• Home
  • Blogs
  • Get The Most Updated Professional-Cloud-Architect Dumps To Google Cloud Certified Certification [Q125-Q140]

Get The Most Updated Professional-Cloud-Architect Dumps To Google Cloud Certified Certification [Q125-Q140]

Share

Get The Most Updated Professional-Cloud-Architect Dumps To Google Cloud Certified Certification

Google Certified Professional-Cloud-Architect  Dumps Questions Valid Professional-Cloud-Architect Materials

NEW QUESTION # 125
Your company places a high value on being responsive and meeting customer needs quickly. Their primary business objectives are release speed and agility. You want to reduce the chance of security errors being accidentally introduced. Which two actions can you take? Choose 2 answers

  • A. Run a vulnerability security scanner as part of your continuous-integration /continuous- delivery (CI/CD) pipeline.
  • B. Use source code security analyzers as part of the CI/CD pipeline.
  • C. Ensure you have stubs to unit test all interfaces between components.
  • D. Ensure every code check-in is peer reviewed by a security SME.
  • E. Enable code signing and a trusted binary repository integrated with your CI/CD pipeline.

Answer: A,B


NEW QUESTION # 126
The development team has provided you with a Kubernetes Deployment file. You have no infrastructure yet and need to deploy the application. What should you do?

  • A. Use gcloud to create a Kubernetes cluster. Use Deployment Manager to create the deployment.
  • B. Use gcloud to create a Kubernetes cluster. Use kubect1 to create the deployment.
  • C. Use kubect1 to create a Kubernetes cluster. Use Deployment Manager to create the deployment.
  • D. Use kubect1 to create a Kubernetes cluster. Use kubect1 to create the deployment.

Answer: B

Explanation:
Reference:
https://cloud.google.com/kubernetes-engine/docs/how-to/creating-a-cluster


NEW QUESTION # 127
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine.
The script is printing errors that it cannot connect to BigQuery. What should you do to fix the script?

  • A. Install the latest BigQuery API client library for Python
  • B. Create a new service account with BigQuery access and execute your script with that user
  • C. Install the bq component for gccloud with the command gcloud components install bq.
  • D. Run your script on a new virtual machine with the BigQuery access scope enabled

Answer: D

Explanation:
Explanation
The error is most like caused by the access scope issue. When create new instance, you have the default Compute engine default service account but most serves access including BigQuery is not enable. Create an instance Most access are not enabled by default You have default service account but don't have the permission (scope) you can stop the instance, edit, change scope and restart it to enable the scope access. Of course, if you Run your script on a new virtual machine with the BigQuery access scope enabled, it also works
https://cloud.google.com/compute/docs/access/service-accounts


NEW QUESTION # 128
You have been engaged by your client to lead the migration of their application infrastructure to GCP. One of their current problems is that the on-premises high performance SAN is requiring frequent and expensive upgrades to keep up with the variety of workloads that are identified as follows: 20TB of log archives retained for legal reasons; 500 GB of VM boot/data volumes and templates; 500 GB of image thumbnails; 200 GB of customer session state data that allows customers to restart sessions even if off-line for several days.
Which of the following best reflects your recommendations for a cost-effective storage allocation?

  • A. Memcache backed by Cloud SQL for customer session state datA. Assorted local SSD-backed instances for VM boot/data volumes. Cloud Storage for log archives and thumbnails.
  • B. Memcache backed by Cloud Datastore for the customer session state datA. Lifecycle- managed Cloud Storage for log archives, thumbnails, and VM boot/data volumes.
  • C. Local SSD for customer session state datA. Lifecycle-managed Cloud Storage for log archives, thumbnails, and VM boot/data volumes.
  • D. Memcache backed by Persistent Disk SSD storage for customer session state datA. Assorted local SSDbacked instances for VM boot/data volumes. Cloud Storage for log archives and thumbnails.

