NEW GCP DATA ENGINEER
CERTIFICATION PRACTICE Q&A TESTED
AND APPROVED NEWLY MODIFIED!!!
You have a Dataflow pipeline that runs data processing jobs. You need to identify the parts of
the pipeline code that consume the most resources. What should you do?
-Use Cloud Logging
-Use Cloud Profiler
-Use Cloud Monitoring
-Use Cloud Audit Logs
--ANSWER--Use Cloud Profiler
Correct. Cloud Profiler shows you a flame graph of statistics of the running jobs, which can
be used to evaluate resource usage.
Your data and applications reside in multiple geographies on Google Cloud. Some regional
laws require you to hold your own keys outside of the cloud provider environment, whereas
other laws are less restrictive and allow storing keys with the same provider who stores the
data. The management of these keys has increased in complexity, and you need a solution
that can centrally manage all your keys. What should you do?
-Enable confidential computing for all your virtual machines.
-Store your keys on a supported external key management partner, and use Cloud External
Key Manager (EKM) to get keys when required.
Page 1 of 118
,-Store your keys in Cloud Hardware Security Module (HSM), and retrieve keys from it when
required.
-Store keys in Cloud Key Management Service (KMS), and reduce the number of days
forautomatic key rotation.
--ANSWER--Store your keys on a supported external key management partner, and use
Cloud External Key Manager (EKM) to get keys when required.
Correct. With Cloud EKM, you manage access to your externally managed keys that reside
outside of Google Cloud. Because you need a single solution that also has to store keys
externally, this would be the appropriate option.
A company collects lots of consumer data from online marketing campaigns. Company plans
to use Google Cloud to store this collected data. The top management is worried about
exposing personally identifiable information (PII) that may be present in this data. What
should you do to reduce the risk of exposing PII data?
-Store all data in BigQuery and turn on column level access to protectsensitive data.
-Use Cloud Data Loss Prevention (Cloud DLP) to inspect and redact PII data.
-Ensure that all stored data is monitored by Security Command Center.
-Ensure that all PII data is removed from the collected data before storing it on Google
Cloud.
--ANSWER--Use Cloud Data Loss Prevention (Cloud DLP) to inspect and redact PII data.
Page 2 of 118
,Your company is very serious about data protection and hence decides to implement the
Principle of Least Privilege. What should you do to comply with this policy?
-Ensure that the access permissions are given strictly based on the person's title and job role. -
Ensure that the users are verified every time they request access, even if they were
authenticated earlier.
-When a task is assigned, ensure that it gets assigned to a person with the minimum
privileges.
-Give just enough permissions to get the task done.
--ANSWER--Give just enough permissions to get the task done.
Your company has multiple data analysts but a limited data engineering team. You need to
choose a tool where the analysts can build data pipelines themselves with a graphical user
interface. Which of these products is the most appropriate?
Cloud Composer
Cloud Data Fusion
Dataproc
Dataflow
--ANSWER--Cloud Data Fusion
Correct. The Cloud Data Fusion web UI lets you build scalable data integration solutions to
clean, prepare, blend, transfer, and transform data, without having to manage the
infrastructure.
Page 3 of 118
, You are creating a data pipeline for streaming data on Dataflow for Cymbal Retail's point of
sales data. You want to calculate the total sales per hour on a continuous basis. Which of
these windowing options should you use?
Global window
Tumbling windows (fixed windows in Apache Beam)
Hopping windows (sliding windows in Apache Beam)
Session windows
--ANSWER--Tumbling windows (fixed windows in Apache Beam)
Correct. A tumbling window (or fixed window in Apache Beam) is fixed duration and
nonoverlapping, which is the right option for this requirement.
You have a data pipeline that requires you to monitor a Cloud Storage bucket for a file, start a
Dataflow job to process data in the file, run a shell script to validate the processed data in
BigQuery, and then delete the original file. You need to orchestrate this pipeline by using
recommended tools. Which product should you choose?
-Cloud Scheduler
-Cloud Composer
-Cloud Run
-Cloud Tasks
--ANSWER--Cloud Composer
Correct. Cloud Composer, a managed version of Apache Airflow, can orchestrate a series of
data pipeline tasks.
