New Professional-Cloud-Architect Test Materials & Valid Professional-Cloud-Architect Test Engine [Q140-Q163]

New Professional-Cloud-Architect Test Materials & Valid Professional-Cloud-Architect Test Engine

Professional-Cloud-Architect Updated Exam Dumps [2023] Practice Valid Exam Dumps Question

NEW QUESTION # 140
For this question, refer to the TerramEarth case study.
TerramEarth's CTO wants to use the raw data from connected vehicles to help identify approximately when a vehicle in the field will have a catastrophic failure. You want to allow analysts to centrally query the vehicle data. Which architecture should you recommend?

• A. Option B
• B. Option A
• C. Option C
• D. Option D

Answer: A

NEW QUESTION # 141
The development team has provided you with a Kubernetes Deployment file. You have no infrastructure yet and need to deploy the application. What should you do?

• A. Use kubectl to create a Kubernetes cluster. Use kubectl to create the deployment.
• B. Use gcloud to create a Kubernetes cluster. Use Deployment Manager to create the deployment.
• C. Use kubectl to create a Kubernetes cluster. Use Deployment Manager to create the deployment.
• D. Use gcloud to create a Kubernetes cluster. Use kubectl to create the deployment.

Answer: D

Explanation:
Explanation
https://cloud.google.com/kubernetes-engine/docs/how-to/creating-a-cluster

NEW QUESTION # 142
You have an application that makes HTTP requests to Cloud Storage. Occasionally the requests fail with HTTP status codes of 5xx and 429.
How should you handle these types of errors?

• A. Use gRPC instead of HTTP for better performance.
• B. Monitor https://status.cloud.google.com/feed.atom and only make requests if Cloud Storage is not reporting an incident.
• C. Make sure the Cloud Storage bucket is multi-regional for geo-redundancy.
• D. Implement retry logic using a truncated exponential backoff strategy.

Answer: A

Explanation:
Reference:
https://cloud.google.com/storage/docs/json_api/v1/status-codes

NEW QUESTION # 143
You want to enable your running Google Container Engine cluster to scale as demand for your application changes. What should you do?

• A. Option A
• B. Option D
• C. Option C
• D. Option B

Answer: C

Explanation:
https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-autoscaler To enable autoscaling for an existing node pool, run the following command:
gcloud container clusters update [CLUSTER_NAME] --enable-autoscaling \--min-nodes 1 -- max-nodes 10 --zone [COMPUTE_ZONE] --node-pool default-pool

NEW QUESTION # 144
For this question, refer to the Helicopter Racing League (HRL) case study. A recent finance audit of cloud infrastructure noted an exceptionally high number of Compute Engine instances are allocated to do video encoding and transcoding. You suspect that these Virtual Machines are zombie machines that were not deleted after their workloads completed. You need to quickly get a list of which VM instances are idle. What should you do?

• A. Use the gcloud compute instances list to list the virtual machine instances that have the idle: true label set.
• B. Log into each Compute Engine instance and collect disk, CPU, memory, and network usage statistics for analysis.
• C. From the Google Console, identify which Compute Engine instances in the managed instance groups are no longer responding to health check probes.
• D. Use the gcloud recommender command to list the idle virtual machine instances.

Answer: D

NEW QUESTION # 145
Your web application uses Google Kubernetes Engine to manage several workloads. One workload requires a consistent set of hostnames even after pod scaling and relaunches.
Which feature of Kubernetes should you use to accomplish this?

• A. Persistent Volumes
• B. Container environment variables
• C. StatefulSets
• D. Role-based access control

Answer: C

Explanation:
https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/

NEW QUESTION # 146
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months. You want to streamline and expedite the analysis and audit process. What should you do?

• A. Enable Google Cloud Storage (GCS) log export to audit logs Into a GCS bucket and delegate access to the bucket.
• B. Create custom Google Stackdriver alerts and send them to the auditor.
• C. Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor.
• D. Use cloud functions to transfer log entries to Google Cloud SQL and use ACLS and views to limit an auditor's view.

Answer: C

NEW QUESTION # 147
JencoMart has decided to migrate user profile storage to Google Cloud Datastore and the application servers to Google Compute Engine (GCE). During the migration, the existing infrastructure will need access to Datastore to upload the data.
What service account key-management strategy should you recommend?

