459 お客様のコメント
クリック」
質問 1:
You need to migrate invoice documents stored on-premises to Cloud Storage. The documents have the following storage requirements:
* Documents must be kept for five years.
* Up to five revisions of the same invoice document must be stored, to allow for corrections.
* Documents older than 365 days should be moved to lower cost storage tiers.
You want to follow Google-recommended practices to minimize your operational and development costs.
What should you do?
A. Enable object versioning on the bucket, and use Cloud Scheduler to invoke a Cloud Functions instance to move or delete your documents based on their metadata.
B. Enable retention policies on the bucket, use lifecycle rules to change the storage classes of the objects, set the number of versions, and delete old files.
C. Enable retention policies on the bucket, and use Cloud Scheduler to invoke a Cloud Function to move or delete your documents based on their metadata.
D. Enable object versioning on the bucket, use lifecycle conditions to change the storage class of the objects, set the number of versions, and delete old files.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
(Your digital media company stores a large number of video files on-premises. Each video file ranges from
100 MB to 100 GB. You are currently storing 150 TB of video data in your on-premises network, with no room for expansion. You need to migrate all infrequently accessed video files older than one year to Cloud Storage to ensure that on-premises storage remains available for new files. You must also minimize costs and control bandwidth usage. What should you do?)
A. Use Transfer Appliance to request an appliance. Load the data locally, and ship the appliance back to Google for ingestion into Cloud Storage.
B. Create a Cloud Storage bucket. Establish an Identity and Access Management (IAM) role with write permissions to the bucket. Use the gsutil tool to directly copy files over the network to Cloud Storage.
C. Use Storage Transfer Service to move the data from the selected on-premises file storage systems to a Cloud Storage bucket.
D. Set up a Cloud Interconnect connection between the on-premises network and Google Cloud. Establish a private endpoint for Filestore access. Transfer the data from the existing Network File System (NFS) to Filestore.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
After a recent security incident, your startup company wants better insight into what is happening in the Google Cloud environment. You need to monitor unexpected firewall changes and instance creation. Your company prefers simple solutions. What should you do?
A. Use Cloud Logging filters to create log-based metrics for firewall and instance actions. Monitor the changes and set up reasonable alerts.
B. Turn on Google Cloud firewall rules logging, and set up alerts for any insert, update, or delete events.
C. Install Kibana on a compute Instance. Create a log sink to forward Cloud Audit Logs filtered for firewalls and compute instances to Pub/Sub. Target the Pub/Sub topic to push messages to the Kibana instance.
Analyze the logs on Kibana in real time.
D. Create a log sink to forward Cloud Audit Logs filtered for firewalls and compute instances to Cloud Storage.Use BigQuery to periodically analyze log events in the storage bucket.
正解:A
質問 4:
You are working with a Cloud SQL MySQL database at your company. You need to retain a month-end copy of the database for three years for audit purposes. What should you do?
A. Convert the automatic first-of-the-month backup to an export file Write the export file to a Coldline class Cloud Storage bucket
B. Set up an export job for the first of the month Write the export file to an Archive class Cloud Storage bucket
C. Set up an on-demand backup tor the first of the month Write the backup to an Archive class Cloud Storage bucket
D. Save file automatic first-of-the- month backup for three years Store the backup file in an Archive class Cloud Storage bucket
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
(You are managing the security configuration of your company's Google Cloud organization. The Operations team needs specific permissions on both a Google Kubernetes Engine (GKE) cluster and a Cloud SQL instance. Two predefined Identity and Access Management (IAM) roles exist that contain a subset of the permissions needed by the team. You need to configure the necessary IAM permissions for this team while following Google-recommended practices. What should you do?)
A. Create a custom IAM role that includes only the required permissions from the predefined roles.
B. Grant the team the IAM roles of Kubernetes Engine Admin and Cloud SQL Admin.
C. Grant the team the two predefined IAM roles.
D. Create a custom IAM role that combines the permissions from the two relevant predefined roles.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
Your company's infrastructure is on-premises, but all machines are running at maximum capacity. You want to burst to Google Cloud. The workloads on Google Cloud must be able to directly communicate to the workloads on-premises using a private IP range. What should you do?