Answer: D

Explanation:
Explanation
https://cloud.google.com/compute/docs/disks


NEW QUESTION # 129
For this question, refer to the Mountkirk Games case study. Which managed storage option meets
Mountkirk's technical requirement for storing game activity in a time series database service?

  • A. Cloud Datastore
  • B. Cloud Bigtable
  • C. BigQuery
  • D. Cloud Spanner

Answer: B


NEW QUESTION # 130
To reduce costs, the Director of Engineering has required all developers to move their development infrastructure resources from on-premises virtual machines (VMs) to Google Cloud Platform. These resources go through multiple start/stop events during the day and require state to persist. You have been asked to design the process of running a development environment in Google Cloud while providing cost visibility to the finance department.
Which two steps should you take? Choose 2 answers.

  • A. Apply VM CPU utilization label and include it in the BigQuery billing export
  • B. Use Google BigQuery billing export and labels to associate cost to groups
  • C. Use the - -auto-delete flag on all persistent disks and terminate the VM
  • D. Use the - -no-auto-delete flag on all persistent disks and stop the VM
  • E. Store all state in Google Cloud Storage, snapshot the persistent disks, and terminate the VM
  • F. Store all state into local SSD, snapshot the persistent disks, and terminate the VM

Answer: A,F

Explanation:
C: Billing export to BigQuery enables you to export your daily usage and cost estimates automatically throughout the day to a BigQuery dataset you specify.
Labels applied to resources that generate usage metrics are forwarded to the billing system so that you can break down your billing charges based upon label criteria. For example, the Compute Engine service reports metrics on VM instances. If you deploy a project with 2,000 VMs, each of which is labeled distinctly, then only the first 1,000 label maps seen within the 1 hour window will be preserved.
E: You cannot stop an instance that has a local SSD attached. Instead, you must migrate your critical data off of the local SSD to a persistent disk or to another instance before you delete the instance completely.
You can stop an instance temporarily so you can come back to it at a later time. A stopped instance does not incur charges, but all of the resources that are attached to the instance will still be charged. Alternatively, if you are done using an instance, delete the instance and its resources to stop incurring charges.
Reference:
https://cloud.google.com/billing/docs/how-to/export-data-bigquery
https://cloud.google.com/compute/docs/instances/stopping-or-deleting-an-instance


NEW QUESTION # 131
Your customer wants to capture multiple GBs of aggregate real-time key performance indicators (KPIs) from their game servers running on Google Cloud Platform and monitor the KPIs with low latency. How should they capture the KPIs?

  • A. Schedule BigQuery load jobs to ingest analytics files uploaded to Cloud Storage every ten minutes, and visualize the results in Google Data Studio.
  • B. Output custom metrics to Stackdriver from the game servers, and create a Dashboard in Stackdriver Monitoring Console to view them.
  • C. Insert the KPIs into Cloud Datastore entities, and run ad hoc analysis and visualizations of them in Cloud Datalab.
  • D. Store time-series data from the game servers in Google Bigtable, and view it using Google Data Studio.

Answer: D

Explanation:
Reference:https://cloud.google.com/solutions/data-lifecycle-cloud-platform


NEW QUESTION # 132
You set up an autoscaling instance group to serve web traffic for an upcoming launch. After configuring the instance group as a backend service to an HTTP(S) load balancer, you notice that virtual machine (VM) instances are being terminated and re-launched every minute. The instances do not have a public IP address. You have verified the appropriate web response is coming from each instance using the curl command. You want to ensure the backend is configured correctly. What should you do?

  • A. Ensure that a firewall rule exists to allow source traffic on HTTP/HTTPS to reach the load balancer.
  • B. Assign a public IP to each instance and configure a firewall rule to allow the load balancer to reach the instance public IP.
  • C. Create a tag on each instance with the name of the load balancer. Configure a firewall rule with the name of the load balancer as the source and the instance tag as the destination.
  • D. Ensure that a firewall rule exists to allow load balancer health checks to reach the instances in the instance group.

