GCP

Question 1

You have downloaded the SDK kit from Google and now would like to
manage containers on GKE with gcloud. What command would be typed to
install kubectl in the CLI?

A. Gcloud components install kubectl
B. Gcloud components kubectl install
C. Gcloud components install kubernetes
D. Gcloud components install components kubectl

Answer 1

A. gcloud components install kubectl
Explanation: Using gcloud is very important for this cloud engineer exam
around Kubernetes. The gcloud commands are what interact with GCP
resources that create and manage the clusters and then the kubectl, which is
the Kubernetes command line tool is used to run commands against
Kubernetes clusters on GKE.

Question 2

A recent software update to your enterprises e-commerce website that is
running on Google Cloud has caused the website to crash for several hours.

Your CTO decides that all critical changes must now have a back-out/roll-
back plan. The website is deployed on hundreds of virtual machines (VMs),

and critical changes are frequent.
Which two actions should you take to implement the back-out/roll-back
plan??

A. Use managed instance groups with the “update-instances”
command when starting a rolling update
B. Enable object versioning on the website’s static data files stored
in Google Cloud Storage
C. Create a new instance template with applied fixes and roll out
via A/B test
D. Use unmanaged instance groups with the “update-instances”
command when starting a rolling update

Answer 2

Correct Answer(s): B. Processor
Explanation: Use managed instance groups to provide updates and object
versioning will ensure that you can get back to the previous stable version.

Question 3

Your company uses a third-party monitoring solution for your
enterprise apps. You are using Kubernetes Engine for your container
deployments and would like to enable this internal monitoring app for
Kubernetes clusters. What would be the best approach? (Select One)
A. Deploy the monitoring pod as a DaemonSet.
B. Deploy the monitoring pod as a cluster
C. Deploy the monitoring extension for Stackdriver Trace
D. Deploy a solution from the Cloud Marketplace

Answer 3

Correct Answer(s): A. Deploy the monitoring pod as a DaemonSet.
Explanation: Many monitoring solutions use the Kubernetes DaemonSet
structure to deploy an agent on every cluster node. S Note that each tool has
its own software for cluster monitoring. Heapster is another option that could
also be used, Heapster is a bridge between a cluster and a storage designed to
collect the cluster metrics. Stackdriver is native to Google Cloud and
therefore the recommended approach by Google Cloud.

Question 4

App Engine services are specified(designed) to be _________?

A. Regional
B. Global
C. Multi-regional
D. Zonal

Answer 4

Correct Answer(s): A. Regional
Explanation: App Engine is a regional service , which means the
infrastructure that runs your apps is located in a specific region. This region
cannot be moved nor migrated. It is managed by Google to be redundantly
available across all the zones within that region.

Question 5

5. The Monitoring agent, ________________, is based on the original
   collectd system statistics collection daemon? (Select One)

A. Stackdriver-agent
B. Stackdriver-agent-collectd
C. Stackdriver-collectd
D. Stackdriver-statsd

Answer 5

Correct Answer(s): A. Stackdriver-agent
Explanation: The Stackdriver Monitoring agent is a collectd-based daemon
that gathers system and application metrics from virtual machine instances
and sends them to Stackdriver
Monitoring. cloud.google.com/monitoring/agent/

Question 6

6. You are currently deploying an application on a Kubernetes cluster.
   Your aware that a Deployment’s rollout is triggered if and only if the
   Deployment’s pod template is changed, for example if the labels or
   container images of the template are updated. Other updates, such as scaling
   the Deployment, do not trigger a rollout. What is the file name that would
   need to be changed? (Select One)
   A. .spectemplate.yaml
   B. App.py
   C. .template.yaml
   D. .spec.template

Answer 6

Correct Answer(s): D. .spec.template is a deployment template.
Explanation: A Deployment’s rollout is triggered if and only if the
Deployment’s Pod template is changed.

https://kubernetes.io/docs/concepts/workloads/controllers/deployment/

Question 7

7. You are currently looking at your GCP platform with gcloud and
   would like to list all the instances in GCP Compute Engine. What command
   would you use? (Select One)
   A. gcloud compute instances grep
   B. gcloud grep compute instances
   C. gcloud compute list instances
   D. gcloud compute instances list

Answer 7

Correct Answer(s): D. gcloud compute instances list
Explanation: Review the gcloud documentation site for command syntax
https://cloud.google.com/sdk/gcloud/reference/compute/instances/list

