Professional-Cloud-Architect試験無料問題集（282題）「Google Certified Professional

出題：1

You have an application that runs in Google Kubernetes Engine (GKE). Over the last 2 weeks, customers have reported that a specific part of the application returns errors very frequently. You currently have no logging or monitoring solution enabled on your GKE cluster. You want to diagnose the problem, but you have not been able to replicate the issue. You want to cause minimal disruption to the application. What should you do?

A. 1. Create a new GKE cluster with Cloud Operations for GKE enabled, and deploy Prometheus.
2.Migrate the affected Pods to the new cluster, and redirect traffic for those Pods to the new cluster.
3.Set an alert to trigger whenever the application returns an error.

B. 1. Create a new GKE cluster with Cloud Operations for GKE enabled.
2.Migrate the affected Pods to the new cluster, and redirect traffic for those Pods to the new cluster.
3.Use the GKE Monitoring dashboard to investigate logs from affected Pods.

C. 1. Update your GKE cluster to use Cloud Operations for GKE, and deploy Prometheus.
2. Set an alert to trigger whenever the application returns an error.

D. 1. Update your GKE cluster to use Cloud Operations for GKE.
2. Use the GKE Monitoring dashboard to investigate logs from affected Pods.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

You have an outage in your Compute Engine managed instance group: all instance keep restarting after 5 seconds. You have a health check configured, but autoscaling is disabled. Your colleague, who is a Linux expert, offered to look into the issue. You need to make sure that he can access the VMs. What should you do?

A. Disable autoscaling for the instance group. Add his SSH key to the project-wide SSH Keys

B. Grant your colleague the IAM role of project Viewer

C. Perform a rolling restart on the instance group

D. Disable the health check for the instance group. Add his SSH key to the project-wide SSH keys

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

For this question, refer to the JencoMart case study.
JencoMart has decided to migrate user profile storage to Google Cloud Datastore and the application servers to Google Compute Engine (GCE). During the migration, the existing infrastructure will need access to Datastore to upload the data. What service account key-management strategy should you recommend?

A. Provision service account keys for the on-premises infrastructure and for the GCE virtual machines (VMs).

B. Provision service account keys for the on-premises infrastructure and use Google Cloud Platform (GCP) managed keys for the VMs

C. Authenticate the on-premises infrastructure with a user account and provision service account keys for the VMs.

D. Deploy a custom authentication service on GCE/Google Container Engine (GKE) for the on-premises infrastructure and use GCP managed keys for the VMs.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

You need to optimize batch file transfers into Cloud Storage for Mountkirk Games' new Google Cloud solution.
The batch files contain game statistics that need to be staged in Cloud Storage and be processed by an extract transform load (ETL) tool. What should you do?

A. Use gsutil to batch move files in sequence.

B. Use gsutil to load the files as the last part of ETL.

C. Use gsutil to batch copy the files in parallel.

D. Use gsutil to extract the files as the first part of ETL.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

You are deploying an application to Google Cloud. The application is part of a system. The application in Google Cloud must communicate over a private network with applications in a non-Google Cloud environment. The expected average throughput is 200 kbps. The business requires:
* 99.99% system availability
* cost optimization
You need to design the connectivity between the locations to meet the business requirements. What should you provision?

A. A Classic Cloud VPN gateway connected with two tunnels to an on-premises VPN gateway.

B. Two HA Cloud VPN gateways connected to two on-premises VPN gateways. Configure each HA Cloud VPN gateway to have two tunnels, each connected to different on-premises VPN gateways.

C. An HA Cloud VPN gateway connected with two tunnels to an on-premises VPN gateway.

D. A Classic Cloud VPN gateway connected with one tunnel to an on-premises VPN gateway.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

For this question, refer to the TerramEarth case study.
TerramEarth plans to connect all 20 million vehicles in the field to the cloud. This increases the volume to 20 million 600 byte records a second for 40 TB an hour. How should you design the data ingestion?

A. Vehicles continue to write data using the existing system (FTP).

B. Vehicles write data directly to Google Cloud Pub/Sub.

C. Vehicles stream data directly to Google BigQuery.

D. Vehicles write data directly to GCS.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

You are using Cloud Shell and need to install a custom utility for use in a few weeks. Where can you store the file so it is in the default execution path and persists across sessions?

