Google Cloud Digital Leader Exam

Real Exam Question and Answers

With Explanation

https://shapingpixel.com/
 1) Your company uses Google Cloud Platform to house secure customer data. You are a data
security manager and want to control which permissions are granted to the users who handle
the data. Which of the following should you do to control permissions?

A. Assign roles
B. Use access lists
C. Use authentications
D. Assign resources

Correct Answer: A

Explanation
In order to assign permissions, you should assign roles. Cloud Identity allows you to manage and authorize
your user accounts across multiple applications and projects. It also supports SAML 2.0 (Security Assertion
Markup Language) for single sign-on (SSO), as well as two-factor authentication (2FA). Whichever option
you choose, you have full control over which permissions are granted to your users.
User access lists are for customizing access to specific objects within a bucket rather than managing
permissions. Authentications are not appropriate in this scenario because roles include authentication
measures such as SAML 2.0 (Security Assertion Markup Language) for single sign-on (SSO), as well as two-
factor authentication (2FA). Resources refer to folders and projects, not users' permission to access them.

https://shapingpixel.com/
 2) Which of the following Google Cloud products can be used to explore and visualize data?
(Choose 2 answers)

A. Cloud Composer
B. Dataproc
C. Datalab
D. Data Studio

Correct Answer: CD
Explanation
Datalab and Data Studio are tools for exploring and visualizing data. Datalab allows you to interactively
explore, visualize, analyze, and transform data using familiar languages, such as Python and SQL. Pre-
installed Jupyter introductory, sample, and tutorial notebooks, show you how to access, analyze, monitor,
and visualize data. Data Studio is a tool that allows you to tell your data story with charts, including line, bar,
and pie charts, geo maps, area and bubble graphs, paginated data tables, pivot tables, and more.
Cloud Firestore is a storage tool. It is a NoSQL document database that lets you easily store, sync, and query
data for your mobile and web apps on a global scale. It is not appropriate in this scenario because it is not a
data visualization tool.
Dataproc is a tool for processing and analyzing data. Dataproc is a fully managed and highly scalable service
for running Apache Spark, Apache Flink, Presto, and 30+ open source tools and frameworks. It is not
appropriate in this scenario because it is not primarily a data visualization tool as specified in this scenario.
https://shapingpixel.com/
 3) You are migrating workloads to the cloud. The goal of the migration is to serve customers worldwide
as quickly as possible According to local regulations, certain data is required to be stored in a specific
geographic area, and it can be served worldwide. You need to design the architecture and deployment
for your workloads.
What should you do?

A. Select a public cloud provider that is only active in the required geographic area
B. Select a private cloud provider that globally replicates data storage for fast data access
C. Select a public cloud provider that guarantees data location in the required geographic area Most
D. Select a private cloud provider that is only active in the required geographic area

Correct Answer: C

A public cloud is an IT model where public cloud service providers make computing services—
including compute and storage, develop-and-deploy environments, and applications—available on-
demand to organizations and individuals over the public internet.

https://shapingpixel.com/
 4) You are an IT manager who wants to reduce the cost and labor that would be required for a
manual application modernization project using a Google Cloud solution. You are deciding
whether to adopt Migrate for Compute Engine or Migrate for Anthos and need to explain the
differences between the two solutions to management. Which of the following differences would
you explain?
A. Migrate for Compute Engine charges for transferring data to Google,
but Migrate for Anthos does not.
B. Migrate for Anthos migrates to containers, and Migrate for Compute
Engine migrates to virtual machines.
C. Migrate for Compute Engine requires complex deployment and
setup, while Migrate for Anthos requires only lift and shift migration.
Correct Answer: B D. Migrate for Anthos requires manual operating system upgrades, and
Migrate for Compute Engine is fully managed.
Explanation
The key difference between the two solutions is that Migrate for Anthos migrates to containers, and Migrate for
Compute Engine migrates to virtual machines.
A difference between the two solutions is not that Migrate for Compute Engine charges for transferring data to Google,
but Migrate for Anthos does not. Migrate for Compute Engine does not charge for ingress traffic.
Migrate for Compute Engine is often associated with lift and shift operations, while Migrate for Anthos may involve a
more complex to its containerized system depending on the needs of the organization.
Migrate for Anthos does not require manual operating system upgrades because it is a containerized system, and
Migrate for Compute Engine is not a fully managed solution. Compute Engine offers two kinds of VM instance groups,
managed and unmanaged: Managed instance groupshttps://shapingpixel.com/
(MIGs) let you operate apps on multiple identical VMs.
Unmanaged instance groups let you load balance across a fleet of VMs that you manage yourself.
 5) Your organization needs a large amount of extra computing power within the next two weeks.
After those two weeks, the need for the additional resources will end.
Which is the most cost-effective approach?

A. Use a committed use discount to reserve a very powerful virtual machine

B. Purchase one very powerful physical computer
C. Start a very powerful virtual machine without using a committed use discount Most Voted
D. Purchase multiple physical computers and scale workload across them

Correct Answer: C

"When you purchase a committed use contract, you purchase Compute

Engine resources—such as vCPUs, memory, GPUs, local SSDs, and sole-tenant
nodes—at a discounted price in return for committing to paying for those
resources for 1 year or 3 years."

https://shapingpixel.com/
 6) Which of the following operations in BigQuery reduce the total cost of ownership (TCO)
for customers? (Choose 3 answers)

A. Queries retrieving results from the cache

B. Batch loading data into BigQuery from local files
C. Running a query on an external data source from
BigQuery
D. Deleting a table, view, individual table partitions, and
user-defined functions

Correct Answer: ABC

Explanation
Certain operations in Google BigQuery are free and can result in reductions in the total cost of ownership (TCO)
of a business using the service. Customers are not charged for queries that retrieve results from a cache, batch
loading data into BigQuery from local files, or deleting a table, view, individual table partitions, or user-defined
functions.
Customers using Google BigQuery are charged for the amount of Data processed in the selected columns and
for running a query on an external data source from BigQuery, so those functions performed in BigQuery do not
result in TCO reduction. https://shapingpixel.com/
 7) Your organization needs to plan its cloud infrastructure expenditures.
Which should your organization do?

A. Review cloud resource costs frequently, because costs change often based on use
B. Review cloud resource costs annually as part of planning your organization's overall budget
C. If your organization uses only cloud resources, infrastructure costs are no longer part of your
overall budget Most Voted
D. Involve fewer people in cloud resource planning than your organization did for on-premises
resource planning

Correct Answer: A

Financial governance :- variable nature of cloud resources and their costs, spending
must be monitored and controlled on an ongoing basis

https://shapingpixel.com/
 8) How can a software developer contribute to Site Reliability Engineering (SRE) within
an organization?

