976 お客様のコメント
クリック」
質問 1:
Your company wants to start using Google Cloud resources but wants to retain their on-premises Active Directory domain controller for identity management. What should you do?
A. Use Google Cloud Directory Sync to synchronize Active Directory usernames with cloud identities and configure SAML SSO.
B. Use Compute Engine to create an Active Directory (AD) domain controller that is a replica of the onpremises AD domain controller using Google Cloud Directory Sync.
C. Use Cloud Identity-Aware Proxy configured to use the on-premises Active Directory domain controller as an identity provider.
D. Use the Admin Directory API to authenticate against the Active Directory domain controller.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Your company has an enterprise application running on Compute Engine that requires high availability and high performance. The application has been deployed on two instances in two zones in the same region m active passive mode. The application writes data to a persistent disk in the case of a single zone outage that data should be immediately made available to the other instance in the other zone. You want to maximize performance while minimizing downtime and data loss. What should you do?
A. 1 Attach a local SSD lo the first instance disk
2. Execute an rsync command every hour where the target is a persistent SSD disk attached to the second instance
3. In case of a zone outage, use the second instance
B. 1 Create a Cloud Storage bucket
2. Mount the bucket into the first instance with gcs-fuse
3. In case of a zone outage, mount the Cloud Storage bucket to the second instance with gcs-fuse
C. 1. Attach a regional SSD persistent Ask to the first instance
2. In case of a zone outage, force-attach the disk to the other instance
D. 1. Attach a persistent SSD disk to the first instance
2. Create a snapshot every hour
3. In case of a zone outage, recreate a persistent SSD disk in the second instance where data is coming from the created snapshot
正解:C
質問 3:
Your application needs to process credit card transactions. You want the smallest scope of Payment Card Industry (PCI) compliance without compromising the ability to analyze transactional data and trends relating to which payment methods are used. How should you design your architecture?
A. Streamline the audit discovery phase by labeling all of the virtual machines (VMs) that process PCI data.
B. Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor.
C. Create separate projects that only process credit card data.
D. Create separate subnetworks and isolate the components that process credit card data.
E. Create a tokenizer service and store only tokenized data.
正解:E
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
You have a Python web application with many dependencies that requires 0.1 CPU cores and 128 MB of memory to operate in production. You want to monitor and maximize machine utilization. You also to reliably deploy new versions of the application. Which set of steps should you take?
A. Perform the following:
1) Create a managed instance group with f1-micro type machines.
2) Use a startup script to clone the repository, check out the production branch, install the dependencies, and start the Python app.
3) Restart the instances to automatically deploy new production releases.
B. Perform the following:
1) Create a Kubernetes Engine (GKE) cluster with n1-standard-4 type machines.
2) Build a Docker image from the master branch will all of the dependencies, and tag it with "latest".
3) Create a Kubernetes Deployment in the default namespace with the imagePullPolicy set to
"Always".
Restart the pods to automatically deploy new production releases.
C. Perform the following:
1) Create a Kubernetes Engine cluster with n1-standard-1 type machines.
2) Build a Docker image from the production branch with all of the dependencies, and tag it with the version number.
3) Create a Kubernetes Deployment with the imagePullPolicy set to "IfNotPresent" in the staging namespace, and then promote it to the production namespace after testing.
D. Perform the following:
1) Create a managed instance group with n1-standard-1 type machines.
2) Build a Compute Engine image from the production branch that contains all of the dependencies and automatically starts the Python app.
3) Rebuild the Compute Engine image, and update the instance template to deploy new production releases.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
You are helping the QA team to roll out a new load-testing tool to test the scalability of your primary cloud services that run on Google Compute Engine with Cloud Bigtable. Which three requirements should they include? Choose 3 answers
A. Instrument the load-testing tool and the target services with detailed logging and metrics collection.
B. Ensure all third-party systems your services use are capable of handling high load.
C. Schedule the load-testing tool to regularly run against the production environment.
D. Instrument the production services to record every transaction for replay by the load-testing tool.
E. Create a separate Google Cloud project to use for the load-testing environment.
F. Ensure that the load tests validate the performance of Cloud Bigtable.
正解:A,E,F
質問 6:
You need to implement a network ingress for a new game that meets the defined business and technical requirements. Mountkirk Games wants each regional game instance to be located in multiple Google Cloud regions. What should you do?
A. Configure kubemci with a global load balancer and Google Kubernetes Engine.
B. Configure Ingress for Anthos with a global load balancer and Google Kubernetes Engine.
C. Configure a global load balancer connected to a managed instance group running Compute Engine instances.
D. Configure a global load balancer with Google Kubernetes Engine.
正解:C
質問 7:
Your company has developed a monolithic, 3-tier application to allow external users to upload and share files. The solution cannot be easily enhanced and lacks reliability. The development team would like to re-architect the application to adopt microservices and a fully managed service approach, but they need to convince their leadership that the effort is worthwhile. Which advantage(s) should they highlight to leadership?
A. The process can be automated with Migrate for Compute Engine.
B. The new approach will make it easier to decouple infrastructure from application, develop and release new features, manage the underlying infrastructure, manage CI/CD pipelines and perform A/B testing, and scale the solution if necessary.
C. The monolithic solution can be converted to a container with Docker. The generated container can then be deployed into a Kubernetes cluster.
D. The new approach will be significantly less costly, make it easier to manage the underlying infrastructure, and automatically manage the CI/CD pipelines.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
Your company wants to start using Google Cloud resources but wants to retain their on-premises Active Directory domain controller for identity management. What should you do?
