A.  

Increase the Pub/Sub Total Timeout retry value.

B.  

Move from a Pub/Sub subscriber pull model to a push model.

C.  

Turn off Pub/Sub message batching.

D.  

Create a backup Pub/Sub message queue.

A.  

Use a private cluster with a private endpoint with master authorized networks configured.

B.  

Use a public cluster with firewall rules and Virtual Private Cloud (VPC) routes.

C.  

Use a private cluster with a public endpoint with master authorized networks configured.

D.  

Use a public cluster with master authorized networks enabled and firewall rules.

A.  

Provisioning preemptible VMs to reduce cost. Discontinue use of all GCP services and APIs that are not HIPAA-compliant.

B.  

Provisioning preemptible VMs to reduce cost. Disable and then discontinue use of all GCP and APIs that are not HIPAA-compliant.

C.  

Provision standard VMs in the same region to reduce cost. Discontinue use of all GCP services and APIs that are not HIPAA-compliant.

D.  

Provision standard VMs to the same region to reduce cost. Disable and then discontinue use of all GCP services and APIs that are not HIPAA-compliant.

A.  

Configure Cloud NAT on the subnet where the instance is hosted. Create an SSH connection to the Cloud NAT IP address to reach the instance.

B.  

Add all instances to an unmanaged instance group. Configure TCP Proxy Load Balancing with the instance group as a backend. Connect to the instance using the TCP Proxy IP.

C.  

Configure Identity-Aware Proxy (IAP) for the instance and ensure that you have the role of IAP-secured Tunnel User. Use the gcloud command line tool to ssh into the instance.

D.  

Create a bastion host in the network to SSH into the bastion host from your office location. From the bastion host, SSH into the desired instance.

A.  

Error rates for requests from Asia

B.  

Latency difference between US and Asia

C.  

Total visits, error rates, and latency from Asia

D.  

Total visits and average latency for users in Asia

E.  

The number of character sets present in the database

A.  

A single VPN tunnel, which limits throughput

B.  

A tier of Google Cloud Storage that is not suited for this task

C.  

A copy command that is not suited to operate over long distances

D.  

Fewer virtual machines (VMs) in GCP than on-premises machines

E.  

A separate storage layer outside the VMs, which is not suited for this task

F.  

Complicated internet connectivity between the on-premises infrastructure and GCP

A.  

Delete the virtual machine (VM) and disks and create a new one.

B.  

Delete the instance, attach the disk to a new VM, and investigate.

C.  

Take a snapshot of the disk and connect to a new machine to investigate.

D.  

Check inbound firewall rules for the network the machine is connected to.

E.  

Connect the machine to another network with very simple firewall rules and investigate.

F.  

Print the Serial Console output for the instance for troubleshooting, activate the interactive console, and investigate.

A.  

Cloud Spanner

B.  

Google BigQuery

C.  

Google Cloud SQL

D.  

Google Cloud Datastore

A.  

Provision service account keys for the on-premises infrastructure and for the GCE virtual machines (VMs).

B.  

Authenticate the on-premises infrastructure with a user account and provision service account keys for the VMs.

C.  

Provision service account keys for the on-premises infrastructure and use Google Cloud Platform (GCP) managed keys for the VMs

D.  

Deploy a custom authentication service on GCE/Google Container Engine (GKE) for the on-premises infrastructure and use GCP managed keys for the VMs.

A.  

Create two G Suite accounts to manage users: one for development/test/staging and one for production. Each account should contain one project for every application.

B.  

Create two G Suite accounts to manage users: one with a single project for all development applications and one with a single project for all production applications.

C.  

Create a single G Suite account to manage users with each stage of each application in its own project.

D.  

Create a single G Suite account to manage users with one project for the development/test/staging environment and one project for the production environment.

A.  

Have the vehicle’ computer compress the data in hourly snapshots, and store it in a Google Cloud storage (GCS) Nearline bucket.

B.  

Push the telemetry data in Real-time to a streaming dataflow job that compresses the data, and store it in Google BigQuery.

C.  

Push the telemetry data in real-time to a streaming dataflow job that compresses the data, and store it in Cloud Bigtable.

D.  

Have the vehicle's computer compress the data in hourly snapshots, a Store it in a GCS Coldline bucket.

A.  

Use AlloyDB for structured product data, and Cloud Storage for product images

B.  

Use Spanner for the structured product data, and BigTable for product images

C.  

Use Filestore for the structured product data and Cloud Storage for product images

D.  

Use Cloud Storage for structured product data, and BigQuery for product images

A.  

Use Cloud SQL to store the customer data and product catalog.

B.  

Configure Cloud Build to call Al Applications (formerly Vertex Al Agent Builder).

C.  

Deploy a Google Kubernetes Engine (GKE) cluster with autoscaling enabled

D.  

Create a single, large Compute Engine VM instance with a high CPU allocation.

A.  

Use a Cloud Storage bucket in the same region as your virtual machines Configure lifecycle policies to delete files after processing

B.  

Use Filestore to store temporary files

C.  

Use performance persistent disks.

D.  

Use Local SSDs attached to the VMs running the generative Al models

A.  

Design a migration plan to move all of Cymbal's data to Cloud Storage, and use Compute Engine for all business logic

B.  

Design a migration plan to move all of Cymbal's data to Cloud Storage, and use Cloud Run functions for all business logic

C.  

Design a migration plan, starting with a pilot project focusing on a specific product category, and gradually expand to other categories.

D.  

Design a migration plan with a scheduled window to move all components at once Perform extensive testing to ensure a successful migration.

A.  

Use a bastion host to provide secure access lo Google Cloud resources from Cymbal's on-premises systems.

B.  

Configure a static VPN connection using SSH tunnels to connect the on-premises systems to Google Cloud

C.  

Configure a Cloud VPN gateway and establish a VPN tunnel Configure firewall rules to restrict access to specific resources and services based on IP addresses and ports.

D.  

Use Google Cloud's VPC peering to connect Cymbal's on-premises network to Google Cloud.

A.  

Investigate if the project owner disabled a soft-delete policy on the bucket holding the video files.

B.  

Investigate if the project owner moved from dual-region storage to region storage

C.  

Investigate If the project owner enabled a soft-delete policy on the bucket holding the video files.

D.  

Investigate if the project owner moved from multi-region storage to region stotage.

A.  

Migrate all databases to Spanner for consistency, and use Cloud Storage Standard for image storage

B.  

Migrate all databases to self-managed instances on Compute Engino. and use a persistent disk for image storage.

C.  

Migrate MySQL and SQL Server to Spanner. Redis to Memorystore. and MongoDB to Firestore Use Cloud Storage Standard for image storage, and move

images to Cloud Storage Nearline storage when products become less popular.

D.  

Migrate MySQL to Cloud SQL. SQL Server to Cloud SQL. Redis to Memorystore. and MongoDB to Firestore. Use Cloud Storage Standard for image storage, and move images to Cloud Storage Coldline storage when products become less popular

A.  

Create CPU Utilization and Request Latency as service level indicators.

B.  

Create GKE CPU Utilization and Memory Utilization as service level indicators.

C.  

Create Request Latency and Error Rate as service level indicators.

D.  

Create Server Uptime and Error Rate as service level indicators.

A.  

Perform a mapping of the on-premises physical hardware cores and RAM to the nearest machine types in the cloud.

B.  

Recommend that Dress4Win deploy application servers to machine types that offer the highest RAM to CPU ratio available.

C.  

Recommend that Dress4Win deploy into production with the smallest instances available, monitor them over time, and scale the machine type up until the desired performance is reached.

D.  

Identify the number of virtual cores and RAM associated with the application server virtual machines align them to a custom machine type in the cloud, monitor performance, and scale the machine types up until the desired performance is reached.

A.  

Use gsutil to batch move files in sequence.

B.  

Use gsutil to batch copy the files in parallel.

C.  

Use gsutil to extract the files as the first part of ETL.

D.  

Use gsutil to load the files as the last part of ETL.

A.  

Upload your mobile app to the Firebase Test Lab, and test the mobile app on Android and iOS devices.

B.  

Create Android and iOS VMs on Google Cloud, install the mobile app on the VMs, and test the mobile app.

C.  

Create Android and iOS containers on Google Kubernetes Engine (GKE), install the mobile app on the

containers, and test the mobile app.

D.  

Upload your mobile app with different configurations to Firebase Hosting and test each configuration.