A. By allocating problem-solving tasks to operations

teams
B. By manually configuring production systems
C. By focusing on implementing automation
D. By creating static solutions in order to avoid failure

Correct Answer: A

Explanation
Site Reliability Engineering teams focus on hiring software engineers to run products and create systems to
accomplish the work that would otherwise be performed, often manually, by sysadmins.
In a traditional operations model, problem-solving tasks were often allocated to operations teams.
Site Reliability Engineering focuses on automating production systems rather than manually configuring
them.
Site Reliability Engineering focuses on dynamic, not static solutions to problems. SRE operates with the
understanding that failure is planned for and expected and that solutions to problems may change as a
result.
https://shapingpixel.com/
 9) The operating systems of some of your organization's virtual machines may have a security
vulnerability.
How can your organization most effectively identify all virtual machines that do not have the latest
security update?
A. View the Security Command Center to identify virtual
machines running vulnerable disk images Most Voted
B. View the Compliance Reports Manager to identify and
download a recent PCI audit
C. View the Security Command Center to identify virtual
machines started more than 2 weeks ago
D. View the Compliance Reports Manager to identify and
download a recent SOC 1 audit

Correct Answer: A

Security Command Center

•Gain centralized visibility and control
•Discover misconfigurations and vulnerabilities
•Report on and maintain compliance
•Detect threats targeting your Google Cloud assets
https://shapingpixel.com/
You can now download this Question
and Answers pdf from website:
www.shapingpixel.com

https://shapingpixel.com/
 10) You are a manager for an energy company that is collecting non-structured key/value data in
the form of usage reports from energy meters and home appliance sensors. Your IT department
needs to securely connect and manage its IoT devices. Which of the following solutions would
help you to connect and manage the IoT devices securely?

A. IoT Core
B. Traffic Director
C. IoT Hub
D. IoT Portal

Correct Answer: A

Explanation
Internet of Things (IoT) Core is a fully managed service that allows you to connect to and manages IoT devices
securely.
Traffic Director helps to deploy global load balancing across clusters and virtual machine (VM) instances.
IoT Hub is not a Google Cloud product.
IoT Portal is not a Google Cloud product.
https://shapingpixel.com/
 11) You are currently managing workloads running on Windows Server for which your company owns the
licenses. Your workloads are only needed during working hours, which allows you to shut down the
instances during the weekend. Your Windows Server licenses are up for renewal in a month, and you want
to optimize your license cost.
What should you do?

A. Renew your licenses for an additional period of 3 years. Negotiate a cost reduction with your
current hosting provider wherein infrastructure cost is reduced when workloads are not in use
B. Renew your licenses for an additional period of 2 years. Negotiate a cost reduction by committing
to an automatic renewal of the licenses at the end of the 2 year period
C. Migrate the workloads to Compute Engine with a bring-your-own-license (BYOL) model Most Voted
D. Migrate the workloads to Compute Engine with a pay-as-you-go (PAYG) model

Correct Answer: C

"Bringing your existing physical-core or physical-processor licenses that have dedicated

hardware requirements requires you to bring your own media and to run that media on
hardware configurations, such as sole-tenant nodes, that are compliant with your
licenses."
https://shapingpixel.com/
 12) An organization wants to use a Google Cloud service for a time-restricted project with the
following guidelines: The developers should be free from infrastructure management activities. The
chosen service should be able to integrate, clean, prepare, blend, transfer, and transform data.
Which of the following Google Cloud services should the organization use?

A. Cloud Data Fusion

B. Cloud Composer
C. Data Catalog
D. Dataproc

Correct Answer: A

Explanation
Cloud Data Fusion is best suited for the given scenario because it is a fully managed service that helps quickly
build and manage data pipelines by integrating, cleaning, preparing, blending, transferring, and transforming data.
Cloud Composer facilitates creating, scheduling, monitoring, and managing workflows. It is not the optimal service
for a project that requires the integration of data.
Data Catalog is a fully managed and scalable metadata management service that allows organizations to
understand all their Google Cloud data by enabling quick discovery and management. Because Data Catalog
focuses on metadata management rather than data integration, cleaning, preparation, blending, transferral, and
transformation, it is not the best solution in this scenario.
Dataproc is a service that facilitates batch processing, querying, and streaming. It is not the best solution for this
https://shapingpixel.com/
situation because it is primarily used for batch processing rather than managing data pipelines.
 13) Your organization runs a distributed application in the Compute Engine virtual machines. Your
organization needs redundancy, but it also needs extremely fast communication (less than 10 milliseconds)
between the parts of the application in different virtual machines.
Where should your organization locate this virtual machines?

A. In a single zone within a single region

B. In different zones within a single region Most Voted
C. In multiple regions, using one zone per region
D. In multiple regions, using multiple zones per region

Correct Answer: D

A multi-region architecture can provide higher availability

than deploying to a single region.

https://shapingpixel.com/
 14) You are a Project Manager managing a client project intended to enhance Customer
Experience in BFSI by providing Smart Communication Solutions. As the solution is being
developed for BFSI Industry, your client has indicated that they prefer to have complete control of
data and operating system, along with runtimes and middleware. Which of the following cloud
offerings would you suggest to your client?

A. Infrastructure as a Service (IaaS)

B. Platform as a Service (PaaS)
C. Function as a Service (FaaS)
D. Software as a Service (SaaS)

Correct Answer: A

Explanation
Infrastructure as a Service (IaaS) provides complete control over the data, apps, middleware, operating system,
automated hardware deployment, virtualized management workload.

https://shapingpixel.com/
 15) An organization decides to migrate their on-premises environment to the cloud. They need to
determine which resource components still need to be assigned ownership.
Which two functions does a public cloud provider own? (Choose two.)

A. Hardware maintenance Most Voted

B. Infrastructure architecture
C. Infrastructure deployment automation
D. Hardware capacity management Most Voted
E. Fixing application security issues

Correct Answer: AD

At a minimum when considering IaaS, the cloud provider is responsible for

Hardware, Boot, Hardened Kernel and IPS, Storage and etc.

https://shapingpixel.com/
 16) Your client is a banking company that is designing a disaster recovery (DR) plan for its
historical compliance-oriented data. Speedy access to data is not a requirement of the plan.
Which of the following disaster recovery patterns would you suggest?

A. Cold
B. Warm
C. Hot
D. Live

Correct Answer: A

Explanation
There is no spare infrastructure associated with the cold DR pattern, and in case of disaster, the planned
strategy is implemented for the rapid setup of the cold DR site.
The infrastructure setup is in place in the warm DR pattern, along with all the required equipment and setup;
however, data load or restoration is required in case of a disaster.
The hot DR patterns backup site has the equipment and all the setup along with the current data in the hot
DR pattern.
Live is not a DR pattern type.
https://shapingpixel.com/
 17) You are a program manager within a Software as a Service (SaaS) company that offers rendering software
for animation studios. Your team needs the ability to allow scenes to be scheduled at will and to be interrupted
at any time to restart later. Any individual scene rendering takes less than 12 hours to complete, and there is no
service-level agreement (SLA) for the completion time for all scenes. Results will be stored in a global Cloud
Storage bucket. The compute resources are not bound to any single geographical location. This software needs
to run on Google Cloud in a cost-optimized way.
What should you do?

