• Home
  • Articles
  • [Jan-2024] Associate-Cloud-Engineer Dumps are Available for Instant Access from VCEPrep [Q139-Q156]

[Jan-2024] Associate-Cloud-Engineer Dumps are Available for Instant Access from VCEPrep [Q139-Q156]

Share

[Jan-2024] Associate-Cloud-Engineer Dumps are Available for Instant Access from VCEPrep

Study resources for the Valid Associate-Cloud-Engineer Braindumps!


Google Associate Cloud Engineer certification exam covers a broad range of topics, including Google Cloud Platform services, infrastructure, networking, security, and application development. Associate-Cloud-Engineer exam is designed to test your ability to deploy, manage, and monitor applications and services on the Google Cloud Platform, as well as your ability to troubleshoot issues and optimize performance.


Google Associate Cloud Engineer certification exam is designed for professionals who want to demonstrate their proficiency in using Google Cloud technologies to deploy, manage, and monitor applications on the cloud. It is a highly respected certification that is recognized in the industry and can help individuals advance their careers in cloud computing.

 

NEW QUESTION # 139
Your company has an internal application for managing transactional orders. The application is used exclusively by employees in a single physical location. The application requires strong consistency, fast queries, and ACID guarantees for multi-table transactional updates. The first version of the application is implemented inPostgreSQL, and you want to deploy it to the cloud with minimal code changes. Which database is most appropriate for this application?

  • A. BigQuery
  • B. Cloud Spanner
  • C. Cloud Datastore
  • D. Cloud SQL

Answer: D


NEW QUESTION # 140
You need to produce a list of the enabled Google Cloud Platform APIs for a GCP project using the gcloud command line in the Cloud Shell. The project name is my-project. What should you do?

  • A. Run gcloud info to view the account value, and then run gcloud services list --account <Account>.
  • B. Run gcloud init to set the current project to my-project, and then run gcloud services list --available.
  • C. Run gcloud projects list to get the project ID, and then run gcloud services list --project <project ID>.
  • D. Run gcloud projects describe <project ID> to verify the project value, and then run gcloud services list
    --available.

Answer: C

Explanation:
Explanation
`gcloud services list --available` returns not only the enabled services in the project but also services that CAN be enabled.
https://cloud.google.com/sdk/gcloud/reference/services/list#--available Run the following command to list the enabled APIs and services in your current project:
gcloud services list
whereas, Run the following command to list the APIs and services available to you in your current project:
gcloud services list -available
https://cloud.google.com/sdk/gcloud/reference/services/list#--available
--available
Return the services available to the project to enable. This list will include any services that the project has already enabled.
To list the services the current project has enabled for consumption, run:
gcloud services list --enabled
To list the services the current project can enable for consumption, run:
gcloud services list -available


NEW QUESTION # 141
Your organization is a financial company that needs to store audit log files for 3 years. Your organization has hundreds of Google Cloud projects. You need to implement a cost-effective approach for log file retention. What should you do?

  • A. Export these logs to Cloud Pub/Sub and write a Cloud Dataflow pipeline to store logs to Cloud SQL.
  • B. Create an export to the sink that saves logs from Cloud Audit to a Coldline Storage bucket.
  • C. Write a custom script that uses logging API to copy the logs from Stackdriver logs to BigQuery.
  • D. Create an export to the sink that saves logs from Cloud Audit to BigQuery.

Answer: D


NEW QUESTION # 142
You have an application on a general-purpose Compute Engine instance that is experiencing excessive disk read throttling on its Zonal SSD Persistent Disk. The application primarily reads large files from disk. The disk size is currently 350 GB. You want to provide the maximum amount of throughput while minimizing costs. What should you do?

  • A. Increase the allocated CPU to the instance.
  • B. Migrate to use a Local SSD on the instance.
  • C. Increase the size of the disk to 1 TB.
  • D. Migrate to use a Regional SSD on the instance.