A.  

Configure an organizational policy which constrains where resources can be deployed.

B.  

Configure IAM conditions to limit what resources can be configured.

C.  

Configure the quotas for resources in the regions not being used to 0.

D.  

Configure a custom alert in Cloud Monitoring so you can disable resources as they are created in other

regions.

A.  

Create a service account (SA) in the legacy game's Google Cloud project, add this SA in the new game's IAM page, and then give it the Firebase Admin role in both projects

B.  

Create a service account (SA) in the legacy game's Google Cloud project, add a second SA in the new game's IAM page, and then give the Organization Admin role to both SAs

C.  

Create a service account (SA) in the legacy game's Google Cloud project, give it the Firebase Admin role, and then migrate the new game to the legacy game's project.

D.  

Create a service account (SA) in the lgacy game's Google Cloud project, give the SA the Organization Admin rule and then give it the Firebase Admin role in both projects

A.  

Configure a global load balancer connected to a managed instance group running Compute Engine

instances.

B.  

Configure kubemci with a global load balancer and Google Kubernetes Engine.

C.  

Configure a global load balancer with Google Kubernetes Engine.

D.  

Configure Ingress for Anthos with a global load balancer and Google Kubernetes Engine.

A.  

Configure Workload Identity and service accounts to be used by the application platform.

B.  

Use Kubernetes Secrets, which are obfuscated by default. Configure these Secrets to be used by the

application platform.

C.  

Configure Kubernetes Secrets to store the secret, enable Application-Layer Secrets Encryption, and use

Cloud Key Management Service (Cloud KMS) to manage the encryption keys. Configure these Secrets to

be used by the application platform.

D.  

Configure HashiCorp Vault on Compute Engine, and use customer managed encryption keys and Cloud

Key Management Service (Cloud KMS) to manage the encryption keys. Configure these Secrets to be used

by the application platform.

A.  

Replace the existing data warehouse with BigQuery. Use table partitioning.

B.  

Replace the existing data warehouse with a Compute Engine instance with 96 CPUs.

C.  

Replace the existing data warehouse with BigQuery. Use federated data sources.

D.  

Replace the existing data warehouse with a Compute Engine instance with 96 CPUs. Add an additional Compute Engine pre-emptible instance with 32 CPUs.

A.  

Request Transfer Appliances from Google Cloud, export the data to appliances, and return the appliances to Google Cloud.

B.  

Configure the Storage Transfer service from Google Cloud to send the data from your data center to Cloud Storage

C.  

Make sure there are no other users consuming the 1 Gbps link, and use multi-thread transfer to upload the data to Cloud Storage.

D.  

Export files to an encrypted USB device, send the device to Google Cloud, and request an import of the data to Cloud Storage

A.  

Create a scheduled job in Cloud Run to invoke a container every minute. The container will check the application URL If the application is down, switch the URL to the "Site is unavailable" page, and notify the Ops team.

B.  

Create a cron job on a Compute Engine VM that runs every minute. The cron job invokes a Python program to check the application URL If the application is down, switch the URL to the "Site is unavailable" page, and notify the Ops team.

C.  

Create a Cloud Monitoring uptime check to validate the application URL If it fails, put a message in a Pub/Sub queue that triggers a Cloud Function to switch the URL to the "Site is unavailable" page, and notify the Ops team.

D.  

Use Cloud Error Reporting to check the application URL If the application is down, switch the URL to the "Site is unavailable" page, and notify the Ops team.

A.  

Google Kubernetes Engine with an SSL Ingress

B.  

Cloud IoT Core with public/private key pairs

C.  

Compute Engine with project-wide SSH keys

D.  

Compute Engine with specific SSH keys

A.  

Deploy Cloud Run services to multiple availability zones. Create Cloud Endpoints that point to the services. Create a global HTIP(S) Load Balancing instance and attach the Cloud Endpoints to its backend.

B.  

Deploy Cloud Run services to multiple regions Create serverless network endpoint groups pointing to the services. Add the serverless NE Gs to a backend service that is used by a global HTIP(S) Load Balancing instance.

C.  

Cloud Run services to multiple regions. In Cloud DNS, create a latency-based DNS name that points to the services.

D.  

Deploy Cloud Run services to multiple availability zones. Create a TCP/IP global load balancer. Add the Cloud Run Endpoints to its backend service.

