Google Google Certifications PROFESSIONAL-CLOUD-ARCHITECT Questions & Answers

• Question 31:

  TerramEarth has equipped all connected trucks with servers and sensors to collect telemetry data. Next year they want to use the data to train machine learning models. They want to store this data in the cloud while reducing costs. What should they do?

  A. Have the vehicle's computer compress the data in hourly snapshots, and store it in a Google Cloud Storage (GCS) Nearline bucket

  B. Push the telemetry data in real-time to a streaming dataflow job that compresses the data, and store it in Google BigQuery

  C. Push the telemetry data in real-time to a streaming dataflow job that compresses the data, and store it in Cloud Bigtable

  D. Have the vehicle's computer compress the data in hourly snapshots, and store it in a GCS Coldline bucket

  Correct Answer: D

  Storage is the best choice for data that you plan to access at most once a year, due to its slightly lower availability, 90-day minimum storage duration, costs for data access, and higher per-operation costs. For example:

  Cold Data Storage - Infrequently accessed data, such as data stored for legal or regulatory reasons, can be stored at low cost as Coldline Storage, and be available when you need it.

  Disaster recovery - In the event of a disaster recovery event, recovery time is key. Cloud Storage provides low latency access to data stored as Coldline Storage.

  References: https://cloud.google.com/storage/docs/storage-classes

• Question 32:

  Which of TerramEarth's legacy enterprise processes will experience significant change as a result of increased Google Cloud Platform adoption?

  A. Opex/capex allocation, LAN changes, capacity planning

  B. Capacity planning, TCO calculations, opex/capex allocation

  C. Capacity planning, utilization measurement, data center expansion

  D. Data Center expansion, TCO calculations, utilization measurement

  Correct Answer: B

  Capacity planning, TCO calculations, opex/capex allocation From the case study, it can conclude that Management (CXO) all concern rapid provision of resources (infrastructure) for growing as well as cost management, such as Cost optimization in Infrastructure, trade up front capital expenditures (Capex) for ongoing operating expenditures (Opex), and Total cost of ownership (TCO)

• Question 33:

  To speed up data retrieval, more vehicles will be upgraded to cellular connections and be able to transmit data to the ETL process. The current FTP process is error-prone and restarts the data transfer from the start of the file when connections fail, which happens often. You want to improve the reliability of the solution and minimize data transfer time on the cellular connections.

  What should you do?

  A. Use one Google Container Engine cluster of FTP servers. Save the data to a Multi-Regional bucket. Run the ETL process using data in the bucket

  B. Use multiple Google Container Engine clusters running FTP servers located in different regions. Save the data to Multi-Regional buckets in US, EU, and Asia. Run the ETL process using the data in the bucket

  C. Directly transfer the files to different Google Cloud Multi-Regional Storage bucket locations in US, EU, and Asia using Google APIs over HTTP(S). Run the ETL process using the data in the bucket

  D. Directly transfer the files to a different Google Cloud Regional Storage bucket location in US, EU, and Asia using Google APIs over HTTP(S). Run the ETL process to retrieve the data from each Regional bucket

  Correct Answer: D

  From scenario: They currently have over 500 dealers and service centers in 100 countries.

  Multi-Regional Storage is appropriate for storing data that is frequently accessed ("hot" objects), such as serving website content, interactive workloads, or data supporting mobile and gaming applications. Multi-Regional Storage data has the most availability compared to other storage classes. Multi-Regional Storage is geo-redundant, which means Cloud Storage stores your data redundantly in at least two geographic places separated by at least 100 miles within the multi-regional location of the bucket. Geo-redundancy occurs

  asynchronously, but Multi-Regional Storage data is redundant within at least one geographic place as soon as you upload it. Like all Cloud Storage data, it is also immediately accessible worldwide. References: https://cloud.google.com/storage/docs/storage-classes#multi-regional

• Question 34:

  TerramEarth plans to connect all 20 million vehicles in the field to the cloud. This increases the volume to 20 million 600 byte records a second for 40 TB an hour. How should you design the data ingestion?

  A. Vehicles write data directly to GCS

  B. Vehicles write data directly to Google Cloud Pub/Sub

  C. Vehicles stream data directly to Google BigQuery

  D. Vehicles continue to write data using the existing system (FTP)

  Correct Answer: B

  Streamed data is available for real-time analysis within a few seconds of the first streaming insertion into a table.

  Instead of using a job to load data into BigQuery, you can choose to stream your data into BigQuery one record at a time by using the tabledata().insertAll() method. This approach enables querying data without the delay of running a load job.

  References: https://cloud.google.com/bigquery/streaming-data-into-bigquery

• Question 35:

  You analyzed TerramEarth's business requirement to reduce downtime, and found that they can achieve a majority of time saving by reducing customer's wait time for parts. You decided to focus on reduction of the 3 weeks aggregate reporting time.

  Which modifications to the company's processes should you recommend?

  A. Migrate from CSV to binary format, migrate from FTP to SFTP transport, and develop machine learning analysis of metrics

  B. Migrate from FTP to streaming transport, migrate from CSV to binary format, and develop machine learning analysis of metrics

  C. Increase fleet cellular connectivity to 80%, migrate from FTP to streaming transport, and develop machine learning analysis of metrics

  D. Migrate from FTP to SFTP transport, develop machine learning analysis of metrics, and increase dealer local inventory by a fixed factor

  Correct Answer: C

  The Avro binary format is the preferred format for loading compressed data. Avro data is faster to load because the data can be read in parallel, even when the data blocks are compressed.