Answer: B

Explanation:
Reference:
https://cloud.google.com/compute/docs/disks/performance


NEW QUESTION # 143
Every employee of your company has a Google account. Your operational team needs to manage a large number of instances on Compute Engine. Each member of this team needs only administrative access to the servers. Your security team wants to ensure that the deployment of credentials is operationally efficient and must be able to determine who accessed a given instance. What should you do?

  • A. Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key in the metadata of each instance.
  • B. Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key as a project-wide public SSH key in your Cloud Platform project and allow project-wide public SSH keys on each instance.
  • C. Ask each member of the team to generate a new SSH key pair and to add the public key to their Google account. Grant the "compute.osAdminLogin" role to the Google group corresponding to this team.
  • D. Ask each member of the team to generate a new SSH key pair and to send you their public key. Use a configuration management tool to deploy those keys on each instance.

Answer: B

Explanation:
Explanation/Reference: https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys


NEW QUESTION # 144
Your organization has three existing Google Cloud projects. You need to bill the Marketing department for only their Google Cloud services for a new initiative within their group. What should you do?

  • A. 1.Verify that you are assigned the Billing Administrator IAM role for your organization's Google Cloud account
    2.Create a new Google Cloud Project for the Marketing department
    3.Set the default key-value project labels to department marketing for all services in this project
  • B. 1.Verify that you are assigned the Organization Administrator IAM role for your organization's Google Cloud account
    2.Create a new Google Cloud Project for the Marketing department
    3. Link the new project to a Marketing Billing Account.
  • C. 1.Verify that you ace assigned the Billing Administrator IAM role tor your organization's Google Cloud Project for the Marketing department
    2.Link the new project to a Marketing Billing Account
  • D. 1.Verity that you are assigned the Organization Administrator IAM role for your organization's Google Cloud account
    2.Create a new Google Cloud Project for the Marketing department
    3.Set the default key value project labels to department marketing for all services in this protect

Answer: C


NEW QUESTION # 145
Your company developed a mobile game that is deployed on Google Cloud. Gamers are connecting to the game with their personal phones over the Internet. The game sends UDP packets to update the servers about the gamers' actions while they are playing in multiplayer mode. Your game backend can scale over multiple virtual machines (VMs), and you want to expose the VMs over a single IP address. What should you do?

  • A. Configure an Internal UDP load balancer in front of the application servers.
  • B. Configure an External HTTP(s) load balancer in front of the application servers.
  • C. Configure an SSL Proxy load balancer in front of the application servers.
  • D. Configure an External Network load balancer in front of the application servers.

Answer: A

Explanation:
cell phones are sending UDP packets and the only that can receive that type of traffic is a External Network TCP/UDP https://cloud.google.com/load-balancing/docs/network
https://cloud.google.com/load-balancing/docs/choosing-load-balancer#lb-decision-tree


NEW QUESTION # 146
Your company has workloads running on Compute Engine and on-premises. The Google Cloud Virtual Private Cloud (VPC) is connected to your WAN over a Virtual Private Network (VPN). You need to deploy a new Compute Engine instance and ensure that no public Internet traffic can be routed to it. What should you do?

  • A. Create the instance without a public IP address.
  • B. Create a route on the VPC to route all traffic to the instance over the VPN tunnel.
  • C. Create the instance with Private Google Access enabled.
  • D. Create a deny-all egress firewall rule on the VPC network.

Answer: A

Explanation:
Explanation
VMs cannot communicate over the internet without a public IP address. Private Google Access permits access to Google APIs and services in Google's production infrastructure.
https://cloud.google.com/vpc/docs/private-google-access


NEW QUESTION # 147
Your company is moving its entire workload to Compute Engine. Some servers should be accessible through the Internet, and other servers should only be accessible over the internal network. All servers need to be able to talk to each other over specific ports and protocols. The current on-premises network relies on a demilitarized zone (DMZ) for the public servers and a Local Area Network (LAN) for the private servers. You need to design the networking infrastructure on Google Cloud to match these requirements. What should you do?

