Associate-Cloud-Engineer Exam Dumps Pass with Updated Dec-2021 Tests Dumps
Associate-Cloud-Engineer exam questions for practice in 2021 Updated 245 Questions
The Google Associate Cloud Engineer exam targets software engineers who would like to dabble into the Google Cloud. So, you need to be capable of using the command-line interfaces and Google Cloud Console to handle core platform-based tasks. These mostly include monitoring operations and managing enterprise solutions to maintain deployed applications. In addition, after successful writing of the test, candidates obtain the appropriate Google Cloud certification.
Below are advantages of Getting the Associate Cloud Engineer Certification Exam
- Google Certified Specialists Certification provides practical experience to candidates from all the aspects to be a proficient worker in the organization.
- Google Certified Specialists have the knowledge to use the tools to complete the task efficiently and cost effectively than the other non-certified professionals lack in doing so.
- Google Certified Specialists will be confident and stand different from others as their skills are more trained than non-certified professionals.
Below are the Problems in taking the Associate Cloud Engineer Exam
Google Certified Specialist is the most powerful certification that candidates can have on their resume. But for this, they will have to pass Associate Cloud Engineer questions. Associate Cloud Engineer is a challenging exam to pass this exam Candidates will have to work hard with the help of the right focus and preparation material passing this exam is an achievable goal. DumpsFree help candidates by providing the most relevant and updated Associate Cloud Engineer dumps. Furthermore, We also provide the Associate Cloud Engineer practice test that will be much beneficial in the preparation. DumpsFree aims to provide the best Associate Cloud Engineer dumps that are verified by the Google experts. If Candidates feel any doubt in the Associate Cloud Engineer practice test then our team is always there to help them. Associate Cloud Engineer dumps are the perfect way to prepare the Associate Cloud Engineer exam with good grades in the just first attempt. So, Candidates want instant success in the Associate Cloud Engineer exam with quality Associate Cloud Engineer training material then DumpsFree is the best option for them because our management is well trained in it and we update each question of all exams on regular basis after consulting recent updates with our Google certified professionals.
NEW QUESTION 62
Your company runs its Linux workloads on Compute Engine instances. Your company will be working with a new operations partner that does not use Google Accounts. You need to grant access to the instances to your operations partner so they can maintain the installed tooling.
What should you do?
- A. Set up Cloud VPN between your Google Cloud VPC and the internal network of the operations partner.
- B. Ask the operations partner to generate SSH key pairs, and add the public keys to the VM instances.
- C. Tag all the instances with the same network tag.
Create a firewall rule in the VPC to grant TCP access on port 22 for traffic from the operations partner to instances with the network tag. - D. Enable Cloud IAP for the Compute Engine instances, and add the operations partner as a Cloud IAP Tunnel User.
Answer: C
Explanation:
https://cloud.google.com/vpc/docs/firewalls
NEW QUESTION 63
Your development team needs a new Jenkins server for their project. You need to deploy the server using the fewest steps possible. What should you do?
- A. Create a new Compute Engine instance and install Jenkins through the command line interface.
- B. Download and deploy the Jenkins Java WAR to App Engine Standard.
- C. Create a Kubernetes cluster on Compute Engine and create a deployment with the Jenkins Docker image.
- D. Use GCP Marketplace to launch the Jenkins solution.
Answer: D
Explanation:
Explanation/Reference: https://cloud.google.com/solutions/using-jenkins-for-distributed-builds-on-compute-engine
NEW QUESTION 64
Your web application has been running successfully on Cloud Run for Anthos. You want to evaluate an updated version of the application with a specific percentage of your production users (canary deployment).
What should you do?
- A. Create a new service with the new version of the application.
Add HTTP Load Balancer in front of both services. - B. Create a new revision with the new version of the application.
Split traffic between this version and the version that is currently running. - C. Create a new revision with the new version of the application.
Add HTTP Load Balancer in front of both revisions. - D. Create a new service with the new version of the application.
