• Home
  • Blogs
  • Updated Free Google Associate-Cloud-Engineer Test Engine Questions with 245 Q&As [Q136-Q159]

Updated Free Google Associate-Cloud-Engineer Test Engine Questions with 245 Q&As [Q136-Q159]

Share

Updated Free Google Associate-Cloud-Engineer Test Engine Questions with 245 Q&As

The Best Google Cloud Certified Associate-Cloud-Engineer Professional Exam Questions


Google Associate-Cloud-Engineer Exam Syllabus Topics:

TopicDetails
Topic 1
  • Configuring Access and Security
  • Managing Identity and Access Management (IAM)
  • Viewing Account IAM Assignments
  • Defining Custom IAM Roles
Topic 2
  • Ensuring Successful Operation of a Cloud Solution
  • Managing App Engine Resources
  • Managing Data Solutions
  • Managing Networking Resources
Topic 3
  • Creating an Autoscaled Managed Instance Group Using an Instance Template
  • Configuring a VM for Stackdriver Monitoring and Logging
Topic 4
  • Product Choice (e.g., Cloud SQL, BigQuery, Cloud Spanner, Cloud Bigtable)
  • Choosing Storage Options (e.g., Regional, Multi-regional, Nearline, Coldline)
Topic 5
  • Planning and Configuring a Cloud Solution
  • Planning and Estimating GCP Product Use Using the Pricing Calculator
Topic 6
  • Setting Up a Cloud Solution Environment
  • Creating Projects, Linking Users to G Suite Identities, Enabling APIs Within Projects
Topic 7
  • Deploying and Implementing a Cloud Solution
  • Launching a Compute Instance Using Cloud Console and Cloud SDK (gcloud) (e.g., assign disks, availability policy, SSH keys)
Topic 8
  • Assessing Compute Quotas and Requesting Increases
  • Deploying a Kubernetes Engine Cluster
  • Configuring Kubernetes Engine Application Monitoring and Logging

 

NEW QUESTION 136
You've just created a new Google Cloud account. You're eager to start working with resources such as App Engine and Cloud Storage. However, you know that resources have requirements. Which of the following is required by Google Cloud in order to enable and use resources?

  • A. A Stackdriver account
  • B. An Organization
  • C. A Folder
  • D. A Project

Answer: D

 

NEW QUESTION 137
You are building an architecture for one of your client with a requirement of streaming millions of requests with high availability and durability along with HIPPA compliance. Which managed service will you prefer?

  • A. Cloud Pub/Sub
  • B. RabbitMQ
  • C. Cloud DataProc
  • D. Cloud Function

Answer: A

 

NEW QUESTION 138
You need to configure IAM access audit logging in BigQuery for external auditors. You want to follow Google- recommended practices. What should you do?

  • A. Add the auditors group to two new custom IAM roles.
  • B. Add the auditor user accounts to two new custom IAM roles.
  • C. Add the auditor user accounts to the 'logging.viewer' and 'bigQuery.dataViewer' predefined IAM roles.
  • D. Add the auditors group to the 'logging.viewer' and 'bigQuery.dataViewer' predefined IAM roles.

Answer: C

Explanation:
Explanation/Reference: https://cloud.google.com/iam/docs/roles-audit-logging

 

NEW QUESTION 139
For analysis purposes, you need to send all the logs from all of your Compute Engine instances to a BigQuery dataset called platform-logs. You have already installed the Stackdriver Logging agent on all the instances. You want to minimize cost. What should you do?

  • A. 1. In Stackdriver Logging, create a filter to view only Compute Engine logs.2. Click Create Export.3. Choose BigQuery as Sink Service, and the platform-logs dataset as Sink Destination.
  • B. 1. Create a Cloud Function that has the BigQuery User role on the platform-logs dataset.2. Configure this Cloud Function to create a BigQuery Job that executes this query:INSERT INTO dataset.platform-logs (timestamp, log)SELECT timestamp, log FROM compute.logsWHERE timestamp > DATE_SUB(CURRENT_DATE(), INTERVAL 1 DAY)3. Use Cloud Scheduler to trigger this Cloud Function once a day.
  • C. 1. Give the BigQuery Data Editor role on the platform-logs dataset to the service accounts used by your instances.2. Update your instances' metadata to add the following value: logs-destination: bq://platform-logs.
  • D. 1. In Stackdriver Logging, create a logs export with a Cloud Pub/Sub topic called logs as a sink.2. Create a Cloud Function that is triggered by messages in the logs topic.3. Configure that Cloud Function to drop logs that are not from Compute Engine and to insert Compute Engine logs in the platform-logs dataset.

Answer: A

 

NEW QUESTION 140
You are managing several Google Cloud Platform (GCP) projects and need access to all logs for the past 60 days. You want to be able to explore and quickly analyze the log contents. You want to follow Google- recommended practices to obtain the combined logs for all projects. What should you do?