  Cloud Storage supports streaming transfers with the gsutil tool or boto library, based on HTTP chunked transfer encoding. Streaming data lets you stream data to and from your Cloud Storage account as soon as it becomes available without requiring that the data be first saved to a separate file. Streaming transfers are useful if you have a process that generates data and you do not want to buffer it locally before uploading it, or if you want to send the result from a computational pipeline directly into Cloud Storage.

  References: https://cloud.google.com/storage/docs/streaming https://cloud.google.com/bigquery/docs/loading-data

• Question 36:

  Your development team has created a structured API to retrieve vehicle data. They want to allow third parties to develop tools for dealerships that use this vehicle event data. You want to support delegated authorization against this data.

  What should you do?

  A. Build or leverage an OAuth-compatible access control system

  B. Build SAML 2.0 SSO compatibility into your authentication system

  C. Restrict data access based on the source IP address of the partner systems

  D. Create secondary credentials for each dealer that can be given to the trusted third party

  Correct Answer: A

  Delegate application authorization with OAuth2

  Cloud Platform APIs support OAuth 2.0, and scopes provide granular authorization over the methods that are supported. Cloud Platform supports both service-account and user-account OAuth, also called three-legged OAuth.

  References: https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations#delegate_application_authorization_with_oauth2 https://cloud.google.com/appengine/docs/flexible/go/authorizing-apps

• Question 37:

  The TerramEarth development team wants to create an API to meet the company's business requirements. You want the development team to focus their development effort on business value versus creating a custom framework.

  Which method should they use?

  A. Use Google App Engine with Google Cloud Endpoints. Focus on an API for dealers and partners

  B. Use Google App Engine with a JAX-RS Jersey Java-based framework. Focus on an API for the public

  C. Use Google App Engine with the Swagger (Open API Specification) framework. Focus on an API for the public

  D. Use Google Container Engine with a Django Python container. Focus on an API for the public

  E. Use Google Container Engine with a Tomcat container with the Swagger (Open API Specification) framework. Focus on an API for dealers and partners

  Correct Answer: A

  Develop, deploy, protect and monitor your APIs with Google Cloud Endpoints. Using an Open API Specification or one of our API frameworks, Cloud Endpoints gives you the tools you need for every phase of API development.

  From scenario: Business Requirements Decrease unplanned vehicle downtime to less than 1 week, without increasing the cost of carrying surplus inventory Support the dealer network with more data on how their customers use their equipment to better position new products and services Have the ability to partner with different companies ?especially with seed and fertilizer suppliers in the fast-growing agricultural business ?to create compelling joint offerings for their customers.

  Reference: https://cloud.google.com/certification/guides/cloud-architect/casestudy-terramearth

• Question 38:

  For this question, refer to the TerramEarth case study. You are building a microservice-based application for TerramEarth. The application is based on Docker containers. You want to follow Google-recommended practices to build the application continuously and store the build artifacts. What should you do?

  A. Configure a trigger in Cloud Build for new source changes. Invoke Cloud Build to build container images for each microservice, and tag them using the code commit hash. Push the images to the Container Registry.

  B. Configure a trigger in Cloud Build for new source changes. The trigger invokes build jobs and build container images for the microservices. Tag the images with a version number, and push them to Cloud Storage.

  C. Create a Scheduler job to check the repo every minute. For any new change, invoke Cloud Build to build container images for the microservices. Tag the images using the current timestamp, and push them to the Container Registry.

  D. Configure a trigger in Cloud Build for new source changes. Invoke Cloud Build to build one container image, and tag the image with the label 'latest.' Push the image to the Container Registry.

  Correct Answer: A

• Question 39:

  TerramEarth's CTO wants to use the raw data from connected vehicles to help identify approximately when a vehicle in the field will have a catastrophic failure. You want to allow analysts to centrally query the vehicle data.

  Which architecture should you recommend?

  

  

  A. Option A

  B. Option B

  C. Option C

  D. Option D

  Correct Answer: A

  The push endpoint can be a load balancer.

  A container cluster can be used.

  Cloud Pub/Sub for Stream Analytics

  

  References:

  https://cloud.google.com/pubsub/

  https://cloud.google.com/solutions/iot/

  https://cloud.google.com/solutions/designing-connected-vehicle-platform

  https://cloud.google.com/solutions/designing-connected-vehicle-platform#data_ingestion

  http://www.eweek.com/big-data-and-analytics/google-touts-value-of-cloud-iot-core-for-analyzing-connected-car-data

  https://cloud.google.com/solutions/iot/

• Question 40:

  For this question, refer to the TerramEarth case study. You start to build a new application that uses a few Cloud Functions for the backend. One use case requires a Cloud Function func_display to invoke another Cloud Function func_query. You want func_query only to accept invocations from func_display. You also want to follow Google's recommended best practices. What should you do?

  A. Create a token and pass it in as an environment variable to func_display. When invoking func_query, include the token in the request. Pass the same token to func_query and reject the invocation if the tokens are different.

  B. Make func_query 'Require authentication.' Create a unique service account and associate it to func_display. Grant the service account invoker role for func_query. Create an id token in func_display and include the token to the request when invoking func_query.

  C. Make func_query 'Require authentication' and only accept internal traffic. Create those two functions in the same VPC. Create an ingress firewall rule for func_query to only allow traffic from func_display.

  D. Create those two functions in the same project and VPC. Make func_query only accept internal traffic. Create an ingress firewall for func_query to only allow traffic from func_display. Also, make sure both functions use the same service account.

  Correct Answer: B

  https://cloud.google.com/functions/docs/securing/authenticating#authenticating_function_to_function_calls