A. Cloud Storage

B. /usr/local/bin

C. /google/scripts

D. ~/bin

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Your company's user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a
99.99% availability SLA under these conditions However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load. What should you do?

A. Capture existing users input, and replay captured user load until autoscale is triggered on all layers. At the same time, terminate all resources in one of the zones.

B. Capture existing users input, and replay captured user load until resource utilization crosses 80%. Also, derive estimated number of users based on existing users usage of the app, and deploy enough resources to handle 200% of expected load.

C. Create synthetic random user input, replay synthetic load until autoscale logic is triggered on at least one layer, and introduce "chaos" to the system by terminating random resources on both zones.

D. Expose the new system to a larger group of users, and increase group ' size each day until autoscale logic is tnggered on all layers. At the same time, terminate random resources on both zones.

正解：A 解答を投票する

出題：9

You need to develop procedures to test a disaster plan for a mission-critical application. You want to use Google-recommended practices and native capabilities within GCP.
What should you do?

A. Use Deployment Manager to automate provisioning. Use Stackdriver to monitor and debug your tests.

B. Use Deployment Manager to automate service provisioning. Use Activity Logs to monitor and debug your tests.

C. Use gcloud scripts to automate service provisioning. Use Activity Logs monitor and debug your tests.

D. Use automated scripts to automate service provisioning. Use Activity Logs monitor and debug your tests.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

You need to develop procedures to verify resilience of disaster recovery for remote recovery using GCP.
Your production environment is hosted on-premises. You need to establish a secure, redundant connection between your on premises network and the GCP network.
What should you do?

A. Verify that the Transfer Appliance can replicate files to GCP. Verify that direct peering can establish a secure connection between your networks if the Transfer Appliance fails.

B. Verify that Dedicated Interconnect can replicate files to GCP. Verify that Cloud VPN can establish a secure connection between your networks if Dedicated Interconnect fails.

C. Verify that Dedicated Interconnect can replicate files to GCP. Verify that direct peering can establish a secure connection between your networks if Dedicated Interconnect fails.

D. Verify that the Transfer Appliance can replicate files to GCP. Verify that Cloud VPN can establish a secure connection between your networks if the Transfer Appliance fails.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

A small number of API requests to your microservices-based application take a very long time. You know that each request to the API can traverse many services. You want to know which service takes the longest in those cases. What should you do?

A. Send custom metrics for each of your requests to Stackdriver Monitoring.

B. Instrument your application with Stackdnver Trace in order to break down the request latencies at each microservice.

C. Set timeouts on your application so that you can fail requests faster.

D. Use Stackdriver Monitoring to look for insights that show when your API latencies are high.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：12

Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?

A. Google Cloud Dedicated Interconnect

B. Google Cloud VPN connected to the data center network

C. A NAT and TLS translation gateway installed on-premises

D. A Google Compute Engine instance with a VPN server installed connected to the data center network

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：13

A recent audit that a new network was created in Your GCP project. In this network, a GCE instance has an SSH port open the world. You want to discover this network's origin. What should you do?

A. Connect to the GCE instance using project SSH Keys. Identify previous logins in system logs, and match these with the project owners list.

B. Navigate to the Activity page in the Home section. Set category to Data Access and search for Create VM entry.

C. In the logging section of the console, specify GCE Network as the logging section. Search for the Create Insert entry.

D. Search for Create VM entry in the Stackdriver alerting console.

正解：C 解答を投票する

出題：14

Your company has a project in Google Cloud with three Virtual Private Clouds (VPCs). There is a Compute Engine instance on each VPC. Network subnets do not overlap and must remain separated. The network configuration is shown below.

Instance #1 is an exception and must communicate directly with both Instance #2 and Instance #3 via internal IPs. How should you accomplish this?

A. Add two additional NICs to Instance #1 with the following configuration:
*NIC1
VPC: VPC #2
SUBNETWORK: subnet #2
*NIC2
VPC: VPC #3
SUBNETWORK: subnet #3
Update firewall rules to enable traffic between instances.

B. Create two VPN tunnels via CloudVPN:
*1 between VPC #1 and VPC #2.
*1 between VPC #2 and VPC #3.
Update firewall rules to enable traffic between the instances.