A. Deploy the application on Compute Engine using preemptible instances Most Voted
B. Develop the application so it can run in an unmanaged instance group
C. Create a reservation for the minimum number of Compute Engine instances you will use
D. Start more instances with fewer virtual centralized processing units (vCPUs) instead of
fewer instances with more vCPUs

Correct Answer: A

"Preemptible VM instances are available at much lower price—a 60-91% discount—

compared to the price of standard VMs. However, Compute Engine might stop
(preempt) these instances if it needs to reclaim the compute capacity for allocation to
other VMs"

https://shapingpixel.com/
 18) A global insurance and financial company is planning to adopt cloud services to bring down
infrastructure costs. The cloud deployment model adopted must meet all relevant international
data security regulations. To ensure regulation compliance, the customer data with Client
Identifying Data (CID) should be stored on-premises. Data without Client Identifying Data (CID)
will be stored on the public cloud. Which of the following Cloud deployment models would you
recommend?

A. Public Cloud
B. Private Cloud
C. Community Cloud
D. Hybrid Cloud

Correct Answer: D
Explanation
As the customer requires storing customer data with CID on-premises and storing other applications and data on
the public cloud, the hybrid cloud deployment model would be the most appropriate. Hybrid cloud consists of
both public cloud and on-premises resources.
As the scenario requires that the customer data with CID be stored on-premises, the public cloud deployment
model is incorrect.
A private cloud deployment model would not be cost-efficient because the private cloud is operated solely for a
single organization.
A community cloud deployment model would not allow the organization to comply with the regulations to store
https://shapingpixel.com/
customer data with CID because several organizations from the specific community share the infrastructure.
 19) Your manager wants to restrict communication of all virtual machines with internet access; with
resources in another network; or with a resource outside Compute
Engine. It is expected that different teams will create new folders and projects in the near future.
How would you restrict all virtual machines from having an external IP address?

A. Define an organization policy at the root organization node to restrict virtual machine instances
from having an external IP address Most Voted
B. Define an organization policy on all existing folders to define a constraint to restrict virtual
machine instances from having an external IP address
C. Define an organization policy on all existing projects to restrict virtual machine instances from
having an external IP address
D. Communicate with the different teams and agree that each time a virtual machine is created, it
must be configured without an external IP address

Correct Answer: A

The Organization Policy Service gives you centralized and programmatic control over
your organization's cloud resources. As the organization policy administrator, you will
be able to configure constraints across your entire resource hierarchy.

https://shapingpixel.com/
 20) A company that stores some of its customers' credit card data on-premises is migrating the
data to Google Cloud. Prior to the migration, the organization wants to understand how Google
will store and process the customer data. Which of the following aspects of the Google Cloud
platform should the organization learn more about?

A. Availability
B. Compliance
C. Privacy
D. Security

Correct Answer: C
Explanation
Privacy in the context of the cloud refers to the data organizations or individuals have access to and share.
When the organization moves its data to the cloud, the organization retains control of the data. As a Google
Cloud customer, the organization should learn that when it migrates to the cloud, it continues to own its
customers' data and can control who has access to it and who the data can be shared with. Google stores and
processes data, but the data remains private because access to it is controlled by the organization. Google
provides the organization with tools and features to control that access, thus helping the organization maintain
the privacy of the customers' data in the cloud.
https://shapingpixel.com/
 21) Your multinational organization has servers running mission-critical workloads on its premises
around the world. You want to be able to manage these workloads consistently and centrally, and you
want to stop managing infrastructure.
What should your organization do?

A. Migrate the workloads to a public cloud Most Voted

B. Migrate the workloads to a central office building
C. Migrate the workloads to multiple local co-location facilities
D. Migrate the workloads to multiple local private clouds

Correct Answer: A

https://shapingpixel.com/
 22) Cloud Build can deploy to which of these services?

A. Kubernetes
B. App Engine
C. Cloud Functions
D. Cloud Build can deploy to all these services

Correct Answer: D

Explanation
As part of your continuous deployment pipeline, Cloud Build can perform deployments using
command-line tools and deploy to Google Kubernetes Engine (GKE), App Engine, Cloud
Functions, and Firebase.

https://shapingpixel.com/
 23) Your organization stores highly sensitive data on-premises that cannot be sent over the public
internet. The data must be processed both on-premises and in the cloud.
What should your organization do?

A. Configure Identity-Aware Proxy (IAP) in your Google Cloud VPC network

B. Create a Cloud VPN tunnel between Google Cloud and your data center
C. Order a Partner Interconnect connection with your network provider Most
D. Enable Private Google Access in your Google Cloud VPC network

Correct Answer: C

After the service provider provisions your connection, you can start passing
traffic between your networks by using the service provider's network.

https://shapingpixel.com/
 24) Your organization has planned to implement Site Reliability Engineering (SRE) best
practices. You are tasked with configuring application-level monitoring and monitoring service-
level objectives (SLOs) for applications and trigger alerts when SLOs are violated. Which of the
following products should you choose for these tasks?

A. Error reporting
B. Cloud Logging
C. Cloud Monitoring
D. Cloud Trace

Correct Answer: C

Explanation
Cloud Monitoring helps to gain visibility into application and infrastructure performance,
availability, and health by:
•Automatically collecting system metrics
•Enabling SRE best practices
•Creating custom dashboards
•Creating alerts in integration with incident management tools.

https://shapingpixel.com/
 25) Your company's development team is building an application that will be deployed on Cloud Run.
You are designing a CI/CD pipeline so that any new version of the application can be deployed in the
fewest number of steps possible using the CI/CD pipeline you are designing. You need to select a
storage location for the images of the application after the CI part of your pipeline has built them.
What should you do?

A. Create a Compute Engine image containing the application

B. Store the images in Container Registry Most Voted
C. Store the images in Cloud Storage
D. Create a Compute Engine disk containing the application

Correct Answer: B

Pushing (uploading) and pulling (downloading) images are two of the

most common Container Registry tasks. This document focuses on
pushing and pulling images with Docker.

https://shapingpixel.com/
 26) You are a manager with an e-retail website. The company has opted for the Standard
Support customer care plan. The number of users has surged recently, and the company has
realized the need for responses to its Priority 1 (P1) cases in 1 hour while also maintaining
control of cost. Which of the following support plans would you suggest?

A. Basic
B. Standard
C. Enhanced
D. Premium

Correct Answer: C

Explanation
The Enhanced Support customer is the appropriate choice in this scenario because it includes one-hour
response times but is less costly than the Premium Support care plan. The Enhanced Support includes:
1.One-hour response time for P1 cases
2.24/7 for P1 and P2 cases
3.Multi-channel support
4.Technical experts with advanced product knowledge
5.Third-Party Technology Support https://shapingpixel.com/
 27) Each of the three cloud service models - infrastructure as a service (IaaS), platform as a service (PaaS),
and software as a service (SaaS) - offers benefits between flexibility and levels of management by the
cloud provider and the customer.
Why would SaaS be the right choice of service model?