  • A. Create a Stackdriver Logging Export with a Sink destination to a BigQuery dataset. Configure the table expiration to 60 days.
  • B. Create a Stackdriver Logging Export with a Sink destination to Cloud Storage. Create a lifecycle rule to delete objects after 60 days.
  • C. Configure a Cloud Scheduler job to read from Stackdriver and store the logs in BigQuery. Configure the table expiration to 60 days.
  • D. Navigate to Stackdriver Logging and select resource.labels.project_id="*"

Answer: A

Explanation:
Explanation/Reference: https://cloud.google.com/blog/products/gcp/best-practices-for-working-with-google-cloud-audit- logging

 

NEW QUESTION 141
A customer has a legacy application with a large amount of data. The files accessed by the application are approximately 10 GB each, but are rarely accessed. However, when files are accessed, they are retrieved sequentially. The customer is migrating the application to AWS and would like to use Amazon EC2 and Amazon EBS.
What is the Least expensive EBS volume type for this use case?

  • A. General Purpose SSD (gp2)
  • B. Throughput Optimized HDD (st1)
  • C. Provisioned IOPS SSD (io1)
  • D. Cold HDD (sc1)

Answer: B

Explanation:
Throughput Optimized HDD (st1) volumes provide low-cost magnetic storage that defines performance in terms of throughput rather than IOPS. This volume type is a good fit for large, sequential workloads such as Amazon EMR, ETL, data warehouses, and log processing. Bootable st1 volumes are not supported.
Throughput Optimized HDD (st1) volumes, though similar to Cold HDD (sc1) volumes, are designed to support frequently accessed data.
This volume type is optimized for workloads involving large, sequential I/O, and we recommend that customers with workloads performing small, random I/O use gp2.
Reference: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html

 

NEW QUESTION 142
You want to verify the IAM users and roles assigned within a GCP project named my-project. What should you do?

  • A. Run gcloud iam roles list. Review the output section.
  • B. Navigate to the project and then to the Roles section in the GCP Console. Review the roles and status.
  • C. Run gcloud iam service-accounts list. Review the output section.
  • D. Navigate to the project and then to the IAM section in the GCP Console. Review the members and roles.

Answer: B

 

NEW QUESTION 143
Every employee of your company has a Google account. Your operational team needs to manage a large number of instances on Compute Engine. Each member of this team needs only administrative access to the servers. Your security team wants to ensure that the deployment of credentials is operationally efficient and must be able to determine who accessed a given instance. What should you do?

  • A. Generate a new SSH key pair. Give the private key to each member of your team.
    Configure the public key in the metadata of each instance.
  • B. Ask each member of the team to generate a new SSH key pair and to send you their public key.
    Use a configuration management tool to deploy those keys on each instance.
  • C. Generate a new SSH key pair. Give the private key to each member of your team.
    Configure the public key as a project-wide public SSH key in your Cloud Platform project and allow project-wide public SSH keys on each instance.
  • D. Ask each member of the team to generate a new SSH key pair and to add the public key to their Google account.
    Grant the "compute.osAdminLogin" role to the Google group corresponding to this team.

Answer: D

Explanation:
https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys

 

NEW QUESTION 144
2. Your auditor wants to view your organization's use of data in Google Cloud. The auditor is most interested in auditing who accessed data in Cloud Storage buckets. You need to help the auditor access the data they need. What should you do?

  • A. Assign the appropriate permissions, and then create a Data Studio report on Admin Activity Audit Logs
  • B. Turn on Data Access Logs for the buckets they want to audit, and Then build a query in the log viewer that filters on Cloud Storage
  • C. Use the export logs API to provide the Admin Activity Audit Logs in the format they want
  • D. Assign the appropriate permissions, and then use Cloud Monitoring to review metrics

Answer: D

 

NEW QUESTION 145
A cloud engineer has been assigned to work on a running project. He wants to know which VMs are running in the project. How could the cloud engineer get the information of the all VMs running in the project?

  • A. Execute the command gcloud compute instances list
  • B. Execute the command gcloud list instances
  • C. Execute the command gcloud compute list
  • D. Execute the command gcloud instances list

Answer: A

 

NEW QUESTION 146
The core business of your company is to rent out construction equipment at a large scale. All the equipment that is being rented out has been equipped with multiple sensors that send event information every few seconds. These signals can vary from engine status, distance traveled, fuel level, and more. Customers are billed based on the consumption monitored by these sensors. You expect high throughput - up to thousands of events per hour per device - and need to retrieve consistent data based on the time of the event. Storing and retrieving individual signals should be atomic. What should you do?

