Google Associate Cloud Engineer Exam Dumps 2022 Google Associate Cloud Engineer Practice Tests 2022. Contains 750+ exam questions to pass the exam in first attempt. SkillCertPro offers real exam questions for practice for all major IT certifications. For a full set of 75 0 + questions. Go to https://skillcertpro.com/product/google - cloud - certified - associate - cloud - engineer - practice - exam - set/ SkillCertPro offers detailed explanations to each question which helps to understand the concepts better. It is recommended to score above 85% in Skill CertPro exams before attempting a real exam. SkillCertPro updates exam questions every 2 weeks. You will get life time access and life time free updates SkillCertPro assures 100% pass guarantee in first attempt. Below are the free 10 sample questions. Question 1: You are creating a Kubernetes Engine cluster to deploy multiple pods inside the cluster. All container logs must be stored in BigQuery for later analysis. You want to follow Google-recommended practices. Which two approaches can you take? A. Turn on Stackdriver Logging during the Kubernetes Engine cluster creation. B. Turn on Stackdriver Monitoring during the Kubernetes Engine cluster creation. C. Develop a custom add-on that uses Cloud Logging API and BigQuery API. Deploy the add-on to your Kubernetes Engine cluster. D. Use the Stackdriver Logging export feature to create a sink to Cloud Storage. Create a Cloud Dataflow job that imports log files from Cloud Storage to BigQuery. E. Use the Stackdriver Logging export feature to create a sink to BigQuery. Specify a filter expression to export log records related to your Kubernetes Engine cluster only. Answer: A, E Explanation: Correct answers are A & E Option A as creating a cluster with Stackdriver Logging option will enable all the container logs to be stored in Stackdriver Logging. Option E as Stackdriver Logging support exporting logs to BigQuery by creating sinks Refer GCP documentation – Kubernetes logging Option B is wrong as creating a cluster with Stackdriver Monitoring option will enable monitoring metrics to be gathered, but it has nothing to do with logging. Option C is wrong as even if you can develop a Kubernetes addon that will send logs to BigQuery, this is not a Google-recommended practice. Option D is wrong as this is not a Google recommended practice. Question 2: Your company has a mission-critical application that serves users globally. You need to select a transactional and relational data storage system for this application. Which two products should you choose? A. BigQuery B. Cloud SQL C. Cloud Spanner D. Cloud Bigtable E. Cloud Datastore Answer: B, C Explanation: Correct answers are B & C Option B as because Cloud SQL is a relational and transactional database in the list. Option C as Spanner is a relational and transactional database in the list. Refer GCP documentation – Storage Options Option A is wrong as BigQuery is not a transactional system. Option D is wrong as Cloud Bigtable provides transactional support but it’ s not relational. Option E is wrong as Datastore is not a relational data storage system. Question 3: You want to find out who in your organization has Owner access to a project called “ my-project ” . What should you do? A. In the Google Cloud Platform Console, go to the IAM page for your organization and apply the filter Role:Owner. B. In the Google Cloud Platform Console, go to the IAM page for your project and apply the filter Role:Owner. C. Use gcloud iam list-grantable-role --project my-project from your Terminal. D. Use gcloud iam list-grantable-role from Cloud Shell on the project page. Answer: B Explanation: Correct answer is B as this shows you the Owners of the project. Option A is wrong as it will give the org-wide owners, but you are interested in the project owners, which could be different. Option C is wrong as this command is to list grantable roles for a resource, but does not return who has a specific role. Option D is wrong as this command is to list grantable roles for a resource, but does not return who has a specific role. Question 4: You need to verify the assigned permissions in a custom IAM role. What should you dou A. Use the GCP Console, IAM section to view the information. B. Use the gcloud init command to view the information. C. Use the GCP Console, Security section to view the information. D. Use the GCP Console, API section to view the information. Answer: A Explanation: Correct answer is A as this is the correct console area to view permission assigned to a custom role in a particular project. Refer GCP documentation – IAM Custom Rules Option B is wrong as gcloud init will not provide the information required. Options C and D are wrong as these are not the correct areas to view this information. Question 5: You have an App Engine application serving as your front-end. It’ s going to publish messages to Pub/Sub. The Pub/Sub API hasn’ t been enabled yet. What is the fastest way to enable the API? A. Use a service account with the Pub/Sub Admin role to auto-enable the API. B. Enable the API in the Console. C. Application's in App Engine don't require external APIs to be enabled. D. The API will be enabled the first time the code attempts to access Pub/Sub. Answer: B Explanation: Correct answer is B as the simplest way to enable an API for the project is using the GCP console. Refer GCP documentation Enable/Disable APIs The simplest way to enable an API for your project is to use the GCP Console, though you can also enable an API using gcloud or using the Service Usage API. You can find out more about these options in the Service Usage API docs. To enable an API for your project using the console: 1. Go to the GCP Console API Library. 2. From the projects list, select a project or create a new one. 3. In the API Library, select the API you want to enable. If you need help finding the API, use the search field and/or the filters. 