Winter Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: v4s65

  1. Home
  2. Google
  3. Google Cloud Certified
  4. Associate-Cloud-Engineer - Google Cloud Certified - Associate Cloud Engineer

Associate-Cloud-Engineer Exam Dumps - Google Cloud Certified - Associate Cloud Engineer

Searching for workable clues to ace the Google Associate-Cloud-Engineer Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s Associate-Cloud-Engineer PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 49

You want to set up a Google Kubernetes Engine cluster Verifiable node identity and integrity are required for the cluster, and nodes cannot be accessed from the internet. You want to reduce the operational cost of managing your cluster, and you want to follow Google-recommended practices. What should you do?

A.

Deploy a private autopilot cluster

B.

Deploy a public autopilot cluster.

C.

Deploy a standard public cluster and enable shielded nodes.

D.

Deploy a standard private cluster and enable shielded nodes.

Full Access
Question # 50

Your web application has been running successfully on Cloud Run for Anthos. You want to evaluate an updated version of the application with a specific percentage of your production users (canary deployment). What should you do?

A.

Create a new service with the new version of the application. Split traffic between this version and the version that is currently running.

B.

Create a new revision with the new version of the application. Split traffic between this version and the version that is currently running.

C.

Create a new service with the new version of the application. Add an HTTP Load Balancer in front of both services.

D.

Create a new revision with the new version of the application. Add an HTTP Load Balancer in front of both revisions.

Full Access
Question # 51

Your company developed a mobile game that is deployed on Google Cloud. Gamers are connecting to the game with their personal phones over the Internet. The game sends UDP packets to update the servers about the gamers' actions while they are playing in multiplayer mode. Your game backend can scale over multiple virtual machines (VMs), and you want to expose the VMs over a single IP address. What should you do?

A.

Configure an SSL Proxy load balancer in front of the application servers.

B.

Configure an Internal UDP load balancer in front of the application servers.

C.

Configure an External HTTP(s) load balancer in front of the application servers.

D.

Configure an External Network load balancer in front of the application servers.

Full Access
Question # 52

You recently discovered that your developers are using many service account keys during their development process. While you work on a long term improvement, you need to quickly implement a process to enforce short-lived service account credentials in your company. You have the following requirements:

• All service accounts that require a key should be created in a centralized project called pj-sa.

• Service account keys should only be valid for one day.

You need a Google-recommended solution that minimizes cost. What should you do?

A.

Implement a Cloud Run job to rotate all service account keys periodically in pj-sa. Enforce an org policy to deny service account key creation with an exception to pj-sa.

B.

Implement a Kubernetes Cronjob to rotate all service account keys periodically. Disable attachment ofservice accounts to resources in all projects with an exception to pj-sa.

C.

Enforce an org policy constraint allowing the lifetime of service account keys to be 24 hours. Enforce an org policy constraint denying service account key creation with an exception on pj-sa.

D.

Enforce a DENY org policy constraint over the lifetime of service account keys for 24 hours. Disable attachment of service accounts to resources in all projects with an exception to pj-sa.

Full Access
Question # 53

You have an application that looks for its licensing server on the IP 10.0.3.21. You need to deploy the licensing server on Compute Engine. You do not want to change the configuration of the application and want the application to be able to reach the licensing server. What should you do?

A.

Reserve the IP 10.0.3.21 as a static internal IP address using gcloud and assign it to the licensing server.

B.

Reserve the IP 10.0.3.21 as a static public IP address using gcloud and assign it to the licensing server.

C.

Use the IP 10.0.3.21 as a custom ephemeral IP address and assign it to the licensing server.

D.

Start the licensing server with an automatic ephemeral IP address, and then promote it to a static internal IP address.

Full Access
Question # 54

An application generates daily reports in a Compute Engine virtual machine (VM). The VM is in the project corp-iot-insights. Your team operates only in the project corp-aggregate-reports and needs a copy of the daily exports in the bucket corp-aggregate-reports-storage. You want to configure access so that the daily reports from the VM are available in the bucket corp-aggregate-reports-storage and use as few steps as possible while following Google-recommended practices. What should you do?

A.

Move both projects under the same folder.

B.

Grant the VM Service Account the role Storage Object Creator on corp-aggregate-reports-storage.

C.

Create a Shared VPC network between both projects. Grant the VM Service Account the role Storage Object Creator on corp-iot-insights.

D.

Make corp-aggregate-reports-storage public and create a folder with a pseudo-randomized suffix name. Share the folder with the IoT team.

Full Access
Question # 55

You significantly changed a complex Deployment Manager template and want to confirm that the dependencies of all defined resources are properly met before committing it to the project. You want the most rapid feedback on your changes. What should you do?

A.

Use granular logging statements within a Deployment Manager template authored in Python.

B.

Monitor activity of the Deployment Manager execution on the Stackdriver Logging page of the GCP Console.

C.

Execute the Deployment Manager template against a separate project with the same configuration, and monitor for failures.

D.

Execute the Deployment Manager template using the –-preview option in the same project, and observe the state of interdependent resources.

Full Access
Question # 56

You built an application on your development laptop that uses Google Cloud services. Your application uses Application Default Credentials for authentication and works fine on your development laptop. You want to migrate this application to a Compute Engine virtual machine (VM) and set up authentication using Google- recommended practices and minimal changes. What should you do?

A.

Assign appropriate access for Google services to the service account used by the Compute Engine VM.

B.

Create a service account with appropriate access for Google services, and configure the application to use this account.

C.

Store credentials for service accounts with appropriate access for Google services in a config file, and deploy this config file with your application.

D.

Store credentials for your user account with appropriate access for Google services in a config file, and deploy this config file with your application.

Full Access
Go to page:

Hot Exams

AZ-900 Dumps
200-301 Dumps
350-401 Dumps
350-701 Dumps
AZ-104 Dumps
CS0-003 Dumps
N10-009 Dumps
SY0-701 Dumps
CAS-005 Dumps
PT0-003 Dumps
ZDTA Dumps