Your success in Google Professional-Cloud-Architect is our sole target and we develop all our Professional-Cloud-Architect braindumps in a way that facilitates the attainment of this target. Not only is our Professional-Cloud-Architect study material the best you can find, it is also the most detailed and the most updated. Professional-Cloud-Architect Practice Exams for Google Professional-Cloud-Architect are written to the highest standards of technical accuracy.

Free demo questions for Google Professional-Cloud-Architect Exam Dumps Below:

NEW QUESTION 1

You have an outage in your Compute Engine managed instance group: all instance keep restarting after 5 seconds. You have a health check configured, but autoscaling is disabled. Your colleague, who is a Linux expert, offered to look into the issue. You need to make sure that he can access the VMs. What should you do?

  • A. Grant your colleague the IAM role of project Viewer
  • B. Perform a rolling restart on the instance group
  • C. Disable the health check for the instance grou
  • D. Add his SSH key to the project-wide SSH keys
  • E. Disable autoscaling for the instance grou
  • F. Add his SSH key to the project-wide SSH Keys

Answer: C

Explanation:
https://cloud.google.com/compute/docs/instance-groups/autohealing-instances-in-migs
Health checks used for autohealing should be conservative so they don't preemptively delete and recreate your instances. When an autohealer health check is too aggressive, the autohealer might mistake busy instances for failed instances and unnecessarily restart them, reducing availability

NEW QUESTION 2

Your company is forecasting a sharp increase in the number and size of Apache Spark and Hadoop jobs being run on your local datacenter You want to utilize the cloud to help you scale this upcoming demand with the least amount of operations work and code change. Which product should you use?

  • A. Google Cloud Dataflow
  • B. Google Cloud Dataproc
  • C. Google Compute Engine
  • D. Google Container Engine

Answer: B

Explanation:
Google Cloud Dataproc is a fast, easy-to-use, low-cost and fully managed service that lets you run the Apache Spark and Apache Hadoop ecosystem on Google Cloud Platform. Cloud Dataproc provisions big or small clusters rapidly, supports many popular job types, and is integrated with other Google Cloud Platform services, such as Google Cloud Storage and Stackdriver Logging, thus helping you reduce TCO.
References: https://cloud.google.com/dataproc/docs/resources/faq

NEW QUESTION 3

Your development team has installed a new Linux kernel module on the batch servers in Google Compute Engine (GCE) virtual machines (VMs) to speed up the nightly batch process. Two days after the installation, 50% of web application deployed in the same
nightly batch run. You want to collect details on the failure to pass back to the development team. Which three actions should you take? Choose 3 answers

  • A. Use Stackdriver Logging to search for the module log entries.
  • B. Read the debug GCE Activity log using the API or Cloud Console.
  • C. Use gcloud or Cloud Console to connect to the serial console and observe the logs.
  • D. Identify whether a live migration event of the failed server occurred, using in the activity log.
  • E. Adjust the Google Stackdriver timeline to match the failure time, and observe the batch server metrics.
  • F. Export a debug VM into an image, and run the image on a local server where kernel log messages will be displayed on the native screen.

Answer: ACE

Explanation:
https://www.flexera.com/blog/cloud/2013/12/google-compute-engine-live-migration-passes-the-test/ "With live migration, the virtual machines are moved without any downtime or noticeable service
degradation"

NEW QUESTION 4

You need to evaluate your team readiness for a new GCP project. You must perform the evaluation and create a skills gap plan incorporates the business goal of cost optimization. Your team has deployed two GCP projects successfully to date. What should you do?

  • A. Allocate budget for team trainin
  • B. Set a deadline for the new GCP project.
  • C. Allocate budget for team trainin
  • D. Create a roadmap for your team to achieve Google Cloud certification based on job role.
  • E. Allocate budget to hire skilled external consultant
  • F. Set a deadline for the new GCP project.
  • G. Allocate budget to hire skilled external consultant
  • H. Create a roadmap for your team to achieve Google Cloud certification based on job role.

