Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Google
  3. Google Cloud Certified
  4. Associate-Cloud-Engineer - Google Cloud Certified - Associate Cloud Engineer

Associate-Cloud-Engineer Exam Dumps - Google Cloud Certified - Associate Cloud Engineer

Go to page:
Question # 25

You have sensitive data stored in three Cloud Storage buckets and have enabled data access logging. You want to verify activities for a particular user for these buckets, using the fewest possible steps. You need to verify the addition of metadata labels and which files have been viewed from those buckets. What should you do?

A.

Using the GCP Console, filter the Activity log to view the information.

B.

Using the GCP Console, filter the Stackdriver log to view the information.

C.

View the bucket in the Storage section of the GCP Console.

D.

Create a trace in Stackdriver to view the information.

Full Access
Question # 26

You have an application that runs on Compute Engine VM instances in a custom Virtual Private Cloud (VPC). Your company's security policies only allow the use to internal IP addresses on VM instances and do not let VM instances connect to the internet. You need to ensure that the application can access a file hosted in a Cloud Storage bucket within your project. What should you do?

A.

Enable Private Service Access on the Cloud Storage Bucket.

B.

Add slorage.googleapis.com to the list of restricted services in a VPC Service Controls perimeter and add your project to the list to protected projects.

C.

Enable Private Google Access on the subnet within the custom VPC.

D.

Deploy a Cloud NAT instance and route the traffic to the dedicated IP address of the Cloud Storage bucket.

Full Access
Question # 27

Every employee of your company has a Google account. Your operational team needs to manage a large number of instances on Compute Engine. Each member of this team needs only administrative access to the servers. Your security team wants to ensure that the deployment of credentials is operationally efficient and must be able to determine who accessed a given instance. What should you do?

A.

Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key in the metadata of each instance.

B.

Ask each member of the team to generate a new SSH key pair and to send you their public key. Use a configuration management tool to deploy those keys on each instance.

C.

Ask each member of the team to generate a new SSH key pair and to add the public key to their Google account. Grant the “compute.osAdminLogin” role to the Google group corresponding to this team.

D.

Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key as a project-wide public SSH key in your Cloud Platform project and allow project-wide public SSH keys on each instance.

Full Access
Question # 28

Your company has workloads running on Compute Engine and on-premises. The Google Cloud Virtual Private Cloud (VPC) is connected to your WAN over a Virtual Private Network (VPN). You need to deploy a new Compute Engine instance and ensure that no public Internet traffic can be routed to it. What should you do?

A.

Create the instance without a public IP address.

B.

Create the instance with Private Google Access enabled.

C.

Create a deny-all egress firewall rule on the VPC network.

D.

Create a route on the VPC to route all traffic to the instance over the VPN tunnel.

Full Access
Question # 29

Several employees at your company have been creating projects with Cloud Platform and paying for it with their personal credit cards, which the company reimburses. The company wants to centralize all these projects under a single, new billing account. What should you do?

A.

Contact cloud-billing@google.com with your bank account details and request a corporate billing account for your company.

B.

Create a ticket with Google Support and wait for their call to share your credit card details over the phone.

C.

In the Google Platform Console, go to the Resource Manage and move all projects to the root Organization.

D.

In the Google Cloud Platform Console, create a new billing account and set up a payment method.

Full Access
Question # 30

You have deployed an application on a Compute Engine instance. An external consultant needs to access the Linux-based instance. The consultant is connected to your corporate network through a VPN connection, but the consultant has no Google account. What should you do?

A.

Instruct the external consultant to use the gcloud compute ssh command line tool by using Identity-Aware Proxy to access the instance.

B.

Instruct the external consultant to use the gcloud compute ssh command line tool by using the public IP address of the instance to access it.

C.

Instruct the external consultant to generate an SSH key pair, and request the public key from the consultant.Add the public key to the instance yourself, and have the consultant access the instance through SSH with their private key.

D.

Instruct the external consultant to generate an SSH key pair, and request the private key from the consultant.Add the private key to the instance yourself, and have the consultant access the instance through SSH with their public key.

Full Access
Question # 31

Your company runs its Linux workloads on Compute Engine instances. Your company will be working with a new operations partner that does not use Google Accounts. You need to grant access to the instances to your operations partner so they can maintain the installed tooling. What should you do?

A.

Enable Cloud IAP for the Compute Engine instances, and add the operations partner as a Cloud IAP Tunnel User.

B.

Tag all the instances with the same network tag. Create a firewall rule in the VPC to grant TCP access on port 22 for traffic from the operations partner to instances with the network tag.

C.

Set up Cloud VPN between your Google Cloud VPC and the internal network of the operations partner.

D.

Ask the operations partner to generate SSH key pairs, and add the public keys to the VM instances.

Full Access
Question # 32

You are working for a startup that was officially registered as a business 6 months ago. As your customer base grows, your use of Google Cloud increases. You want to allow all engineers to create new projects without asking them for their credit card information. What should you do?

A.

Create a Billing account, associate a payment method with it, and provide all project creators with permission to associate that billing account with their projects.

B.

Grant all engineer’s permission to create their own billing accounts for each new project.

C.

Apply for monthly invoiced billing, and have a single invoice tor the project paid by the finance team.

D.

Create a billing account, associate it with a monthly purchase order (PO), and send the PO to Google Cloud.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps