FREE Associate Cloud Engineer v1.0 Questions and Answers
The audit log files for your company must be kept for three years because it is a financial institution. There are several Google Cloud projects in your company. It would help if you practiced a cost-efficient log file retention strategy. What ought you to do?
Explanation:
To implement a cost-effective approach for log file retention in a scenario where hundreds of Google Cloud projects need to store audit log files for three years, you can create an export to the sink that saves logs from Cloud Audit to BigQuery.
You used Cloud Spanner to build a Google Cloud application. While monitoring the environment, your support staff shouldn't have access to table data. You want to adhere to Google's best practices, so you need an efficient way to grant the right rights to your support team. What ought you to do?
Explanation:
To grant your support team permission to monitor your Cloud Spanner environment without giving them access to table data, you can add the support team group to the roles/spanner.database user role. This role grants users the ability to read metadata, such as schema and indexes, for a specific Cloud Spanner database but does not provide access to read or modify data.
Your business already has a GCP organization with a billing account and numerous projects. Your business acquired a company with hundreds of projects and its billing account. You want to combine the GCP expenses of the two GCP entities into one invoice. You want to connect all costs starting tomorrow. What ought you to do?
A container image-packaged program has to be deployed in a new project. Not many requests are made daily to the application, which exposes an HTTP endpoint. You want to reduce spending. What ought you to do?
Explanation:
To deploy an application, packaged in a container image, in a new project with an HTTP endpoint that receives very few requests per day while minimizing costs, you should deploy the container on Cloud Run on GKE.
In your own data center, bare-metal servers are hosting an application. Cloud storage must be accessible to the application. Security regulations, however, forbid the servers hosting the application from having available IP addresses or internet access. It would help if you stuck to Google's advice to grant the application access to cloud storage. What ought you to do?
Explanation:
Suppose your application needs access to Cloud Storage, but your security policies prevent the servers hosting the application from having public IP addresses or access to the internet. In that case, you can follow Google-recommended practices to provide the application access to Cloud Storage by migrating your servers to Compute Engine and creating an internal load balancer (ILB) with storage.googleapis.com as a backend.
For a latency-sensitive website, you wish to use GCP to run a single HTTP reverse proxy with caching. The CPU use for this specific reverse proxy is minimal. A 30-GB in-memory cache is desired, and an extra 2 GB of memory is required for the remaining processes. Cost savings are what you seek. How should this reverse proxy be used?
Explanation:
To run a single caching HTTP reverse proxy on GCP for a latency-sensitive website with a 30-GB in-memory cache and an additional 2 GB of memory for the rest of the processes while minimizing cost, you should run it on a Compute Engine instance with a custom machine type.