A.  

Use BigQuery as the data warehouse. Connect all vehicles to the network and stream data into BigQuery using Cloud Pub/Sub and Cloud Dataflow. Use Google Data Studio for analysis and reporting.

B.  

Use BigQuery as the data warehouse. Connect all vehicles to the network and upload gzip files to a Multi-Regional Cloud Storage bucket using gcloud. Use Google Data Studio for analysis and reporting.

C.  

Use Cloud Dataproc Hive as the data warehouse. Upload gzip files to a MultiRegional Cloud Storage

bucket. Upload this data into BigQuery using gcloud. Use Google data Studio for analysis and reporting.

D.  

Use Cloud Dataproc Hive as the data warehouse. Directly stream data into prtitioned Hive tables. Use Pig scripts to analyze data.

A.  

Open a support case regarding the CVE and chat with the support engineer.

B.  

Read the CVEs from the Google Cloud Status Dashboard to understand the impact.

C.  

Read the CVEs from the Google Cloud Platform Security Bulletins to understand the impact

D.  

Post a question regarding the CVE in Stack Overflow to get an explanation

E.  

Post a question regarding the CVE in a Google Cloud discussion group to get an explanation

A.  

Create a token and pass it in as an environment variable to func_display. When invoking func_query, include the token in the request Pass the same token to func _query and reject the invocation if the tokens are different.

B.  

Make func_query 'Require authentication.' Create a unique service account and associate it to func_display. Grant the service account invoker role for func_query. Create an id token in func_display and include the token to the request when invoking func_query.

C.  

Make func _query 'Require authentication' and only accept internal traffic. Create those two functions in the same VP

C.  

D.  

Create those two functions in the same project and VPC. Make func_query only accept internal traffic. Create an ingress firewall for func_query to only allow traffic from func_display. Also, make sure both functions use the same service account.

A.  

Web applications deployed using App Engine standard environment

B.  

RabbitMQ deployed using an unmanaged instance group

C.  

Hadoop/Spark deployed using Cloud Dataproc Regional in High Availability mode

D.  

Jenkins, monitoring, bastion hosts, security scanners services deployed on custom machine types

A.  

Deploy Nginx and Tomcat using Cloud Deployment Manager to Compute Engine. Deploy a Cloud SQL server to replace MySQL. Deploy Jenkins using Cloud Deployment Manager.

B.  

Deploy Nginx and Tomcat using Cloud Launcher. Deploy a MySQL server using Cloud Launcher. Deploy Jenkins to Compute Engine using Cloud Deployment Manager scripts.

C.  

Migrate Nginx and Tomcat to App Engine. Deploy a Cloud Datastore server to replace the MySQL server in a high-availability configuration. Deploy Jenkins to Compute Engine using Cloud Launcher.

D.  

Migrate Nginx and Tomcat to App Engine. Deploy a MySQL server using Cloud Launcher. Deploy Jenkins to Compute Engine using Cloud Launcher.

A.  

Use Firestore for its scalable and flexible document-based database. Use collections to aggregate race data

by season and event.

B.  

Use Cloud Spanner for its scalability and ability to version schemas with zero downtime. Split race data

using season as a primary key.

C.  

Use BigQuery for its scalability and ability to add columns to a schema. Partition race data based on

season.

D.  

Use Cloud SQL for its ability to automatically manage storage increases and compatibility with MySQL. Use

separate database instances for each season.

A.  

Use Explainable AI.

B.  

Use Vision AI.

C.  

Use Google Cloud’s operations suite.

D.  

Use Jupyter Notebooks.

A.  

Set up Cloud Tasks and a Cloud Storage bucket that triggers a Cloud Function.

B.  

Set up a Cloud Logging sink and a Cloud Storage bucket that triggers a Cloud Function.

C.  

Configure the deployment job to notify a Pub/Sub queue that triggers a Cloud Function.

D.  

Set up Identity and Access Management (IAM) and Confidential Computing to trigger a Cloud Function.

A.  

Apply a Cloud Armor security policy to external load balancers using a named IP list for Fastly.

B.  

Apply a Cloud Armor security policy to external load balancers using the IP addresses that Fastly has published. C. Apply a VPC firewall rule on port 443 for Fastly IP address ranges.