Split traffic between this version and the version that is currently running.
Answer: D
NEW QUESTION 65
Your company has a 3-tier solution running on Compute Engine. The configuration of the current infrastructure is shown below.
Each tier has a service account that is associated with all instances within it. You need to enable communication on TCP port 8080 between tiers as follows:
* Instances in tier #1 must communicate with tier #2.
* Instances in tier #2 must communicate with tier #3.
What should you do?
- A. 1. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #2 service account* Source filter: all instances with tier #1 service account* Protocols: allow all2. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #3 service account* Source filter: all instances with tier #2 service account* Protocols: allow all
- B. 1. Create an egress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to 10.0.2.0/24)* Protocols: allow TCP: 80802. Create an egress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to
10.0.1.0/24)* Protocols: allow TCP: 8080 - C. 1. Create an ingress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to 10.0.2.0/24)* Protocols: allow all2. Create an ingress firewall rule with the following settings:* Targets: all instances* Source filter: IP ranges (with the range set to 10.0.1.0/24)* Protocols: allow all
- D. 1. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #2 service account* Source filter: all instances with tier #1 service account* Protocols: allow TCP:80802. Create an ingress firewall rule with the following settings:* Targets: all instances with tier #3 service account* Source filter: all instances with tier #2 service account* Protocols: allow TCP: 8080
Answer: D
NEW QUESTION 66
Your company publishes large files on an Apache web server that runs on a Compute Engine instance. The Apache web server is not the only application running in the project. You want to receive an email when the egress network costs for the server exceed 100 dollars for the current month as measured by Google Cloud.
What should you do?
- A. Use the Cloud Logging Agent to export the Apache web server logs to Cloud Logging. Create a Cloud Function that uses BigQuery to parse the HTTP response log data in Cloud Logging for the current month and sends an email if the size of all HTTP responses, multiplied by current Google Cloud egress prices, totals over 100 dollars. Schedule the Cloud Function using Cloud Scheduler to run hourly.
- B. Export the billing data to BigQuery. Create a Cloud Function that uses BigQuery to sum the egress network costs of the exported billing data for the Apache web server for the current month and sends an email if it is over 100 dollars. Schedule the Cloud Function using Cloud Scheduler to run hourly.
- C. Set up a budget alert on the billing account with an amount of 100 dollars, a threshold of 100%, and notification type of "email."
- D. Set up a budget alert on the project with an amount of 100 dollars, a threshold of 100%, and notification type of "email."
Answer: D
Explanation:
Explanation
NEW QUESTION 67
Which of the following IP address would you specify to define a CIDR range that will apply to all the destination addresses?
- A. 192.168.0.0/16
- B. 0.0.0.0/0
- C. 172.16.0.0/12
- D. 10.0.0.0/8
Answer: B
NEW QUESTION 68
You've created a Pod using the kubectl run command. Now you're attempting to remove the Pod, and it keeps being recreated. Which command might help you as you attempt to remove the pod?
- A. gcloud container describe pods
- B. kubectl get pods
- C. kubectl get secrets
- D. kubectl get deployments
Answer: D
NEW QUESTION 69
You are using Container Registry to centrally store your company's container images in a separate project. In another project, you want to create a Google Kubernetes Engine (GKE) cluster. You want to ensure that Kubernetes can download images from Container Registry. What should you do?
- A. In the project where the images are stored, grant the Storage Object Viewer IAM role to the service account used by the Kubernetes nodes.
- B. Configure the ACLs on each image in Cloud Storage to give read-only access to the default Compute Engine service account.
- C. When you create the GKE cluster, choose the Allow full access to all Cloud APIs option under
`Access scopes'. - D. Create a service account, and give it access to Cloud Storage. Create a P12 key for this service account and use it as an imagePullSecrets in Kubernetes.
Answer: A
Explanation:
If the cluster is in a different project or if the VMs in the cluster use a different service account, you must grant the service account the appropriate permissions to access the storage bucket used by Container Registry.