Answer: B

Explanation:
https://services.google.com/fh/files/misc/cloud_center_of_excellence.pdf

NEW QUESTION 5

You set up an autoscaling instance group to serve web traffic for an upcoming launch. After configuring the instance group as a backend service to an HTTP(S) load balancer, you notice that virtual machine (VM) instances are being terminated and re-launched every minute. The instances do not have a public IP address. You have verified the appropriate web response is coming from each instance using the curl command. You want to ensure the backend is configured correctly. What should you do?

  • A. Ensure that a firewall rule exists to allow source traffic on HTTP/HTTPS to reach the load balancer.
  • B. Assign a public IP to each instance and configure a firewall rule to allow the load balancer to reach the instance public IP.
  • C. Ensure that a firewall rule exists to allow load balancer health checks to reach the instances in the instance group.
  • D. Create a tag on each instance with the name of the load balance
  • E. Configure a firewall rule with the name of the load balancer as the source and the instance tag as the destination.

Answer: C

Explanation:
https://cloud.google.com/vpc/docs/using-firewalls
The best practice when configuration a health check is to check health and serve traffic on the same port. However, it is possible to perform health checks on one port, but serve traffic on another. If you do use two different ports, ensure that firewall rules and services running on instances are configured appropriately. If you run health checks and serve traffic on the same port, but decide to switch ports at some point, be sure to update both the backend service and the health check.
Backend services that do not have a valid global forwarding rule referencing it will not be health checked and will have no health status.
References: https://cloud.google.com/compute/docs/load-balancing/http/backend-service

NEW QUESTION 6

The operations manager asks you for a list of recommended practices that she should consider when migrating a J2EE application to the cloud. Which three practices should you recommend? Choose 3 answers

  • A. Port the application code to run on Google App Engine.
  • B. Integrate Cloud Dataflow into the application to capture real-time metrics.
  • C. Instrument the application with a monitoring tool like Stackdriver Debugger.
  • D. Select an automation framework to reliably provision the cloud infrastructure.
  • E. Deploy a continuous integration tool with automated testing in a staging environment.
  • F. Migrate from MySQL to a managed NoSQL database like Google Cloud Datastore or Bigtable.

Answer: AEF

Explanation:
References: https://cloud.google.com/appengine/docs/standard/java/tools/uploadinganapp https://cloud.google.com/appengine/docs/standard/java/building-app/cloud-sql

NEW QUESTION 7

Your company is using BigQuery as its enterprise data warehouse. Data is distributed over several Google Cloud projects. All queries on BigQuery need to be billed on a single project. You want to make sure that no query costs are incurred on the projects that contain the data. Users should be able to query the datasets, but not edit them.
How should you configure users’ access roles?

  • A. Add all users to a grou
  • B. Grant the group the role of BigQuery user on the billing project and BigQuery dataViewer on the projects that contain the data.
  • C. Add all users to a grou
  • D. Grant the group the roles of BigQuery dataViewer on the billing project and BigQuery user on the projects that contain the data.
  • E. Add all users to a grou
  • F. Grant the group the roles of BigQuery jobUser on the billing project and BigQuery dataViewer on the projects that contain the data.
  • G. Add all users to a grou
  • H. Grant the group the roles of BigQuery dataViewer on the billing project and BigQuery jobUser on the projects that contain the data.

Answer: A

Explanation:
Reference: https://cloud.google.com/bigquery/docs/running-queries

NEW QUESTION 8

You are designing an application for use only during business hours. For the minimum viable product release, you’d like to use a managed product that automatically “scales to zero” so you don’t incur costs when there is no activity.
Which primary compute resource should you choose?

  • A. Cloud Functions
  • B. Compute Engine
  • C. Kubernetes Engine
  • D. AppEngine flexible environment

Answer: A

Explanation:
https://cloud.google.com/serverless-options

NEW QUESTION 9

A small number of API requests to your microservices-based application take a very long time. You know that each request to the API can traverse many services. You want to know which service takes the longest in those cases. What should you do?