Question 8

8. __________________is a unified programming model and also a
   managed service for developing and executing a wide range of data
   processing patterns including ETL, batch computation, and continuous
   computation. What is the service? (Select One)
   A. Cloud Datalab
   B. Cloud Dataflow
   C. Cloud Dataproc
   D. Cloud Spanner

Answer 8

Correct Answer(s): B. Cloud Dataflow
Explanation: Cloud Dataflow is a unified programming model and a managed
service for developing and executing a wide range of data processing patterns
including ETL, batch computation, and continuous computation. The
challenge with a lot of the GCP services is that they sound the same or have
the same prefix which can be confusing.
https://cloud.google.com/sdk/gcloud/reference/dataflow/

Question 9

9. Your considering placing your Infrastructure as code processes on Cloud
   Deployment Manager. What would be a risk of doing this? (Select One)

A. Cloud Deployment Manager requires a Google APIs service
account to run.
B. Cloud Deployment Manager APIs could be deprecated in the
future.
C. Cloud Deployment Manager can be used to permanently delete
cloud resources.
D. Cloud Deployment Manager takes some training to use.

Answer 9

Correct Answer(s): B. Cloud Deployment Manager.
Explanation: APIs could be deprecated in the future.
APIs of course take maintenance. Other choices would likely not be a risk.

Question 10

10 You are currently reviewing your project in GCP using gcloud. You
would like to confirm what the DNS related info is for a project. What is the
command to do this? Select One
(Select One)
A. gcloud dns project-info describe
B. gcloud dns project-info list
C. gcloud dns project-info show
D. gcloud dns project-info grep

Answer 10

Correct Answer(s): A. gcloud dns project-info describe
Explanation: gcloud commands need to be memorized. The easy way to
rule out two answers is generally to look at the service which should come
after gcloud. If the answer is flag related, then we need to memorize in most
cases. https://cloud.google.com/sdk/gcloud/reference/dns/project-info/

Question 11

11. You are evaluating new GCP services and would like to use tools to
    help you evaluate the costs of using GCP. What are two tools available from
    GCP to help analyse costs. (Select Two)
    A. Pricing Calculator
    B. ROI Calculator
    C. TCO Tool
    D. Cost Optimization Tool

Answer 11

Correct Answer(s): A and C: Pricing Calculator and TCO Tool

Explanation. For this exam. Expect several questions on pricing Bigtable and
Storage. You can also take advantage of some tools to help you evaluate the
costs of using GCP. The pricing calculator provides a quick and easy way to
estimate what your GCP usage will look like. You can provide details about
the services you want to use, such as the number of Compute Engine
instances, persistent disks and their sizes, and so on, and then see a pricing
estimate.
https://cloud.google.com/products/calculator
The Total Cost of Ownership (TCO) Tool evaluates the relative costs for
running your compute load in the cloud and provides a financial estimate.
The tool provides several inputs for cost modelling, which you can adjust,
and then compares estimated costs on GCP and AWS. This tool does not
model all components of a typical application, such as storage and
networking.
https://inthecloud.withgoogle.com/tco-assessment-19/form.html

Question 12

12. You would like to create a new container repository with Cloud Source
    Repositories using gcloud. What would be the command to create a repo
    called “devops” (Select One)

A. gcloud source repo create devops
B. gcloud source repos create devops
C. gcloud create source repos “devops”
D. gcloud create source repos devops

Answer 12

Correct Answer(s): B. gcloud source repos create devops
Explanation. Note on the cloud engineer exam. There were a few questions
that required exact syntax knowledge for devops services such as Cloud
Build, Cloud Source Repo and Container Registry
gcloud source repo create devops

https://cloud.google.com/source-repositories/docs/creating-an-empty-
repository

Question 13

Your currently ready to deploy some Cloud Deployment Manager
templates and you will need to ensure specific requirements (“explicit”) exists
before the templates deploy. What would be the option you would add to
your templates or configuration files? (Select One)

A. dependsOn
B. properties
C. variables
D. deployON

Answer 13

Correct Answer(s): A. dependsOn
Explanation. “dependsOn” You can specify these dependencies using the
dependsOn option in your configuration files or templates. When you add the
dependsOn option for a resource, Deployment Manager creates or updates the
dependencies before creating or updating the resource.