C. Create a cloud router to advertise subnet #2 and subnet #3 to subnet #1.

D. Peer all three VPCs:
*Peer VPC #1 with VPC #2.
*Peer VPC #2 with VPC #3.
Update firewall rules to enable traffic between the instances.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：15

Your company has a Google Workspace account and Google Cloud Organization Some developers in the company have created Google Cloud projects outside of the Google Cloud Organization You want to create an Organization structure that allows developers to create projects, but prevents them from modifying production projects You want to manage policies for all projects centrally and be able to set more restrictive policies for production projects You want to minimize disruption to users and developers when business needs change in the future You want to follow Google-recommended practices How should you design the Organization structure?

A. 1 Create a second Google Workspace account and Organization
2 Grant all developers the Project Creator IAM role on the new Organization
3 Move the developer projects into the new Organization
4 Set the policies for all projects on both Organizations.
5 Additionally set the production policies on the original Organization

B. 1 Create a folder under the Organization resource named "Production '
2 Grant all developers the Project Creator IAM role on the Organization 3. Move the developer projects into the Organization
4 Set the policies for all projects on the Organization
5 Additionally set the production policies on the 'Production" folder

C. 1 Designate the Organization for production projects only
2 Ensure that developers do not have the Project Creator IAM role on the Organization
3 Create development projects outside of the Organization using the developer Google Workspace accounts
4 Set the policies for all projects on the Organization
5 Additionally set the production policies on the individual production projects

D. 1 Create folders under the Organization resource named "Development" and Production'
2 Grant all developers the Project Creator IAM role on the ""Development1 folder 3. Move the developer projects into the "Development" folder
4 Set the policies for all projects on the Organization
5 Additionally set the production policies on the "Production" folder

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：16

You need to deploy a stateful workload on Google Cloud. The workload can scale horizontally, but each instance needs to read and write to the same POSIX filesystem. At high load, the stateful workload needs to support up to 100 MB/s of writes. What should you do?

A. Use a persistent disk for each instance.

B. Create a Cloud Filestore instance and mount it in each instance.

C. Use a regional persistent disk for each instance.

D. Create a Cloud Storage bucket and mount it in each instance using gcsfuse.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：17

You are using a single Cloud SQL instance to serve your application from a specific zone. You want to introduce high availability. What should you do?

A. Create a failover replica instance in a different region

B. Create a read replica instance in the same region, but in a different zone

C. Create a read replica instance in a different region

D. Create a failover replica instance in the same region, but in a different zone

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：18

For this question, refer to the JencoMart case study.
JencoMart has built a version of their application on Google Cloud Platform that serves traffic to Asia. You want to measure success against their business and technical goals. Which metrics should you track?

A. Total visits, error rates, and latency from Asia

B. The number of character sets present in the database

C. Error rates for requests from Asia

D. Latency difference between US and Asia

E. Total visits and average latency for users in Asia

正解：E 解答を投票する

出題：19

Your customer wants to capture multiple GBs of aggregate real-time key performance indicators (KPIs) from their game servers running on Google Cloud Platform and monitor the KPIs with low latency. How should they capture the KPIs?

A. Output custom metrics to Stackdriver from the game servers, and create a Dashboard in Stackdriver Monitoring Console to view them.

B. Store time-series data from the game servers in Google Bigtable, and view it using Google Data Studio.

C. Insert the KPIs into Cloud Datastore entities, and run ad hoc analysis and visualizations of them in Cloud Datalab.

D. Schedule BigQuery load jobs to ingest analytics files uploaded to Cloud Storage every ten minutes, and visualize the results in Google Data Studio.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：20

For this question, refer to the TerramEarth case study. A new architecture that writes all incoming data to BigQuery has been introduced. You notice that the data is dirty, and want to ensure data quality on an automated daily basis while managing cost.
What should you do?

A. Set up a streaming Cloud Dataflow job, receiving data by the ingestion process. Clean the data in a Cloud Dataflow pipeline.

B. Create a SQL statement on the data in BigQuery, and save it as a view. Run the view daily, and save the result to a new table.

C. Create a Cloud Function that reads data from BigQuery and cleans it. Trigger it. Trigger the Cloud Function from a Compute Engine instance.

D. Use Cloud Dataprep and configure the BigQuery tables as the source. Schedule a daily job to clean the data.

正解：A 解答を投票する

Professional-Cloud-Architect試験無料問題集「Google Certified Professional - Cloud Architect (GCP) 認定」