Cloud Engineer

FREE Cloud Engineer: Google Associate Questions and Answers

Your team uses Splunk for centralized logging, and Splunk logs are the basis for many of your reports and dashboards. Splunk Forwarder must be installed on each node of your new Kubernetes Engine autoscaled cluster. The logs are forwarded to a central Splunk server by the Splunk forwarder. You want to reduce administrative costs. What is the most effective strategy to install Splunk Forwarder throughout the cluster's nodes?

Use Deployment Manager to orchestrate the deployment of forwarder agents on all nodes

Include the forwarder agent in a DaemonSet deployment

SH to each node and run a script to install the forwarder agent

Include the forwarder agent in a StatefulSet deployment

Correct! Wrong!

Explanation:
Include the forwarder agent in a DaemonSet deployment. is the right answer
The one-pod-per-node approach is followed by DaemonSets in GKE, either across the entire cluster or only a selection of nodes. DaemonSets automatically add pods to new nodes when you add them to a node pool. Therefore, you may automate the installation and configuration of the Splunk forwarder agent on each GKE cluster node by configuring the pod to utilize the Splunk forwarder agent image and with some minimal design (for example, defining which logs need to be forwarded).

You need to move a group of media files totaling more than 50 GB each to Google Cloud Storage. The documents are located in your on-site data center. What kind of relocation strategy might you employ to hasten the transfer process?

Use parallel uploads to break the file into smaller chunks then transfer it simultaneously

Use multi-threaded uploads using the -m option

Start a recursive upload

Use the Cloud Transfer Service to transfer

Correct! Wrong!

Explanation:
Gsutil provides object composition or parallel upload to handle the upload of larger files.
For big, local files you want to upload in parallel to cloud storage, the gsutil program can also automatically use object composition. A large file is divided into smaller bits, uploaded in parallel, then reconfigured once in the cloud (and deleted from the temporary components it created locally).

Your team strives to deploy your application to the GKE cluster in the desired state configuration. YAML files represent the Kubernetes deployment and service objects. The replicas parameter in app deployment.yaml specifies that your application is intended to run on two pods. The GKE load balancer is described in the app service. Your service uses YAML.

You created the Kubernetes resources by running
kubectl apply -f app-deployment.yaml
kubectl apply -f app-service.yaml

Although your deployment is now handling live traffic, it has performance problems. You would like to make five more replicas. What should you do to update the replicas in the deployed Kubernetes objects currently in use?

Disregard the YAML file. Enable autoscaling on the deployment to trigger on CPU usage and set max pods to 5. kubectl autoscale myapp --max=5 --cpu-percent=80

Disregard the YAML file. Use the kubectl scale command to scale the replicas to 5. kubectl scale --replicas=5 -f app-deployment.yaml

Edit the number of replicas in the YAML file and rerun the kubectl apply. kubectl apply -f app-deployment.yaml

Modify the current configuration of the deployment by using kubectl edit to open the YAML file of the current configuration, modify and save the configuration. kubectl edit deployment/app-deployment -o yaml --save-config

Correct! Wrong!

Explanation:
Edit the number of replicas in the YAML file and rerun the kubectl apply. kubectl apply -f app-deployment.yaml. is the right answer.
This one is the only method that ensures you use the desired state configuration. You may keep the Kubernetes cluster in its intended condition by modifying the YAML file to contain five replicas and applying it using Kubectl apply.

A business plans to move its online application to Google App Engine. They would nonetheless keep using their on-site database. How do they configure the application?

Setup the application using App Engine Flexible environment with Cloud VPN to connect to database

Configure the application using the App Engine Standard environment and Cloud VPN to connect to a database.

Application setup using App Engine Flexible setting for connecting to databases using Cloud Router

Create the application using the App Engine Standard environment and connect to the database using Cloud Router

Correct! Wrong!

Explanation:
Using a cloud VPN, Google App Engine offers connectivity to on-premises systems. Subnetworks can be created within your Compute Engine network. By doing so, you can enable VPN scenarios like accessing corporate network databases.

Your virtual machines are operating on a network with the subnet mask 255.255.255.240. There are no more available IP addresses on the present subnet, and you need an additional 10 IP addresses for new virtual machines. All current and recent VMs should be able to connect without needing different routes. What ought you to do?

Delete the subnet, and recreate it using a wider range of IP addresses

Use gcloud to expand the IP range of the current subnet

Create a new subnet with the same starting IP but a wider range to overwrite the current subnet

reate a new project. Use Shared VPC to share the current network with the new project

Correct! Wrong!

Explanation:
Use gcloud to expand the IP range of the current subnet. is the right answer
The existing subnet's subnet mask is 255.255.255.240, which means that the maximum number of addresses that can be used is 16. Since there are 4 bits open in the network prefix of /28, or 2 to the power of 4, there are 16 IP addresses.

Every year, auditors visit your teams and request a review of all the prior year's Google Cloud Identity and Access Management (Cloud IAM) policy updates. The analysis and auditing processes have to be streamlined and accelerated. What ought you to do?

Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor

Create custom Google Stackdriver alerts and send them to the auditor

Enable Google Cloud Storage (GCS) log export to audit logs into a GCS bucket and delegate access to the bucket

Use Cloud Functions to transfer log entries to Google Cloud SQL and use ACLs and views to limit an auditor's view

Correct! Wrong!

Explanation:
A decent storage choice with analysis capabilities is BigQuery. Additionally, ACLs and views can be used to limit access to the data. BigQuery manages project and dataset permissions via access control lists (ACLs). You can utilize BigQuery, a petabyte-scale analytics data warehouse, to execute SQL queries over enormous volumes of data almost instantly. In BigQuery, generating an authorized view also refers to granting a view access to a dataset. You can share query results with specific users and groups using an approved idea without giving them access to the underlying tables. You can limit which columns (fields) users can query using the SQL query for the view. You establish an authorized idea in this tutorial.

The corporate apps of your client are being moved to the Google Cloud Platform. The security team requests complete visibility into every project within the company. You create your account as the organization administrator and provide the Google Cloud Resource Manager. Which Cloud IAM (Google Cloud Identity and Access Management) roles ought the security team be assigned?

Org viewer, project viewer

Org viewer, project owner

Project owner, network admin

Org admin, project browser

Correct! Wrong!

Explanation:
The project viewer gives the visibility that the security team requires while adhering to the principle of least privilege. Refer to Organization and Project Access Control in the GCP manual.

FREE Cloud Engineer: Google Associate Questions and Answers

You need to move a group of media files totaling more than 50 GB each to Google Cloud Storage. The documents are located in your on-site data center. What kind of relocation strategy might you employ to hasten the transfer process?

A business plans to move its online application to Google App Engine. They would nonetheless keep using their on-site database. How do they configure the application?

Every year, auditors visit your teams and request a review of all the prior year's Google Cloud Identity and Access Management (Cloud IAM) policy updates. The analysis and auditing processes have to be streamlined and accelerated. What ought you to do?

Related Post