  • A. 1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ.
  • B. 1. Create a VPC with a subnet for the DMZ and another VPC with a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public egress traffic for the DMZ.
  • C. 1. Create a single VPC with a subnet for the DMZ and a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public egress traffic for the DMZ.
  • D. 1. Create a VPC with a subnet for the DMZ and another VPC with a subnet for the LAN. 2. Set up firewall rules to open up relevant traffic between the DMZ and the LAN subnets, and another firewall rule to allow public ingress traffic for the DMZ.

Answer: A

Explanation:
https://cloud.google.com/vpc/docs/vpc-peering


NEW QUESTION # 148
You want to configure an SSH connection to a single Compute Engine instance for users in the dev1 group. This instance is the only resource in this particular Google Cloud Platform project that the dev1 users should be able to connect to. What should you do?

  • A. Enable block project wide keys for the instance. Generate an SSH key and associate the key with that instance. Distribute the key to dev1 users and direct them to use their third-party tools to connect.
  • B. Set metadata to enable-oslogin=true for the instance. Set the service account to no service account for that instance. Direct them to use the Cloud Shell to ssh to that instance.
  • C. Set metadata to enable-oslogin=true for the instance. Grant the dev1 group the compute.osLogin role. Direct them to use the Cloud Shell to ssh to that instance.
  • D. Enable block project wide keys for the instance. Generate an SSH key for each user in the dev1 group. Distribute the keys to dev1 users and direct them to use their third-party tools to connect.

Answer: C

Explanation:
Reference:
After you enable OS Login on one or more instances in your project, those VMs accept connections only from user accounts that have the necessary IAM roles in your project or organization. In this case, we are granting the group compute.osLogin which lets them log in as non-administrator account. And since we are directing them to use Cloud Shell to ssh, we dont need to add their SSH keys to the instance metadata. Ref: https://cloud.google.com/compute/docs/instances/managing-instance-access#configure_users Ref: https://cloud.google.com/compute/docs/instances/managing-instance-access#add_oslogin_keys


NEW QUESTION # 149
You have a Google Cloud Platform account with access to both production and development projects. You need to create an automated process to list all compute instances in development and production projects on a daily basis. What should you do?

  • A. Create two configurations using gcloud config. Write a script that sets configurations as active, individually. For each configuration, use gcloud compute instances list to get a list of compute resources.
  • B. Go to Cloud Shell and export this information to Cloud Storage on a daily basis.
  • C. Go to GCP Console and export this information to Cloud SQL on a daily basis.
  • D. Create two configurations using gsutil config. Write a script that sets configurations as active, individually. For each configuration, use gsutil compute instances list to get a list of compute resources.

Answer: A

Explanation:
Explanation
You can create two configurations - one for the development project and another for the production project.
And you do that by running "gcloud config configurations create"
command.https://cloud.google.com/sdk/gcloud/reference/config/configurations/createIn your custom script, you can load these configurations one at a time and execute gcloud compute instances list to list Google Compute Engine instances in the project that is active in the gcloud configuration.Ref: https://cloud.google.com/sdk/gcloud/reference/compute/instances/listOnce you have this information, you can export it in a suitable format to a suitable target e.g. export as CSV or export to Cloud Storage/BigQuery/SQL, etc


NEW QUESTION # 150
You're running an n-tier application on Compute Engine with an Apache web server serving up web requests. You want to consolidate all of your logging into Stackdriver. What's the best approach to get the Apache logs into Stackdriver?

  • A. Create a log sink and export it to Stackdriver.
  • B. Install the Stackdriver monitoring and logging agents on the instance.
  • C. Enable Stackdriver monitoring when creating the instance.
  • D. Stackdriver logs application data from all instances by default.

Answer: B


NEW QUESTION # 151
The sales team has a project named Sales Data Digest that has the ID acme-data-digest You need to set up similar Google Cloud resources for the marketing team but their resources must be organized independently of the sales team. What should you do?

  • A. Create another protect with the ID acme-marketing-data-digest for the Marketing team and deploy the resources there
  • B. Grant the Project Editor role to the Marketing learn for acme data digest
  • C. Create a Project Lien on acme-data digest and then grant the Project Editor role to the Marketing team
  • D. Create a new protect named Meeting Data Digest and use the ID acme-data-digest Grant the Project Editor role to the Marketing team.