C.  

Apply a VPC firewall rule on port 443 for network resources tagged with scurceiplisr-fasrly.

A.  

Enable Binary Authorization on GKE, and sign containers as part of a CI/CD pipeline.

B.  

Configure Jenkins to utilize Kritis to cryptographically sign a container as part of a CI/CD pipeline.

C.  

Configure Container Registry to only allow trusted service accounts to create and deploy containers from the registry.

D.  

Configure Container Registry to use vulnerability scanning to confirm that there are no vulnerabilities before deploying the workload.

A.  

Store the card data in Secret Manager after running a query to identify duplicates.

B.  

Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode.

C.  

Encrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances.

D.  

Use column-level encryption to store the data in Cloud SQL.

A.  

Log into each Compute Engine instance and collect disk, CPU, memory, and network usage statistics for

analysis.

B.  

Use the gcloud compute instances list to list the virtual machine instances that have the idle: true label set.

C.  

Use the gcloud recommender command to list the idle virtual machine instances.

D.  

From the Google Console, identify which Compute Engine instances in the managed instance groups are

no longer responding to health check probes.

A.  

Configure reserved VM instances

B.  

Deploy spot VM instances.

C.  

Set up standard VM instances.

D.  

Use Cloud Run functions.

A.  

Set up VPC Service Controls to restrict access to sensitive resources and prevent data exfiltration.

B.  

Configure Cloud Next Generation Firewall (NGFW) with custom rules to filter malicious traffic at the network level.

C.  

Deploy Google Cloud Armor with pre-configured and custom rules for L3/L4 and L7 protection.

D.  

Activate Security Command Center to monitor security posture and detect potential threats.

A.  

Google Cloud Storage, Google Cloud Dataflow, Google Compute Engine

B.  

Google Cloud Storage, Google App Engine, Google Network Load Balancer

C.  

Google Kubernetes Registry, Google Container Engine, Google HTTP(S) Load Balancer

D.  

Google Cloud Functions, Google Cloud Pub/Sub, Google Cloud Deployment Manager

A.  

Verify that the database is online.

B.  

Verify that the project quota hasn't been exceeded.

C.  

Verify that the new feature code did not introduce any performance bugs.

D.  

Verify that the load-testing team is not running their tool against production.

A.  

Create a scalable environment in GCP for simulating production load.

B.  

Use the existing infrastructure to test the GCP-based backend at scale.

C.  

Build stress tests into each component of your application using resources internal to GCP to simulate load.

D.  

Create a set of static environments in GCP to test different levels of load — for example, high, medium, and low.

A.  

Container Engine, Cloud Pub/Sub, and Cloud SQL

B.  

Cloud Dataflow, Cloud Storage, Cloud Pub/Sub, and BigQuery

C.  

Cloud SQL, Cloud Storage, Cloud Pub/Sub, and Cloud Dataflow

D.  

Cloud Dataproc, Cloud Pub/Sub, Cloud SQL, and Cloud Dataflow

E.  

Cloud Pub/Sub, Compute Engine, Cloud Storage, and Cloud Dataproc

A.  

Tests should scale well beyond the prior approaches.

B.  

Unit tests are no longer required, only end-to-end tests.

C.  

Tests should be applied after the release is in the production environment.

D.  

Tests should include directly testing the Google Cloud Platform (GCP) infrastructure.

A.  

Create a project for development and test and another for staging and production.

B.  

Create a network for development and test and another for staging and production.

C.  

Create one subnetwork for development and another for staging and production.

D.  

Create one project for development, a second for staging and a third for production.

A.  

Verify EHR's product usage against the list of compliant products on the Google Cloud compliance page.

B.  

Advise EHR to execute a Business Associate Agreement (BAA) with Google Cloud.

C.  

Use Firebase Authentication for EHR's user facing applications.

D.  

Implement Prometheus to detect and prevent security breaches on EHR's web-based applications.

E.  

Use GKE private clusters for all Kubernetes workloads.

A.  

Configure two Partner Interconnect connections in one metro (City), and make sure the Interconnect connections are placed in different metro zones.

B.  

Configure two VPN connections from on-premises to Google Cloud, and make sure the VPN devices on-premises are in separate racks.

C.  

