountkirk Games makes online, session-based. multiplayer games for the most popular mobile platforms.
Company Background
Mountkirk Games builds all of their games with some server-side integration and has historically used cloud providers to lease physical servers. A few of their games were more popular than expected, and they had problems scaling their application servers, MySQL databases, and analytics tools.
Mountkirk's current model is to write game statistics to files and send them through an ETL tool that loads them into a centralized MySQL database for reporting.
Solution Concept
Mountkirk Games is building a new game, which they expect to be very popular. They plan to deploy the game's backend on Google Compute Engine so they can capture streaming metrics, run intensive analytics and take advantage of its autoscaling server environment and integrate with a managed NoSQL database.
Technical Requirements
Requirements for Game Backend Platform
1. Dynamically scale up or down based on game activity.
2. Connect to a managed NoSQL database service.
3. Run customized Linx distro.
Requirements for Game Analytics Platform
1. Dynamically scale up or down based on game activity.
2. Process incoming data on the fly directly from the game servers.
3. Process data that arrives late because of slow mobile networks.
4. Allow SQL queries to access at least 10 TB of historical data.
5. Process files that are regularly uploaded by users' mobile devices.
6. Use only fully managed services
CEO Statement
Our last successful game did not scale well with our previous cloud provider, resuming in lower user adoption and affecting the game's reputation. Our investors want more key performance indicators (KPIs) to evaluate the speed and stability of the game, as well as other metrics that provide deeper insight into usage patterns so we can adapt the gams to target users.
CTO Statement
Our current technology stack cannot provide the scale we need, so we want to replace MySQL and move to an environment that provides autoscaling, low latency load balancing, and frees us up from managing physical servers.
CFO Statement
We are not capturing enough user demographic data usage metrics, and other KPIs. As a result, we do not engage the right users. We are not confident that our marketing is targeting the right users, and we are not selling enough premium Blast-Ups inside the games, which dramatically impacts our revenue.
For this question, refer to the Mountkirk Games case study. Mountkirk Games' gaming servers are not automatically scaling properly. Last month, they rolled out a new feature, which suddenly became very popular. A record number of users are trying to use the service, but many of them are getting 503 errors and very slow response times. What should they investigate first?

  • A. Verify that the database is online.
  • B. Verify that the load-testing team is not running their tool against production.
  • C. Verify that the new feature code did not introduce any performance bugs.
  • D. Verify that the project quota hasn't been exceeded.

Answer: A

Explanation:
503 is service unavailable error. If the database was online everyone would get the 503 error.

 

NEW QUESTION 117
For this question, refer to the JencoMart case study
A few days after JencoMart migrates the user credentials database to Google Cloud Platform and shuts down the old server, the new database server stops responding to SSH connections. It is still serving database requests to the application servers correctly. What three steps should you take to diagnose the problem? Choose 3 answers

  • A. Take a snapshot of the disk and connect to a new machine to investigate.
  • B. Print the Serial Console output for the instance for troubleshooting, activate the interactive console, and investigate.
  • C. Check inbound firewall rules for the network the machine is connected to.
  • D. Connect the machine to another network with very simple firewall rules and investigate.
  • E. Delete the instance, attach the disk to a new VM, and investigate.
  • F. Delete the virtual machine (VM) and disks and create a new one.

Answer: A,B,C

Explanation:
D: Handling "Unable to connect on port 22" error message
Possible causes include:
There is no firewall rule allowing SSH access on the port. SSH access on port 22 is enabled on all Compute Engine instances by default. If you have disabled access, SSH from the Browser will not work. If you run sshd on a port other than 22, you need to enable the access to that port with a custom firewall rule.
The firewall rule allowing SSH access is enabled, but is not configured to allow connections from GCP Console services. Source IP addresses for browser-based SSH sessions are dynamically allocated by GCP Console and can vary from session to session.
References:
https://cloud.google.com/compute/docs/ssh-in-browser
https://cloud.google.com/compute/docs/ssh-in-browser
Reference:
https://cloud.google.com/compute/docs/troubleshooting/troubleshooting-ssh

 

NEW QUESTION 118
Your company is migrating its on-premises data center into the cloud. As part of the migration, you want to integrate Kubernetes Engine for workload orchestration. Parts of your architecture must also be PCI DSScompliant.
Which of the following is most accurate?

  • A. All Google Cloud services are usable because Google Cloud Platform is certified PCI-compliant.
  • B. Kubernetes Engine cannot be used under PCI DSS because it is considered shared hosting.
  • C. Kubernetes Engine and GCP provide the tools you need to build a PCI DSS-compliant environment.
  • D. App Engine is the only compute platform on GCP that is certified for PCI DSS hosting.

