CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. Google Associate Cloud Engineer

Free Google Associate Cloud Engineer Exam Braindumps (page: 28)

Page 27 of 74
PDF with 290 Questions

Your company has a single sign-on (SSO) identity provider that supports Security Assertion Markup Language (SAML) integration with service providers. Your company has users in Cloud Identity. You would like users to authenticate using your company's SSO provider.
What should you do?

  1. In Cloud Identity, set up SSO with Google as an identity provider to access custom SAML apps.
  2. In Cloud Identity, set up SSO with a third-party identity provider with Google as a service provider.
  3. Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Mobile & Desktop Apps.
  4. Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Web Server Applications.

Answer(s): B

Explanation:

https://support.google.com/cloudidentity/answer/6262987?hl=en&ref_topic=7558767



Your organization has a dedicated person who creates and manages all service accounts for Google Cloud projects. You need to assign this person the minimum role for projects.
What should you do?

  1. Add the user to roles/iam.roleAdmin role.
  2. Add the user to roles/iam.securityAdmin role.
  3. Add the user to roles/iam.serviceAccountUser role.
  4. Add the user to roles/iam.serviceAccountAdmin role.

Answer(s): D


Reference:

https://cloud.google.com/iam/docs/creating-managing-service-accounts

Service Account User (roles/iam.serviceAccountUser): Includes permissions to list service accounts, get details about a service account, and impersonate a service account. Service Account Admin (roles/iam.serviceAccountAdmin): Includes permissions to list service accounts and get details about a service account. Also includes permissions to create, update, and delete service accounts, and to view or change the IAM policy on a service account.



You are building an archival solution for your data warehouse and have selected Cloud Storage to archive your data.
Your users need to be able to access this archived data once a quarter for some regulatory requirements. You want to select a cost-efficient option.
Which storage option should you use?

  1. Coldline Storage
  2. Nearline Storage
  3. Regional Storage
  4. Multi-Regional Storage

Answer(s): A

Explanation:

Coldline Storage is a very-low-cost, highly durable storage service for storing infrequently accessed data. Coldline Storage is ideal for data you plan to read or modify at most once a quarter. Since we have a requirement to access data once a quarter and want to go with the most cost-efficient option, we should select Coldline Storage.
Ref: https://cloud.google.com/storage/docs/storage-classes#coldline



A team of data scientists infrequently needs to use a Google Kubernetes Engine (GKE) cluster that you manage. They require GPUs for some long-running, non-restartable jobs. You want to minimize cost.
What should you do?

  1. Enable node auto-provisioning on the GKE cluster.
  2. Create a VerticalPodAutscaler for those workloads.
  3. Create a node pool with preemptible VMs and GPUs attached to those VMs.
  4. Create a node pool of instances with GPUs, and enable autoscaling on this node pool with a minimum size of 1.

Answer(s): A

Explanation:

auto-provisioning = Attaches and deletes node pools to cluster based on the requirements. Hence creating a GPU node pool, and auto-scaling would be better https://cloud.google.com/kubernetes- engine/docs/how-to/node-auto-provisioning






Post your Comments and Discuss Google Google Associate Cloud Engineer exam with other Community members:

Google Associate Cloud Engineer Discussions & Posts