Configure Direct Peering between EHR Healthcare and Google Cloud, and make sure you are peering at least two Google locations.

D.  

Configure two Dedicated Interconnect connections in one metro (City) and two connections in another metro, and make sure the Interconnect connections are placed in different metro zones.

A.  

Add a new Dedicated Interconnect connection.

B.  

Upgrade the bandwidth on the Dedicated Interconnect connection to 100 G.

C.  

Add three new Cloud VPN connections.

D.  

Add a new Carrier Peering connection.

A.  

Add a new Dedicated Interconnect connection

B.  

Upgrade the bandwidth on the Dedicated Interconnect connection to 100 G

C.  

Add three new Cloud VPN connections

D.  

Add a new Carrier Peering connection

A.  

Create an Organizational Policy with a constraint to allow external IP addresses only on the frontend Compute Engine instances.

B.  

Revoke the compute.networkAdmin role from all users in the project with front end instances.

C.  

Create an Identity and Access Management (IAM) policy that maps the IT staff to the compute.networkAdmin role for the organization.

D.  

Create a custom Identity and Access Management (IAM) role named GCE_FRONTEND with the compute.addresses.create permission.

A.  

Store as much analytics and game activity data as financially feasible today so it can be used to train machine learning models to predict user behavior in the future.

B.  

Begin packaging their game backend artifacts in container images and running them on Kubernetes Engine to improve the availability to scale up or down based on game activity.

C.  

Set up a CI/CD pipeline using Jenkins and Spinnaker to automate canary deployments and improve development velocity.

D.  

Adopt a schema versioning tool to reduce downtime when adding new game features that require storing additional player data in the database.

E.  

Implement a weekly rolling maintenance process for the Linux virtual machines so they can apply critical kernel patches and package updates and reduce the risk of 0-day vulnerabilities.

A.  

Evaluate the impact of migrating their current batch ETL code to Cloud Dataflow.

B.  

Write a schema migration plan to denormalize data for better performance in BigQuery.

C.  

Draw an architecture diagram that shows how to move from a single MySQL database to a MySQL cluster.

D.  

Load 10 TB of analytics data from a previous game into a Cloud SQL instance, and run test queries against the full dataset to confirm that they complete successfully.

E.  

Integrate Cloud Armor to defend against possible SQL injection attacks in analytics files uploaded to Cloud Storage.

A.  

Deploy failure injection software to the game analytics platform that can inject additional latency to mobile client analytics traffic.

B.  

Build a test client that can be run from a mobile phone emulator on a Compute Engine virtual machine, and run multiple copies in Google Cloud Platform regions all over the world to generate realistic traffic.

C.  

Add the ability to introduce a random amount of delay before beginning to process analytics files uploaded from mobile devices.

D.  

Create an opt-in beta of the game that runs on players' mobile devices and collects response times from analytics endpoints running in Google Cloud Platform regions all over the world.

A.  

Create network load balancers. Use preemptible Compute Engine instances.

B.  

Create network load balancers. Use non-preemptible Compute Engine instances.

C.  

Create a global load balancer with managed instance groups and autoscaling policies. Use preemptible Compute Engine instances.

D.  

Create a global load balancer with managed instance groups and autoscaling policies. Use non-preemptible Compute Engine instances.

A.  

Create an instance template for the backend. For every region, deploy it on a multi-zone managed instance group. Use an L4 load balancer.

B.  

Create an instance template for the backend. For every region, deploy it on a single-zone managed instance group. Use an L4 load balancer.

C.  

Create an instance template for the backend. For every region, deploy it on a multi-zone managed instance group. Use an L7 load balancer.

D.  

Create an instance template for the backend. For every region, deploy it on a single-zone managed instance group. Use an L7 load balancer.

A.  

Cloud Bigtable

B.  

Cloud Spanner

C.  

BigQuery

D.  

Cloud Datastore

A.  

Use Cloud SQL for time series data, and use Cloud Bigtable for historical data queries.

B.  

Use Cloud SQL to replace MySQL, and use Cloud Spanner for historical data queries.

C.  

Use Cloud Bigtable to replace MySQL, and use BigQuery for historical data queries.

D.  

Use Cloud Bigtable for time series data, use Cloud Spanner for transactional data, and use BigQuery for historical data queries.