GCP Digital Leader

Question 1

You are migrating workloads to the cloud. The goal of the migration is to serve customers worldwide as quickly as possible According to local regulations, certain data is required to be stored in a specific geographic area, and it can be served worldwide. You need to design the architecture and deployment for your workloads.
What should you do?
A. Select a public cloud provider that is only active in the required geographic area
B. Select a private cloud provider that globally replicates data storage for fast data access
C. Select a public cloud provider that guarantees data location in the required geographic area
D. Select a private cloud provider that is only active in the required geographic area

Answer 1

C. Select a public cloud provider that guarantees data location in the required geographic area Most Voted

Question 2

Your organization needs a large amount of extra computing power within the next two weeks.
After those two weeks, the need for the additional resources will end.
Which is the most cost-effective approach?
A. Use a committed use discount to reserve a very powerful virtual machine
B. Purchase one very powerful physical computer
C. Start a very powerful virtual machine without using a committed use discount
D. Purchase multiple physical computers and scale workload across them

Answer 2

C. Start a very powerful virtual machine without using a committed use discount Most Voted

Question 3

Your organization needs to plan its cloud infrastructure expenditures.
Which should your organization do?
A. Review cloud resource costs frequently, because costs change often based on use
B. Review cloud resource costs annually as part of planning your organization’s overall budget
C. If your organization uses only cloud resources, infrastructure costs are no longer part of your overall budget
D. Involve fewer people in cloud resource planning than your organization did for on-premises resource planning

Answer 3

A. Review cloud resource costs frequently, because costs change often based on use

Question 4

The operating systems of some of your organization’s virtual machines may have a security vulnerability.
How can your organization most effectively identify all virtual machines that do not have the latest security update?
A. View the Security Command Center to identify virtual machines running vulnerable disk images
B. View the Compliance Reports Manager to identify and download a recent PCI audit
C. View the Security Command Center to identify virtual machines started more than 2 weeks ago
D. View the Compliance Reports Manager to identify and download a recent SOC 1 audit

Answer 4

A. View the Security Command Center to identify virtual machines running vulnerable disk images

Question 5

You are currently managing workloads running on Windows Server for which your company owns the licenses. Your workloads are only needed during working hours, which allows you to shut down the instances during the weekend. Your Windows Server licenses are up for renewal in a month, and you want to optimize your license cost.
What should you do?
A. Renew your licenses for an additional period of 3 years. Negotiate a cost reduction with your current hosting provider wherein infrastructure cost is reduced when workloads are not in use
B. Renew your licenses for an additional period of 2 years. Negotiate a cost reduction by committing to an automatic renewal of the licenses at the end of the 2 year period
C. Migrate the workloads to Compute Engine with a bring-your-own-license (BYOL) model
D. Migrate the workloads to Compute Engine with a pay-as-you-go (PAYG) model

Answer 5

C. Migrate the workloads to Compute Engine with a bring-your-own-license (BYOL) model

Still believe the answer is D

D. Migrate the workloads to Compute Engine with a pay-as-you-go (PAYG) model

Question 6

Your organization runs a distributed application in the Compute Engine virtual machines. Your organization needs redundancy, but it also needs extremely fast communication (less than 10 milliseconds) between the parts of the application in different virtual machines.
Where should your organization locate this virtual machines?
A. In a single zone within a single region
B. In different zones within a single region
C. In multiple regions, using one zone per region
D. In multiple regions, using multiple zones per region

Answer 6

D. In multiple regions, using multiple zones per region

Question 7

An organization decides to migrate their on-premises environment to the cloud. They need to determine which resource components still need to be assigned ownership.
Which two functions does a public cloud provider own? (Choose two.)
A. Hardware maintenance
B. Infrastructure architecture
C. Infrastructure deployment automation
D. Hardware capacity management
E. Fixing application security issues