https://cloud.google.com/deployment-manager/docs/configuration/create-
explicit-dependencies

Question 14

14. By default you can create up to _______ networks per project. (Select
    One)

A. 10
B. 100
C. 5
D. 50

Answer 14

Correct Answer(s): C. 5
Explanation. By default ,the limit is 5 per project. You can contact support to
have this adjusted as needed. The exam has a few trivia around projects and
quotas.
https://cloud.google.com/vpc/docs/using-vpc

Question 15

15. You would like to deploy a LAMP stack for your development team.
    The only issue is you’re not sure how to configure this LAMP stack. You
    would like to use a solution that has readymade templates to deploy. What
    GCP service could you use (Select One)

A. Cloud Deployment Manager
B. Cloud Marketplace
C. Cloud Endure
D. Cloud DataFlow

Answer 15

Correct Answer(s): B. Cloud Marketplace
Explanation: Google Cloud Marketplace formerly Cloud Launcher offers
ready-to-go development stacks, solutions, and services to accelerate
development, so you spend less time installing and more time developing.
https://cloud.google.com/launcher/

Question 16

16. You would like to create a file structure for Cloud Storage that can be
    mounted to Compute Engine. What would be the best option? (Select One)

A. Fuse Tool
B. Samba
C. NFS
D. Use Filestore

Answer 16

Explanation: You can use the Google Cloud Storage FUSE tool to mount a
Cloud Storage bucket to your Compute Engine instance. The mounted bucket
behaves similarly to a persistent disk even though Cloud Storage buckets are
object storage. To learn how to mount a Cloud Storage bucket on your
instance, read Using Cloud Storage FUSE.
https://cloud.google.com/compute/docs/disks/gcs-buckets

Question 17

17. The__________ Tier delivers traffic over Google’s well-provisioned,
    low latency, highly reliable global network. (Select One)

A. Standard
B. Premium
C. Cloud VPN
D. Cloud Interconnect

Answer 17

Correct Answer(s): B. Premium

Explanation: The Premium Tier delivers traffic over Google’s well-
provisioned, low latency, highly reliable global network.

https://cloud.google.com/network-tiers/

Question 18

18. You are designing a CD Pipeline and would like to have your source
    code hosted on GKE, Build Automation and Artifact Management with
    GCP Services. Your currently using Spinnaker for your code deployment.

A. Cloud Source Repositories, Cloud Build, GKE
B. Cloud Build, Cloud Source Repositories, Container
Registry
C. Cloud Source Repositories, Cloud Build, Container
Registry
D. Kubernetes Engine, Cloud Source Repositories, Container
Registry

Answer 18

A. Cloud Source Repositories, Cloud Build, GKE
B. Cloud Build, Cloud Source Repositories, Container
Registry
C. Cloud Source Repositories, Cloud Build, Container
Registry
D. Kubernetes Engine, Cloud Source Repositories, Container
Registry

Question 19

19. You have just started your cluster and deployed your pods. You now
    need to view all the running pods. What is the proper CLI syntax to
    accomplish this task? (Select One)

A. kubectl get pods
B. kubectl list pods
C. gcloud get pods
D. gcloud list pods

Answer 19

Correct Answer(s): A: kubectl get pods
Explanation: The command syntax to inspect pods is the same as you would
use for your on-premises deployments. kubectl get pods

Question 20

20. You have been contacted by the enterprise support team which has told
    you there have reports of significant latency at specific times for an
    application running on GCP. They would like you to review the issue and
    provide them insight into why the application is latent at specific times?
    What Google Cloud service could you use to inspect latency data that has
    been collected in near real time? (Select One)

A. Stackdriver Debug
B. Stackdriver Trace
C. VPC Trace Logs
D. Stackdriver Profiler

Answer 20

Correct Answer(s): A: Stackdriver Trace (Cloud Trace)
Explanation: Cloud Trace formerly Stackdriver Trace is a distributed tracing
system that collects latency data from your applications and displays it in the
Google Cloud Console. You can track how requests propagate through your
application and receive detailed near real-time performance insights. Cloud
Trace automatically analyses all your application’s traces to generate in-depth
latency reports to surface performance degradations and can capture traces
from all your VMs, containers, or App Engine projects.