  • A. Set timeouts on your application so that you can fail requests faster.
  • B. Send custom metrics for each of your requests to Stackdriver Monitoring.
  • C. Use Stackdriver Monitoring to look for insights that show when your API latencies are high.
  • D. Instrument your application with Stackdnver Trace in order to break down the request latencies at each microservice.

Answer: D

Explanation:
https://cloud.google.com/trace/docs/overview

NEW QUESTION 10

For this question, refer to the TerramEarth case study
Your development team has created a structured API to retrieve vehicle data. They want to allow third parties to develop tools for dealerships that use this vehicle event data. You want to support delegated authorization against this data. What should you do?

  • A. Build or leverage an OAuth-compatible access control system.
  • B. Build SAML 2.0 SSO compatibility into your authentication system.
  • C. Restrict data access based on the source IP address of the partner systems.
  • D. Create secondary credentials for each dealer that can be given to the trusted third party.

Answer: A

Explanation:
https://cloud.google.com/appengine/docs/flexible/go/authorizing-apps https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#delegate_application_autho Delegate application authorization with OAuth2
Cloud Platform APIs support OAuth 2.0, and scopes provide granular authorization over the methods that are supported. Cloud Platform supports both service-account and user-account OAuth, also called three-legged OAuth.
References:
https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#delegate_application_autho
https://cloud.google.com/appengine/docs/flexible/go/authorizing-apps

NEW QUESTION 11

You are designing a mobile chat application. You want to ensure people cannot spoof chat messages, by providing a message were sent by a specific user.
What should you do

  • A. Tag messages client side with the originating user identifier and the destination user.
  • B. Encrypt the message client side using block-based encryption with a shared key.
  • C. Use public key infrastructure (PKI) to encrypt the message client side using the originating user's private key.
  • D. Use a trusted certificate authority to enable SSL connectivity between the client application and the server.

Answer: C

NEW QUESTION 12

You are tasked with building an online analytical processing (OLAP) marketing analytics and reporting tool. This requires a relational database that can operate on hundreds of terabytes of data. What is the Google
recommended tool for such applications?

  • A. Cloud Spanner, because it is globally distributed
  • B. Cloud SQL, because it is a fully managed relational database
  • C. Cloud Firestore, because it offers real-time synchronization across devices
  • D. BigQuery, because it is designed for large-scale processing of tabular data

Answer: A

Explanation:
Reference: https://cloud.google.com/files/BigQueryTechnicalWP.pdf

NEW QUESTION 13

Your company is migrating its on-premises data center into the cloud. As part of the migration, you want to integrate Kubernetes Engine for workload orchestration. Parts of your architecture must also be PCI DSScompliant.
Which of the following is most accurate?

  • A. App Engine is the only compute platform on GCP that is certified for PCI DSS hosting.
  • B. Kubernetes Engine cannot be used under PCI DSS because it is considered shared hosting.
  • C. Kubernetes Engine and GCP provide the tools you need to build a PCI DSS-compliant environment.
  • D. All Google Cloud services are usable because Google Cloud Platform is certified PCI-compliant.

Answer: D

Explanation:
https://cloud.google.com/security/compliance/pci-dss

NEW QUESTION 14

For this question, refer to the TerramEarth case study.
The TerramEarth development team wants to create an API to meet the company's business requirements. You want the development team to focus their development effort on business value versus creating a custom framework. Which method should they use?

  • A. Use Google App Engine with Google Cloud Endpoint
  • B. Focus on an API for dealers and partners.
  • C. Use Google App Engine with a JAX-RS Jersey Java-based framewor
  • D. Focus on an API for the public.
  • E. Use Google App Engine with the Swagger (open API Specification) framewor
  • F. Focus on an API for the public.
  • G. Use Google Container Engine with a Django Python containe
  • H. Focus on an API for the public.
  • I. Use Google Container Engine with a Tomcat container with the Swagger (Open API Specification) framewor
  • J. Focus on an API for dealers and partners.

