Google Cloud Certified Associate Cloud
Engineer Test Exam Study Guide Questions And
Answers Verified 100% Correct
The database commonly paired with App Engine. - ANSWER Datastore
Types of available roles. - ANSWER Types of available roles.
Primitive roles, predefined roles, and custom roles.
A feature that allows you to set the exact amount of memory and CPU. - CORRECT
ANSWER Custom machine type.
The binary to interact with Cloud Storage. - ANSWER `gsutil`
A fully managed data warehouse. - ANSWER BigQuery
The identity providers that Cloud IAM can use. - ANSWER G Suite, and
Cloud Identity, Google Groups, Gmail accounts, Service Accounts
The command to list the current configuration for `gcloud`. - ANSWER
`gcloud config list`
Why can't Cloud Storage objects be changed? - ANSWER They are
immutable.
Mounted directories that are accessible from inside containers. - ANSWER
Volumes
A tool that helps estimate costs. - ANSWER Pricing Calculator
The thing that is attached to a project so that you can pay for resources. - CORRECT
ANSWER Billing account
The command for creating a new Kubernetes Secret. - ANSWER `kubectl
create secret`
Interfaces for interacting with Google Cloud. - ANSWER - Directly to the
REST API
,- Cloud SDK
- Client libraries
- Console
A Kubernetes concept that represents the smallest unit of deployment. - CORRECT
ANSWER Pod
The command to list Kubernetes deployments. - ANSWER `kubectl get
deployments`
A common protocol and port used to connect to a Windows instance. - CORRECT
ANSWER RDP over port 3389.
The command to copy files to and from Cloud Storage. - ANSWER `gsutil
cp`
Google's infrastructure as code service. - ANSWER Deployment manager
Google's horizontally scalable SQL database. - ANSWER Spanner
NoSQL's realtime database. - ANSWER Firebase Realtime Database
Tool that exists in the Console allowing terminal access. - ANSWER Cloud
Shell
The two available operating systems to use on a Kubernetes Engine node. - CORRECT
ANSWER Container-Optimized OS (COS) or Ubuntu.
The meaning of this CIDR address range: 0.0.0.0/0 - ANSWER This
represents all IP addresses that exist.
The templates that Deployment Manager supports. - ANSWER YAML, Jinja,
and Python.
Command to list Kubernetes services. - ANSWER `kubectl get svc`
Your team is developing a product catalog that allows end users to search and filter.
The full catalog of products consists of about 500 products. The team doesn't have any
experience with SQL, or schema migrations, so they're considering a NoSQL option.
Which database service would work best?
A. Cloud SQL
B. Cloud Memorystore
C. Bigtable
,D. Cloud Datastore - ANSWER A. Cloud SQL Why is this incorrect?
The scenario ruled out SQL.
D. Cloud Datastore Why
is this correct?
Datastore can be queried, it's fully managed, and is a great option for catalog based
applications. Datastore also supports a basic query/filter syntax.
Your development team has asked you to set up an external TCP load balancer with
SSL offload. Which load balancer should you use?
A. SSL proxy
B. HTTP load balancer
C. TCP proxy
D. HTTPS load balancer - ANSWER A. SSL proxy
Why is this correct?
The SSL proxy meets all the criteria.
D. HTTPS load balancer
Why is this incorrect
HTTP(s) is a higher level protocol than TCP. The best option is to use the SSL proxy.
Your company has hired a third-party analytics company to help find patterns in user
data. Your development team has generated a file containing only the data they've
requested; which includes personally identifiable information. What is the best way
to share the data with the other company?
A. Create a new user for the company and grant them access to the original data
source for them to query. B. Send the file through email.
C. Put the data on Cloud Storage and generate a signed URL that will expire in one
hour, and securely share the URL.
D. Put the data on Cloud Storage in a public bucket and securely share the URL. -
ANSWER B. Send the file through email.
Why is this incorrect?
This is a big no! Even if the customer is using encrypted email, don't risk letting
sensitive data sit out on a contractor's personal devices.
C. Put the data on Cloud Storage and generate a signed URL that will expire in one
hour, and securely share the URL.
Why is this correct?