Question 21

21. The Organization resource is the root node in the Google Cloud Platform
    hierarchy and is the hierarchical super node of projects. What are the types of
    customers an organization resource is available for? (Select Two)
    A. GSuite
    B. Gmail
    C. Google for Education
    D. Cloud Identity

Answer 21

Correct Answer(s): A and D: Gsuite and Cloud Identity
Explanation: An Organization resource is available for G Suite and Cloud
Identity customers. Organizations are confusing at first, but for this exam, we
need to understand some high-level details and what an Org Administrator is
about as well. https://cloud.google.com/resource-manager/docs/creatingmanaging-
organization

Question 22

22. In GCP there are two types of managed instance groups.
    (Select Two)
    A. Zonal
    B. Regional
    C. Global
    D. GDPR

Answer 22

Correct Answer(s): A, B Zonal and Regional
Explanation: You can create two types of managed instance groups: A zonal
managed instance group, which contains instances from the same zone. A
regional managed instance group, which contains instances from multiple
zones across the same region. Lastly, don’t confused over an unmanaged
instance group.
https://cloud.google.com/compute/docs/instance-groups/

Question 23

23. Which of the following features are supported by GCP Cloud Storage?
    (Select Two)
    A. Object Versioning
    B. Object Lifecycle Management
    C. Object Analysis Management
    D. Object Antivirus Scanning

Answer 23

Correct Answer(s): A. Object Versioning and Object Lifecycle Management
Explanation: Object Lifecycle and Object
Versioning https://cloud.google.com/storage/docs/lifecycle

Question 24

24. You’re currently being summoned to the CIO office and he would like to
    have a copy of the billing reports from Google Cloud Platform. What answer
    has the correct formats you can export billing info to? (Select One)
    A. CSV or JSON
    B. CSV or XML
    C. JSON or XML
    D. JSON or .Doc

Answer 24

Correct Answer(s): A: CSV or JSON
Explanation: To access a detailed breakdown of your charges, you can
export your daily usage and cost estimates automatically to a CSV or JSON
file stored in a Google Cloud Storage bucket you specify.
https://cloud.google.com/billing/docs/how-to/export-data-file

Question 25

25. Which of the following is not possible using primitive roles in GCP? (Select One) A. Allows a user access to view all datasets in a project, but not run queries on them. B. Allows Development owner access and Production editor access for all datasets in a project. C. Allows a user access to view all datasets in a project only D. None of the above

Answer 25

Correct Answer(s): A: Allows a user access to view all datasets in a project, but not run queries on them. Explanation: Primitive roles can be used to give owner, editor, or viewer access to a user or group, but they can't be used to separate data access permissions from job-running permissions. Reference: https://cloud.google.com/bigquery/docs/access-control#primitive_iam_roles

Question 26

26. You are getting to migrate VMS from your onsite datacenter to GCP Compute Engine. What is the gcloud command to import images and create a bootable image? (Select One) A. gcloud compute images import B. gcloud compute import images C. gcloud compute images "import" D. gcloud compute import "images"

Answer 26

Correct Answer(s): A gcloud compute images import Explanation: Remember to learn the syntax gcloud compute images import https://cloud.google.com/compute/docs/images/importing-virtualdisks

Question 27

27. You’re currently considering moving your on-premises CI pipeline from on premises to Google Cloud Platform. You would like to have code maintained in a private Git repository which is hosted on the Google Cloud Platform. What service would you choose? (Select One) A. Container Registry B. Kubernetes Engine C. Cloud Source Repositories D. Cloud Build E. Cloud Run

Answer 27

Correct Answer(s): C. Cloud Source Repositories Explanation: Cloud Source Repositories is a secure hosted private Git on Google Cloud. https://cloud.google.com/source-repositories/

Question 28

28. Google Cloud has both types of services that are "ops and no-ops" management requirements when as referring to customizability with compute services. How would you rank the four compute services on a scale ranging from the fewest management requirements and lowest customizability to the most management requirements and highest customizability? (Select One) A. Cloud Functions, Compute Engine, Kubernetes Engine, App Engine B. Cloud Functions, Kubernetes Engine, App Engine Compute Engine C. Cloud Functions, App Engine, Kubernetes Engine, Compute Engine D. Cloud Functions, App Engine, Compute Engine, Kubernetes Engine

