Free Associate Cloud Engineer Exam Braindumps

Every employee of your company has a Google account. Your operational team needs to manage a large number of instances on Compute Engine. Each member of this team needs only administrative access to the servers. Your security team wants to ensure that the deployment of credentials is operationally efficient and must be able to determine who accessed a given instance. What should you do?

  1. Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key in the metadata of each instance.
  2. Ask each member of the team to generate a new SSH key pair and to send you their public key. Use a configuration management tool to deploy those keys on each instance.
  3. Ask each member of the team to generate a new SSH key pair and to add the public key to their Google account. Grant the “compute.osAdminLogin” role to the Google group corresponding to this team.
  4. Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key as a project-wide public SSH key in your Cloud Platform project and allow project-wide public SSH keys on each instance.

Answer(s): D


Reference:

https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys



You have a Linux server running on a custom network. There's an allow firewall rule with an IP filter of 0.0.0.0/0 with a protocol/port of tcp:22. The logs on the instance show a constant stream of attempts from different IP addresses, trying to connect via SSH. You suspect this is a brute force attack.
How might you change the firewall rule to stop this from happening and still enable access for legit users?

  1. Stop the instance.
  2. Deny all traffic to port 22.
  3. Change the port that SSH is running on in the instance and change the port number in the firewall rule.
  4. Change the IP address range in the filter to only allow known IP addresses.

Answer(s): D



You're about to deploy your team's App Engine application. They're using the Go runtime with a Standard Environment. Which command should you use to deploy the application?

  1. gcloud app deploy app.yaml
  2. gcloud app-engine apply app.yaml
  3. gcloud app apply app.yaml
  4. gcloud app-engine deploy app.yaml

Answer(s): A



You need to create a new development Kubernetes cluster with 4 nodes. The cluster will be named linux- academy-dev-cluster. Which of the following truncated commands will create a cluster?

  1. gcloud container clusters create linux-academy-dev- cluster --num-nodes 4
  2. kubectl clusters create linux-academy-dev-cluster 4
  3. kubectl clusters create linux-academy-dev-cluster --num-nodes 4
  4. gcloud container clusters create linux-academy-dev-cluster 4

Answer(s): A



You have a Cloud Storage bucket that needs to host static web assets. How do you make the bucket public?

  1. Trick question. Don't ever make a bucket public.
  2. Check the "make public" box in the UI.
  3. Set allUsers to have the Storage Object Viewer role.
  4. gsutil make-public gs://bucket-name

Answer(s): C