  • A. Create a file in Cloud Filestore per device and append new data to that file.
  • B. Create a file in Cloud Storage per device and append new data to that file.
  • C. Ingest the data into Cloud Bigtable. Create a row key based on the event timestamp.
  • D. Ingest the data into Datastore. Store data in an entity group based on the device.

Answer: D

 

NEW QUESTION 147
You are storing sensitive information in a Cloud Storage bucket. For legal reasons, you need to be able to record all requests that read any of the stored data. You want to make sure you comply with these requirements. What should you do?

  • A. Enable the Identity Aware Proxy API on the project.
  • B. Scan the bucker using the Data Loss Prevention API.
  • C. Enable Data Access audit logs for the Cloud Storage API.
  • D. Allow only a single Service Account access to read the data.

Answer: C

Explanation:
https://cloud.google.com/storage/docs/audit-logs

 

NEW QUESTION 148
A customer is deploying a production portal application on AWS. The database tier has structured data. The company requires a solution that is easily manageable and highly available.
How can these requirements be met?

  • A. Use Amazon DynamoDB.
  • B. Use Amazon RDS with a multiple Availability Zone option.
  • C. Deploy the database on multiple Amazon EC2 instances backed by Amazon EBS across multiple Availability Zones.
  • D. Use RDS with a single Available Zone option and schedule periodic database snapshots.

Answer: B

Explanation:
Explanation/Reference: https://aws.amazon.com/rds/

 

NEW QUESTION 149
You are building a pipeline to process time-series data. Which Google Cloud Platform services should you put in boxes 1,2,3, and 4?

  • A. Cloud Pub/Sub, Cloud Dataflow, Cloud Bigtable, BigQuery
  • B. Cloud Pub/Sub, Cloud Storage, BigQuery, Cloud Bigtable
  • C. Firebase Messages, Cloud Pub/Sub, Cloud Spanner, BigQuery
  • D. Cloud Pub/Sub, Cloud Dataflow, Cloud Datastore, BigQuery

Answer: A

Explanation:
Explanation/Reference: https://cloud.google.com/solutions/correlating-time-series-dataflow

 

NEW QUESTION 150
Your company is moving from an on-premises environment to Google Cloud Platform (GCP). You have multiple development teams that use Cassandra environments as backend databases. They all need a development environment that is isolated from other Cassandra instances. You want to move to GCP quickly and with minimal support effort. What should you do?

  • A. 1. Build a Cassandra Compute Engine instance and take a snapshot of it.
    2. Upload the snapshot to Cloud Storage and make it accessible to your developers.
    3. Build instructions to create a Compute Engine instance from the snapshot so that developers can do it themselves.
  • B. 1. Advise your developers to go to Cloud Marketplace.
    2. Ask the developers to launch a Cassandra image for their development work.
  • C. 1. Build an instruction guide to install Cassandra on GCP.
    2. Make the instruction guide accessible to your developers.
  • D. 1. Build a Cassandra Compute Engine instance and take a snapshot of it.
    2. Use the snapshot to create instances for your developers.

Answer: A

 

NEW QUESTION 151
You significantly changed a complex Deployment Manager template and want to confirm that the dependencies of all defined resources are properly met before committing it to the project. You want the most rapid feedback on your changes. What should you do?

  • A. Monitor activity of the Deployment Manager execution on the Stackdriver Logging page of the GCP Console.
  • B. Execute the Deployment Manager template using the ?preview option in the same project, and observe the state of interdependent resources.
  • C. Use granular logging statements within a Deployment Manager template authored in Python.
  • D. Execute the Deployment Manager template against a separate project with the same configuration, and monitor for failures.

Answer: B

Explanation:
https://cloud.google.com/deployment-manager/docs/deployments/updating-deployments

 

NEW QUESTION 152
Your boss has asked you to set up something to perform monitoring and logging. The ideal solution would allow you to monitor your Google Cloud resources as well as a few different EC2 instances running inside AWS. Which option would meet the criteria with the least amount of work?

  • A. Stackdriver
  • B. Datadog
  • C. AWS Cloudwatch
  • D. Deploy a custom solution based on the ELK stack.

Answer: A

 

NEW QUESTION 153
You are performing a monthly security check of your Google Cloud environment and want to know who has access to view data stored in your Google Cloud Project. What should you?

  • A. Create a Data Loss Prevention job.
  • B. Review the IAM permissions for any role that allows for data access.
  • C. Enable Audit Logs for all APIs that are related to data storage.
  • D. Review the Identity-Aware Proxy settings for each resource.

Answer: B

Explanation:
Explanation/Reference: https://cloud.google.com/compute/docs/access

 

NEW QUESTION 154
You have successfully created a development environment in a project for an application. This application uses Compute Engine and Cloud SQL. Now, you need to create a production environment for this application. The security team has forbidden the existence of network routes between these 2 environments, and asks you to follow Google-recommended practices. What should you do?

