CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. Google Associate Cloud Engineer

Free Google Associate Cloud Engineer Exam Braindumps (page: 38)

Page 38 of 69
PDF with 283 Questions

You are running multiple VPC-native Google Kubernetes Engine clusters in the same subnet. The IPs available for the nodes are exhausted, and you want to ensure that the clusters can grow in nodes when needed.
What should you do?

  1. Create a new subnet in the same region as the subnet being used.
  2. Add an alias IP range to the subnet used by the GKE clusters.
  3. Create a new VPC, and set up VPC peering with the existing VP
  4. Expand the CIDR range of the relevant subnet for the cluster.

Answer(s): D

Explanation:

gcloud compute networks subnets expand-ip-range NAME gcloud compute networks subnets expand-ip-range - expand the IP range of a Compute Engine subnetwork https://cloud.google.com/sdk/gcloud/reference/compute/networks/subnets/expand-ip-range



You have a batch workload that runs every night and uses a large number of virtual machines (VMs). It is fault- tolerant and can tolerate some of the VMs being terminated. The current cost of VMs is too high.
What should you do?

  1. Run a test using simulated maintenance events. If the test is successful, use preemptible N1 Standard VMs when running future jobs.
  2. Run a test using simulated maintenance events. If the test is successful, use N1 Standard VMs when running future jobs.
  3. Run a test using a managed instance group. If the test is successful, use N1 Standard VMs in the managed instance group when running future jobs.
  4. Run a test using N1 standard VMs instead of N2. If the test is successful, use N1 Standard VMs when running future jobs.

Answer(s): A

Explanation:

Creating and starting a preemptible VM instance This page explains how to create and use a preemptible virtual machine (VM) instance. A preemptible instance is an instance you can create and run at a much lower price than normal instances. However, Compute Engine might terminate (preempt) these instances if it requires access to those resources for other tasks. Preemptible instances will always terminate after 24 hours. To learn more about preemptible instances, read the preemptible instances documentation. Preemptible instances are recommended only for fault- tolerant applications that can withstand instance preemptions. Make sure your application can handle preemptions before you decide to create a preemptible instance. To understand the risks and value of preemptible instances, read the preemptible instances documentation. https://cloud.google.com/compute/docs/instances/create-start-preemptible-instance



You are working with a user to set up an application in a new VPC behind a firewall. The user is concerned about data egress. You want to configure the fewest open egress ports.
What should you do?

  1. Set up a low-priority (65534) rule that blocks all egress and a high-priority rule (1000) that allows only the appropriate ports.
  2. Set up a high-priority (1000) rule that pairs both ingress and egress ports.
  3. Set up a high-priority (1000) rule that blocks all egress and a low-priority (65534) rule that allows only the appropriate ports.
  4. Set up a high-priority (1000) rule to allow the appropriate ports.

Answer(s): A

Explanation:

Implied rules Every VPC network has two implied firewall rules. These rules exist, but are not shown in the Cloud Console: Implied allow egress rule. An egress rule whose action is allow, destination is 0.0.0.0/0, and priority is the lowest possible (65535) lets any instance send traffic to any destination, except for traffic blocked by Google Cloud. A higher priority firewall rule may restrict outbound access. Internet access is allowed if no other firewall rules deny outbound traffic and if the instance has an external IP address or uses a Cloud NAT instance. For more information, see Internet access requirements. Implied deny ingress rule. An ingress rule whose action is deny, source is 0.0.0.0/0, and priority is the lowest possible (65535) protects all instances by blocking incoming connections to them. A higher priority rule might allow incoming access. The default network includes some additional rules that override this one, allowing certain types of incoming connections. https://cloud.google.com/vpc/docs/firewalls#default_firewall_rules



Your company runs its Linux workloads on Compute Engine instances. Your company will be working with a new operations partner that does not use Google Accounts. You need to grant access to the instances to your operations partner so they can maintain the installed tooling.
What should you do?