Page 4 of 118
CERTIFICATION PRACTICE Q&A TESTED
AND APPROVED NEWLY MODIFIED!!!
You have a Dataflow pipeline that runs data processing jobs. You need to identify the parts of
the pipeline code that consume the most resources. What should you do?
-Use Cloud Logging
-Use Cloud Profiler
-Use Cloud Monitoring
-Use Cloud Audit Logs
--ANSWER--Use Cloud Profiler
Correct. Cloud Profiler shows you a flame graph of statistics of the running jobs, which can
be used to evaluate resource usage.
Your data and applications reside in multiple geographies on Google Cloud. Some regional
laws require you to hold your own keys outside of the cloud provider environment, whereas
other laws are less restrictive and allow storing keys with the same provider who stores the
data. The management of these keys has increased in complexity, and you need a solution
that can centrally manage all your keys. What should you do?
-Enable confidential computing for all your virtual machines.
-Store your keys on a supported external key management partner, and use Cloud External
Key Manager (EKM) to get keys when required.
Page 1 of 118
,-Store your keys in Cloud Hardware Security Module (HSM), and retrieve keys from it when
required.
-Store keys in Cloud Key Management Service (KMS), and reduce the number of days
forautomatic key rotation.
--ANSWER--Store your keys on a supported external key management partner, and use
Cloud External Key Manager (EKM) to get keys when required.
Correct. With Cloud EKM, you manage access to your externally managed keys that reside
outside of Google Cloud. Because you need a single solution that also has to store keys
externally, this would be the appropriate option.
A company collects lots of consumer data from online marketing campaigns. Company plans
to use Google Cloud to store this collected data. The top management is worried about
exposing personally identifiable information (PII) that may be present in this data. What
should you do to reduce the risk of exposing PII data?
-Store all data in BigQuery and turn on column level access to protectsensitive data.
-Use Cloud Data Loss Prevention (Cloud DLP) to inspect and redact PII data.
-Ensure that all stored data is monitored by Security Command Center.
-Ensure that all PII data is removed from the collected data before storing it on Google
Cloud.
--ANSWER--Use Cloud Data Loss Prevention (Cloud DLP) to inspect and redact PII data.
Page 2 of 118
,Your company is very serious about data protection and hence decides to implement the
Principle of Least Privilege. What should you do to comply with this policy?
-Ensure that the access permissions are given strictly based on the person's title and job role. -
Ensure that the users are verified every time they request access, even if they were
authenticated earlier.
-When a task is assigned, ensure that it gets assigned to a person with the minimum
privileges.
-Give just enough permissions to get the task done.
--ANSWER--Give just enough permissions to get the task done.
Your company has multiple data analysts but a limited data engineering team. You need to
choose a tool where the analysts can build data pipelines themselves with a graphical user
interface. Which of these products is the most appropriate?
Cloud Composer
Cloud Data Fusion
Dataproc
Dataflow
--ANSWER--Cloud Data Fusion
Correct. The Cloud Data Fusion web UI lets you build scalable data integration solutions to
clean, prepare, blend, transfer, and transform data, without having to manage the
infrastructure.
Page 3 of 118
, You are creating a data pipeline for streaming data on Dataflow for Cymbal Retail's point of
sales data. You want to calculate the total sales per hour on a continuous basis. Which of
these windowing options should you use?
Global window
Tumbling windows (fixed windows in Apache Beam)
Hopping windows (sliding windows in Apache Beam)
Session windows
--ANSWER--Tumbling windows (fixed windows in Apache Beam)
Correct. A tumbling window (or fixed window in Apache Beam) is fixed duration and
nonoverlapping, which is the right option for this requirement.
You have a data pipeline that requires you to monitor a Cloud Storage bucket for a file, start a
Dataflow job to process data in the file, run a shell script to validate the processed data in
BigQuery, and then delete the original file. You need to orchestrate this pipeline by using
recommended tools. Which product should you choose?
-Cloud Scheduler
-Cloud Composer
-Cloud Run
-Cloud Tasks
--ANSWER--Cloud Composer
Correct. Cloud Composer, a managed version of Apache Airflow, can orchestrate a series of
data pipeline tasks.
Page 4 of 118
