最新なGoogle Associate-Cloud-Engineer問題集（322題）、真実試験の問題を全部にカバー！

質問 1：
You are operating a Google Kubernetes Engine (GKE) cluster for your company where different teams can run non-production workloads. Your Machine Learning (ML) team needs access to Nvidia Tesla P100 GPUs to train their models. You want to minimize effort and cost. What should you do?
A. Create your own Kubernetes cluster on top of Compute Engine with nodes that have GPUs. Dedicate this cluster to your ML team.
B. Add a new, GPU-enabled, node pool to the GKE cluster. Ask your ML team to add the cloud.google.com/gke -accelerator: nvidia-tesla-p100 nodeSelector to their pod specification.
C. Recreate all the nodes of the GKE cluster to enable GPUs on all of them.
D. Ask your ML team to add the "accelerator: gpu" annotation to their pod specification.
正解：B
解説: (Pass4Test メンバーにのみ表示されます)

質問 2：
Your organization has strict requirements to control access to Google Cloud projects. You need to enable your Site Reliability Engineers (SREs) to approve requests from the Google Cloud support team when an SRE opens a support case. You want to follow Google-recommended practices. What should you do?
A. Add your SREs to roles/iam.roleAdmin role.
B. Add your SREs to a group and then add this group to roles/accessapproval approver role.
C. Add your SREs to roles/accessapproval approver role.
D. Add your SREs to a group and then add this group to roles/iam roleAdmin role.
正解：B

質問 3：
You have two subnets (subnet-a and subnet-b) in the default VPC. Your database servers are running in subnet-a. Your application servers and web servers are running in subnet-b. You want to configure a firewall rule that only allows database traffic from the application servers to the database servers. What should you do?
A. * Create a service account sa-app and a network tag db-server.* Associate the service account sa-app with the application servers and the network tag db-server withthe database servers.* Create an ingress firewall rule to allow network traffic from source VPC IP addresses and target the subnet-a IP addresses.
B. * Create a network lag app-server and service account sa-db.* Add the tag to the application servers and associate the service account with the database servers.* Create an egress firewall rule to allow network traffic from source network tag app-server to target service account sa-db.
C. * Create network tags app-server and db-server.* Add the app-server lag lo the application servers and the db-server lag to the database servers.* Create an egress firewall rule to allow network traffic from source network tag app-server to target network tag db-server.
D. * Create service accounts sa-app and sa-db.* Associate service account: sa-app with the application servers and the service account sa-db with the database servers.* Create an ingress firewall rule to allow network traffic from source service account sa-app to target service account sa-db.
正解：A

質問 4：
You are working in a team that has developed a new application that needs to be deployed on Kubernetes. The production application is business critical and should be optimized for reliability. You need to provision a Kubernetes cluster and want to follow Google-recommended practices. What should you do?
A. Create a GKE Autopilot cluster. Enroll the cluster in the rapid release channel.
B. Create a regional GKE standard cluster. Enroll the cluster in the rapid release channel.
C. Create a zonal GKE standard cluster. Enroll the cluster in the stable release channel.
D. Create a GKE Autopilot cluster. Enroll the cluster in the stable release channel.
正解：D
解説: (Pass4Test メンバーにのみ表示されます)

質問 5：
You are developing a financial trading application that will be used globally. Data is stored and queried using a relational structure, and clients from all over the world should get the exact identical state of the data. The application will be deployed in multiple regions to provide the lowest latency to end users. You need to select a storage option for the application data while minimizing latency. What should you do?
A. Use Cloud Spanner for data storage.
B. Use Firestore for data storage.
C. Use Cloud SQL for data storage.
D. Use Cloud Bigtable for data storage.
正解：A
解説: (Pass4Test メンバーにのみ表示されます)

質問 6：
For analysis purposes, you need to send all the logs from all of your Compute Engine instances to a BigQuery dataset called platform-logs. You have already installed the Stackdriver Logging agent on all the instances.
You want to minimize cost. What should you do?
A. 1. In Stackdriver Logging, create a filter to view only Compute Engine logs.2. Click Create Export.3.
Choose BigQuery as Sink Service, and the platform-logs dataset as Sink Destination.
B. 1. Give the BigQuery Data Editor role on the platform-logs dataset to the service accounts used by your instances.2. Update your instances' metadata to add the following value: logs-destination: bq://platform- logs.
C. 1. In Stackdriver Logging, create a logs export with a Cloud Pub/Sub topic called logs as a sink.2.
Create a Cloud Function that is triggered by messages in the logs topic.3. Configure that Cloud Function to drop logs that are not from Compute Engine and to insert Compute Engine logs in the platform-logs dataset.
D. 1. Create a Cloud Function that has the BigQuery User role on the platform-logs dataset.2. Configure this Cloud Function to create a BigQuery Job that executes this query:INSERT INTO dataset.platform- logs (timestamp, log)SELECT timestamp, log FROM compute.logsWHERE timestamp > DATE_SUB (CURRENT_DATE(), INTERVAL 1 DAY)3. Use Cloud Scheduler to trigger this Cloud Function once a day.
正解：A
解説: (Pass4Test メンバーにのみ表示されます)

質問 7：
Your company wants to standardize the creation and management of multiple Google Cloud resources using Infrastructure as Code. You want to minimize the amount of repetitive code needed to manage the environment What should you do?
A. Create a bash script that contains all requirement steps as gcloud commands
B. Use curl in a terminal to send a REST request to the relevant Google API for each individual resource.
C. Develop templates for the environment using Cloud Deployment Manager
D. Use the Cloud Console interface to provision and manage all related resources
正解：C
解説: (Pass4Test メンバーにのみ表示されます)

質問 8：
You need to monitor resources that are distributed over different projects in Google Cloud Platform. You want to consolidate reporting under the same Stackdriver Monitoring dashboard. What should you do?
A. Configure a single Stackdriver account for one of the projects. In Stackdriver, create a Group and add the other project names as criteria for that Group.
B. Configure a single Stackdriver account, and link all projects to the same account.
C. Use Shared VPC to connect all projects, and link Stackdriver to one of the projects.
D. For each project, create a Stackdriver account. In each project, create a service account for that project and grant it the role of Stackdriver Account Editor in all other projects.
正解：B
解説: (Pass4Test メンバーにのみ表示されます)

質問 9：
You created an instance of SQL Server 2017 on Compute Engine to test features in the new version. You want to connect to this instance using the fewest number of steps. What should you do?
A. Set a Windows username and password in the GCP Console. Verify that a firewall rule for port 3389 exists. Click the RDP button in the GCP Console, and supply the credentials to log in.
B. Install a RDP client in your desktop. Set a Windows username and password in the GCP Console. Use the credentials to log in to the instance.
C. Install a RDP client on your desktop. Verify that a firewall rule for port 3389 exists.
D. Set a Windows password in the GCP Console. Verify that a firewall rule for port 22 exists. Click the RDP button in the GCP Console and supply the credentials to log in.
正解：A
解説: (Pass4Test メンバーにのみ表示されます)