  1. Enable Cloud IAP for the Compute Engine instances, and add the operations partner as a Cloud IAP Tunnel User.
  2. Tag all the instances with the same network tag. Create a firewall rule in the VPC to grant TCP access on port 22 for traffic from the operations partner to instances with the network tag.
  3. Set up Cloud VPN between your Google Cloud VPC and the internal network of the operations partner.
  4. Ask the operations partner to generate SSH key pairs, and add the public keys to the VM instances.

Answer(s): D

Explanation:

IAP controls access to your App Engine apps and Compute Engine VMs running on Google Cloud. It leverages user identity and the context of a request to determine if a user should be allowed access. IAP is a building block toward BeyondCorp, an enterprise security model that enables employees to work from untrusted networks without using a VPN.

By default, IAP uses Google identities and IAM. By leveraging Identity Platform instead, you can authenticate users with a wide range of external identity providers, such as:

Email/password

OAuth (Google, Facebook, Twitter, GitHub, Microsoft, etc.)

SAML

OIDC

Phone number

Custom

Anonymous

This is useful if your application is already using an external authentication system, and migrating your users to Google accounts is impractical.

https://cloud.google.com/iap/docs/using-tcp-forwarding#grant-permission



Page 38 of 69



Post your Comments and Discuss Google Google Associate Cloud Engineer exam with other Community members:

Narasimha commented on December 21, 2024
it is helpful for ACE GCP Exsm
INDIA
upvote

Preeti commented on December 20, 2024
How many questions in exam was from dump who give exam recently?
INDIA
upvote

Preeti commented on December 20, 2024
Have any of you taken the exam recently and passed just by using this dump?
INDIA
upvote

Sultan commented on December 04, 2024
Helpful for clearing ACE exam
Anonymous
upvote

Mike commented on November 19, 2024
In my opinion, they work well for me, but it depends on how you approach them. My method isn't about memorizing the exact questions and answers from the practice tests to use on the real exam. Instead, I focus on understanding why I got certain questions wrong so I can deepen my comprehension of the material.
EUROPEAN UNION
upvote

Prabhat Kumar commented on November 06, 2024
Google Google Associate Cloud Engineer
EUROPEAN UNION
upvote

Shawn commented on October 24, 2024
As you must know by now the exam is extremely hard. The only way to pass is to know the questions and answers and I found these dump questions very relevant to actual exam.
Canada
upvote

Soniksha commented on October 10, 2024
I purchased the full version of this exam and it turned out quire accurate. I passed with the help of this exam.
UNITED STATES
upvote

Paras Gupta commented on September 17, 2024
great it a good course
Anonymous
upvote

Chesare commented on September 12, 2024
Have any of you taken the exam recently and passed just by using this dump?
MEXICO
upvote

kkraj commented on September 11, 2024
start to preparing the exam
Anonymous
upvote

Thanvi commented on August 29, 2024
Preparing for the exam
Anonymous
upvote

Thanvi commented on August 29, 2024
checking questions
Anonymous
upvote

Vinay G commented on July 24, 2024
Preparing for the exam
Anonymous
upvote

gk commented on July 14, 2024
checking questions
UNITED STATES
upvote

Kacha-Aloo commented on June 18, 2022
The questions are valid in this exam dumps. I passed my exam yesterday. Now going to enjoy some cricket.
INDIA
upvote

Cow-Toy commented on August 06, 2021
I wrote my exam this morning and pass with a 78% mark. While practicing with the Xengine Simulator I kept getting 85% and more but in real exam I got 78%. This means that about 5% of the answers are wrong. Or I got them wrong. Regardlesss I passed.
UNITED STATES
upvote

Nerd-Boy commented on December 23, 2020
I got by buy 1 get 1 free deal. I passed my first exam today. Going for next one. It looks like due to COVID-19, it is easier to pass your certification exam.
UNITED STATES
upvote