A. Set up Cloud VPN between the infrastructure on-premises and Google Cloud.
B. Create bastion hosts both in your on-premises environment and on Google Cloud. Configure both as proxy servers using their public IP addresses.
C. In Google Cloud, configure the VPC for VPC Network Peering.
D. In Google Cloud, configure the VPC as a host for Shared VPC.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
You need to add a group of new users to Cloud Identity. Some of the users already have existing Google accounts. You want to follow one of Google's recommended practices and avoid conflicting accounts. What should you do?
A. Tell the user to remove all personal email from the existing account
B. Invite the user to transfer their existing account
C. Tell the user that they must delete their existing account
D. Invite the user to use an email alias to resolve the conflict
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
You just installed the Google Cloud CLI on your new corporate laptop. You need to list the existing instances of your company on Google Cloud. What must you do before you run the gcloud compute instances list command?
Choose 2 answers
A. Run gcloud config set project $my_project to set the default project for gcloud CLI.
B. Run gcloud config set compute/zone $my_zone to set the default zone for gcloud CLI.
C. Download your Cloud Identity user account key. Place the key file in a folder on your machine where gcloud CLI can find it.
D. Create a Google Cloud service account, and download the service account key. Place the key file in a folder on your machine where gcloud CLI can find it.
E. Run gcloud auth login, enter your login credentials in the dialog window, and paste the received login token to gcloud CLI.
正解:A,E
解説: (Pass4Test メンバーにのみ表示されます)
質問 9:
You have a workload running on Compute Engine that is critical to your business. You want to ensure that the data on the boot disk of this workload is backed up regularly. You need to be able to restore a backup as quickly as possible in case of disaster. You also want older backups to be cleaned automatically to save on cost. You want to follow Google-recommended practices. What should you do?
A. Create a cron job to create a new disk from the disk using gcloud.
B. Create a Cloud Function to create an instance template.
C. Create a snapshot schedule for the disk using the desired interval.
D. Create a Cloud Task to create an image and export it to Cloud Storage.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
You need to migrate invoice documents stored on-premises to Cloud Storage. The documents have the following storage requirements:
* Documents must be kept for five years.
* Up to five revisions of the same invoice document must be stored, to allow for corrections.
* Documents older than 365 days should be moved to lower cost storage tiers.
You want to follow Google-recommended practices to minimize your operational and development costs.
What should you do?
A. Enable object versioning on the bucket, and use Cloud Scheduler to invoke a Cloud Functions instance to move or delete your documents based on their metadata.
B. Enable retention policies on the bucket, use lifecycle rules to change the storage classes of the objects, set the number of versions, and delete old files.
C. Enable retention policies on the bucket, and use Cloud Scheduler to invoke a Cloud Function to move or delete your documents based on their metadata.
D. Enable object versioning on the bucket, use lifecycle conditions to change the storage class of the objects, set the number of versions, and delete old files.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
(Your digital media company stores a large number of video files on-premises. Each video file ranges from
100 MB to 100 GB. You are currently storing 150 TB of video data in your on-premises network, with no room for expansion. You need to migrate all infrequently accessed video files older than one year to Cloud Storage to ensure that on-premises storage remains available for new files. You must also minimize costs and control bandwidth usage. What should you do?)
A. Use Transfer Appliance to request an appliance. Load the data locally, and ship the appliance back to Google for ingestion into Cloud Storage.
B. Create a Cloud Storage bucket. Establish an Identity and Access Management (IAM) role with write permissions to the bucket. Use the gsutil tool to directly copy files over the network to Cloud Storage.
C. Use Storage Transfer Service to move the data from the selected on-premises file storage systems to a Cloud Storage bucket.
D. Set up a Cloud Interconnect connection between the on-premises network and Google Cloud. Establish a private endpoint for Filestore access. Transfer the data from the existing Network File System (NFS) to Filestore.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
After a recent security incident, your startup company wants better insight into what is happening in the Google Cloud environment. You need to monitor unexpected firewall changes and instance creation. Your company prefers simple solutions. What should you do?
A. Use Cloud Logging filters to create log-based metrics for firewall and instance actions. Monitor the changes and set up reasonable alerts.