This will allow anyone with the URL to access the data for an hour.
You have an App Engine application serving as your front-end. It's going to publish
messages to Pub/Sub. The Pub/Sub API hasn't been enabled yet. What is the fastest
way to enable the API?
, A. Use a service account to auto-enable the API.
B. Enable the API in the Console.
C. Application's in App Engine don't require external APIs to be enabled.
D. The API will be enabled the first time the code attempts to access Pub/Sub. -
ANSWER B. Enable the API in the Console.
Why is this correct?
This is a simple way to enable APIs.
D. The API will be enabled the first time the code attempts to access Pub/Sub.
Why is this incorrect? APIs need to be enabled.
You have an autoscaled managed instance group that is set to scale based on CPU
utilization of 60%. There are currently 3 instances in the instance group. You're
connected to one of the instances and notice that the CPU usage is a 70%. However,
the instance group isn't starting up another instance. What's the most likely reason? A.
The autoscaler is disabled.
B. The autoscaler takes 60 seconds before creating a new instance.
C. The load balancer doesn't recognize the instance as healthy.
D. The average CPU for the entire instance group is below 60%. - ANSWER
C. The load balancer doesn't recognize the instance as healthy. Why is this
incorrect?
The load balancer doesn't have any impact on this scenario. The autoscaler averages
the CPU usage of the entire group, so one instance could be higher than the usage
threshold.
D. The average CPU for the entire instance group is below 60%.
Why is this correct?
The autoscaler averages the CPU usage of the entire group. so one instance could be
higher than the usage threshold.
Your manager needs you to test out the latest version of MS-SQL on a Windows
instance. You've created the VM and need to connect into the instance. What steps
should you follow to connect to the instance?
A. Generate a Windows password in the console, then use a client capable of
communicating via RDP and provide the credentials.
B. Generate a Windows password in the console, then use the RDP button to
connect in through the console.
C. Connect in with your own RDP client using your Google Cloud username and
password.
D. From the console click the SSH button to automatically connect. - ANSWER A.
Generate a Windows password in the console, then use a client capable of
communicating via RDP and provide the credentials.
Why is this correct?
Engineer Test Exam Study Guide Questions And
Answers Verified 100% Correct
The database commonly paired with App Engine. - ANSWER Datastore
Types of available roles. - ANSWER Types of available roles.
Primitive roles, predefined roles, and custom roles.
A feature that allows you to set the exact amount of memory and CPU. - CORRECT
ANSWER Custom machine type.
The binary to interact with Cloud Storage. - ANSWER `gsutil`
A fully managed data warehouse. - ANSWER BigQuery
The identity providers that Cloud IAM can use. - ANSWER G Suite, and
Cloud Identity, Google Groups, Gmail accounts, Service Accounts
The command to list the current configuration for `gcloud`. - ANSWER
`gcloud config list`
Why can't Cloud Storage objects be changed? - ANSWER They are
immutable.
Mounted directories that are accessible from inside containers. - ANSWER
Volumes
A tool that helps estimate costs. - ANSWER Pricing Calculator
The thing that is attached to a project so that you can pay for resources. - CORRECT
ANSWER Billing account
The command for creating a new Kubernetes Secret. - ANSWER `kubectl
create secret`
Interfaces for interacting with Google Cloud. - ANSWER - Directly to the
REST API
,- Cloud SDK
- Client libraries
- Console
A Kubernetes concept that represents the smallest unit of deployment. - CORRECT
ANSWER Pod
The command to list Kubernetes deployments. - ANSWER `kubectl get
deployments`
A common protocol and port used to connect to a Windows instance. - CORRECT
ANSWER RDP over port 3389.
The command to copy files to and from Cloud Storage. - ANSWER `gsutil
cp`
Google's infrastructure as code service. - ANSWER Deployment manager
Google's horizontally scalable SQL database. - ANSWER Spanner
NoSQL's realtime database. - ANSWER Firebase Realtime Database
Tool that exists in the Console allowing terminal access. - ANSWER Cloud
Shell
The two available operating systems to use on a Kubernetes Engine node. - CORRECT
ANSWER Container-Optimized OS (COS) or Ubuntu.