Answer: A

Explanation:
https://cloud.google.com/security/compliance/pci-dss

 

NEW QUESTION 119
For this question, refer to the Mountkirk Games case study. Which managed storage option meets Mountkirk's technical requirement for storing game activity in a time series database service?

  • A. Cloud Spanner
  • B. Cloud Bigtable
  • C. Cloud Datastore
  • D. BigQuery

Answer: B

 

NEW QUESTION 120
Your company is moving 75 TB of data into Google Cloud. You want to use Cloud Storage and follow Google-recommended practices. What should you do?

  • A. Move your data onto a Transfer Appliance. Use a Transfer Appliance Rehydrator to decrypt the data into Cloud Storage.
  • B. Move your data onto a Transfer Appliance. Use Cloud Dataprep to decrypt the data into Cloud Storage.
  • C. Install gsutil on each server that contains data. Use resumable transfers to upload the data into Cloud Storage.
  • D. Install gsutil on each server containing data. Use streaming transfers to upload the data into Cloud Storage.

Answer: C

 

NEW QUESTION 121
For this question, refer to the Dress4Win case study. To be legally compliant during an audit, Dress4Win must be able to give insights in all administrative actions that modify the configuration or metadata of resources on Google Cloud.
What should you do?

  • A. Use Stackdriver Trace to create a trace list analysis.
  • B. Use Stackdriver Monitoring to create a dashboard on the project's activity.
  • C. Use the Activity page in the GCP Console and Stackdriver Logging to provide the required insight.
  • D. Enable Cloud Identity-Aware Proxy in all projects, and add the group of Administrators as a member.

Answer: A

Explanation:
Reference:
https://cloud.google.com/logging/docs/audit/

 

NEW QUESTION 122
Case Study: 6 - TerramEarth
Company Overview
TerramEarth manufactures heavy equipment for the mining and agricultural industries. About
80% of their business is from mining and 20% from agriculture. They currently have over 500 dealers and service centers in 100 countries. Their mission is to build products that make their customers more productive.
Solution Concept
There are 20 million TerramEarth vehicles in operation that collect 120 fields of data per second.
Data is stored locally on the vehicle and can be accessed for analysis when a vehicle is serviced.
The data is downloaded via a maintenance port. This same port can be used to adjust operational parameters, allowing the vehicles to be upgraded in the field with new computing modules.
Approximately 200,000 vehicles are connected to a cellular network, allowing TerramEarth to collect data directly. At a rate of 120 fields of data per second with 22 hours of operation per day, TerramEarth collects a total of about 9 TB/day from these connected vehicles.
Existing Technical Environment
TerramEarth's existing architecture is composed of Linux and Windows-based systems that reside in a single U.S. west coast based data center. These systems gzip CSV files from the field and upload via FTP, and place the data in their data warehouse. Because this process takes time, aggregated reports are based on data that is 3 weeks old.
With this data, TerramEarth has been able to preemptively stock replacement parts and reduce unplanned downtime of their vehicles by 60%. However, because the data is stale, some customers are without their vehicles for up to 4 weeks while they wait for replacement parts.
Business Requirements
Decrease unplanned vehicle downtime to less than 1 week.
* Support the dealer network with more data on how their customers use their equipment to better
* position new products and services
Have the ability to partner with different companies - especially with seed and fertilizer suppliers
* in the fast-growing agricultural business - to create compelling joint offerings for their customers.
Technical Requirements
Expand beyond a single datacenter to decrease latency to the American Midwest and east
* coast.
Create a backup strategy.
* Increase security of data transfer from equipment to the datacenter.
* Improve data in the data warehouse.
* Use customer and equipment data to anticipate customer needs.
* Application 1: Data ingest
A custom Python application reads uploaded datafiles from a single server, writes to the data warehouse.
Compute:
Windows Server 2008 R2
* - 16 CPUs
- 128 GB of RAM
- 10 TB local HDD storage
Application 2: Reporting
An off the shelf application that business analysts use to run a daily report to see what equipment needs repair. Only 2 analysts of a team of 10 (5 west coast, 5 east coast) can connect to the reporting application at a time.
Compute:
Off the shelf application. License tied to number of physical CPUs
* - Windows Server 2008 R2
- 16 CPUs
- 32 GB of RAM
- 500 GB HDD
Data warehouse:
A single PostgreSQL server
* - RedHat Linux
- 64 CPUs
- 128 GB of RAM
- 4x 6TB HDD in RAID 0
Executive Statement
Our competitive advantage has always been in the manufacturing process, with our ability to build better vehicles for lower cost than our competitors. However, new products with different approaches are constantly being developed, and I'm concerned that we lack the skills to undergo the next wave of transformations in our industry. My goals are to build our skills while addressing immediate market needs through incremental innovations.
For this question, refer to the TerramEarth case study. A new architecture that writes all incoming data to BigQuery has been introduced. You notice that the data is dirty, and want to ensure data quality on an automated daily basis while managing cost.
What should you do?