4. On the API page, click ENABLE. For a full set of 750+ questions. Go to https://skillcertpro.com/product/google - cloud - certified - associate - cloud - engineer - practice - exam - set/ SkillCertPro offers detailed explanations to each question which helps to understand the concepts better. It is recommended to score above 85% in SkillCertPro exams before attempting a real exam. SkillCertPro updates exam questions every 2 weeks. You will get life time access and life time free updates SkillCertPro assures 100% pass guarantee in first attemp t. Question 6: Your development team has asked you to set up an external TCP load balancer with SSL offload. Which load balancer should you use? A. SSL proxy B. HTTP load balancer C. TCP proxy D. HTTPS load balancer Answer: A Explanation: Correct answer is A as SSL proxy support TCP traffic with an ability to SSL offload. Refer GCP documentation – Choosing Load Balancer Google Cloud SSL Proxy Load Balancing terminates user SSL (TLS) connections at the load balancing layer, then balances the connections across your instances using the SSL or TCP protocols. Cloud SSL proxy is intended for non-HTTP(S) traffic. For HTTP(S) traffic, HTTP(S) load balancing is recommended instead. SSL Proxy Load Balancing supports both IPv4 and IPv6 addresses for client traffic. Client IPv6 requests are terminated at the load balancing layer, then proxied over IPv4 to your backends. Options B & D are wrong as they are recommended for HTTP or HTTPS traffic only Option C is wrong as TCP proxy does not support SSL offload. Question 7: Your company wants to host confidential documents in Cloud Storage. Due to compliance requirements, there is a need for the data to be highly available and resilient even in case of a regional outage. Which storage classes help meet the requirement? A. Standard B. Regional C. Coldline D. Dual-Regional E. Multi-Regional Answer: C, E Explanation: Correct answers are C & E as Multi-Regional and Coldline storage classes provide multi-region geo-redundant deployment, which can sustain regional failure. Refer GCP documentation – Cloud Storage Classes Multi-Regional Storage is geo-redundant. The geo-redundancy of Coldline Storage data is determined by the type of location in which it is stored: Coldline Storage data stored in multi-regional locations is redundant across multiple regions, providing higher availability than Coldline Storage data stored in regional locations. Data that is geo-redundant is stored redundantly in at least two separate geographic places separated by at least 100 miles. Objects stored in multi- regional locations are geo-redundant, regardless of their storage class. Geo-redundancy occurs asynchronously, but all Cloud Storage data is redundant within at least one geographic place as soon as you upload it. Geo-redundancy ensures maximum availability of your data, even in the event of large-scale disruptions, such as natural disasters. For a dual-regional location, geo- redundancy is achieved using two specific regional locations. For other multi- regional locations, geo-redundancy is achieved using any combination of data centers within the specified multi-region, which may include data centers that are not explicitly available as regional locations. Question 8: Your manager needs you to test out the latest version of MS-SQL on a Windows instance. You’ ve created the VM and need to connect into the instance. What steps should you follow to connect to the instance? A. Generate a Windows password in the console, then use a client capable of communicating via RDP and provide the credentials. B. Generate a Windows password in the console, and then use the RDP button to connect in through the console. C. Connect in with your own RDP client using your Google Cloud username and password. D. From the console click the SSH button to automatically connect. Answer: A Explanation: Correct answer is A as connecting to Windows instance involves installation of the RDP client. GCP does not provide RDP client and it needs to be installed. Generate Windows instance password to connect to the instance. Refer GCP documentation – Windows Connecting to Instance Option B is wrong as GCP Console does not have a direct RDP connectivity. Option C is wrong as a seperate windows password needs to be generate. Google Cloud username password cannot be used. Option D is wrong as you cannot connect to Windows instance using SSH. Question 9: You need to create a new development Kubernetes cluster with 3 nodes. The cluster will be named project-1-cluster. Which of the following truncated commands will create a cluster? A. gcloud container clusters create project-1-cluster --num-nodes 3 B. kubectl clusters create project-1-cluster 3 C. kubectl clusters create project-1-cluster --num-nodes 3 D. gcloud container clusters create project-1-cluster 3 Answer: A Explanation: Correct answer is A as Kubernetes cluster can be created using the gcloud command only, with the cluster name and –num-nodes parameter. Refer GCP documentation – Kubernetes Create Cluster gcloud container clusters create my-regional-cluster num-nodes 2 \ region us- west1 Options B & C are wrong as kubectl cannot be used to create Kubernetes cluster. Option D is wrong as the 3 parameter is invalid and needs to follow a parameter. Question 10: Your security team wants to be able to audit network traffic inside of your network. What ’ s the best way to ensure they have access to the data they need? A. Disable flow logs. B. Enable flow logs. C. Enable VPC Network logs D. Add a firewall capture filter. Answer: B Explanation: Correct answer is B as VPC Flow logs track all the network flows and needs to be enabled. Refer GCP documentation – VPC Flow logs VPC Flow Logs record a sample of network flows sent from and received by VM instances. These logs can be used for network monitoring, forensics, real-time security analysis, and expense optimization. Flow logs are aggregated by connection, at 5-second intervals, from Compute Engine VMs and exported in real time. By subscribing to Cloud Pub/Sub, you can analyze flow logs using real-time streaming APIs. For a full set of 750+ questions. Go to https://skillcertpro.com/product/google - cloud - certified - associate - cloud - engineer - practice - exam - set/ SkillCertPro offers detailed explanations to each question which helps to understand the concept s better. It is recommended to score above 85% in SkillCertPro exams before attempting a real exam. SkillCertPro updates exam questions every 2 weeks. You will get life time access and life time free updates SkillCertPro assures 100% pass guarantee in fi rst attempt.