Professional-Cloud-Architect | Renovate Professional-Cloud-Architect Simulations For Google Certified Professional - Cloud Architect (GCP) Certification

Cause all that matters here is passing the Google Professional-Cloud-Architect exam. Cause all that you need is a high score of Professional-Cloud-Architect Google Certified Professional - Cloud Architect (GCP) exam. The only one thing you need to do is downloading Examcollection Professional-Cloud-Architect exam study guides now. We will not let you down with our money-back guarantee.

Free Professional-Cloud-Architect Demo Online For Google Certifitcation:


Your company places a high value on being responsive and meeting customer needs quickly. Their primary business objectives are release speed and agility. You want to reduce the chance of security errors being accidentally introduced. Which two actions can you take? Choose 2 answers

  • A. Ensure every code check-in is peer reviewed by a security SME.
  • B. Use source code security analyzers as part of the CI/CD pipeline.
  • C. Ensure you have stubs to unit test all interfaces between components.
  • D. Enable code signing and a trusted binary repository integrated with your CI/CD pipeline.
  • E. Run a vulnerability security scanner as part of your continuous-integration /continuous-delivery (CI/CD) pipeline.

Answer: BE



One of the developers on your team deployed their application in Google Container Engine with the Dockerfile below. They report that their application deployments are taking too long.
Professional-Cloud-Architect dumps exhibit
You want to optimize this Dockerfile for faster deployment times without adversely affecting the app’s functionality.
Which two actions should you take? Choose 2 answers.

  • A. Remove Python after running pip.
  • B. Remove dependencies from requirements.txt.
  • C. Use a slimmed-down base image like Alpine linux.
  • D. Use larger machine types for your Google Container Engine node pools.
  • E. Copy the source after the package dependencies (Python and pip) are installed.

Answer: CE

The speed of deployment can be changed by limiting the size of the uploaded app, limiting the complexity of the build necessary in the Dockerfile, if present, and by ensuring a fast and reliable internet connection.
Note: Alpine Linux is built around musl libc and busybox. This makes it smaller and more resource efficient than traditional GNU/Linux distributions. A container requires no more than 8 MB and a minimal installation to disk requires around 130 MB of storage. Not only do you get a fully-fledged Linux environment but a large selection of packages from the repository.


You have been engaged by your client to lead the migration of their application infrastructure to GCP. One of their current problems is that the on-premises high performance SAN is requiring frequent and expensive upgrades to keep up with the variety of workloads that are identified as follows: 20TB of log archives retained for legal reasons; 500 GB of VM boot/data volumes and templates; 500 GB of image thumbnails; 200 GB of customer session state data that allows customers to restart sessions even if off-line for several days.
Which of the following best reflects your recommendations for a cost-effective storage allocation?

  • A. Local SSD for customer session state dat
  • B. Lifecycle-managed Cloud Storage for log archives, thumbnails, and VM boot/data volumes.
  • C. Memcache backed by Cloud Datastore for the customer session state dat
  • D. Lifecycle- managed Cloud Storage for log archives, thumbnails, and VM boot/data volumes.
  • E. Memcache backed by Cloud SQL for customer session state dat
  • F. Assorted local SSD-backed instances for VM boot/data volume
  • G. Cloud Storage for log archives and thumbnails.
  • H. Memcache backed by Persistent Disk SSD storage for customer session state dat
  • I. Assorted local SSDbacked instances for VM boot/data volume
  • J. Cloud Storage for log archives and thumbnails.

Answer: D



You are tasked with building an online analytical processing (OLAP) marketing analytics and reporting tool. This requires a relational database that can operate on hundreds of terabytes of data. What is the Google
recommended tool for such applications?

  • A. Cloud Spanner, because it is globally distributed
  • B. Cloud SQL, because it is a fully managed relational database
  • C. Cloud Firestore, because it offers real-time synchronization across devices
  • D. BigQuery, because it is designed for large-scale processing of tabular data

Answer: A



Your web application must comply with the requirements of the European Union’s General Data Protection Regulation (GDPR). You are responsible for the technical architecture of your web application. What should you do?

  • A. Ensure that your web application only uses native features and services of Google Cloud Platform,because Google already has various certifications and provides “pass-on” compliance when you use native features.
  • B. Enable the relevant GDPR compliance setting within the GCPConsole for each of the services in use within your application.
  • C. Ensure that Cloud Security Scanner is part of your test planning strategy in order to pick up any compliance gaps.
  • D. Define a design for the security of data in your web application that meets GDPR requirements.

Answer: D



Your web application uses Google Kubernetes Engine to manage several workloads. One workload requires a consistent set of hostnames even after pod scaling and relaunches.
Which feature of Kubernetes should you use to accomplish this?

