GCP Associate Cloud Engineer

Projects are a way of organizing and grouping resources in some logical way.

You can control access to resources within a project using IAM members and roles.

Resources within a project are billed together, so projects can be used to organize billing data.

All of the above.

Predefined

Primitive

Custom

Service

get.compute.instances

list.compute.instances

instances.list.compute

compute.instances.list

Project IDs must be unique in all the world.

Project names must be unique in all the world.

Project names and IDs must be the same.

Project names are specified when making service requests.

Their Gmail account

A Google group

Their G Suite domain account

A service account

All of the above

APIs have to be enabled within a project to be used.

API requests must be authenticated and the caller must be assigned a role that authorizes the API request.

Only IAM members working in the role of Project Owner, Project Editor or Project Developer can use an API. Other users must use the console.

You assign callers IAM roles to allow access to APIs.

Predefined

Custom

Primitive

Root

Services represent the products available within Google Cloud, and each service has an API that consists of a collection of functions that can be invoked when using the service.

Services are things provided by humans, like a help desk of tech support. Service APIs are things that are automated in code.

Services are those things aimed at end users, like Google Maps or Gmail. Service APIs are those things used by programmers, like Kubernetes or App Engine.

All of the above are true.

Create a login using a G Suite account and programmatically impersonate that account in your code.

Create a Service Account with only roles required by your program and download the Service Account key. Configure your software to use that key.

Add an SSH key to a Compute Engine instance metadata. Then add that SSH key as an IAM member within your project. Assign the required roles to that member.

All of the above would work.

Assign the Storage Object Viewer role at the Organization level. This will override the Project level permission.

Assign the Storage Object Viewer role at the Bucket level. This will override the Project level permission.

Put the bucket in a different project and assign them the Storage Object Viewer role at the bucket level.

You cannot remove access to the bucket, once you make them a Project Editor.

gcloud storage buckets create pet-photos

gcloud storage buckets create gs://pet-photos

gcloud storage create-bucket --name=pet-photos

gsutil mb gs://pet-photos

Use a Deployment Manager template.

Using Google Cloud Shell, run the gcloud compute instances create command.

Install the Google Cloud SDK on your computer and use the gcloud compute instances create command.

Use the Python SDK

All of the above would work.

gsutil cp noir.jpg gs://pet-photos

gcloud storage buckets copy --source=noir.jpg --target=gs://pet-photos

gcloud storage copy-file noir.jpg gs://pet-photos

gsutil copy noir.jpg gs://pet-photos

Node.js Express

Python Flask

Python Jinja

All of the above

None of the above, you cannot create dynamic deployment manager templates.

gcloud deployment-manager deployments create deployment-name --config template-file-name

gcloud deployment-manager create-deployment deployment-name --config template-file-name

deployment-manager create deployment-name --config template-file-name

dmutils cd deployment-name --config template-file-name

Go

Python

Java

C#

All of the above

All of the above except C#

gcloud compute instances create web-server --zone=us-central1-a

gcloud compute instances create web-server --zone=a --region=us-central1

gcloud compute create-instance web-server --zone=us-central1-a

gcloud compute us-central1 instances create --name=web-server --zone=a

gcloud bigquery queries select --sql="select * from animals_dataset.pets where type='Dog'"

gcloud bigquery jobs execute --query="select * from animals_dataset.pets where type='Dog'"

bq query "select * from animals_dataset.pets where type='Dog'"

bq.pets.select(pet => pet.type == "Dog")

XML

SQL

YAML

CSV

gcloud install

gcloud configure

gcloud init

gcloud config install

You add a CDN Distribution when configuring the service and use the distribution's URL when configuring a domain CNAME record.

It is enabled when you configure the backend service of an HTTP load balancer.

It is part of the Instance Group configuration.

It is enabled on a Cloud Storage bucket using the command: gsutil enable-cdn gs://bucket-name --true

In the Instance Template

In the Instance Group

In the Load Balancer Back End Service

In the Startup Script of the Virtual Machine Image

Download the RDP key used when creating the machine.

Download the SSH key used when creating the machine.

Generate a password for the account you want use to log into the machine.

Use PowerShell to enable Windows Virtual Desktop on the instance you want to connect to.

A single VPC network that can be used by 2 or more projects.

A VPC network that supports external IP addresses so machines outside the network can access them.

A network that uses a VPN and a Cloud Router to provide access from your on-premises network.

A network within your on-premises data center that GCP Compute Engine Virtual Machines can be added to.

Both ingress and egress rules are supported.

Tags or Service Accounts can be used to determine which machines in your VPC network Firewall Rules apply to.

