Here you have the best Google Associate Cloud Engineer practice exam questions
Every employee of your company has a Google account. Your operational team needs to manage a large number of instances on Compute Engine. Each member of this team needs only administrative access to the servers. Your security team wants to ensure that the deployment of credentials is operationally efficient and must be able to determine who accessed a given instance. What should you do?
To manage a large number of instances and ensure operational efficiency while maintaining security, each team member should generate their own SSH key pair and add the public key to their Google account. By granting the 'compute.osAdminLogin' role to the Google group corresponding to the team, you utilize Google Cloud's IAM feature to manage permissions centrally. This approach allows easy addition and removal of team members and ensures each access can be accurately tracked to the respective individual thanks to IAM logging, meeting the security team's requirements.
You need to create a custom VPC with a single subnet. The subnet's range must be as large as possible. Which range should you use?
To create a custom VPC with a single subnet with the largest possible range, you should use 10.0.0.0/8. This is because 10.0.0.0/8 is a private IP range as defined by RFC 1918 and allows for the largest possible subnet within that range. The /8 subnet mask means that only the first 8 bits of the address are used for network identification, leaving 24 bits for host addresses, which provides the largest number of available IP addresses. The other options, 172.16.0.0/12 and 192.168.0.0/16, provide progressively smaller ranges. Option 0.0.0.0/0 is not valid for this purpose as it represents all IP addresses and is not a private IP range suitable for a VPC subnet.
You want to select and configure a cost-effective solution for relational data on Google Cloud Platform. You are working with a small set of operational data in one geographic location. You need to support point-in-time recovery. What should you do?
To select a cost-effective solution for relational data on Google Cloud Platform, especially for a small set of operational data in one geographic location, Cloud SQL (MySQL) is appropriate. Cloud SQL supports point-in-time recovery, which requires enabling binary logging. This feature allows you to restore your database to a specific moment in time, which satisfies the need for point-in-time recovery.
You want to configure autohealing for network load balancing for a group of Compute Engine instances that run in multiple zones, using the fewest possible steps.
You need to configure re-creation of VMs if they are unresponsive after 3 attempts of 10 seconds each. What should you do?
To configure autohealing for a group of Compute Engine instances with a requirement to recreate VMs if they are unresponsive after a specified number of attempts, you need to use a managed instance group (MIG) with an autohealing policy. By setting the Autohealing health check to healthy (HTTP), the MIG can automatically recreate instances that fail the specified health checks. This setup ensures that instances are monitored and recreated if they are unresponsive, meeting the described criteria for autohealing without needing additional load balancer configurations.
You are using multiple configurations for gcloud. You want to review the configured Kubernetes Engine cluster of an inactive configuration using the fewest possible steps. What should you do?
To review the configured Kubernetes Engine cluster of an inactive configuration using the fewest possible steps, you should use the gcloud command-line tool. The command 'gcloud config configurations describe' allows you to directly review the details of a specific configuration, including the Kubernetes Engine cluster configuration, without needing to activate the configuration or switch contexts. This approach is the most efficient and accurate, avoiding unnecessary steps.