For the service account used by Compute Engine VMs, including VMs in Google Kubernetes Engine clusters, access is based on both Cloud IAM permissions and storage access scopes.
https://cloud.google.com/container-registry/docs/access-control
https://cloud.google.com/container-registry/docs/using-with-google-cloud-platform
NEW QUESTION 70
You have designed a solution on Google Cloud Platform (GCP) that uses multiple GCP products. Your company has asked you to estimate the costs of the solution. You need to provide estimates for the monthly total cost. What should you do?
- A. For each GCP product in the solution, review the pricing details on the products pricing page. Use the pricing calculator to total the monthly costs for each GCP product.
- B. Provision the solution on GCP. Leave the solution provisioned for 1 week. Navigate to the Billing Report page in the Google Cloud Platform Console. Multiply the 1 week cost to determine the monthly costs.
- C. For each GCP product in the solution, review the pricing details on the products pricing page. Create a Google Sheet that summarizes the expected monthly costs for each product.
- D. Provision the solution on GCP. Leave the solution provisioned for 1 week. Use Stackdriver to determine the provisioned and used resource amounts. Multiply the 1 week cost to determine the monthly costs.
Answer: A
NEW QUESTION 71
You need to create an autoscaling managed instance group for an HTTPS web application. You want to make sure that unhealthy VMs are recreated. What should you do?
- A. In the Instance Template, add a startup script that sends a heartbeat to the metadata server.
- B. Create a health check on port 443 and use that when creating the Managed Instance Group.
- C. Select Multi-Zone instead of Single-Zone when creating the Managed Instance Group.
- D. In the Instance Template, add the label 'health-check'.
Answer: D
NEW QUESTION 72
You are configuring service accounts for an application that spans multiple projects. Virtual machines (VMs) running in the web-applications project need access to BigQuery datasets in crm-databases-proj. You want to follow Google-recommended practices to give access to the service account in the web- applications project. What should you do?
- A. Give bigquery.dataViewer role to crm-databases-proj and appropriate roles to web-applications.
- B. Give "project owner" role to crm-databases-proj and the web-applications project.
- C. Give "project owner" role to crm-databases-proj and bigquery.dataViewer role to web- applications.
- D. Give "project owner" for web-applications appropriate roles to crm-databases- proj
Answer: A
Explanation:
You just need read access for DB at the project.
NEW QUESTION 73
You have a 20 GB file that you need to securely share with some contractors. They need it as fast as possible. Which steps would get them the file quickly and securely?
- A. Upload the file to Cloud Storage. Grant the allAuthenticated users token view permissions.
- B. Set up a VPC with a custom subnet. Create a subnet tunnel. Upload the file to a network share. Grant the contractors temporary access.
- C. Using composite objects and parallel uploads to upload the file to Cloud Storage quickly. Then generate a signed URL and securely share it with the contractors.
- D. Upload the file to Bigtable using the bulk data import tool. Then provide the contractors with read access to the database.
Answer: C
NEW QUESTION 74
What is the gcloud command to create a cluster named ch09-cluster-10 with four nodes?
- A. gcloud container clusters create ch09-cluster-10 --nodes-num=4
- B. gcloud container clusters create ch09-cluster-10 4
- C. gcloud clusters container create ch09-cluster-10 --num-nodes=4
- D. gcloud container clusters create ch09-cluster-10 --num-nodes=4
Answer: D
NEW QUESTION 75
Your company has a single sign-on (SSO) identity provider that supports Security Assertion Markup Language (SAML) integration with service providers. Your company has users in Cloud Identity. You would like users to authenticate using your company's SSO provider. What should you do?
- A. In Cloud Identity, set up SSO with a third-party identity provider with Google as a service provider.
- B. In Cloud Identity, set up SSO with Google as an identity provider to access custom SAML apps.
- C. Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Web Server Applications.