A. You want a balance between flexibility for the customer and the level
of management by the cloud provider
B. You want to minimize the level of management by the customer Most
C. You want to maximize flexibility for the customer.
D. You want to be able to shift your emphasis between flexibility and
management by the cloud provider as business needs change

Correct Answer: B

The main benefit of SaaS is that it offloads all infrastructure and

application management to the SaaS vendor.

https://shapingpixel.com/
 28) Which of the following are benefits of Apigee? (Choose 3 answers)

A. The ability to predict API traffic patterns

B. The ability to make backend services visible
C. The ability to modernize legacy services via RESTful
interfaces
D. The ability to record and analyze business metrics

Correct Answer: ACD

Explanation
Apigee allows the user to predict API traffic patterns through metrics that can be used to understand
potential traffic fluctuations and other information, modernize legacy services via RESTful interfaces by
packaging legacy applications, and as An API abstraction and modernization layer to insulate client-facing
applications from shifting backend services.
Apigee is an abstraction layer between backend services and the user. It does not make the backend service
layer visible.

https://shapingpixel.com/
 29) As your organization increases its release velocity, the VM-based application upgrades take a
long time to perform rolling updates due to OS boot times. You need to make the application
deployments faster.
What should your organization do?

A. Migrate your VMs to the cloud, and add more resources to

them
B. Convert your applications into containers Most Voted
C. Increase the resources of your VMs
D. Automate your upgrade rollouts

Correct Answer: B

Since the problem with the current infrastructure base on VM is with OS boot time
in particular, so upgrading the workload to containers would be a right choice as
then OS boot time problem is eliminated which means a faster workload
execution.

https://shapingpixel.com/
 30) Which of the following Google infrastructure security layers
provides denial-of-service (DoS) protection?

A. Operational Security
B. Internet Communication
C. Storage Services
D. User Identity

Correct Answer: B

Explanation
There are 6 Google infrastructure security layers: Operational Security, Internet Communication, Storage
Services, User Identity, Service Deployment, and Hardware Infrastructure.
Google Front End and denial-of-service (DoS) protection are provided at the Internet Communication layer.
The Operational Security layer addresses Intrusion detection and reducing insider risk are some of the areas
addressed at Encryption at rest and deletion of data protection are provided at the Storage Services layer.
Authentication and login abuse protection are found at the User Identity layer.

https://shapingpixel.com/
 31) Your organization uses Active Directory to authenticate users. Users' Google account access
must be removed when their Active Directory account is terminated.
How should your organization meet this requirement?

A. Configure two-factor authentication in the Google domain

B. Remove the Google account from all IAM policies
C. Configure BeyondCorp and Identity-Aware Proxy in the Google domain
D. Configure single sign-on in the Google domain

Correct Answer: D

Your organization uses Active Directory to authenticate users. Then you need to use
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single
ID and password to different systems and software. SSO allows IT departments to
administrator a single identity that can access many machines and cloud services.

https://shapingpixel.com/
 32) You are a project manager for a global company that offers high-resolution documentary
film editing services. Your team of content editors in New York and London needs to collaborate
on editing projects that are located in Cloud Storage buckets. The maximum time to wait for a
video's availability must be within a target time of 15 minutes, with minimal loss exposure.
Which of the following storage configurations should you choose?

A. Single region
B. Dual-region
C. Multi-region with default replication
D. Dual-region with turbo replication

Correct Answer: D
Explanation
Dual-region storage with turbo replication enabled would be the appropriate storage configuration in this
scenario because turbo replication allows you to asynchronously replicate newly written Cloud Storage
objects to a separate region within a target of 15 minutes. Because turbo replication is applicable only for
dual-region buckets, it can be implemented in this scenario because the project teams are in London and New
York.

https://shapingpixel.com/
 33) Your company has recently acquired three growing startups in three different countries. You want to
reduce overhead in infrastructure management and keep your costs low without sacrificing security and
quality of service to your customers.
How should you meet these requirements?

A. Host all your subsidiaries' services on-premises together with

your existing services.
B. Host all your subsidiaries' services together with your existing
services on the public cloud. Most Voted
C. Build a homogenous infrastructure at each subsidiary, and
invest in training their engineers.
D. Build a homogenous infrastructure at each subsidiary, and
invest in hiring more engineers.

Correct Answer: B

Both maintenance cost becomes cheaper and management becomes easier

when subsidiaries workloads along with parent organisation's workloads are
deployed on the public cloud.

https://shapingpixel.com/
 34) A startup is planning to adopt Google Cloud Services. As a first step, the company
plans to migrate its data to Google Cloud. Which of the following should the company
use to migrate over 1 TB of data from a private data center to the cloud while adhering to
a strict timeline of 1-2 days and accommodating available bandwidth in order to meet the
project deadline?

A. Storage Transfer Service

B. gsutil
C. Transfer appliance
D. Migrate for Anthos and GKE

Correct Answer: A

Explanation
Storage Transfer Service allows you to migrate data from a private data center to Google Cloud. With
Storage transfer, you can move petabytes of data from on-premises sources or other clouds over online
networks with billions of files and 10s of Gbps. You can also optimize your network bandwidth and
accelerate transfers with scale-out performance.
https://shapingpixel.com/
 35) What is the difference between Standard and Coldline storage?

A. Coldline storage is for data for which a slow transfer rate is

acceptable.
B. Standard and Coldline storage have different durability
guarantees.
C. Standard and Coldline storage use different APIs.
D. Coldline storage is for infrequently accessed data.

Correct Answer: D

The categorization is based on how frequently data is accessed and

hence charged accordingly

https://shapingpixel.com/
 36) A fitness application company is collecting the health data of its users is adding approximately
50 TBs of data every month. The data is expected to grow to 200+ TB every year. Users are
primarily concerned with the last 30 days of data and will wait for data retrieval if data is older
than 30 Days. The company decided that they will now store the infrequently accessed data
older than 30 days to minimize the cost, as this data is typically accessed at max once per quarter
or less. Which storage option would be best suited to store infrequently accesses data?

A. Standard
B. Nearline
C. Coldline
D. Archive

Correct Answer: C
Explanation
Coldline storage is best suited to store infrequently accessed data that is planned to be read or modified at
most once per quarter.

Standard storage is best suited to frequently accessed data also known as "Hot Data.“

Nearline storage is best suited to store data that will be read or modified once a month or less.

Archive storage is best suited to store archive data that is required for legal, regulatory, or disaster recovery
reasons. https://shapingpixel.com/
 37) What would provide near-unlimited availability of computing resources without requiring your
organization to procure and provision new equipment?

A. Public cloud Most Voted

B. Containers
C. Private cloud
D. Microservices

Correct Answer: A

https://shapingpixel.com/
 38) Which of the following defines a private cloud?

A. A collection of resources that are not shared with the

general public
B. A collection of virtual on-demand services that are
offered to the public
C. A collection of resources that are shared between
private and public cloud users
D. A collection of resources that are isolated on-premises
for use by an organization

Correct Answer: A
Explanation
A private cloud is a collection of resources that are not shared with the general public.
A public cloud is a virtual on-demand service that is offered to the public.
A hybrid collection of resources that are shared between the private and public.
An on-site data center is a collection of on-premise resources that are used by an organization.

https://shapingpixel.com/
 39) You are a program manager for a team of developers who are building an event-driven application to allow
users to follow one another's activities in the app. Each time a user adds himself as a follower of another user, a
write occurs in the real-time database.
The developers will develop a lightweight piece of code that can respond to database writes and generate a
notification to let the appropriate users know that they have gained new followers. The code should integrate with
other cloud services such as Pub/Sub, Firebase, and Cloud APIs to streamline the orchestration process. The
application requires a platform that automatically manages underlying infrastructure and scales to zero when
there is no activity.
Which primary compute resource should your developers select, given these requirements?