B. Turn on Google Cloud firewall rules logging, and set up alerts for any insert, update, or delete events.
C. Install Kibana on a compute Instance. Create a log sink to forward Cloud Audit Logs filtered for firewalls and compute instances to Pub/Sub. Target the Pub/Sub topic to push messages to the Kibana instance.
Analyze the logs on Kibana in real time.
D. Create a log sink to forward Cloud Audit Logs filtered for firewalls and compute instances to Cloud Storage.Use BigQuery to periodically analyze log events in the storage bucket.
正解:A
質問 4:
You are working with a Cloud SQL MySQL database at your company. You need to retain a month-end copy of the database for three years for audit purposes. What should you do?
A. Convert the automatic first-of-the-month backup to an export file Write the export file to a Coldline class Cloud Storage bucket
B. Set up an export job for the first of the month Write the export file to an Archive class Cloud Storage bucket
C. Set up an on-demand backup tor the first of the month Write the backup to an Archive class Cloud Storage bucket
D. Save file automatic first-of-the- month backup for three years Store the backup file in an Archive class Cloud Storage bucket
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
(You are managing the security configuration of your company's Google Cloud organization. The Operations team needs specific permissions on both a Google Kubernetes Engine (GKE) cluster and a Cloud SQL instance. Two predefined Identity and Access Management (IAM) roles exist that contain a subset of the permissions needed by the team. You need to configure the necessary IAM permissions for this team while following Google-recommended practices. What should you do?)
A. Create a custom IAM role that includes only the required permissions from the predefined roles.
B. Grant the team the IAM roles of Kubernetes Engine Admin and Cloud SQL Admin.
C. Grant the team the two predefined IAM roles.
D. Create a custom IAM role that combines the permissions from the two relevant predefined roles.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
Your company's infrastructure is on-premises, but all machines are running at maximum capacity. You want to burst to Google Cloud. The workloads on Google Cloud must be able to directly communicate to the workloads on-premises using a private IP range. What should you do?
A. Set up Cloud VPN between the infrastructure on-premises and Google Cloud.
B. Create bastion hosts both in your on-premises environment and on Google Cloud. Configure both as proxy servers using their public IP addresses.
C. In Google Cloud, configure the VPC for VPC Network Peering.
D. In Google Cloud, configure the VPC as a host for Shared VPC.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
You need to add a group of new users to Cloud Identity. Some of the users already have existing Google accounts. You want to follow one of Google's recommended practices and avoid conflicting accounts. What should you do?
A. Tell the user to remove all personal email from the existing account
B. Invite the user to transfer their existing account
C. Tell the user that they must delete their existing account
D. Invite the user to use an email alias to resolve the conflict
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
You just installed the Google Cloud CLI on your new corporate laptop. You need to list the existing instances of your company on Google Cloud. What must you do before you run the gcloud compute instances list command?
Choose 2 answers
A. Run gcloud config set project $my_project to set the default project for gcloud CLI.
B. Run gcloud config set compute/zone $my_zone to set the default zone for gcloud CLI.
C. Download your Cloud Identity user account key. Place the key file in a folder on your machine where gcloud CLI can find it.
D. Create a Google Cloud service account, and download the service account key. Place the key file in a folder on your machine where gcloud CLI can find it.
E. Run gcloud auth login, enter your login credentials in the dialog window, and paste the received login token to gcloud CLI.
正解:A,E
解説: (Pass4Test メンバーにのみ表示されます)
質問 9:
You have a workload running on Compute Engine that is critical to your business. You want to ensure that the data on the boot disk of this workload is backed up regularly. You need to be able to restore a backup as quickly as possible in case of disaster. You also want older backups to be cleaned automatically to save on cost. You want to follow Google-recommended practices. What should you do?
A. Create a cron job to create a new disk from the disk using gcloud.
B. Create a Cloud Function to create an instance template.
C. Create a snapshot schedule for the disk using the desired interval.
D. Create a Cloud Task to create an image and export it to Cloud Storage.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
Hamada -
アプリバージョン最高でした。しっかりAssociate-Cloud-Engineerの問題覚えられるから。隙間時間にも学習が進められる。