Answer 7

A. Hardware maintenance
D. Hardware capacity management

Question 8

You are a program manager within a Software as a Service (SaaS) company that offers rendering software for animation studios. Your team needs the ability to allow scenes to be scheduled at will and to be interrupted at any time to restart later. Any individual scene rendering takes less than 12 hours to complete, and there is no service-level agreement (SLA) for the completion time for all scenes. Results will be stored in a global Cloud Storage bucket. The compute resources are not bound to any single geographical location. This software needs to run on Google Cloud in a cost-optimized way.
What should you do?
A. Deploy the application on Compute Engine using preemptible instances
B. Develop the application so it can run in an unmanaged instance group
C. Create a reservation for the minimum number of Compute Engine instances you will use
D. Start more instances with fewer virtual centralized processing units (vCPUs) instead of fewer instances with more vCPUs

Answer 8

A. Deploy the application on Compute Engine using preemptible instances

Question 9

Your manager wants to restrict communication of all virtual machines with internet access; with resources in another network; or with a resource outside Compute
Engine. It is expected that different teams will create new folders and projects in the near future.
How would you restrict all virtual machines from having an external IP address?
A. Define an organization policy at the root organization node to restrict virtual machine instances from having an external IP address
B. Define an organization policy on all existing folders to define a constraint to restrict virtual machine instances from having an external IP address
C. Define an organization policy on all existing projects to restrict virtual machine instances from having an external IP address
D. Communicate with the different teams and agree that each time a virtual machine is created, it must be configured without an external IP address

Answer 9

A. Define an organization policy at the root organization node to restrict virtual machine instances from having an external IP address

Question 10

Your multinational organization has servers running mission-critical workloads on its premises around the world. You want to be able to manage these workloads consistently and centrally, and you want to stop managing infrastructure.
What should your organization do?
A. Migrate the workloads to a public cloud
B. Migrate the workloads to a central office building
C. Migrate the workloads to multiple local co-location facilities
D. Migrate the workloads to multiple local private clouds

Answer 10

A. Migrate the workloads to a public cloud

Question 11

Your organization stores highly sensitive data on-premises that cannot be sent over the public internet. The data must be processed both on-premises and in the cloud.
What should your organization do?
A. Configure Identity-Aware Proxy (IAP) in your Google Cloud VPC network
B. Create a Cloud VPN tunnel between Google Cloud and your data center
C. Order a Partner Interconnect connection with your network provider
D. Enable Private Google Access in your Google Cloud VPC network

Answer 11

C. Order a Partner Interconnect connection with your network provider

Question 12

Your company’s development team is building an application that will be deployed on Cloud Run. You are designing a CI/CD pipeline so that any new version of the application can be deployed in the fewest number of steps possible using the CI/CD pipeline you are designing. You need to select a storage location for the images of the application after the CI part of your pipeline has built them.
What should you do?
A. Create a Compute Engine image containing the application
B. Store the images in Container Registry
C. Store the images in Cloud Storage
D. Create a Compute Engine disk containing the application

Answer 12

B. Store the images in Container Registry

Question 13

Each of the three cloud service models - infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) - offers benefits between flexibility and levels of management by the cloud provider and the customer.
Why would SaaS be the right choice of service model?
A. You want a balance between flexibility for the customer and the level of management by the cloud provider
B. You want to minimize the level of management by the customer
C. You want to maximize flexibility for the customer.
D. You want to be able to shift your emphasis between flexibility and management by the cloud provider as business needs change

Answer 13

B. You want to minimize the level of management by the customer

Question 14

As your organization increases its release velocity, the VM-based application upgrades take a long time to perform rolling updates due to OS boot times. You need to make the application deployments faster.
What should your organization do?
A. Migrate your VMs to the cloud, and add more resources to them
B. Convert your applications into containers
C. Increase the resources of your VMs
D. Automate your upgrade rollouts

