CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. Google Associate Cloud Engineer

Free Google Associate Cloud Engineer Exam Braindumps (page: 16)

Page 16 of 69
PDF with 283 Questions

Your organization is a financial company that needs to store audit log files for 3 years. Your organization has hundreds of Google Cloud projects. You need to implement a cost-effective approach for log file retention.
What should you do?

  1. Create an export to the sink that saves logs from Cloud Audit to BigQuery.
  2. Create an export to the sink that saves logs from Cloud Audit to a Coldline Storage bucket.
  3. Write a custom script that uses logging API to copy the logs from Stackdriver logs to BigQuery.
  4. Export these logs to Cloud Pub/Sub and write a Cloud Dataflow pipeline to store logs to Cloud SQL.

Answer(s): B

Explanation:

Coldline Storage is the perfect service to store audit logs from all the projects and is very cost- efficient as well. Coldline Storage is a very low-cost, highly durable storage service for storing infrequently accessed data.



You want to run a single caching HTTP reverse proxy on GCP for a latency-sensitive website. This specific reverse proxy consumes almost no CPU. You want to have a 30-GB in-memory cache, and need an additional 2 GB of memory for the rest of the processes. You want to minimize cost. How should you run this reverse proxy?

  1. Create a Cloud Memorystore for Redis instance with 32-GB capacity.
  2. Run it on Compute Engine, and choose a custom instance type with 6 vCPUs and 32 GB of memory.
  3. Package it in a container image, and run it on Kubernetes Engine, using n1-standard-32 instances as nodes.
  4. Run it on Compute Engine, choose the instance type n1-standard-1, and add an SSD persistent disk of 32 GB.

Answer(s): A

Explanation:

What is Google Cloud Memorystore?

Overview. Cloud Memorystore for Redis is a fully managed Redis service for Google Cloud Platform. Applications running on Google Cloud Platform can achieve extreme performance by leveraging the highly scalable, highly available, and secure Redis service without the burden of managing complex Redis deployments.



You are hosting an application on bare-metal servers in your own data center. The application needs access to Cloud Storage. However, security policies prevent the servers hosting the application from having public IP addresses or access to the internet. You want to follow Google-recommended practices to provide the application with access to Cloud Storage.
What should you do?

  1. 1. Use nslookup to get the IP address for storage.googleapis.com.2. Negotiate with the security team to be able to give a public IP address to the servers.3. Only allow egress traffic from those servers to the IP addresses for storage.googleapis.com.
  2. 1. Using Cloud VPN, create a VPN tunnel to a Virtual Private Cloud (VPC) in Google Cloud Platform (GCP).2. In this VPC, create a Compute Engine instance and install the Squid proxy server on this instance.3. Configure your servers to use that instance as a proxy to access Cloud Storage.
  3. 1. Use Migrate for Compute Engine (formerly known as Velostrata) to migrate those servers to Compute Engine.2. Create an internal load balancer (ILB) that uses storage.googleapis.com as backend.3. Configure your new instances to use this ILB as proxy.
  4. 1. Using Cloud VPN or Interconnect, create a tunnel to a VPC in GCP.2. Use Cloud Router to create a custom route advertisement for 199.36.153.4/30. Announce that network to your on-premises network through the VPN tunnel.3. In your on-premises network, configure your DNS server to resolve *.googleapis.com as a CNAME to restricted.googleapis.com.

Answer(s): D

Explanation:

Our requirement is to follow Google recommended practices to achieve the end result. Configuring Private Google Access for On-Premises Hosts is best achieved by VPN/Interconnect + Advertise

Routes + Use restricted Google IP Range.

Using Cloud VPN or Interconnect, create a tunnel to a VPC in GCP

Using Cloud Router to create a custom route advertisement for 199.36.153.4/30. Announce that network to your on-premises network through the VPN tunnel.

In your on-premises network, configure your DNS server to resolve *.googleapis.com as a CNAME to restricted.googleapis.com is the right answer right, and it is what Google recommends.


Reference:

https://cloud.google.com/vpc/docs/configure-private-google-access-hybrid

You must configure routes so that Google API traffic is forwarded through your Cloud VPN or Cloud Interconnect connection, firewall rules on your on-premises firewall to allow the outgoing traffic, and DNS so that traffic to Google APIs resolves to the IP range youve added to your routes.

You can use Cloud Router Custom Route Advertisement to announce the Restricted Google APIs IP addresses through Cloud Router to your on-premises network. The Restricted Google APIs IP range is 199.36.153.4/30.
While this is technically a public IP range, Google does not announce it publicly. This IP range is only accessible to hosts that can reach your Google Cloud projects through internal IP ranges, such as through a Cloud VPN or Cloud Interconnect connection. Without having a public IP address or access to the internet, the only way you could connect to cloud storage is if you have an internal route to it.