A. Google Kubernetes Engine

B. Cloud Functions Most Voted
C. App Engine flexible environment
D. Compute Engine

Correct Answer: B

https://shapingpixel.com/
 40) To optimize the company’s Google Cloud spend, the management committee team wants an
at-a-glance waterfall overview of their monthly costs and savings. Which of the following should
you use to provide this information to the management team?

A. Cost Breakdown reports

B. Budget notifications
C. Cost Table reports
D. Pricing table reports

Correct Answer: A

Explanation
The Cost Breakdown report helps with an at-a-glance waterfall overview of monthly costs and savings.
Budget notifications facilitate a real-time status of the Cloud Billing budget and are not a method for gaining
an overview of monthly costs.
Cost Table reports help access and analyze invoice and statements details but are not an optimal method for
providing an overview of costs.
The pricing table report helps access SKU prices for Google's cloud services and is not an efficient method
for providing a high-level picture of costs.
https://shapingpixel.com/
41) Your organization is developing an application that will capture a large amount of data from millions of
different sensor devices spread all around the world. Your organization needs a database that is suitable for
worldwide, high-speed data storage of a large amount of unstructured data.
Which Google Cloud product should your organization choose?

A. Firestore
B. Cloud Data Fusion
C. Cloud SQL
D. Cloud Bigtable

Correct Answer: D

https://shapingpixel.com/
 42) Your client is a global packaging and printing company. They want to migrate to a fully
managed Google Cloud storage solution with the following capabilities: Web content
managementFile sharingMedia processing and renderingData analysis. Which solution should the
company use?

A. Archive Storage
B. Filestore
C. Persistent Disk
D. Local SSD

Correct Answer: B

Explanation
Filestore enables application migration to the cloud without requiring you to rewrite or rearchitect, thus
accelerating and simplifying your migration. Filestore is a fully managed service suitable for Web content
management, file sharing, rendering and processing media, and performing data analytics.

https://shapingpixel.com/
 43) Your organization needs to build streaming data pipelines. You don't want to manage the individual
servers that do the data processing in the pipelines. Instead, you want a managed service that will
automatically scale with the amount of data to be processed.
Which Google Cloud product or feature should your organization choose?

A. Pub/Sub
B. Dataflow Most Voted
C. Data Catalog
D. Dataprep by Trifacta

Correct Answer: B

https://shapingpixel.com/
 44) Which of the following occurs when an organization adopts cloud technology to create and
define new ways of communicating and collaborating for its customers, employees, and
stakeholders?

A. A reduced need for security

B. The burning platform effect
C. Virtualization of all business operations
D. Organizational transformation

Correct Answer: D

Explanation
The main result of adopting cloud technology is that it transforms the way organizations operate. This
operational transformation includes changes in the way customers, employees, and stakeholders interact. By
adopting cloud technologies, organizations can transform how employees collaborate within organizations as
well as how they interact and share knowledge and information with customers and stakeholders. Adopting
cloud technology increases the speed and agility with which organizations can share data and analysis,
categorize information, make predictions, and share insights.
Reduced need for security is not a feature of adopting cloud technology. Adopting cloud technologies increases
the need for security because organizations and cloud platform providers face even greater demands for data
security in the cloud. https://shapingpixel.com/
 45) Your organization is building an application running in Google Cloud. Currently, software builds,
tests, and regular deployments are done manually, but you want to reduce work for the team. Your
organization wants to use Google Cloud managed solutions to automate your build, testing, and
deployment process.
Which Google Cloud product or feature should your organization use?

A. Cloud Scheduler
B. Cloud Code
C. Cloud Build Most Voted
D. Cloud Deployment Manager

Correct Answer: C

Deploy your application to App Engine using the gcloud app deploy command. This command
automatically builds a container image by using the Cloud
Build service and then deploys that image to the App Engine flexible environment.

https://shapingpixel.com/
 46) Which of the following is a major cost-benefit of adopting cloud-
native architecture?

A. Managed services with high operational savings

B. Managed open source or open source-compatible
services
C. Continuous Integration/Continuous Delivery
D. Monitoring and automated recovery

Correct Answer: A

Explanation
A key cost-benefit of cloud-native architecture is that it is includes managed services that result in
high operational savings because the customer is no longer responsible for them. Such managed
services could include IaaS, in which the cloud provider manages such things as hardware, storage,
and encryption, PaaS, in which the service provider is responsible for identity and access management
features, and SaaS, in which operations is to some extent managed.

https://shapingpixel.com/
 47) Which Google Cloud product can report on and maintain compliance on
your entire Google Cloud organization to cover multiple projects?

A. Cloud Logging
B. Identity and Access Management
C. Google Cloud Armor
D. Security Command Center

Correct Answer: D

Security Command Center is a centralized security and risk management platform for your Google
Cloud resources. It is a single tool that offers a variety of security features including:
1. Gain centralized visibility and control
2. Discover misconfigurations and vulnerabilities
3. Report on and maintain compliance
4. Detect threats targeting your Google Cloud assets

https://shapingpixel.com/
 48) An organization using Google Cloud wants to hierarchically organize and group
resources, as well as manage access control and configuration settings for container
resources. Which Google product or service should the organization use?

A. Eventarc
B. Artifact Registry
C. Container Registry
D. Resource Manager API

Correct Answer: D

Explanation
The Resource Manager API service helps Google Cloud customers programmatically manage the
container resources by creating, reading, and updating metadata for Google Cloud Platform
resource containers.

https://shapingpixel.com/
 49) Your organization needs to establish private network connectivity between its on-premises network
and its workloads running in Google Cloud. You need to be able to set up the connection as soon as
possible.
Which Google Cloud product or feature should you use?

A. Cloud Interconnect
B. Direct Peering
C. Cloud VPN Most Voted
D. Cloud CDN

Correct Answer: C

Cloud VPN setup can be done instantly and though it

travels over internet, it is private in nature. Cloud
interconnect needs physically dedicated connection.

https://shapingpixel.com/
 50) A credit card company has moved its applications to Google Cloud. Its customer data is
stored across Cloud Storage, Datastore, and BigQuery and is used by applications and employees
across the firm. Which Google Cloud solution should you use for the detection and classification
of the stored sensitive data?

A. Cloud Armor
B. Cloud Data Loss Prevention
C. Risk Manager
D. Security Command Center

Correct Answer: B

Explanation
The Cloud Data Loss Prevention service enables the discovery, detection, and classification of stored
sensitive data. With Cloud Data Loss Prevention, you can create dashboards and audit reports, and
automate tagging, remediation, or policy based on findings. Connect DLP results into Security
Command Center, Data Catalog, or export to your own SIEM or governance tool for further analysis.

https://shapingpixel.com/
 51) Your organization is developing a mobile app and wants to select a fully
featured cloud-based compute platform for it.
Which Google Cloud product or feature should your organization use?