Answer 28

Correct Answer(s): C. Cloud Functions, App Engine, Kubernetes Engine, Compute Engine Explanation: Google has compute services that are managed which are considered No-Ops and other services that are Lo-Ops. https://cloud.google.com/docs/overview/cloud-platform-services#computinghosting

Question 29

29. You have been contacted by your CIO to improve your application availability. You have decided to use instance groups by spreading your instances across three zones. What type of instance group do you select? (Select One) A. Multi-Regional managed groups B. Multi-Zonal managed groups C. Regional managed groups D. Zonal managed groups

Answer 29

Correct Answer(s): A. Multi-Regional managed groups Explanation: An instance group is a collection of virtual machines (VM) instances that you can manage as a single entity. There are two types Managed and Unmanaged Instance Groups. https://cloud.google.com/compute/docs/instance-groups/creating-groups-ofmanaged- instances

Question 30

30. Cloud SQL is a fully managed database service. What three variations of SQL does Cloud SQL Support? (Select Three) A. MYSQL B. NewSQL C. MS SQL D. Oracle SQL E. Postgres SQL

Answer 30

Correct Answer(s): E. PostgreSQL and A.My SQL and now C.MS SQL Explanation: Cloud SQL supports three main SQL versions https://cloud.google.com/sql/

Question 31

31. You have just deployed your application on App Engine standard in the following region. us-east4 (Northern Virginia What is the required process to change your App Engine instance from Northern Virginia to? europe-west (Belgium) Select the best answer. (Select One) A. App Engine is a regional service so if you move it has to be in the same region B. App Engine is a global service so just run http://[YOUR_PROJECT_ID].appspot.com. C. App Engine is a regional service so just run http://[YOUR_PROJECT_ID].appspot.com. D. App Engine is a regional service so the region can’t be changed after its set

Answer 31

Correct Answer(s): D. App Engine is a regional service so the region can’t be changed after its set Explanation: You cannot change an app's region after you set it. If you already created an App Engine application, you can view the region by running the gcloud app describe command or opening the App Engine Dashboard in the GCP Console. The region of your App Engine application is listed under http://[YOUR_PROJECT_ID].appspot.com.

Question 32

32. You’re currently working with several contractors. They are using Cloud Storage buckets for dropping files for review and your company’s approval. Which of the following should you NOT perform? (Select One) A. Create a separate bucket for each vendor. B. Give each vendor the roles/storage.objectAdmin for their respective bucket. C. Give each vendor the roles/owner for their respective bucket. D. Give them a link to their bucket, which has the format: console.cloud.google.com/storage/browser/[BUCKET_NAME]

Answer 32

Correct Answer(s): D. Give them a link to their bucket, which has the format… Explanation: Now you would almost never give temporary users, partners or non-employee owner rights. This is a best practice https://cloud.google.com/storage/docs/collaboration

Question 33

33. When learning about external IP addresses in GCP which of the following is NOT correct? (Select One) A. Assigned from a pool B. Assigned from an internal static address C. Assigned from an external static address D. VM does not know its address but its mapped internally to an internal IP

Answer 33

Correct Answer(s): D. VM does not know its address but its mapped internally to an internal IP Explanation: VM does not know its address but its mapped internally to an internal IP https://cloud.google.com/compute/docs/ip-addresses/reservestatic- external-ip-address

Question 34

34. Your users are only uploading resources (writing) to an access-controlled bucket. You can use the _____________________functionality of Cloud Storage to require only one signed URL. (Select One) A. Resumable uploads B. Controlled uploads C. Authenticated uploads D. Signed uploads by URL

Answer 34

Correct Answer(s): D. Signed uploads by URL Explanation: If your users are only uploading resources (writing) to an access-controlled bucket, you can use the resumable uploads functionality of Cloud Storage to require only one signed URL. This signed URL is part of the initial POST request, during which no data is actually uploaded. https://cloud.google.com/storage/docs/access-control/signed-urls

Question 35

35. VPC Network Peering allows you to peer two VPC networks so that the VMs in the two networks can communicate via internal, private IP addresses. Which of the following is NOT true about Network Peering? (Select One) A. VPC Network Peering works with Compute Engine and App Engine Standard B. Peering can be configured for one VPC network even before the other VPC network is created. C. A given VPC network can peer with multiple VPC networks D. VPC Network Peering works with Compute Engine and App Engine Flexible