So Negotiate with the security team to be able to give public IP addresses to the servers is not right. Following Google recommended practices is synonymous with using Googles services (Not quite, but it is at least for the exam !!).

So In this VPC, create a Compute Engine instance and install the Squid proxy server on this instance is not right.

Migrating the VM to Compute Engine is a bit drastic when Google says it is perfectly fine to have Hybrid Connectivity architectures https://cloud.google.com/hybrid-connectivity.

So,

Use Migrate for Compute Engine (formerly known as Velostrata) to migrate these servers to Compute Engine is not right.



You want to deploy an application on Cloud Run that processes messages from a Cloud Pub/Sub topic. You want to follow Google-recommended practices.
What should you do?

  1. 1. Create a Cloud Function that uses a Cloud Pub/Sub trigger on that topic.2. Call your application on Cloud Run from the Cloud Function for every message.
  2. 1. Grant the Pub/Sub Subscriber role to the service account used by Cloud Run.2. Create a Cloud Pub/Sub subscription for that topic.3. Make your application pull messages from that subscription.
  3. 1. Create a service account.2. Give the Cloud Run Invoker role to that service account for your Cloud Run application.3. Create a Cloud Pub/Sub subscription that uses that service account and uses your Cloud Run application as the push endpoint.
  4. 1. Deploy your application on Cloud Run on GKE with the connectivity set to Internal.2. Create a Cloud Pub/Sub subscription for that topic.3. In the same Google Kubernetes Engine cluster as your application, deploy a container that takes the messages and sends them to your application.

Answer(s): C

Explanation:

https://cloud.google.com/run/docs/tutorials/pubsub#integrating-pubsub

1. Create a service account. 2. Give the Cloud Run Invoker role to that service account for your Cloud Run application. 3. Create a Cloud Pub/Sub subscription that uses that service account and uses your Cloud Run application as the push endpoint.



Page 16 of 69



Post your Comments and Discuss Google Google Associate Cloud Engineer exam with other Community members:

Narasimha commented on December 21, 2024
it is helpful for ACE GCP Exsm
INDIA
upvote

Preeti commented on December 20, 2024
How many questions in exam was from dump who give exam recently?
INDIA
upvote

Preeti commented on December 20, 2024
Have any of you taken the exam recently and passed just by using this dump?
INDIA
upvote

Sultan commented on December 04, 2024
Helpful for clearing ACE exam
Anonymous
upvote

Mike commented on November 19, 2024
In my opinion, they work well for me, but it depends on how you approach them. My method isn't about memorizing the exact questions and answers from the practice tests to use on the real exam. Instead, I focus on understanding why I got certain questions wrong so I can deepen my comprehension of the material.
EUROPEAN UNION
upvote

Prabhat Kumar commented on November 06, 2024
Google Google Associate Cloud Engineer
EUROPEAN UNION
upvote

Shawn commented on October 24, 2024
As you must know by now the exam is extremely hard. The only way to pass is to know the questions and answers and I found these dump questions very relevant to actual exam.
Canada
upvote

Soniksha commented on October 10, 2024
I purchased the full version of this exam and it turned out quire accurate. I passed with the help of this exam.
UNITED STATES
upvote

Paras Gupta commented on September 17, 2024
great it a good course
Anonymous
upvote

Chesare commented on September 12, 2024
Have any of you taken the exam recently and passed just by using this dump?
MEXICO
upvote

kkraj commented on September 11, 2024
start to preparing the exam
Anonymous
upvote

Thanvi commented on August 29, 2024
Preparing for the exam
Anonymous
upvote

Thanvi commented on August 29, 2024
checking questions
Anonymous
upvote

Vinay G commented on July 24, 2024
Preparing for the exam
Anonymous
upvote

gk commented on July 14, 2024
checking questions
UNITED STATES
upvote

Kacha-Aloo commented on June 18, 2022
The questions are valid in this exam dumps. I passed my exam yesterday. Now going to enjoy some cricket.
INDIA
upvote

Cow-Toy commented on August 06, 2021
I wrote my exam this morning and pass with a 78% mark. While practicing with the Xengine Simulator I kept getting 85% and more but in real exam I got 78%. This means that about 5% of the answers are wrong. Or I got them wrong. Regardlesss I passed.
UNITED STATES
upvote

Nerd-Boy commented on December 23, 2020
I got by buy 1 get 1 free deal. I passed my first exam today. Going for next one. It looks like due to COVID-19, it is easier to pass your certification exam.
UNITED STATES
upvote