• A. Deploy a custom authentication service on GCE/Google Kubernetes Engine (GKE) for the on-premises infrastructure and use GCP managed keys for the VMs
• B. Provision service account keys for the on-premises infrastructure and for the GCE virtual machines (VMs)
• C. Authenticate the on-premises infrastructure with a user account and provision service account keys for the VMs
• D. Provision service account keys for the on-premises infrastructure and use Google Cloud Platform (GCP) managed keys for the VMs

Answer: D

Explanation:
Migrating data to Google Cloud Platform
Let's say that you have some data processing that happens on another cloud provider and you want to transfer the processed data to Google Cloud Platform. You can use a service account from the virtual machines on the external cloud to push the data to Google Cloud Platform. To do this, you must create and download a service account key when you create the service account and then use that key from the external process to call the Cloud Platform APIs.
Reference:
https://cloud.google.com/iam/docs/understanding-service-accounts#migrating_data_to_google_cloud_platform

NEW QUESTION # 148
You are using a single Cloud SQL instance to serve your application from a specific zone. You want to introduce high availability. What should you do?

• A. Create a failover replica instance in the same region, but in a different zone
• B. Create a failover replica instance in a different region
• C. Create a read replica instance in a different region
• D. Create a read replica instance in the same region, but in a different zone

Answer: B

NEW QUESTION # 149
Your application needs to process credit card transactions. You want the smallest scope of Payment Card Industry (PCI) compliance without compromising the ability to analyze transactional data and trends relating to which payment methods are used. How should you design your architecture?

• A. Streamline the audit discovery phase by labeling all of the virtual machines (VMs) that process PCI data.
• B. Create separate subnetworks and isolate the components that process credit card data.
• C. Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor.
• D. Create separate projects that only process credit card data.
• E. Create a tokenizer service and store only tokenized data.

Answer: E

Explanation:
https://www.sans.org/reading-room/whitepapers/compliance/ways-reduce-pci-dss-audit-scope- tokenizing-cardholder-data-33194

NEW QUESTION # 150
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine. The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

• A. Create a new service account with BigQuery access and execute your script with that user
• B. Run your script on a new virtual machine with the BigQuery access scope enabled
• C. Install the bq component for gccloud with the command gcloud components install bq.
• D. Install the latest BigQuery API client library for Python

Answer: D

Explanation:
https://cloud.google.com/bigquery/docs/python-client-migration

NEW QUESTION # 151
At Dress4Win, an operations engineer wants to create a tow-cost solution to remotely archive copies of
database backup files.
The database files are compressed tar files stored in their current data center.
How should he proceed?

• A. Create a cron script using gsutil to copy the files to a Coldline Storage bucket.
• B. Create a Cloud Storage Transfer Service Job to copy the files to a Coldline Storage bucket.
• C. Create a cron script using gsutil to copy the files to a Regional Storage bucket.
• D. Create a Cloud Storage Transfer Service job to copy the files to a Regional Storage bucket.

Answer: A

Explanation:
Explanation/Reference:
Explanation:
Follow these rules of thumb when deciding whether to use gsutil or Storage Transfer Service:
* When transferring data from an on-premises location, use gsutil.
* When transferring data from another cloud storage provider, use Storage Transfer Service.
* Otherwise, evaluate both tools with respect to your specific scenario.
Use this guidance as a starting point.
The specific details of your transfer scenario will also help you determine which tool is more appropriate.

NEW QUESTION # 152
Your company places a high value on being responsive and meeting customer needs quickly. Their primary business objectives are release speed and agility. You want to reduce the chance of security errors being accidentally introduced.
Which two actions can you take? Choose 2 answers.

• A. Enable code signing and a trusted binary repository integrated with your CI/CD pipeline
• B. Run a vulnerability security scanner as part of your continuous-integration /continuous-delivery (CI/CD) pipeline
• C. Use source code security analyzers as part of the CI/CD pipeline
• D. Ensure you have stubs to unit test all interfaces between components
• E. Ensure every code check-in is peer reviewed by a security SME

Answer: B,C

NEW QUESTION # 153
Your organization has a 3-tier web application deployed in the same network on Google Cloud Platform. Each tier (web, API, and database) scales independently of the others. Network traffic should flow through the web to the API tier and then on to the database tier. Traffic should not flow between the web and the database tier.
How should you configure the network?

