FREE Cloud Engineer: Google Associate Questions and Answers

Question 1

You need to move a group of media files totaling more than 50 GB each to Google Cloud Storage. The documents are located in your on-site data center. What kind of relocation strategy might you employ to hasten the transfer process?

Accepted Answer

Use parallel uploads to break the file into smaller chunks then transfer it simultaneously

Answer

For very large files like 50 GB media files, using parallel uploads significantly speeds up the transfer process to Google Cloud Storage. This strategy breaks the large file into smaller chunks, which are then uploaded simultaneously. By leveraging multiple connections and concurrent transfers, it maximizes available bandwidth and drastically reduces the overall time required compared to a single, sequential upload.

Question 2

Your team uses Splunk for centralized logging, and Splunk logs are the basis for many of your reports and dashboards. Splunk Forwarder must be installed on each node of your new Kubernetes Engine autoscaled cluster. The logs are forwarded to a central Splunk server by the Splunk forwarder. You want to reduce administrative costs. What is the most effective strategy to install Splunk Forwarder throughout the cluster's nodes?

Accepted Answer

Include the forwarder agent in a DaemonSet deployment

Answer

A DaemonSet in Kubernetes is designed to ensure that a copy of a pod runs on every node in a cluster. This is the most effective strategy for deploying a logging agent like Splunk Forwarder across all nodes in an autoscaled Kubernetes Engine cluster. It automatically handles the installation on new nodes as they scale up, reducing administrative overhead and ensuring consistent logging coverage without manual intervention.

Question 3

Your team strives to deploy your application to the GKE cluster in the desired state configuration. YAML files represent the Kubernetes deployment and service objects. The replicas parameter in app deployment.yaml specifies that your application is intended to run on two pods. The GKE load balancer is described in the app service. Your service uses YAML.

You created the Kubernetes resources by running
kubectl apply -f app-deployment.yaml
kubectl apply -f app-service.yaml

Although your deployment is now handling live traffic, it has performance problems. You would like to make five more replicas. What should you do to update the replicas in the deployed Kubernetes objects currently in use?

Accepted Answer

Edit the number of replicas in the YAML file and rerun the kubectl apply. kubectl apply -f app-deployment.yaml

Answer

The `kubectl apply -f` command is declarative, meaning it applies the desired state defined in the YAML file to your Kubernetes cluster. To update the number of replicas, you should modify the `replicas` parameter directly in your `app-deployment.yaml` file. Rerunning `kubectl apply -f app-deployment.yaml` will then reconcile the cluster's state with the updated YAML, ensuring your infrastructure-as-code remains the single source of truth for your deployment configuration.

Question 4

Every year, auditors visit your teams and request a review of all the prior year's Google Cloud Identity and Access Management (Cloud IAM) policy updates. The analysis and auditing processes have to be streamlined and accelerated. What ought you to do?

Accepted Answer

Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor

Answer

Exporting Cloud IAM audit logs to Google BigQuery provides a centralized, highly scalable, and queryable repository for historical data. BigQuery's powerful SQL capabilities allow auditors to easily analyze and filter specific IAM policy updates. Furthermore, BigQuery's Access Control Lists (ACLs) and views enable precise control over which data subsets are shared with auditors, streamlining the review process while maintaining data security and compliance.

Question 5

A business plans to move its online application to Google App Engine. They would nonetheless keep using their on-site database. How do they configure the application?

Accepted Answer

Setup the application using App Engine Flexible environment with Cloud VPN to connect to database

Answer

The App Engine Flexible environment allows applications to run in custom runtimes within a Google Cloud Virtual Private Cloud (VPC), providing more network configuration options than the Standard environment. To connect to an on-site database securely, a Cloud VPN tunnel can be established between the Google Cloud VPC and the on-site data center. This setup enables the App Engine Flexible application to access the private on-site database over a secure, private connection.

Cloud Engineer Practice Test

Cloud Engineer Practice Test

FREE Cloud Engineer: Google Associate Questions and Answers