The meaning of this CIDR address range: 0.0.0.0/0 - ANSWER This
represents all IP addresses that exist.
The templates that Deployment Manager supports. - ANSWER YAML, Jinja,
and Python.
Command to list Kubernetes services. - ANSWER `kubectl get svc`
Your team is developing a product catalog that allows end users to search and filter.
The full catalog of products consists of about 500 products. The team doesn't have any
experience with SQL, or schema migrations, so they're considering a NoSQL option.
Which database service would work best?
A. Cloud SQL
B. Cloud Memorystore
C. Bigtable
,D. Cloud Datastore - ANSWER A. Cloud SQL Why is this incorrect?
The scenario ruled out SQL.
D. Cloud Datastore Why
is this correct?
Datastore can be queried, it's fully managed, and is a great option for catalog based
applications. Datastore also supports a basic query/filter syntax.
Your development team has asked you to set up an external TCP load balancer with
SSL offload. Which load balancer should you use?
A. SSL proxy
B. HTTP load balancer
C. TCP proxy
D. HTTPS load balancer - ANSWER A. SSL proxy
Why is this correct?
The SSL proxy meets all the criteria.
D. HTTPS load balancer
Why is this incorrect
HTTP(s) is a higher level protocol than TCP. The best option is to use the SSL proxy.
Your company has hired a third-party analytics company to help find patterns in user
data. Your development team has generated a file containing only the data they've
requested; which includes personally identifiable information. What is the best way
to share the data with the other company?
A. Create a new user for the company and grant them access to the original data
source for them to query. B. Send the file through email.
C. Put the data on Cloud Storage and generate a signed URL that will expire in one
hour, and securely share the URL.
D. Put the data on Cloud Storage in a public bucket and securely share the URL. -
ANSWER B. Send the file through email.
Why is this incorrect?
This is a big no! Even if the customer is using encrypted email, don't risk letting
sensitive data sit out on a contractor's personal devices.
C. Put the data on Cloud Storage and generate a signed URL that will expire in one
hour, and securely share the URL.
Why is this correct?
This will allow anyone with the URL to access the data for an hour.
You have an App Engine application serving as your front-end. It's going to publish
messages to Pub/Sub. The Pub/Sub API hasn't been enabled yet. What is the fastest
way to enable the API?
, A. Use a service account to auto-enable the API.
B. Enable the API in the Console.
C. Application's in App Engine don't require external APIs to be enabled.
D. The API will be enabled the first time the code attempts to access Pub/Sub. -
ANSWER B. Enable the API in the Console.
Why is this correct?
This is a simple way to enable APIs.
D. The API will be enabled the first time the code attempts to access Pub/Sub.
Why is this incorrect? APIs need to be enabled.
You have an autoscaled managed instance group that is set to scale based on CPU
utilization of 60%. There are currently 3 instances in the instance group. You're
connected to one of the instances and notice that the CPU usage is a 70%. However,
the instance group isn't starting up another instance. What's the most likely reason? A.
The autoscaler is disabled.
B. The autoscaler takes 60 seconds before creating a new instance.
C. The load balancer doesn't recognize the instance as healthy.
D. The average CPU for the entire instance group is below 60%. - ANSWER
C. The load balancer doesn't recognize the instance as healthy. Why is this
incorrect?
The load balancer doesn't have any impact on this scenario. The autoscaler averages
the CPU usage of the entire group, so one instance could be higher than the usage
threshold.
D. The average CPU for the entire instance group is below 60%.
Why is this correct?
The autoscaler averages the CPU usage of the entire group. so one instance could be
higher than the usage threshold.
Your manager needs you to test out the latest version of MS-SQL on a Windows
instance. You've created the VM and need to connect into the instance. What steps
should you follow to connect to the instance?
A. Generate a Windows password in the console, then use a client capable of
communicating via RDP and provide the credentials.
B. Generate a Windows password in the console, then use the RDP button to
connect in through the console.
C. Connect in with your own RDP client using your Google Cloud username and
password.
D. From the console click the SSH button to automatically connect. - ANSWER A.
Generate a Windows password in the console, then use a client capable of
communicating via RDP and provide the credentials.
Why is this correct?