• A. Add each tier to a different subnetwork
• B. Set up software based firewalls on individual VMs
• C. Add tags to each tier and set up routes to allow the desired traffic flow
• D. Add tags to each tier and set up firewall rules to allow the desired traffic flow

Answer: D

Explanation:
Google Cloud Platform(GCP) enforces firewall rules through rules and tags. GCP rules and tags can be defined once and used across all regions.
Reference: https://cloud.google.com/docs/compare/openstack/
https://aws.amazon.com/it/blogs/aws/building-three-tier-architectures-with-security-groups/

NEW QUESTION # 154
A development manager is building a new application He asks you to review his requirements and identify what cloud technologies he can use to meet them. The application must
1 . Be based on open-source technology for cloud portability
2 . Dynamically scale compute capacity based on demand
3 . Support continuous software delivery
4 . Run multiple segregated copies of the same application stack
5 . Deploy application bundles using dynamic templates
6 . Route network traffic to specific services based on URL
Which combination of technologies will meet all of his requirements?

• A. Google Compute Engine, Jenkins, and Cloud Load Balancing
• B. Google Compute Engine and Cloud Deployment Manager
• C. Google Container Engine and Cloud Load Balancing
• D. Google Container Engine, Jenkins, and Helm

Answer: B

NEW QUESTION # 155
For this question, refer to the Mountkirk Games case study. Which managed storage option meets Mountkirk's technical requirement for storing game activity in a time series database service?

• A. Cloud Bigtable
• B. BigQuery
• C. Cloud Datastore
• D. Cloud Spanner

Answer: A

Explanation:
https://cloud.google.com/blog/products/databases/getting-started-with-time-series-trend-predictions-using-gcp

NEW QUESTION # 156
You need to optimize batch file transfers into Cloud Storage for Mountkirk Games' new Google Cloud solution.
The batch files contain game statistics that need to be staged in Cloud Storage and be processed by an extract transform load (ETL) tool. What should you do?

• A. Use gsutil to batch move files in sequence.
• B. Use gsutil to load the files as the last part of ETL.
• C. Use gsutil to batch copy the files in parallel.
• D. Use gsutil to extract the files as the first part of ETL.

Answer: C

NEW QUESTION # 157
Your organization requires that metrics from all applications be retained for 5 years for future analysis in possible legal proceedings.
Which approach should you use?

• A. Grant the security team access to the logs in each Project
• B. Configure Stackdriver Monitoring for all Projects, and export to Google Cloud Storage
• C. Configure Stackdriver Monitoring for all Projects, and export to BigQuery
• D. Configure Stackdriver Monitoring for all Projects with the default retention policies

Answer: C

Explanation:
Explanation/Reference:
Explanation:
Stackdriver Logging provides you with the ability to filter, search, and view logs from your cloud and open source application services. Allows you to define metrics based on log contents that are incorporated into dashboards and alerts. Enables you to export logs to BigQuery, Google Cloud Storage, and Pub/Sub.
References: https://cloud.google.com/stackdriver/

NEW QUESTION # 158
A development team at your company has created a dockerized HTTPS web application. You need to deploy the application on Google Kubernetes Engine (GKE) and make sure that the application scales automatically.
How should you deploy to GKE?

• A. Enable autoscaling on the Compute Engine instance group. Use an Ingress resource to load balance the HTTPS traffic.
• B. Use the Horizontal Pod Autoscaler and enable cluster autoscaling. Use an Ingress resource to loadbalance the HTTPS traffic.
• C. Use the Horizontal Pod Autoscaler and enable cluster autoscaling on the Kubernetes cluster. Use a Service resource of type LoadBalancer to load-balance the HTTPS traffic.
• D. Enable autoscaling on the Compute Engine instance group. Use a Service resource of type LoadBalancer to load-balance the HTTPS traffic.

Answer: C

Explanation:
https://cloud.google.com/kubernetes-engine/docs/tutorials/http-balancer
https://cloud.google.com/kubernetes-engine/docs/concepts/network-overview#ext-lb

NEW QUESTION # 159
Your company captures all web traffic data in Google Analytics 260 and stores it in BigQuery.
Each country has its own dataset. Each dataset has multiple tables. You want analysts from each country to be able to see and query only the data for their respective countries.
How should you configure the access rights?

• A. Create a group per country. Add analysts to their respective country-groups. Create a single group
  `all_analysts', and add all country-groups as members. Grant the `all-analysis' group the IAM role of BigQuery jobUser. Share the appropriate dataset with view access with each respective analyst country-group.
• B. Create a group per country. Add analysts to their respective country-groups. Create a single group
  `all_analysts', and add all country-groups as members. Grant the `all-analysis' group the IAM role of BigQuery jobUser. Share the appropriate tables with view access with each respective analyst country- group.
• C. Create a group per country. Add analysts to their respective country-groups. Create a single group
  `all_analysts', and add all country-groups as members. Grant the `all-analysis' group the IAM role of BigQuery dataViewer. Share the appropriate dataset with view access with each respective analyst country-group.
• D. Create a group per country. Add analysts to their respective country-groups. Create a single group
  `all_analysts', and add all country-groups as members. Grant the `all-analysis' group the IAM role of BigQuery dataViewer. Share the appropriate table with view access with each respective analyst country-group.

