CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. Google Associate Cloud Engineer

Free Google Associate Cloud Engineer Exam Braindumps (page: 9)

Page 8 of 74
PDF with 290 Questions

You have an object in a Cloud Storage bucket that you want to share with an external company. The object contains sensitive data.
You want access to the content to be removed after four hours. The external company does not have a Google account to which you can grant specific user-based access privileges. You want to use the most secure method that requires the fewest steps.
What should you do?

  1. Create a signed URL with a four-hour expiration and share the URL with the company.
  2. Set object access to `public' and use object lifecycle management to remove the object after four hours.
  3. Configure the storage bucket as a static website and furnish the object's URL to the company.
    Delete the object from the storage bucket after four hours.
  4. Create a new Cloud Storage bucket specifically for the external company to access. Copy the object to that bucket. Delete the bucket after four hours have passed.

Answer(s): A

Explanation:

Signed URLs are used to give time-limited resource access to anyone in possession of the URL, regardless of whether they have a Google account. https://cloud.google.com/storage/docs/access- control/signed-urls



You are creating a Google Kubernetes Engine (GKE) cluster with a cluster autoscaler feature enabled. You need to make sure that each node of the cluster will run a monitoring pod that sends container metrics to a third-party monitoring solution.
What should you do?

  1. Deploy the monitoring pod in a StatefulSet object.
  2. Deploy the monitoring pod in a DaemonSet object.
  3. Reference the monitoring pod in a Deployment object.
  4. Reference the monitoring pod in a cluster initializer at the GKE cluster creation time.

Answer(s): B

Explanation:

https://cloud.google.com/kubernetes-engine/docs/concepts/daemonset https://cloud.google.com/kubernetes-engine/docs/concepts/daemonset#usage_patterns

DaemonSets attempt to adhere to a one-Pod-per-node model, either across the entire cluster or a subset of nodes. As you add nodes to a node pool, DaemonSets automatically add Pods to the new nodes as needed.

In GKE, DaemonSets manage groups of replicated Pods and adhere to a one-Pod-per-node model, either across the entire cluster or a subset of nodes. As you add nodes to a node pool, DaemonSets automatically add Pods to the new nodes as needed. So, this is a perfect fit for our monitoring pod. Ref: https://cloud.google.com/kubernetes-engine/docs/concepts/daemonset DaemonSets are useful for deploying ongoing background tasks that you need to run on all or certain nodes, and which do not require user intervention. Examples of such tasks include storage daemons like ceph, log collection daemons like fluentd, and node monitoring daemons like collectd. For example, you could have DaemonSets for each type of daemon run on all of your nodes. Alternatively, you could run multiple DaemonSets for a single type of daemon, but have them use different configurations for different hardware types and resource needs.



You want to send and consume Cloud Pub/Sub messages from your App Engine application. The Cloud Pub/Sub API is currently disabled. You will use a service account to authenticate your application to the API. You want to make sure your application can use Cloud Pub/Sub.
What should you do?

  1. Enable the Cloud Pub/Sub API in the API Library on the GCP Console.
  2. Rely on the automatic enablement of the Cloud Pub/Sub API when the Service Account accesses it.
  3. Use Deployment Manager to deploy your application. Rely on the automatic enablement of all APIs used by the application being deployed.
  4. Grant the App Engine Default service account the role of Cloud Pub/Sub Admin. Have your application enable the API on the first connection to Cloud Pub/Sub.

Answer(s): A

Explanation:

Quickstart: using the Google Cloud Console
This page shows you how to perform basic tasks in Pub/Sub using the Google Cloud Console.

Note: If you are new to Pub/Sub, we recommend that you start with the interactive tutorial.
Before you begin
Set up a Cloud Console project.
Set up a project

Click to:

Create or select a project.
Enable the Pub/Sub API for that project.
You can view and manage these resources at any time in the Cloud Console.

Install and initialize the Cloud SDK.
Note: You can run the gcloud tool in the Cloud Console without installing the Cloud SDK. To run the gcloud tool in the Cloud Console, use Cloud Shell .

https://cloud.google.com/pubsub/docs/quickstart-console



You need to monitor resources that are distributed over different projects in Google Cloud Platform. You want to consolidate reporting under the same Stackdriver Monitoring dashboard.
What should you do?

  1. Use Shared VPC to connect all projects, and link Stackdriver to one of the projects.
  2. For each project, create a Stackdriver account. In each project, create a service account for that project and grant it the role of Stackdriver Account Editor in all other projects.
  3. Configure a single Stackdriver account, and link all projects to the same account.
  4. Configure a single Stackdriver account for one of the projects. In Stackdriver, create a Group and add the other project names as criteria for that Group.

Answer(s): C

Explanation:

When you intially click on Monitoring(Stackdriver Monitoring) it creates a workspac(a stackdriver account) linked to the ACTIVE(CURRENT) Project from which it was clicked.

Now if you change the project and again click onto Monitoring it would create an another workspace(a stackdriver account) linked to the changed ACTIVE(CURRENT) Project, we don't want this as this would not consolidate our result into a single dashboard(workspace/stackdriver account).

If you have accidently created two diff workspaces merge them under Monitoring > Settings > Merge Workspaces > MERGE.

If we have only one workspace and two projects we can simply add other GCP Project under Monitoring > Settings > GCP Projects > Add GCP Projects.

https://cloud.google.com/monitoring/settings/multiple-projects Nothing about groups https://cloud.google.com/monitoring/settings?hl=en






Post your Comments and Discuss Google Google Associate Cloud Engineer exam with other Community members:

Google Associate Cloud Engineer Discussions & Posts