CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. Google Cloud Architect Professional

Free Google Cloud Architect Professional Exam Braindumps (page: 18)

Page 17 of 68
PDF with 278 Questions
View Related Case Study

Mountkirk Games wants you to secure the connectivity from the new gaming application platform to

Google
Cloud. You want to streamline the process and follow Google-recommended practices.
What should you do?

  1. Configure Workload Identity and service accounts to be used by the application platform.
  2. Use Kubernetes Secrets, which are obfuscated by default. Configure these Secrets to be used by the application platform.
  3. Configure Kubernetes Secrets to store the secret, enable Application-Layer Secrets Encryption, and use
    Cloud Key Management Service (Cloud KMS) to manage the encryption keys. Configure these Secrets to be used by the application platform.
  4. Configure HashiCorp Vault on Compute Engine, and use customer managed encryption keys and Cloud
    Key Management Service (Cloud KMS) to manage the encryption keys. Configure these Secrets to be used by the application platform.

Answer(s): A



View Related Case Study

Your development team has created a mobile game app. You want to test the new mobile app on Android and iOS devices with a variety of configurations. You need to ensure that testing is efficient and cost- effective.
What should you do?

  1. Upload your mobile app to the Firebase Test Lab, and test the mobile app on Android and iOS devices.
  2. Create Android and iOS VMs on Google Cloud, install the mobile app on the VMs, and test the mobile app.
  3. Create Android and iOS containers on Google Kubernetes Engine (GKE), install the mobile app on the containers, and test the mobile app.
  4. Upload your mobile app with different configurations to Firebase Hosting and test each configuration.

Answer(s): C

Explanation:



View Related Case Study

For this question, refer to the Helicopter Racing League (HRL) case study. Your team is in charge of creating a payment card data vault for card numbers used to bill tens of thousands of viewers, merchandise consumers,
and season ticket holders. You need to implement a custom card tokenization service that meets the following requirements:

· It must provide low latency at minimal cost.

· It must be able to identify duplicate credit cards and must not store plaintext card numbers.

· It should support annual key rotation.
Which storage approach should you adopt for your tokenization service?

  1. Store the card data in Secret Manager after running a query to identify duplicates.
  2. Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode.
  3. Encrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances.
  4. Use column-level encryption to store the data in Cloud SQL.

Answer(s): B



View Related Case Study

For this question, refer to the Helicopter Racing League (HRL) case study. Recently HRL started a new regional racing league in Cape Town, South Afric

  1. In an effort to give customers in Cape Town a better user experience, HRL has partnered with the Content Delivery Network provider, Fastly. HRL needs to allow traffic coming from all of the Fastly IP address ranges into their Virtual Private Cloud network (VPC network). You are a member of the HRL security team and you need to configure the update that will allow only the Fastly IP
    address ranges through the External HTTP(S) load balancer.
    Which command should you use?
  2. glouc compute firewall rules update hlr-policy \
    --priority 1000 \
    target tags-sourceiplist fastly \
    --allow tcp:443
  3. gcloud compute security policies rules update 1000 \
    --security-policy hlr-policy \
    --expression "evaluatePreconfiguredExpr('sourceiplist-fastly')" \
    --action " allow"
  4. gcloud compute firewall rules update sourceiplist-fastly \
    priority 1000 \
    allow tcp: 443
  5. gcloud compute priority-policies rules update
    1000 \
    security policy from fastly
    --src- ip-ranges"
    -- action " allow"

Answer(s): B


Reference:

https://cloud.google.com/load-balancing/docs/https D18912E1457D5D1DDCBD40AB3BF70D5D






Post your Comments and Discuss Google Google Cloud Architect Professional exam with other Community members:

Google Cloud Architect Professional Discussions & Posts