A. Google Kubernetes Engine

B. Firebase Most Voted
C. Cloud Functions
D. App Engine

Correct Answer: B

Firebase is Google's mobile development platform

https://shapingpixel.com/
 52) Your organization is developing a global multi-player game and requires a database that can
consistently capture player statistics. The most critical requirement of the database is that it can
serve information for game leaderboards and return consistent rankings at any given time across
game players all over the world. The game is rapidly developing a following with almost unlimited
growth in the number of players. Which Google Cloud product should the organization choose?

A. Firestore
B. Cloud Spanner
C. Cloud SQL
D. Bare Metal

Correct Answer: B

Explanation
Cloud Spanner is a fully managed relational database with unlimited horizontal scalability, strong consistency,
and up to 99.999% availability. Because it is both global and unlimited in scale, it is the most appropriate
choice in this scenario. It is highly available with zero scheduled downtime and online schema changes. It
allows developers to focus on innovating gaming functions because it eliminates manual tasks with capabilities
like automatic sharding that are a feature of Cloud SQL. Spanner provides a globally consistent database that
can keep inventory or match history, such as the player information provided in gaming leaderboards, for
massive player populations anywhere in the world.
https://shapingpixel.com/
 53) Your company has been using a shared facility for data storage and will be migrating to Google
Cloud. One of the internal applications uses Linux custom images that need to be migrated.
Which Google Cloud product should you use to maintain the custom images?

A. App Engine flexible environment

B. Compute Engine Most Voted
C. App Engine standard environment
D. Google Kubernetes Engine

Correct Answer: B

You can use one of the following image types: Public

and Custom images.

https://shapingpixel.com/
 54) A news media giant with over 200 publications plans to build a scalable, secure,
and serverless document database with a powerful query engine that can be added with mobile
and web apps. Which Google Cloud product or service should the organization use?

A. Memorystore
B. Cloud BigTable
C. Cloud SQL
D. Firestore

Correct Answer: D

Explanation
Firestore is a scalable, secured, and serverless NoSQL document database with a powerful query engine that can be
added to mobile and web apps.
Memorystore is an in-memory data store best used to build application caches.
Cloud Bigtable is Google's fully managed product and is a NoSQL Big Data database service. It is a Cloud-native
NoSQL wide-column store for large-scale, low-latency workloads including personalization, Adtech, and
recommendation engines. It is not the most ideal database for a search engine that can be added with mobile and
web apps.
Cloud SQL is a relational database service and is not suitable for this use case. It is most commonly used in Lift and
shift of on-premises SQL databases to the cloud, Large-scale SQL data analytics, supporting content management
system (CMS) data storage and scalability, and managing databases using Infrastructure as Code (IaC)
https://shapingpixel.com/
 55) Your organization wants to migrate its data management solutions to Google Cloud because it needs
to dynamically scale up or down and to run transactional
SQL queries against historical data at scale. Which Google Cloud product or service should your
organization use?

A. BigQuery
B. Cloud Bigtable
C. Pub/Sub
D. Cloud Spanner

Correct Answer: D

https://shapingpixel.com/
 56) Which of the following are always the responsibility of customers using the public cloud?
(Choose 2 answers)

A. Web Client protection

B. Data protection
C. Network Controls
D. Patch Management

Correct Answer: AB

Explanation
The security of the client that is being used by the customers (on Mobile devices, PC, etc.) to access the web
content is the customer's responsibility.
Management, classification, and compliance obligation adherence are the customer's responsibility.
Configuring, managing, and securing Network controls are shared responsibilities in IaaS and PaaS models;
however, the cloud provider is responsible primarily for network controls in the SaaS model.
Patch Management is a shared responsibility in IaaS and PaaS. The cloud provider manages patches in the
SaaS model.

https://shapingpixel.com/
 57) Your organization needs to categorize objects in a large group of static images using machine
learning. Which Google Cloud product or service should your organization use?

A. BigQuery ML
B. AutoML Video Intelligence
C. Cloud Vision API Most Voted
D. AutoML Tables

Correct Answer: C

Vision API can assign labels to images and quickly classify them into
millions of predefined categories. Detect objects and faces, read printed
and handwritten text, and build valuable metadata into your image
catalog.

https://shapingpixel.com/
 58) A DevOps team is responsible for maintaining and analyzing system and application logs
for an application running across several instances on Google Cloud Platform. What steps
should the team take to ensure the integrity of the logs generated on these
instances? (Choose 2 answers)

A. Implement log versioning on log buckets in Cloud

Storage.
B. Copy the logs to another project with a different
owner.
C. Set the logging level to only collect log output for
critical messages.
D. Export all log files to BigQuery.

Correct Answer: AB

Explanation
Here are two things you could do to protect the integrity of your log files:
•Implement log versioning on log buckets in Cloud Storage to prevent losing or overwritten data if an
unauthorized person gains access. The Cloud Storage service automatically encrypts all data before it is written
to the log buckets. Still, with versioning, you can increase security by forcing a new version to be saved
whenever an object in a log bucket is changed.
•Copy the logs to another project with a different owner to require two people to have ownership of the logs.
https://shapingpixel.com/
 59) Which Google Cloud product is designed to reduce the risks of handling
personally identifiable information (PII)?

A. Cloud Storage
B. Google Cloud Armor
C. Cloud Data Loss Prevention Most Voted
D. Secret Manager

Correct Answer: C

Cloud Data Loss Prevention: Fully managed service

designed to help you discover, classify, and protect
your most sensitive data.

https://shapingpixel.com/
 60) Your client has multiple ongoing projects and to remove conflicts has asked you to devise a
way to segregate service-level resources, such as the compute, storage, and networking
resources being used by various projects. Which of the following should you use?

A. Folders
B. Projects
C. Labels
D. Tags

Correct Answer: B

Explanation
Projects constitute service-level resources such as compute, storage, and networking resources.
Folders are used for projects rather than service-level resources.
Labels are used to annotate resources constituting projects and are the best choice for granular level cost
tracking.
A tag is a string of characters added to a resource tags field. Tags cannot be created separately and are not
separate resources.

https://shapingpixel.com/
 61) Your organization is migrating to Google Cloud. As part of that effort, it needs to move terabytes of
data from on-premises file servers to Cloud Storage. Your organization wants the migration process to be
automated and to be managed by Google. Your organization has an existing Dedicated Interconnect
connection that it wants to use. Which Google Cloud product or feature should your organization use?

A. Storage Transfer Service Most Voted

B. Migrate for Anthos
C. BigQuery Data Transfer Service
D. Transfer Appliance

Correct Answer: A

https://shapingpixel.com/
 62) Your organization is looking for network connectivity with Google Cloud between its on-
premises network and Google Cloud. The network connectivity must allow encrypted traffic
to the Google Cloud and have higher throughput. Which of the following networking
solutions should you choose?