Answer: C

NEW QUESTION # 160
For this question, refer to the Mountkirk Games case study.
Mountkirk Games' gaming servers are not automatically scaling properly. Last month, they rolled out a new feature, which suddenly became very popular. A record number of users are trying to use the service, but many of them are getting 503 errors and very slow response times. What should they investigate first?

• A. Verify that the project quota hasn't been exceeded.
• B. Verify that the new feature code did not introduce any performance bugs.
• C. Verify that the database is online.
• D. Verify that the load-testing team is not running their tool against production.

Answer: C

Explanation:
Explanation: 503 is service unavailable error.
Topic 1, Mountkirk Games Case Study
Company Overview
Mountkirk Games makes online, session-based. multiplayer games for the most popular mobile platforms.
Company Background
Mountkirk Games builds all of their games with some server-side integration and has historically used cloud providers to lease physical servers. A few of their games were more popular than expected, and they had problems scaling their application servers, MySQL databases, and analytics tools.
Mountkirk's current model is to write game statistics to files and send them through an ETL tool that loads them into a centralized MySQL database for reporting.
Solution Concept
Mountkirk Games is building a new game, which they expect to be very popular. They plan to deploy the game's backend on Google Compute Engine so they can capture streaming metrics, run intensive analytics and take advantage of its autoscaling server environment and integrate with a managed NoSQL database.
Technical Requirements
Requirements for Game Backend Platform
1. Dynamically scale up or down based on game activity.
2. Connect to a managed NoSQL database service.
3. Run customized Linx distro.
Requirements for Game Analytics Platform
1. Dynamically scale up or down based on game activity.
2. Process incoming data on the fly directly from the game servers.
3. Process data that arrives late because of slow mobile networks.
4. Allow SQL queries to access at least 10 TB of historical data.
5. Process files that are regularly uploaded by users' mobile devices.
6. Use only fully managed services
CEO Statement
Our last successful game did not scale well with our previous cloud provider, resuming in lower user adoption and affecting the game's reputation. Our investors want more key performance indicators (KPIs) to evaluate the speed and stability of the game, as well as other metrics that provide deeper insight into usage patterns so we can adapt the gams to target users.
CTO Statement
Our current technology stack cannot provide the scale we need, so we want to replace MySQL and move to an environment that provides autoscaling, low latency load balancing, and frees us up from managing physical servers.
CFO Statement
We are not capturing enough user demographic data usage metrics, and other KPIs. As a result, we do not engage the right users. We are not confident that our marketing is targeting the right users, and we are not selling enough premium Blast-Ups inside the games, which dramatically impacts our revenue.

NEW QUESTION # 161
For this question, refer to the EHR Healthcare case study. You are responsible for ensuring that EHR's use of Google Cloud will pass an upcoming privacy compliance audit. What should you do? (Choose two.)

• A. Use Firebase Authentication for EHR's user facing applications.
• B. Verify EHR's product usage against the list of compliant products on the Google Cloud compliance page.
• C. Advise EHR to execute a Business Associate Agreement (BAA) with Google Cloud.
• D. Use GKE private clusters for all Kubernetes workloads.
• E. Implement Prometheus to detect and prevent security breaches on EHR's web-based applications.

Answer: B,C

Explanation:
Reference:
https://cloud.google.com/security/compliance/hipaa

NEW QUESTION # 162
You need to ensure reliability for your application and operations by supporting reliable task scheduling for compute on GCP. Leveraging Google best practices, what should you do?

• A. Using the Cron service provided by Google Kubernetes Engine (GKE), publish messages directly to a message-processing utility service running on Compute Engine instances.
• B. Using the Cron service provided by App Engine, publish messages to a Cloud Pub/Sub topic. Subscribe to that topic using a message-processing utility service running on Compute Engine instances.
• C. Using the Cron service provided by GKE, publish messages to a Cloud Pub/Sub topic. Subscribe to that topic using a message-processing utility service running on Compute Engine instances.
• D. Using the Cron service provided by App Engine, publishing messages directly to a message-processing utility service running on Compute Engine instances.

Answer: B

NEW QUESTION # 163
......

Professional-Cloud-Architect Sample with Accurate & Updated Questions: https://actual4test.torrentvce.com/Professional-Cloud-Architect-valid-vce-collection.html