Answer 14

B. Convert your applications into containers

Question 14

Your organization uses Active Directory to authenticate users. Users’ Google account access must be removed when their Active Directory account is terminated.
How should your organization meet this requirement?
A. Configure two-factor authentication in the Google domain
B. Remove the Google account from all IAM policies
C. Configure BeyondCorp and Identity-Aware Proxy in the Google domain
D. Configure single sign-on in the Google domain

Answer 14

D. Configure single sign-on in the Google domain

Question 15

Your company has recently acquired three growing startups in three different countries. You want to reduce overhead in infrastructure management and keep your costs low without sacrificing security and quality of service to your customers.
How should you meet these requirements?
A. Host all your subsidiaries’ services on-premises together with your existing services.
B. Host all your subsidiaries’ services together with your existing services on the public cloud.
C. Build a homogenous infrastructure at each subsidiary, and invest in training their engineers.
D. Build a homogenous infrastructure at each subsidiary, and invest in hiring more engineers.

Answer 15

B. Host all your subsidiaries’ services together with your existing services on the public cloud

Question 16

What is the difference between Standard and Coldline storage?
A. Coldline storage is for data for which a slow transfer rate is acceptable.
B. Standard and Coldline storage have different durability guarantees.
C. Standard and Coldline storage use different APIs.
D. Coldline storage is for infrequently accessed data.

Answer 16

D. Coldline storage is for infrequently accessed data

Question 17

What would provide near-unlimited availability of computing resources without requiring your organization to procure and provision new equipment?
A. Public cloud
B. Containers
C. Private cloud
D. Microservices

Answer 17

A. Public cloud

Question 18

You are a program manager for a team of developers who are building an event-driven application to allow users to follow one another’s activities in the app. Each time a user adds himself as a follower of another user, a write occurs in the real-time database.
The developers will develop a lightweight piece of code that can respond to database writes and generate a notification to let the appropriate users know that they have gained new followers. The code should integrate with other cloud services such as Pub/Sub, Firebase, and Cloud APIs to streamline the orchestration process. The application requires a platform that automatically manages underlying infrastructure and scales to zero when there is no activity.
Which primary compute resource should your developers select, given these requirements?
A. Google Kubernetes Engine
B. Cloud Functions
C. App Engine flexible environment
D. Compute Engine

Answer 18

B. Cloud Functions

Cloud Functions for Firebase is a serverless framework that lets you automatically run backend code in response to events triggered by Firebase features and HTTPS requests. Your JavaScript or TypeScript code is stored in Google’s cloud and runs in a managed environment. There’s no need to manage and scale your own servers.

Question 19

Your organization is developing an application that will capture a large amount of data from millions of different sensor devices spread all around the world. Your organization needs a database that is suitable for worldwide, high-speed data storage of a large amount of unstructured data.
Which Google Cloud product should your organization choose?
A. Firestore
B. Cloud Data Fusion
C. Cloud SQL
D. Cloud Bigtable

Answer 19

D. Cloud Bigtable

HBase-compatible, enterprise-grade NoSQL database service with single-digit millisecond latency, limitless scale, and 99.999% availability for large analytical and operational workloads.

Build responsive applications with consistent, single-digit millisecond latency

Seamlessly scale to match your storage and throughput needs; no downtime during reconfiguration

Easily migrate from Apache HBase to Bigtable with no-downtime, live migrations

Ideal for use cases such as personalization, fraud detection, real-time analytics, and IoT

Ensure high availability with multi-primary replication in up to 8 regions

Question 20

Your organization needs to build streaming data pipelines. You don’t want to manage the individual servers that do the data processing in the pipelines. Instead, you want a managed service that will automatically scale with the amount of data to be processed.
Which Google Cloud product or feature should your organization choose?
A. Pub/Sub
B. Dataflow
C. Data Catalog
D. Dataprep by Trifacta

Answer 20

B. Dataflow

When you run your pipeline on Dataflow, Dataflow turns your Apache Beam pipeline code into a Dataflow job. Dataflow fully manages Google Cloud services for you, such as Compute Engine and Cloud Storage to run your Dataflow job, and automatically spins up and tears down necessary resources. You can learn more about how Dataflow turns your Apache Beam code into a Dataflow job in Pipeline lifecycle.