Answer: A

Explanation:
https://cloud.google.com/endpoints/docs/openapi/about-cloud-endpoints?hl=en_US&_ga=2.21787131.-1712523 https://cloud.google.com/endpoints/docs/openapi/architecture-overview
https://cloud.google.com/storage/docs/gsutil/commands/test
Develop, deploy, protect and monitor your APIs with Google Cloud Endpoints. Using an Open API Specification or one of our API frameworks, Cloud Endpoints gives you the tools you need for every phase of API development.
From scenario: Business Requirements
Decrease unplanned vehicle downtime to less than 1 week, without increasing the cost of carrying surplus inventory
Support the dealer network with more data on how their customers use their equipment to better position new products and services
Have the ability to partner with different companies – especially with seed and fertilizer suppliers in the fast-growing agricultural business – to create compelling joint offerings for their customers.
Reference: https://cloud.google.com/certification/guides/cloud-architect/casestudy-terramearth

NEW QUESTION 15

Your customer wants to do resilience testing of their authentication layer. This consists of a regional managed instance group serving a public REST API that reads from and writes to a Cloud SQL instance.
What should you do?

  • A. Engage with a security company to run web scrapes that look your users’ authentication data om malicious websites and notify you if any if found.
  • B. Deploy intrusion detection software to your virtual machines to detect and log unauthorized access.
  • C. Schedule a disaster simulation exercise during which you can shut off all VMs in a zone to see how your application behaves.
  • D. Configure a red replica for your Cloud SQL instance in a different zone than the master, and then manually trigger a failover while monitoring KPIs for our REST API.

Answer: C

NEW QUESTION 16

Your company wants to try out the cloud with low risk. They want to archive approximately 100 TB of their log data to the cloud and test the analytics features available to them there, while also retaining that data as a long-term disaster recovery backup. Which two steps should they take? Choose 2 answers

  • A. Load logs into Google BigQuery.
  • B. Load logs into Google Cloud SQL.
  • C. Import logs into Google Stackdriver.
  • D. Insert logs into Google Cloud Bigtable.
  • E. Upload log files into Google Cloud Storage.

Answer: AE

NEW QUESTION 17

You have an application that makes HTTP requests to Cloud Storage. Occasionally the requests fail with HTTP status codes of 5xx and 429.
How should you handle these types of errors?

  • A. Use gRPC instead of HTTP for better performance.
  • B. Implement retry logic using a truncated exponential backoff strategy.
  • C. Make sure the Cloud Storage bucket is multi-regional for geo-redundancy.
  • D. Monitor https://status.cloud.google.com/feed.atom and only make requests if Cloud Storage is not reporting an incident.

Answer: A

Explanation:
Reference https://cloud.google.com/storage/docs/json_api/v1/status-codes

NEW QUESTION 18

You have an App Engine application that needs to be updated. You want to test the update with production traffic before replacing the current application version.
What should you do?

  • A. Deploy the update using the Instance Group Updater to create a partial rollout, which allows for canary testing.
  • B. Deploy the update as a new version in the App Engine application, and split traffic between the new and current versions.
  • C. Deploy the update in a new VPC, and use Google’s global HTTP load balancing to split traffic between the update and current applications.
  • D. Deploy the update as a new App Engine application, and use Google’s global HTTP load balancing to split traffic between the new and current applications.

Answer: B

Explanation:
https://cloud.google.com/appengine/docs/standard/python/splitting-traffic

NEW QUESTION 19
......

Recommend!! Get the Full Professional-Cloud-Architect dumps in VCE and PDF From Certshared, Welcome to Download: https://www.certshared.com/exam/Professional-Cloud-Architect/ (New 170 Q&As Version)