Answer 35

Correct Answer(s): A .VPC Network Peering works with Compute Engine and App Engine Standard Explanation: Does not support App Engine Standard. https://cloud.google.com/vpc/docs/vpc-peering

Question 36

36. You have been asked by your customer to move their "in house" application to App Engine. Customer would like to know what runtimes are supported. Which of the following are the supported programming languages? (Select Four) A. Python B. PHP C. Rust D. Perl E. Go F. Java G. Solidity

Answer 36

Correct Answer(s): A,B, E and F- Python, PHP, Go and Java Explanation: Make sure you know the supported languages for standard for the exam. https://cloud.google.com/appengine/downloads

Question 37

37. You company is going to be testing user provisioning with Google services. You want to manually provision users for testing or other purposes manually by using the_________________ (Select One) A. Gmail Console B. Gsuite Admin Console C. GCP Console D. Open ID

Answer 37

Correct Answer(s): B Gsuite Admin Control Explanation: G Suite Admin Console To manually provision users for testing or other purposes, Cloud Platform administrators can provision users and their associations with groups and organizations manually by using the G Suite Admin Console. https://cloud.google.com/docs/enterprise/bestpractices- for-enterprise-organizations

Question 38

38. The VM instances quota is also a _____________quota and limits the number of VM instances that can exist in a given __________, regardless of whether the VM is running or not. (Select One) A. Region, Regional B. Regional, Region C. Zonal, Regional D. Zonal, Global

Answer 38

Correct Answer(s): B. Regional, Region Explanation: The VM instances quota is also a regional quota and limits the number of VM instances that can exist in a given region, regardless of whether the VM is running or not https://cloud.google.com/compute/quotas

Question 39

39. You need to create many projects for many different teams. You want to use a Cloud Deployment Manager (DM) deployment to create those projects in a folder called devops1. What should you do? (Select One) A. This cannot be done. Use Terraform since it supports teams better. B. Create a project called devops1 and enable appropriate APIs. Grant the project creator role to the service account Use command “gcloud deployment-manager deployments create -project devops1 C. Create a project called devops1 and enable appropriate APIs. Grant the project owner role to the service account Use command “gcloud deployment-manager deployment create -project devops1 D. Create a project called devops1 and enable appropriate APIs. Grant the organization role to the service account Use command “gcloud deployment-manager deployments create new -project devops1

Answer 39

Correct Answer(s): B. Create a project called devops1 and enable appropriate APIs. Grant the project creator role to the service account Use command “gcloud deployment-manager deployments create -project devops1 Explanation: The best option is to allow for the project creator role. (never owner) for a service account. Command syntax is correct

Question 40

40. The maximum number of subnets in a project is how many? (Select One) A. 10 B. 100 C. 125 D. 1250

Answer 40

Correct Answer(s): B. 100 Explanation: The default limit is 100. You can view this in your GCP project

Question 41

41. What is the maximum size of a log entry with logging (Select One) A. 128 B. 256 C. 512 D. 127

Answer 41

Correct Answer(s): B. 256 Explanation: Don’t confuse the length of the logging retention or metrics for example. Note 256 is approximate limit is based on internal data sizes, not the actual REST API request size. https://cloud.google.com/logging/quotas

Question 42

42. What does Cloud Logging in Google Cloud include as part of the service? (Select Three) A. User Interface (Logs Viewer) B. API for programmatic access C. Storage for logs D. Analytics Tools E. Kubernetes Logging extensions.

Answer 42

Correct Answer(s): A, B, C. User Interface (Logs Viewer) B, API for programmatic access and C. Storage for logs. Explanation: Cloud Logging is integrated with Stackdriver but there are no analytics or special extensions for Kubernetes. There are Kubernetes metrics used. Stackdriver is the default logging solution for clusters deployed on Google Kubernetes Engine. Stackdriver Logging is deployed to a new cluster by default unless you explicitly opt-out. https://kubernetes.io/docs/tasks/debug-application-cluster/loggingstackdriver/

Question 43

43. What is the default retention period for Admin Activity Logs? (Select One) A. 30 days B. 400 days C. 500 days D. 31 days

Answer 43

Correct Answer(s): B: 400 Explanation: There is some trivia on the exam around logging. We need to know both 400 and 30 days. In the Stackdriver section is a table that list there for Admin Activity, Data Access, etc. https://cloud.google.com/logging/quotas