- D. Obtain OAuth 2.0 credentials, configure the user consent screen, and set up OAuth 2.0 for Mobile & Desktop Apps.
Answer: D
NEW QUESTION 76
You're trying to provide temporary access to some files in a Cloud Storage bucket. You want to limit the time that the files are available to 10 minutes. With the fewest steps possible, what is the best way to generate a signed URL?
- A. In the UI select the objects and click the "Sign With Key" button.
- B. In the UI select the objects and click the Generate Signed URL button.
- C. Create a service account and JSON key. Use the gsutil signurl -t 10m command and pass in the JSON key and bucket.
- D. Create a service account and JSON key. Use the gsutil signurl -d 10m command and pass in the JSON key and bucket.
Answer: D
NEW QUESTION 77
You have sensitive data stored in three Cloud Storage buckets and have enabled data access logging. You want to verify activities for a particular user for these buckets, using the fewest possible steps. You need to verify the addition of metadata labels and which files have been viewed from those buckets. What should you do?
- A. Using the GCP Console, filter the Stackdriver log to view the information.
- B. Using the GCP Console, filter the Activity log to view the information.
- C. Create a trace in Stackdriver to view the information.
- D. View the bucket in the Storage section of the GCP Console.
Answer: B
NEW QUESTION 78
You need to connect to one of your Compute Engine instances using SSH. You've already authenticated gcloud, however, you don't have an SSH key deployed yet. In the fewest steps possible, what's the easiest way to connect to the app?
- A. Create a key with the ssh-keygen command. Then use the gcloud compute ssh command.
- B. Use the gcloud compute ssh command.
- C. Run gcloud compute instances list to get the IP address of the instance, then use the ssh command.
- D. Create a key with the ssh-keygen command. Upload the key to the instance. Run gcloud compute instances list to get the IP address of the instance, then use the ssh command.
Answer: B
NEW QUESTION 79
You have one project called proj-sa where you manage all your service accounts. You want to be able to use a service account from this project to take snapshots of VMs running in another project called proj-vm. What should you do?
- A. Download the private key from the service account, and add the private key to each VM's SSH keys.
- B. Download the private key from the service account, and add it to each VMs custom metadata.
- C. When creating the VMs, set the service account's API scope for Compute Engine to read/write.
- D. Grant the service account the IAM Role of Compute Storage Admin in the project called proj-vm.
Answer: D
NEW QUESTION 80
You need to create a new Kubernetes Cluster on Google Cloud Platform that can autoscale the number of worker nodes. What should you do?
- A. Create Compute Engine instances for the workers and the master, and install Kubernetes. Rely on Kubernetes to create additional Compute Engine instances when needed.
- B. Create a cluster on Kubernetes Engine and enable autoscaling on Kubernetes Engine.
- C. Create a cluster on Kubernetes Engine and enable autoscaling on the instance group of the cluster.
- D. Configure a Compute Engine instance as a worker and add it to an unmanaged instance group.
Add a load balancer to the instance group and rely on the load balancer to create additional Compute Engine instances when needed.
Answer: B
Explanation:
A is correct because this is the way to set up an autoscaling Kubernetes cluster.
B is not correct because you should not manage the scaling of Kubernetes through the MIG.
C is not correct because an UMIG cannot scale based on a load balancer and this is not the correct way to set up Kubernetes.
D is not correct because Kubernetes will not create additional instances when deployed on Compute Engine.
https://cloud.google.com/kubernetes-engine/docs/concepts/cluster-autoscaler
NEW QUESTION 81
......
Authentic Associate-Cloud-Engineer Dumps With 100% Passing Rate Practice Tests Dumps: https://www.dumpsfree.com/Associate-Cloud-Engineer-valid-exam.html
Updated Premium Associate-Cloud-Engineer Exam Engine pdf: https://drive.google.com/open?id=1KLK0P9jpGMnIDmNT3SiS5EMoOoAKVOBG