Answer: A


NEW QUESTION # 152
You have 32 GB of data in a single file that you need to upload to a Nearline Storage bucket. The WAN connection you are using is rated at 1 Gbps, and you are the only one on the connection.
You want to use as much of the rated 1 Gbps as possible to transfer the file rapidly. How should you upload the file?

  • A. Decrease the TCP window size on the machine initiating the transfer.
  • B. Enable parallel composite uploads using gsutil on the file transfer.
  • C. Use the GCP Console to transfer the file instead of gsutil.
  • D. Change the storage class of the bucket from Nearline to Multi-Regional.

Answer: B

Explanation:
https://cloud.google.com/storage/docs/gsutil/commands/cp#parallel-composite-uploads_1 Warning: Parallel composite uploads should not be used with NEARLINE, COLDLINE, or ARCHIVE storage class buckets, because doing so incurs an early deletion charge for each component object.
Warning: Parallel composite uploads should not be used in buckets that have a retention policy, because the component pieces cannot be deleted until each has met the bucket's minimum retention period.


NEW QUESTION # 153
You have a 20 GB file that you need to securely share with some contractors. They need it as fast as possible. Which steps would get them the file quickly and securely?

  • A. Set up a VPC with a custom subnet. Create a subnet tunnel. Upload the file to a network share. Grant the contractors temporary access.
  • B. Using composite objects and parallel uploads to upload the file to Cloud Storage quickly. Then generate a signed URL and securely share it with the contractors.
  • C. Upload the file to Cloud Storage. Grant the allAuthenticated users token view permissions.
  • D. Upload the file to Bigtable using the bulk data import tool. Then provide the contractors with read access to the database.

Answer: B


NEW QUESTION # 154
Your organization uses G Suite for communication and collaboration. All users in your organization have a G Suite account. You want to grant some G Suite users access to your Cloud Platform project. What should you do?

  • A. Create a CSV sheet with all users' email addresses. Use the gcloud command line tool to convert them into Google Cloud Platform accounts.
  • B. Enable Cloud Identity in the GCP Console for your domain.
  • C. Grant them the required IAM roles using their G Suite email address.
  • D. In the G Suite console, add the users to a special group called cloud-console- [email protected]. Rely on the default behavior of the Cloud Platform to grant users access if they are members of this group.

Answer: C

Explanation:
Explanation/Reference: https://cloud.google.com/resource-manager/docs/creating-managing-organization


NEW QUESTION # 155
You need to update a deployment in Deployment Manager without any resource downtime in the deployment.
Which command should you use?

  • A. gcloud deployment-manager resources create --config <deployment-config-path>
  • B. gcloud deployment-manager resources update --config <deployment-config-path>
  • C. gcloud deployment-manager deployments update --config <deployment-config-path>
  • D. gcloud deployment-manager deployments create --config <deployment-config-path>

Answer: C

Explanation:
Explanation/Reference: https://cloud.google.com/sdk/gcloud/reference/deployment-manager/deployments/update


NEW QUESTION # 156
......


About the Exam

The Associate Cloud Engineer exam is 2-hour long, contains 50 multiple-choice and multiple-select questions, and is available in three languages: English, Spanish, and Japanese. You have the choice of taking the exam online or sit for it at one test center located near your area. This exam has a registration fee of $125 and no prerequisites. However, it is recommended that you have at least six months of practical experience working with Google Cloud before taking this test.

After you have passed the exam, you will be issued a digital badge and certificate upon completion of the Google verification. Each certificate contains a sequential number that reflects its position among the list of Google-certified individuals.

Moreover, the Google Associate Cloud Engineer certification is valid for only two years from the date you obtain it. Then, you have to recertify to maintain your certification status. That’s why you will be receiving notifications for renewals 90, 60, and 30 days before the expiration date.

 

Updated Associate-Cloud-Engineer Tests Engine pdf - All Free Dumps Guaranteed: https://actualtests.vceprep.com/Associate-Cloud-Engineer-latest-vce-prep.html

Related Articles

more
Google Associate-Cloud-Engineer Certification Practice Exam