  • A. StatefulSets
  • B. Role-based access control
  • C. Container environment variables
  • D. Persistent Volumes

Answer: A



Your marketing department wants to send out a promotional email campaign. The development team wants to minimize direct operation management. They project a wide range of possible customer responses, from 100 to 500,000 click-throughs per day. The link leads to a simple website that explains the promotion and collects user information and preferences. Which infrastructure should you recommend? (CHOOSE TWO)

  • A. Use Google App Engine to serve the website and Google Cloud Datastore to store user data.
  • B. Use a Google Container Engine cluster to serve the website and store data to persistent disk.
  • C. Use a managed instance group to serve the website and Google Cloud Bigtable to store user data.
  • D. Use a single compute Engine virtual machine (VM) to host a web server, backed by Google Cloud SQL.

Answer: AC

Reference: References:


Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB, and large updates are frequent. Replication requires private address space communication. Which networking approach should you use?

  • A. Google Cloud Dedicated Interconnect
  • B. Google Cloud VPN connected to the data center network
  • C. A NAT and TLS translation gateway installed on-premises
  • D. A Google Compute Engine instance with a VPN server installed connected to the data center network

Answer: A

Google Cloud Dedicated Interconnect provides direct physical connections and RFC 1918 communication between your on-premises network and Google’s network. Dedicated Interconnect enables you to transfer large amounts of data between networks, which can be more cost effective than purchasing additional bandwidth over the public Internet or using VPN tunnels.
Professional-Cloud-Architect dumps exhibit Traffic between your on-premises network and your VPC network doesn't traverse the public Internet.
Traffic traverses a dedicated connection with fewer hops, meaning there are less points of failure where traffic might get dropped or disrupted.
Professional-Cloud-Architect dumps exhibit Your VPC network's internal (RFC 1918) IP addresses are directly accessible from your on-premises network. You don't need to use a NAT device or VPN tunnel to reach internal IP addresses. Currently, you can only reach internal IP addresses over a dedicated connection. To reach Google external IP addresses, you must use a separate connection.
Professional-Cloud-Architect dumps exhibit You can scale your connection to Google based on your needs. Connection capacity is delivered over one or more 10 Gbps Ethernet connections, with a maximum of eight connections (80 Gbps total per interconnect).
Professional-Cloud-Architect dumps exhibit The cost of egress traffic from your VPC network to your on-premises network is reduced. A dedicated connection is generally the least expensive method if you have a high-volume of traffic to and from Google’s network.


The database administration team has asked you to help them improve the performance of their new database server running on Google Compute Engine. The database is for importing and normalizing their performance statistics and is built with MySQL running on Debian Linux. They have an n1-standard-8 virtual machine with 80 GB of SSD persistent disk. What should they change to get better performance from this system?

  • A. Increase the virtual machine's memory to 64 GB.
  • B. Create a new virtual machine running PostgreSQL.
  • C. Dynamically resize the SSD persistent disk to 500 GB.
  • D. Migrate their performance metrics warehouse to BigQuery.
  • E. Modify all of their batch jobs to use bulk inserts into the database.

Answer: C


Your company acquired a healthcare startup and must retain its customers’ medical information for up to 4 more years, depending on when it was created. Your corporate policy is to securely retain this data, and then delete it as soon as regulations allow.
Which approach should you take?

  • A. Store the data in Google Drive and manually delete records as they expire.
  • B. Anonymize the data using the Cloud Data Loss Prevention API and store it indefinitely.
  • C. Store the data using the Cloud Storage and use lifecycle management to delete files when they expire.
  • D. Store the data in Cloud Storage and run a nightly batch script that deletes all expired datA.

Answer: C



A lead engineer wrote a custom tool that deploys virtual machines in the legacy data center. He wants to migrate the custom tool to the new cloud environment You want to advocate for the adoption of Google Cloud Deployment Manager What are two business risks of migrating to Cloud Deployment Manager? Choose 2 answers

  • A. Cloud Deployment Manager uses Python.
  • B. Cloud Deployment Manager APIs could be deprecated in the future.
  • C. Cloud Deployment Manager is unfamiliar to the company's engineers.
  • D. Cloud Deployment Manager requires a Google APIs service account to run.
  • E. Cloud Deployment Manager can be used to permanently delete cloud resources.
  • F. Cloud Deployment Manager only supports automation of Google Cloud resources.

Answer: CF



You are creating a solution to remove backup files older than 90 days from your backup Cloud Storage bucket. You want to optimize ongoing Cloud Storage spend. What should you do?