Answer: D

Explanation:
https://cloud.google.com/vpc/docs/using-firewalls
The best practice when configuration a health check is to check health and serve traffic on the same port. However, it is possible to perform health checks on one port, but serve traffic on another. If you do use two different ports, ensure that firewall rules and services running on instances are configured appropriately. If you run health checks and serve traffic on the same port, but decide to switch ports at some point, be sure to update both the backend service and the health check.
Backend services that do not have a valid global forwarding rule referencing it will not be health checked and will have no health status.


NEW QUESTION # 133
For this question, refer to the TerramEarth case study
Your development team has created a structured API to retrieve vehicle dat a. They want to allow third parties to develop tools for dealerships that use this vehicle event data. You want to support delegated authorization against this data. What should you do?

  • A. Create secondary credentials for each dealer that can be given to the trusted third party.
  • B. Build or leverage an OAuth-compatible access control system.
  • C. Restrict data access based on the source IP address of the partner systems.
  • D. Build SAML 2.0 SSO compatibility into your authentication system.

Answer: B

Explanation:
Delegate application authorization with OAuth2
Cloud Platform APIs support OAuth 2.0, and scopes provide granular authorization over the methods that are supported. Cloud Platform supports both service-account and user-account OAuth, also called three-legged OAuth.
References: https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#delegate_application_authorization_with_oauth2
https://cloud.google.com/appengine/docs/flexible/go/authorizing-apps
Reference:
https://cloud.google.com/appengine/docs/flexible/go/authorizing-apps
https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#delegate_application_authorization_with_oauth2


NEW QUESTION # 134
You are migrating your on-premises solution to Google Cloud in several phases. You will use Cloud VPN to maintain a connection between your on-premises systems and Google Cloud until the migration is completed. You want to make sure all your on-premises systems remain reachable during this period. How should you organize your networking in Google Cloud?

  • A. Use the same IP range on Google Cloud as you use on-premises for your primary IP range and use a secondary range that does not overlap with the range you use on-premises
  • B. Use the same IP range on Google Cloud as you use on-premises
  • C. Use an IP range on Google Cloud that does not overlap with the range you use on-premises
  • D. Use an IP range on Google Cloud that does not overlap with the range you use on-premises for your primary IP range and use a secondary range with the same IP range as you use on- premises

Answer: D


NEW QUESTION # 135
You set up an autoscaling instance group to serve web traffic for an upcoming launch. After configuring the instance group as a backend service to an HTTP(S) load balancer, you notice that virtual machine (VM) instances are being terminated and re-launched every minute. The instances do not have a public IP address. You have verified the appropriate web response is coming from each instance using the curl command. You want to ensure the backend is configured correctly. What should you do?

  • A. Ensure that a firewall rule exists to allow source traffic on HTTP/HTTPS to reach the load balancer.
  • B. Assign a public IP to each instance and configure a firewall rule to allow the load balancer to reach the instance public IP.
  • C. Create a tag on each instance with the name of the load balancer. Configure a firewall rule with the name of the load balancer as the source and the instance tag as the destination.
  • D. Ensure that a firewall rule exists to allow load balancer health checks to reach the instances in the instance group.

Answer: D

Explanation:
The best practice when configuration a health check is to check health and serve traffic on the same port. However, it is possible to perform health checks on one port, but serve traffic on another. If you do use two different ports, ensure that firewall rules and services running on instances are configured appropriately. If you run health checks and serve traffic on the same port, but decide to switch ports at some point, be sure to update both the backend service and the health check.
Backend services that do not have a valid global forwarding rule referencing it will not be health checked and will have no health status.
References: https://cloud.google.com/compute/docs/load-balancing/http/backend-service Reference:
https://cloud.google.com/vpc/docs/using-firewalls


NEW QUESTION # 136
You deploy your custom java application to google app engine.
It fails to deploy and gives you the following stack trace:

  • A. Recompile the CLoakedServlet class using and MD5 hash instead of SHA1
  • B. Digitally sign all of your JAR files and redeploy your application.
  • C. Upload missing JAR files and redeploy your application

Answer: B


NEW QUESTION # 137
Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?