CIDR addressing can be used to determine which machines outside your network can access the machines in your network.

All of the above are true.

RDP

SSH

TCP

All of the above could be used.

Create at least two machines in the same zone and put a load balancer in front of them.

Create at least two machines in different zones and put a load balancer in front of them.

Create one machine in GCP and a backup in AWS. Then use a DNS health check and forwarding rule to route to the backup in the event of a failure.

Create a health check that monitors a machine and trigger a Cloud Function to create a new machine if the health check fails.

Reduced network egress cost when delivering content all over the world.

Reduced latency and better performance when delivering content all over the world.

Protection against distributed denial of service attacks.

All of the above

RDP

SSH

TCP

All of the above could be used.

10.128.0.0/20

172.16.0.0/16

192.168.1.0/24

All of the above

The machine does not have a public IP.

There is no firewall rule that opens port 22.

Your SSH key is invalid.

All of the above could be the problem.

Create another machine in the same network that has an external IP and connect to it first, then connect from it to the machine that has no external IP.

Set up a VPN and connect through it.

Both of the above would work.

None of the above would work. You need to have an external IP address to connect to a machine from an external network.

MySQL

PostgreSQL

SQL Server 

All of the above

Spanner 

Bigtable 

BigQuery

Cloud SQL

Firestore

Bigtable 

Spanner 

Cloud Storage

It supports ACID transactions. 

You can create primary and secondary indexes.

There is a 1 GB free tier. 

All of the above are true.

Multi-regional 

Regional 

Nearline 

Coldline

Bucket names must be unique within your project. 

You pay for the amount of space reserved for a bucket when it is created. 

Versioning can be enabled on a bucket. 

All of the above are true.

Can be configured to run in a single region or multiple regions. 

Scales by adding additional nodes.

Supports strong consistency and ACID transactions. 

It is designed for very high availability.

All of the above are true.

Firestore

Spanner

Bigtable

BigQuery

Multi-regional 

Regional 

Nearline

Coldline

Create Terraform templates to deploy the application infrastructure on any cloud. Then, create shell scripts to deploy the application. Run the scripts from a Jenkins server when code changes are committed.

Create Kubernetes configuration files to deploy the application on a Kubernetes cluster. Use a script to create the Kubernetes cluster on the customers' preferred environment.

Create scripts to deploy the application to App Engine on GCP, Elastic Beanstalk on AWS or Azure Services. Use the appropriate script depending on the environment chosen.

Create a VMWare virtual machine that runs the application. Then, import that VM Image into the customers' preferred Cloud Environment when deploying the application.

Cloud Storage bucket changes

Pub/Sub Messages

HTTP requests

All of the above

A Deployment

A Horizontal Pod Autoscaler

A Load Balancer

All of the above

Compute Engine

Kubernetes

App Engine

Cloud Functions

DNS Serving

Multi-Cast Provisioning

Version Selectors

Traffic Splitting

Compute Engine

Kubernetes Engine

App Engine

Cloud Functions

gcloud app deploy --version=two --no-promote

gcloud app update --version=two --no-promote

gcloud app-engine deployments create my-app --version=two --traffic=0

gcloud app-engine deployments update my-app --version=two

kubectl apply -f app-config.yaml

gcloud kubernetes deployments create my-app --config=app-config.yaml

gcloud container deployments create my-app --config=app-config.yaml

gcloud deploy my-app--cluster=my-cluster --config=app-config.yaml

Compute Engine VMs

Kubernetes

App Engine

Cloud Functions

Node

Pod

Instance

Container

Tracing

Alerting

Resource monitoring

Uptime checks

You have to install the Stackdriver monitoring agent.

You have to install the Stackdriver logging agent.

Your machine needs full access to all Cloud APIs

All of the above.

Install the Stackdriver monitoring agent

Install the Stackdriver logging agent

Start the Linux resource monitoring daemon

You don't have to do anything, Stackdriver monitoring is enabled by default for Compute Engine VMs.

Compute Engine VM resources

AWS EC2 Instances

App Engine Usage

Kubernetes Clusters

All of these can be monitored

An uptime check

A health check

An alerting policy

A log export

Debugging

Tracing

Error Reporting

All of the above

A health check

An alerting policy

A logging pipeline

A resource monitor

Export the logs to Cloud Storage and create a Cloud Function to monitor changes.

Export the logs to Pub/Sub and create and a Dataflow job to monitor the stream for anomalies.

Export the logs to BigQuery and create an App Engine application to query the BigQuery data.

Export the logs to Datastore and monitor it with a Spark Cluster running in Dataproc.