  • A. Write a lifecycle management rule in XML and push it to the bucket with gsutil.
  • B. Write a lifecycle management rule in JSON and push it to the bucket with gsutil.
  • C. Schedule a cron script using gsutil is -lr gs://backups/** to find and remove items older than 90 days.
  • D. Schedule a cron script using gsutil ls -1 gs://backups/** to find and remove items older than 90 days and schedule it with cron.

Answer: B



The application reliability team at your company has added a debug feature to their backend service to send all server events to Google Cloud Storage for eventual analysis. The event records are at least 50 KB and at most 15 MB and are expected to peak at 3,000 events per second. You want to minimize data loss.
Which process should you implement?

  • A. • Append metadata to file body.• Compress individual files.• Name files with serverName-Timestamp.• Create a new bucket if bucket is older than 1 hour and save individual files to the new bucke
  • B. Otherwise, save files to existing bucket
  • C. • Batch every 10,000 events with a single manifest file for metadata.• Compress event files and manifest file into a single archive file.• Name files using serverName-EventSequence.• Create a new bucket if bucket is older than 1 day and save the single archive file to the new bucke
  • D. Otherwise, save the single archive file to existing bucket.
  • E. • Compress individual files.• Name files with serverName-EventSequence.• Save files to one bucket• Set custom metadata headers for each object after saving.
  • F. • Append metadata to file body.• Compress individual files.• Name files with a random prefix pattern.• Save files to one bucket

Answer: D

In order to maintain a high request rate, avoid using sequential names. Using completely random object names will give you the best load distribution. Randomness after a common prefix is effective under the prefix


You want to establish a Compute Engine application in a single VPC across two regions. The application must communicate over VPN to an on-premises network. How should you deploy the VPN?

  • A. Use VPC Network Peering between the VPC and the on-premises network.
  • B. Expose the VPC to the on-premises network using IAM and VPC Sharing.
  • C. Create a global Cloud VPN Gateway with VPN tunnels from each region to the on-premises peer gateway.
  • D. Deploy Cloud VPN Gateway in each regio
  • E. Ensure that each region has at least one VPN tunnel to the on-premises peer gateway.

Answer: C



You need to design a solution for global load balancing based on the URL path being requested. You need to ensure operations reliability and end-to-end in-transit encryption based on Google best practices.
What should you do?

  • A. Create a cross-region load balancer with URL Maps.
  • B. Create an HTTPS load balancer with URL maps.
  • C. Create appropriate instance groups and instance
  • D. Configure SSL proxy load balancing.
  • E. Create a global forwarding rul
  • F. Configure SSL proxy balancing.

Answer: B



Your web application has several VM instances running within a VPC. You want to restrict communications between instances to only the paths and ports you authorize, but you don’t want to rely on static IP addresses or subnets because the app can autoscale. How should you restrict communications?

  • A. Use separate VPCs to restrict traffic
  • B. Use firewall rules based on network tags attached to the compute instances
  • C. Use Cloud DNS and only allow connections from authorized hostnames
  • D. Use service accounts and configure the web application particular service accounts to have access

Answer: B


Your company wants to try out the cloud with low risk. They want to archive approximately 100 TB of their log data to the cloud and test the analytics features available to them there, while also retaining that data as a long-term disaster recovery backup. Which two steps should they take? Choose 2 answers

  • A. Load logs into Google BigQuery.
  • B. Load logs into Google Cloud SQL.
  • C. Import logs into Google Stackdriver.
  • D. Insert logs into Google Cloud Bigtable.
  • E. Upload log files into Google Cloud Storage.

Answer: AE


You are designing a mobile chat application. You want to ensure people cannot spoof chat messages, by providing a message were sent by a specific user.
What should you do

  • A. Tag messages client side with the originating user identifier and the destination user.
  • B. Encrypt the message client side using block-based encryption with a shared key.
  • C. Use public key infrastructure (PKI) to encrypt the message client side using the originating user's private key.
  • D. Use a trusted certificate authority to enable SSL connectivity between the client application and the server.

Answer: C


You are migrating your on-premises solution to Google Cloud in several phases. You will use Cloud VPN to maintain a connection between your on-premises systems and Google Cloud until the migration is completed.
You want to make sure all your on-premises systems remain reachable during this period. How should you organize your networking in Google Cloud?

  • A. Use the same IP range on Google Cloud as you use on-premises
  • B. Use the same IP range on Google Cloud as you use on-premises for your primary IP range and use a secondary range that does not overlap with the range you use on-premises
  • C. Use an IP range on Google Cloud that does not overlap with the range you use on-premises
  • D. Use an IP range on Google Cloud that does not overlap with the range you use on-premises for your primary IP range and use a secondary range with the same IP range as you use on-premises

Answer: C


P.S. now are offering 100% pass ensure Professional-Cloud-Architect dumps! All Professional-Cloud-Architect exam questions have been updated with correct answers: (170 New Questions)