  • A. Set up a streaming Cloud Dataflow job, receiving data by the ingestion process. Clean the data in a Cloud Dataflow pipeline.
  • B. Create a Cloud Function that reads data from BigQuery and cleans it. Trigger it. Trigger the Cloud Function from a Compute Engine instance.
  • C. Create a SQL statement on the data in BigQuery, and save it as a view. Run the view daily, and save the result to a new table.
  • D. Use Cloud Dataprep and configure the BigQuery tables as the source. Schedule a daily job to clean the data.

Answer: D

 

NEW QUESTION 123
Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication.
Which networking approach should you use?

  • A. A NAT and TLS translation gateway installed on-premises
  • B. Google Cloud Dedicated Interconnect
  • C. Google Cloud VPN connected to the data center network
  • D. A Google Compute Engine instance with a VPN server installed connected to the data center network

Answer: C

 

NEW QUESTION 124
JencoMart has decided to migrate user profile storage to Google Cloud Datastore and the application
servers to Google Compute Engine (GCE). During the migration, the existing infrastructure will need
access to Datastore to upload the data.
What service account key-management strategy should you recommend?

  • A. Deploy a custom authentication service on GCE/Google Kubernetes Engine (GKE) for the on-premises
    infrastructure and use GCP managed keys for the VMs
  • B. Authenticate the on-premises infrastructure with a user account and provision service account keys for
    the VMs
  • C. Provision service account keys for the on-premises infrastructure and for the GCE virtual machines
    (VMs)
  • D. Provision service account keys for the on-premises infrastructure and use Google Cloud Platform
    (GCP) managed keys for the VMs

Answer: D

Explanation:
Explanation/Reference:
Explanation:
Migrating data to Google Cloud Platform
Let's say that you have some data processing that happens on another cloud provider and you want to
transfer the processed data to Google Cloud Platform. You can use a service account from the virtual
machines on the external cloud to push the data to Google Cloud Platform. To do this, you must create
and download a service account key when you create the service account and then use that key from the
external process to call the Cloud Platform APIs.
References:
https://cloud.google.com/iam/docs/understanding-service-
accounts#migrating_data_to_google_cloud_platform

 

NEW QUESTION 125
Your office is connected to GCP via a VPN connection. How can you increase the speed of your VPN connection, assuming that your office Internet is not the bottleneck?

  • A. Submit request to increase bandwidth quota
  • B. Enable high speed routing in your VPN settings
  • C. Apply for a dedicated interconnect option
  • D. Create an additional VPN tunnel

Answer: D

Explanation:
A - Apply for a dedicated interconnect option. A dedicated interconnect will also increase speeds, however the question asked how to speed up your VPN connection, not create a new type of connection.
C (Correct answer) - Create an additional VPN tunnel. Each VPN tunnel has a max speed of 1.5 Gbps. However, you can create multiple VPN tunnels to increase bandwidth.
Answer B and D either are not applicable or feature doesn't not exist.

 

NEW QUESTION 126
You are designing a large distributed application with 30 microservices. Each of your distributed microservices needs to connect to a database back-end. You want to store the credentials securely. Where should you store the credentials?

  • A. In a secret management system
  • B. In the source code
  • C. In an environment variable
  • D. In a config file that has restricted access through ACLs

Answer: A

Explanation:
Reference:
https://cloud.google.com/docs/authentication/production#providing_credentials_to_your_application

 

NEW QUESTION 127
Your company creates rendering software which users can download from the company website. Your company has customers all over the world. You want to minimize latency for all your customers. You want to follow Google-recommended practices.
How should you store the files?

  • A. Save the files in multiple Regional Cloud Storage buckets, one bucket per zone per region.
  • B. Save the files in a Multi-Regional Cloud Storage bucket.
  • C. Save the files in a Regional Cloud Storage bucket, one bucket per zone of the region.
  • D. Save the files in multiple Multi-Regional Cloud Storage buckets, one bucket per multi-region.

Answer: B

Explanation:
https://cloud.google.com/storage/docs/locations#location-mr

 

NEW QUESTION 128
......

Professional-Cloud-Architect Question Bank: Free PDF Download Recently Updated Questions: https://www.prep4sures.top/Professional-Cloud-Architect-exam-dumps-torrent.html

Professional-Cloud-Architect Brain Dump: A Study Guide with Tips & Tricks for passing Exam: https://drive.google.com/open?id=1X9AN0366VJTSMqXnP4C_uyKKt5erYVCD