A. Cloud VPN
B. Cloud Interconnect
C. Cloud Router
D. Traffic Director

Correct Answer: B

Explanation
Cloud Interconnect extends your on-premises network to Google's network through a highly available,
low latency connection. You can use Dedicated Interconnect to connect directly to Google or use
Partner Interconnect to connect to Google through a supported service provider.

https://shapingpixel.com/
 63) Your organization needs to analyze data in order to gather insights into its daily operations. You only
want to pay for the data you store and the queries you perform. Which Google Cloud product should your
organization choose for its data analytics warehouse?

A. Cloud SQL
B. Dataproc
C. Cloud Spanner
D. BigQuery

Correct Answer: D

BigQuery is an enterprise data warehouse for large

amounts of relational structured data

https://shapingpixel.com/
 64) You are managing the development of a new application. You need a solution that will meet the
following requirements: The developers should focus on writing code. Deployments should be zero-
configuration. The developers should not manage infrastructure. The service should be scalable and
accommodate surges in traffic without provisioning, patching, or monitoring. Applications should be
safe from security threats. Which Google Cloud solution should you use?

A. App Engine
B. Cloud Functions
C. Confidential VMs
D. Eventarc

Correct Answer: A

Explanation
App Engine is a fully managed serverless platform that helps to build highly scalable and secure
applications. App Engine is suited to applications that have multiple functionalities behaving in various
inter-related (or even unrelated) ways.

https://shapingpixel.com/
 65) Your organization wants to run a container-based application on Google Cloud. This application is
expected to increase in complexity. You have a security need for fine-grained control of traffic between
the containers. You also have an operational need to exercise fine-grained control over the application's
scaling policies.
What Google Cloud product or feature should your organization use?

A. Google Kubernetes Engine cluster Most Voted

B. App Engine
C. Cloud Run
D. Compute Engine virtual machines

Correct Answer: A

https://shapingpixel.com/
 66) A team of Cloud Engineers is working on developing and deploying a containerized
application that will process and serve a large amount of image data in cloud storage. The data
must be invocable via requests or events. Which Google Cloud compute service should the
team use so that there are no infrastructure management problems?

A. Cloud Build
B. Cloud Code
C. Cloud Run
D. Cloud Deploy

Correct Answer: C

Explanation
Cloud Run is a fully managed, serverless compute platform that enables the development and
deployment of a containerized application invocable via requests or events. Using Cloud Run would
avoid the problem of infrastructure management because it is a fully managed service.

https://shapingpixel.com/
 67) Which Google Cloud product or feature makes specific recommendations
based on security risks and compliance violations?

A. Google Cloud firewalls

B. Security Command Center Most Voted
C. Cloud Deployment Manager
D. Google Cloud Armor

Correct Answer: B

https://shapingpixel.com/
 68) Which of the following scenarios is not suitable for a Content Delivery
Network (CDN)? (Choose 2 answers)

A. A website for a small construction company located in

the United States
B. A global retail company with customers in Europe and
the Americas
C. A family history website with only a few visitors
annually
D. A global media website that provides news in multiple
languages

Correct Answer: AC

Explanation
A website with users located in a specific geographic area would not benefit from a Content Delivery
Network. CDNs are especially useful for large, complex websites with users spread across the globe, and
websites or mobile apps with lots of dynamic content. A small company will most likely not need a CDN
because its customers are geographically closer to the server.
https://shapingpixel.com/
 69) Which Google Cloud product provides a consistent platform for multi-cloud application
deployments and extends other Google Cloud services to your organization's environment?

A. Google Kubernetes Engine

B. Virtual Public Cloud
C. Compute Engine
D. Anthos

Correct Answer: D

Anthos is the leading cloud-centric container platform

to run modern apps anywhere consistently at scale.

https://shapingpixel.com/
 70) Your company's website enables users to upload images and input text to create memes of
their choice. Lately, you have observed some suspicious traffic and want to protect your
website from spam, specifically from bots using the website. Which of the following Google
Cloud solutions should you use to protect your website from bots and ensure that it is being
accessed only by human users?

A. reCAPTCHA Enterprise
B. Policy Troubleshooter
C. Web Risk
D. Cloud Identity

Correct Answer: A

Explanation
reCAPTCHA Enterprise uses an adaptive risk analysis engine to keep automated software from
engaging in abusive activities on your site. With technology that has helped defend millions of websites
for over a decade, reCAPTCHA Enterprise is built to help mitigate fraudulent online activity for your
business.
https://shapingpixel.com/
 71) Your organization wants an economical solution to store data such as files, graphical images, and
videos and to access and share them securely.
Which Google Cloud product or service should your organization use?

A. Cloud Storage Most Voted

B. Cloud SQL
C. Cloud Spanner
D. BigQuery

Correct Answer: A

https://shapingpixel.com/
 72) A multinational food delivery startup has moved its applications to the cloud. The Head
of AppDev wants to introduce a new service that analyses customer preferences based on
previous orders and suggests to them what to order. Which cloud computing model would
help developers create the service while freeing them of infrastructure and management
tasks?

A. Serverless computing
B. IoT
C. High-performance computing
D. Edge Computing

Correct Answer: A

Explanation
Serverless computing helps developers to build code without managing infrastructure. Event-
driven services could be built using serverless computing offerings.

https://shapingpixel.com/
 73) Your organization wants to predict the behavior of visitors to its public website. To do that, you have decided
to build a machine learning model. Your team has database-related skills but only basic machine learning skills,
and would like to use those database skills.
Which Google Cloud product or feature should your organization choose?

A. BigQuery ML Most Voted

B. LookML
C. TensorFlow
D. Cloud SQL

Correct Answer: A

https://shapingpixel.com/
 74) Which of the following cloud computing concepts refers to increasing or decreasing
compute resources based on demand?

A. Elasticity
B. Fault tolerance
C. Load balancing
D. High availability

Correct Answer: A

Explanation
Elasticity is the degree to which a system is able to adapt to workload changes by provisioning and de-
provisioning resources in an automated manner, such that at each point in time the available resources match
the current demand as closely as possible.
Fault tolerance refers to the ability of an application to keep running even if some of its components fail.
Load balancing is a core networking solution used to distribute traffic across multiple servers in a server farm.
Load balancers improve application availability and responsiveness and prevent server overload.
High availability is similar to fault tolerance. It refers to the ability of an application to keep running for an
agreed-upon percentage of time, such as 99.99% of the time.
https://shapingpixel.com/
 75) Your organization is moving an application to Google Cloud. As part of that effort, it needs to migrate the
application's working database from another cloud provider to Cloud SQL. The database runs on the MySQL
engine. The migration must cause minimal disruption to users. Data must be secured while in transit.
Which should your organization use?

A. BigQuery Data Transfer Service

B. MySQL batch insert
C. Database Migration Service Most Voted
D. Cloud Composer

Correct Answer: C

Database Migration Service supports multiple secure, private connectivity

methods to protect your data in transit. Once migrated, all data is encrypted
by default, and Cloud SQL provides multiple layers of security to meet even
the most stringent requirements.

https://shapingpixel.com/
 76) Your organization is developing and deploying an application on Google Cloud. Tracking your Google
Cloud spending needs to stay as simple as possible.
What should you do to ensure that workloads in the development environment are fully isolated from
production workloads?