Question 44

44. Using gsutil you can download text files from a bucket by using what gsutil command? (Select One) A. gsutil cp gs://my-bucket/*.files B. gsutil dn gs://my-bucket/*.txt C. gsutil copy gs://my-bucket/*.txt D. gsutil cp gs://my-bucket/*.txt Correct

Answer 44

Correct Answer(s): D gsutil cp gs://my-bucket/*.txt Explanation: We will need to know a wide range of gcloud commands and gsutil is part of the objectives. Gsutil is used for managing Cloud Storage. https://cloud.google.com/storage/docs/gsutil/commands/cp

Question 45

45. You would like to obtain the current IAM Policy for a project called myproject test. What would be the correct syntax? (Select One) A. gcloud set-iam-policy project my-project-test B. gcloud projects get-iam-policy my-project-test C. gcloud projects get-iam-policy --my-project-test D. gcloud get-iam-policy my-project-test

Answer 45

Correct Answer(s): B: gcloud projects get-iam-policy my-project-test Explanation: We will need to know a wide range of gcloud commands and managing projects are part of the objectives. gcloud projects get-iam-policy my-project-test https://cloud.google.com/sdk/gcloud/reference/config/set

Question 46

46. GCLOUD wide commands. These flags are available to all commands. Which is NOT a gcloud wide command? (Select One) A. --account B. --configuration C. --help D. --verbose

Answer 46

Correct Answer(s): D: --verbose Explanation: -verbose is incorrect. The flag for verbose is verbosity. GCLOUD WIDE FLAGS These flags are available to all commands: -- account, --configuration, --flatten, --format, --help, --log-http, --project, -- quiet, --trace-token, --user-output-enabled, --verbosity. Run $ gcloud help for details. https://cloud.google.com/sdk/gcloud/reference/version

Question 47

47. What page in the GCP Billing page contains details about your costs and payment information? Select One (Select One) A. History B. Billing and Invoicing C. Payments D. Organizations

Answer 47

Correct Answer(s): A: History Explanation: Your billing account's History page contains details about your costs and payment information. Here, you can: View transactions and sort by transaction types. Sort your account's payment information. https://cloud.google.com/billing/docs/how-to/view-history

Question 48

48. When considering storage options for your virtual machines in Compute Engine the choices can be confusing when costing is not the main concern. Without costing being a concern, what type of storage would provide fast and reliable block storage and scale to 64TB? (Select One) A. Standard Persistent B. SSD Persistent C. Local SSD D. Cloud Storage Buckets

Answer 48

Correct Answer(s): B: SSD Persistent Explanation: SSD Persistent Fast and reliable block storage Fast and reliable block storage Fast and reliable block storage with synchronous replication across two zones in a region https://cloud.google.com/compute/docs/disks/

Question 49

49. Compute Engine blocks or restricts traffic through all of the following ports/protocols between the Internet and virtual machines, and between two virtual machines when traffic is addressed to their external IP addresses through these ports (this also includes load-balanced addresses). These ports are permanently blocked; they cannot be opened using firewall rules. What ports are blocked in Compute Engine? (Select Three) A. All outgoing traffic to port 25 (SMTP) is blocked. B. All traffic coming from on premises C. GRE traffic is blocked, even between VMs D. Most outgoing traffic to port 465 or 587 (SMTP over SSL) is blocked, except for known Google IP addresses E. All outgoing traffic to port 22 (SSH) is blocked.

Answer 49

Correct Answer(s): A, C and D: Explanation: All outgoing traffic to port 25 (SMTP) is blocked. Most outgoing traffic to port 465 or 587 (SMTP over SSL) is blocked, except for known Google IP addresses. GRE traffic is blocked, even between VMs. Traffic that uses a protocol other than TCP, UDP, ICMP, and IPIP is blocked, unless explicitly allowed through protocol forwarding. https://cloud.google.com/compute/docs/networks-and-firewalls

Question 50

50. Cloud SQL is a fully managed SQL database service. You need to scale this service for reads and writes. What type of scaling would you want to use? (Select One) A. Horizontally B. Vertically C. Diagonally D. None of the above

Answer 50

Correct Answer(s): B: Vertically Explanation: Vertical for writes and reads. If you need horizontally scaling SQL use Cloud Spanner for distributed nodes. https://cloud.google.com/storage-options/