  • A. Create a new production subnet in the existing VPC and a new production Cloud SQL instance in your existing project, and deploy your application using those resources.
  • B. Create a new project, enable the Compute Engine and Cloud SQL APIs in that project, and replicate the setup you have created in the development environment.
  • C. Create a new project, modify your existing VPC to be a Shared VPC, share that VPC with your new project, and replicate the setup you have in the development environment in that new project, in the Shared VPC.
  • D. Ask the security team to grant you the Project Editor role in an existing production project used by another division of your company. Once they grant you that role, replicate the setup you have in the development environment in that project.

Answer: C

 

NEW QUESTION 155
You have a Google Cloud Platform account with access to both production and development projects. You need to create an automated process to list all compute instances in development and production projects on a daily basis. What should you do?

  • A. Create two configurations using gcloud config. Write a script that sets configurations as active, individually. For each configuration, use gcloud compute instances list to get a list of compute resources.
  • B. Go to GCP Console and export this information to Cloud SQL on a daily basis.
  • C. Create two configurations using gsutil config. Write a script that sets configurations as active, individually. For each configuration, use gsutil compute instances list to get a list of compute resources.
  • D. Go to Cloud Shell and export this information to Cloud Storage on a daily basis.

Answer: A

 

NEW QUESTION 156
You have a website hosted on App Engine standard environment. You want 1% of your users to see a new test version of the website. You want to minimize complexity. What should you do?

  • A. Deploy the new version in the same application and use the --migrate option.
  • B. Create a new App Engine application in the same project. Deploy the new version in that application. Configure your network load balancer to send 1% of the traffic to that new application.
  • C. Create a new App Engine application in the same project. Deploy the new version in that application. Use the App Engine library to proxy 1% of the requests to the new version.
  • D. Deploy the new version in the same application and use the --splits option to give a weight of 99 to the current version and a weight of 1 to the new version.

Answer: D

 

NEW QUESTION 157
You are using Google Kubernetes Engine with autoscaling enabled to host a new application. You want to expose this new application to the public, using HTTPS on a public IP address. What should you do?

  • A. Create a Kubernetes Service of type ClusterIP for your application. Configure the public DNS name of your application using the IP of this Service.
  • B. Create a Kubernetes Service of type NodePort for your application, and a Kubernetes Ingress to expose this Service via a Cloud Load Balancer.
  • C. Create a HAProxy pod in the cluster to load-balance the traffic to all the pods of the application. Forward the public traffic to HAProxy with an iptable rule. Configure the DNS name of your application using the public IP of the node HAProxy is running on.
  • D. Create a Kubernetes Service of type NodePort to expose the application on port 443 of each node of the Kubernetes cluster. Configure the public DNS name of your application with the IP of every node of the cluster to achieve load-balancing.

Answer: B

Explanation:
Explanation/Reference: https://cloud.google.com/kubernetes-engine/docs/tutorials/http-balancer

 

NEW QUESTION 158
You are operating a Google Kubernetes Engine (GKE) cluster for your company where different teams can run non-production workloads. Your Machine Learning (ML) team needs access to Nvidia Tesla P100 GPUs to train their models. You want to minimize effort and cost. What should you do?

  • A. Add a new, GPU-enabled, node pool to the GKE cluster. Ask your ML team to add the cloud.google.com/gke -accelerator: nvidia-tesla-p100 nodeSelectorto their pod specification.
  • B. Create your own Kubernetes cluster on top of Compute Engine with nodes that have GPUs.
    Dedicate this cluster to your ML team.
  • C. Recreate all the nodes of the GKE cluster to enable GPUs on all of them.
  • D. Ask your ML team to add the "accelerator: gpu" annotation to their pod specification.

Answer: A

Explanation:
https://cloud.google.com/kubernetes-engine/docs/how-to/gpus

 

NEW QUESTION 159
......


Below are some steps to apply for Associate Cloud Engineer Exam

In order to apply for the Associate Cloud Engineer, You have to follow these steps

  1. Go to the Associate Cloud Engineer Official Site
  2. Read the instruction Carefully
  3. Follow the given steps
  4. Apply for the Associate Cloud Engineer

 

Try 100% Updated Associate-Cloud-Engineer Exam Questions [2022]: https://www.exam-killer.com/Associate-Cloud-Engineer-valid-questions.html

Pass Associate-Cloud-Engineer Exam - Real Questions and Answers: https://drive.google.com/open?id=1RqF_q4i7ITm2ck7MLFyLqeuI3eg2D4sM

Related Blogs

more
Google Associate-Cloud-Engineer Certification Practice Exam

All we do is to help you pass the actual test with our training material. The most relevant questions together with verified answers can ensure you 100% pass.

Latest Update

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 EXAM-KILLER.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor. Privacy Policy