  • A. Google Cloud VPN connected to the data center network
  • B. A Google Compute Engine instance with a VPN server installed connected to the data center network
  • C. A NAT and TLS translation gateway installed on-premises
  • D. Google Cloud Dedicated Interconnect

Answer: D

Explanation:
Google Cloud Dedicated Interconnect provides direct physical connections and RFC 1918 communication between your on-premises network and Google's network. Dedicated Interconnect enables you to transfer large amounts of data between networks, which can be more cost effective than purchasing additional bandwidth over the public Internet or using VPN tunnels.
Benefits:
Traffic between your on-premises network and your VPC network doesn't traverse the public
* Internet. Traffic traverses a dedicated connection with fewer hops, meaning there are less points of failure where traffic might get dropped or disrupted.
Your VPC network's internal (RFC 1918) IP addresses are directly accessible from your on-
* premises network. You don't need to use a NAT device or VPN tunnel to reach internal IP addresses. Currently, you can only reach internal IP addresses over a dedicated connection.
To reach Google external IP addresses, you must use a separate connection.
You can scale your connection to Google based on your needs. Connection capacity is
* delivered over one or more 10 Gbps Ethernet connections, with a maximum of eight connections (80 Gbps total per interconnect).
The cost of egress traffic from your VPC network to your on-premises network is reduced. A
* dedicated connection is generally the least expensive method if you have a high-volume of traffic to and from Google's network.
References: https://cloud.google.com/interconnect/docs/details/dedicated


NEW QUESTION # 138
You want to optimize the performance of an accurate, real-time, weather-charting application. The data comes from 50,000 sensors sending 10 readings a second, in the format of a timestamp and sensor reading. Where should you store the data?

  • A. Google BigQuery
  • B. Google Cloud Bigtable
  • C. Google Cloud SQL
  • D. Google Cloud Storage

Answer: B

Explanation:
Google Cloud Bigtable is a scalable, fully-managed NoSQL wide-column database that is suitable for both real-time access and analytics workloads.
Good for:
Low-latency read/write access
High-throughput analytics
Native time series support
Common workloads:
IoT, finance, adtech
Personalization, recommendations
Monitoring
Geospatial datasets
Graphs
References: https://cloud.google.com/storage-options/
Reference:
It is time-series data, So Big Table.
https://cloud.google.com/bigtable/docs/schema-design-time-series


NEW QUESTION # 139
For this question, refer to the EHR Healthcare case study. You are responsible for designing the Google Cloud network architecture for Google Kubernetes Engine. You want to follow Google best practices. Considering the EHR Healthcare business and technical requirements, what should you do to reduce the attack surface?

  • A. Use a public cluster with master authorized networks enabled and firewall rules.
  • B. Use a private cluster with a private endpoint with master authorized networks configured.
  • C. Use a private cluster with a public endpoint with master authorized networks configured.
  • D. Use a public cluster with firewall rules and Virtual Private Cloud (VPC) routes.

Answer: A


NEW QUESTION # 140
......


Google Professional Cloud Architect Prerequisites

There are no official prerequisites for taking the Professional Cloud Architect exam, except passing a single qualifying exam. However, it is recommended that the candidates have about three years of practical experience, including one year of designing and managing solutions with the help of Google Cloud Platform.

 

Professional-Cloud-Architect Premium PDF & Test Engine Files with 282 Questions & Answers: https://www.test4sure.com/Professional-Cloud-Architect-pass4sure-vce.html

Current Professional-Cloud-Architect Exam Dumps [2024] Complete Google Exam Smoothly: https://drive.google.com/open?id=1MbU4Do8dFWYCSx02LT9yoareahPVvW9D

Related Blogs

more
Google Professional-Cloud-Architect Certification Practice Exam

Copyright © 2026 TEST4SURE.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.