A. Use Google Cloud Directory Sync to synchronize Active Directory usernames with cloud identities and configure SAML SSO.
B. Use Compute Engine to create an Active Directory (AD) domain controller that is a replica of the onpremises AD domain controller using Google Cloud Directory Sync.
C. Use Cloud Identity-Aware Proxy configured to use the on-premises Active Directory domain controller as an identity provider.
D. Use the Admin Directory API to authenticate against the Active Directory domain controller.
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Your company has an enterprise application running on Compute Engine that requires high availability and high performance. The application has been deployed on two instances in two zones in the same region m active passive mode. The application writes data to a persistent disk in the case of a single zone outage that data should be immediately made available to the other instance in the other zone. You want to maximize performance while minimizing downtime and data loss. What should you do?
A. 1 Attach a local SSD lo the first instance disk
2. Execute an rsync command every hour where the target is a persistent SSD disk attached to the second instance
3. In case of a zone outage, use the second instance
B. 1 Create a Cloud Storage bucket
2. Mount the bucket into the first instance with gcs-fuse
3. In case of a zone outage, mount the Cloud Storage bucket to the second instance with gcs-fuse
C. 1. Attach a regional SSD persistent Ask to the first instance
2. In case of a zone outage, force-attach the disk to the other instance
D. 1. Attach a persistent SSD disk to the first instance
2. Create a snapshot every hour
3. In case of a zone outage, recreate a persistent SSD disk in the second instance where data is coming from the created snapshot
正解:C
質問 3:
Your application needs to process credit card transactions. You want the smallest scope of Payment Card Industry (PCI) compliance without compromising the ability to analyze transactional data and trends relating to which payment methods are used. How should you design your architecture?
A. Streamline the audit discovery phase by labeling all of the virtual machines (VMs) that process PCI data.
B. Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor.
C. Create separate projects that only process credit card data.
D. Create separate subnetworks and isolate the components that process credit card data.
E. Create a tokenizer service and store only tokenized data.
正解:E
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
You have a Python web application with many dependencies that requires 0.1 CPU cores and 128 MB of memory to operate in production. You want to monitor and maximize machine utilization. You also to reliably deploy new versions of the application. Which set of steps should you take?
A. Perform the following:
1) Create a managed instance group with f1-micro type machines.
2) Use a startup script to clone the repository, check out the production branch, install the dependencies, and start the Python app.
3) Restart the instances to automatically deploy new production releases.
B. Perform the following:
1) Create a Kubernetes Engine (GKE) cluster with n1-standard-4 type machines.
2) Build a Docker image from the master branch will all of the dependencies, and tag it with "latest".
3) Create a Kubernetes Deployment in the default namespace with the imagePullPolicy set to
"Always".
Restart the pods to automatically deploy new production releases.
C. Perform the following:
1) Create a Kubernetes Engine cluster with n1-standard-1 type machines.
2) Build a Docker image from the production branch with all of the dependencies, and tag it with the version number.
3) Create a Kubernetes Deployment with the imagePullPolicy set to "IfNotPresent" in the staging namespace, and then promote it to the production namespace after testing.
D. Perform the following:
1) Create a managed instance group with n1-standard-1 type machines.
2) Build a Compute Engine image from the production branch that contains all of the dependencies and automatically starts the Python app.
3) Rebuild the Compute Engine image, and update the instance template to deploy new production releases.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
You are helping the QA team to roll out a new load-testing tool to test the scalability of your primary cloud services that run on Google Compute Engine with Cloud Bigtable. Which three requirements should they include? Choose 3 answers
A. Instrument the load-testing tool and the target services with detailed logging and metrics collection.
B. Ensure all third-party systems your services use are capable of handling high load.
C. Schedule the load-testing tool to regularly run against the production environment.
D. Instrument the production services to record every transaction for replay by the load-testing tool.
E. Create a separate Google Cloud project to use for the load-testing environment.
F. Ensure that the load tests validate the performance of Cloud Bigtable.
正解:A,E,F
質問 6:
You need to implement a network ingress for a new game that meets the defined business and technical requirements. Mountkirk Games wants each regional game instance to be located in multiple Google Cloud regions. What should you do?
A. Configure kubemci with a global load balancer and Google Kubernetes Engine.
B. Configure Ingress for Anthos with a global load balancer and Google Kubernetes Engine.
C. Configure a global load balancer connected to a managed instance group running Compute Engine instances.
D. Configure a global load balancer with Google Kubernetes Engine.
正解:C
質問 7:
Your company has developed a monolithic, 3-tier application to allow external users to upload and share files. The solution cannot be easily enhanced and lacks reliability. The development team would like to re-architect the application to adopt microservices and a fully managed service approach, but they need to convince their leadership that the effort is worthwhile. Which advantage(s) should they highlight to leadership?
A. The process can be automated with Migrate for Compute Engine.
B. The new approach will make it easier to decouple infrastructure from application, develop and release new features, manage the underlying infrastructure, manage CI/CD pipelines and perform A/B testing, and scale the solution if necessary.
C. The monolithic solution can be converted to a container with Docker. The generated container can then be deployed into a Kubernetes cluster.
D. The new approach will be significantly less costly, make it easier to manage the underlying infrastructure, and automatically manage the CI/CD pipelines.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
Bann -
本書はProfessional-Cloud-Architectになじみのないかたでも理解しやすいように、身近なところから順番に学習できるようになっている点も良い点です。