Question 21

Your organization is building an application running in Google Cloud. Currently, software builds, tests, and regular deployments are done manually, but you want to reduce work for the team. Your organization wants to use Google Cloud managed solutions to automate your build, testing, and deployment process.
Which Google Cloud product or feature should your organization use?
A. Cloud Scheduler
B. Cloud Code
C. Cloud Build
D. Cloud Deployment Manager

Answer 21

C. Cloud Build

Cloud Build is a service that executes your builds on Google Cloud infrastructure. Cloud Build can import source code from Cloud Storage, Cloud Source Repositories, GitHub, or Bitbucket, execute a build to your specifications, and produce artifacts such as Docker containers or Java archives. Learn more

Cloud Build executes your build as a series of build steps, where each build step is run in a Docker container. A build step can do anything that can be done from a container irrespective of the environment. To perform your tasks, you can either use the supported build steps provided by Cloud Build or write your own build steps.

Question 22

Which Google Cloud product can report on and maintain compliance on your entire Google Cloud organization to cover multiple projects?
A. Cloud Logging
B. Identity and Access Management
C. Google Cloud Armor
D. Security Command Center

Answer 22

B. Identity and Access Management

https://cloud.google.com/iam

Identity and Access Management (IAM) lets administrators authorize who can take action on specific resources, giving you full control and visibility to manage Google Cloud resources centrally. For enterprises with complex organizational structures, hundreds of workgroups, and many projects, IAM provides a unified view into security policy across your entire organization, with built-in auditing to ease compliance processes.

Question 23

Your organization needs to establish private network connectivity between its on-premises network and its workloads running in Google Cloud. You need to be able to set up the connection as soon as possible.
Which Google Cloud product or feature should you use?
A. Cloud Interconnect
B. Direct Peering
C. Cloud VPN
D. Cloud CDN

Answer 23

C. Cloud VPN

Cloud VPN setup can be done instantly and though it travels over internet, it is private in nature. Cloud interconnect needs physically dedicated connection.

https://cloud.google.com/network-connectivity/docs/how-to/choose-product

Question 24

Your organization is developing a mobile app and wants to select a fully featured cloud-based compute platform for it.
Which Google Cloud product or feature should your organization use?
A. Google Kubernetes Engine
B. Firebase
C. Cloud Functions
D. App Engine

Answer 24

B. Firebase

or

D. App Engine

*Research each of these

Question 25

Your company has been using a shared facility for data storage and will be migrating to Google Cloud. One of the internal applications uses Linux custom images that need to be migrated.
Which Google Cloud product should you use to maintain the custom images?
A. App Engine flexible environment
B. Compute Engine
C. App Engine standard environment
D. Google Kubernetes Engine

Answer 25

B. Compute Engine

https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images

You can create custom images from source disks, images, snapshots, or images stored in Cloud Storage and use these images to create virtual machine (VM) instances. Custom images are ideal for situations where you have created and modified a persistent boot disk or specific image to a certain state and need to save that state for creating VMs.

Question 26

Your organization wants to migrate its data management solutions to Google Cloud because it needs to dynamically scale up or down and to run transactional
SQL queries against historical data at scale. Which Google Cloud product or service should your organization use?
A. BigQuery
B. Cloud Bigtable
C. Pub/Sub
D. Cloud Spanner

Answer 26

D. Cloud Spanner

*Research this service

Question 27

Your organization needs to categorize objects in a large group of static images using machine learning. Which Google Cloud product or service should your organization use?
A. BigQuery ML
B. AutoML Video Intelligence
C. Cloud Vision API
D. AutoML Tables

Answer 27

C. Cloud Vision API

https://cloud.google.com/vision/automl/docs/create-datasets