A. Apply a unique tag to development resources

B. Associate the development resources with their own network
C. Associate the development resources with their own billing
account
D. Put the development resources in their own project

Correct Answer: D

https://shapingpixel.com/
 77) Your company is running the majority of its workloads in a co-located data center. The workloads are
running on virtual machines (VMs) on top of a hypervisor and use either Linux or Windows server editions.
As part of your company's transformation strategy, you need to modernize workloads as much as possible
by adopting cloud-native technologies. You need to migrate the workloads into Google Cloud.
What should you do?

A. Export the VMs into VMDK format, and import them into
Compute Engine
B. Export the VMs into VMDK format, and import them into
Google Cloud VMware Engine
C. Migrate the workloads using Migrate for Compute Engine
D. Migrate the workloads using Migrate for Anthos

Correct Answer: D

https://shapingpixel.com/
 78) Your organization is running all its workloads in a private cloud on top of a hypervisor. Your
organization has decided it wants to move to Google Cloud as quickly as possible. Your organization
wants minimal changes to the current environment, while using the maximum amount of managed
services Google offers.
What should your organization do?

A. Migrate the workloads to Google Cloud VMware Engine Most

B. Migrate the workloads to Compute Engine Most Voted
C. Migrate the workloads to Bare Metal Solution
D. Migrate the workloads to Google Kubernetes Engine

Correct Answer: B

Migrate for Compute Engine enables you to lift and shift

workloads at scale to Google Cloud Compute Engine with
minimal changes and risk.

https://shapingpixel.com/
 79) Your organization is releasing its first publicly available application in Google Cloud. The
application is critical to your business and customers and requires a 2- hour SLA.
How should your organization set up support to minimize costs?

A. Enroll in Premium Support

B. Enroll in Enhanced Support Most Voted
C. Enroll in Standard Support
D. Enroll in Basic Support

Correct Answer: B

https://shapingpixel.com/
 80) Your organization offers public mobile apps and websites. You want to migrate to a Google Cloud-based
solution for checking and maintaining your users' usernames and passwords and controlling their access to
different resources based on their identity.
Which should your organization choose?

A. VPN tunnels
B. Identity Platform
C. Compute Engine firewall rules
D. Private Google Access

Correct Answer: B

An identity platform is a modern solution for managing the identities of users and devices in a
centralized fashion.

https://shapingpixel.com/
 81) Which Google Cloud service or feature lets you build machine learning models using Standard SQL
and data in a data warehouse?

A. BigQuery ML Most Voted

B. TensorFlow
C. AutoML Tables
D. Cloud Bigtable ML

Correct Answer: A

BigQuery ML lets you create and execute machine learning

models in BigQuery using standard SQL queries.

https://shapingpixel.com/
 82) Your organization runs an application on virtual machines in Google Cloud. This application processes
incoming images. This activity takes hours to create a result for each image. The workload for this application
normally stays at a certain baseline level, but at regular intervals it spikes to a much greater workload.
Your organization needs to control the cost to run this application.
What should your organization do?

A. Purchase committed use discounts for the baseline load Most Voted
B. Purchase committed use discounts for the expected spike load
C. Leverage sustained use discounts for your virtual machines Most Voted
D. Run the workload on preemptible VM instances

Correct Answer: C

The idea of the Sustained Use discount is that the longer you run
a VM instance in any given month, the bigger discount you will
get from the list price.

https://shapingpixel.com/
 83) Your organization is developing a plan for migrating to Google Cloud.
What is a best practice when initially configuring your Google Cloud environment?

A. Create a project via Google Cloud Console per department in your

company
B. Define your resource hierarchy with an organization node on top
C. Create projects based on team members' requests
D. Make every member of your company the project owner

Correct Answer: B

https://shapingpixel.com/
 84) Your organization runs many workloads in different Google Cloud projects, each linked to the same
billing account. Each project's workload costs can vary from month to month, but the overall combined cost
of all projects is relatively stable. Your organization needs to optimize its cost.
What should your organization do?

A. Purchase a commitment per project for each project's usual minimum

B. Create a billing account per project, and link each project to a different
billing account
C. Turn on committed use discount sharing, and create a commitment for the
combined usage Most Voted
D. Move all workloads from all different projects into one single consolidated
project

Correct Answer: C

https://shapingpixel.com/
 85) How should a multinational organization that is migrating to Google Cloud consider
security and privacy regulations to ensure that it is in compliance with global standards?

A. Comply with data security and privacy regulations in each

geographical region Most Voted
B. Comply with regional standards for data security and privacy,
because they supersede all international regulations
C. Comply with international standards for data security and
privacy, because they supersede all regional regulations
D. Comply with regional data security regulations, because
they're more complex than privacy standards

Correct Answer: A

https://shapingpixel.com/
 86) Your organization wants to optimize its use of Google Cloud's discounts on virtual machine-based
workloads. You plan to use 200 CPUs constantly for the next 3 years, and you forecast that spikes of
up to 300 CPUs will occur approximately 30% of the time. What should you choose?

A. 1-year committed use discount for 200 CPUs

B. 3-year committed use discount for 300 CPUs
C. 3-year committed use discount for 200 CPUs Most Voted
D. Regular pay-as-you-go pricing

Correct Answer: C

https://shapingpixel.com/
 87) Your organization needs to minimize how much it pays for data traffic from the Google
network to the internet. What should your organization do?

A. Choose the Standard network service tier. Most Voted

B. Choose the Premium network service tier.
C. Deploy Cloud VPN.
D. Deploy Cloud NAT.

Correct Answer: A

https://shapingpixel.com/
 88) Your organization wants to migrate your on-premises environment to Google Cloud. The on-
premises environment consists of containers and virtual machine instances. Which Google Cloud
products can help to migrate the container images and the virtual machine disks?

A. Compute Engine and Filestore Most Voted

B. Artifact Registry and Cloud Storage Most Voted
C. Dataflow and BigQuery
D. Pub/Sub and Cloud Storage

Correct Answer: B

https://shapingpixel.com/
 89) Your company security team manages access control to production systems using an LDAP
directory group.
How is this access control managed in the Google Cloud production project?

A. Assign the proper role to the Service Account in the project's IAM Policy
B. Grant each user the roles/iam.serviceAccountUser role on a service account that
exists in the Google Group.
C. Assign the proper role to the Google Group in the project's IAM Policy. Most
D. Create the project in a folder with the same name as the LDAP directory group.

Correct Answer: C

https://shapingpixel.com/
 90) Your organization wants to be sure that is expenditures on cloud services are in line with the
budget. Which two Google Cloud cost management features help your organization gain greater
visibility into its cloud resource costs? (Choose two.)

A. Billing dashboards Most Voted

B. Resource labels Most Voted
C. Sustained use discounts
D. Financial governance policies
E. Payments profile

Correct Answer: AB

https://shapingpixel.com/
 91) Your organization needs to process large amounts of data from an online application that
operates continuously. You do not want to be required to provision infrastructure or create server
clusters. What should your organization choose?

A. Compute Engine with BigQuery

B. Dataproc
C. Google Kubernetes Engine with Cloud Bigtable
D. Dataflow

Correct Answer: D

https://shapingpixel.com/
 92) Your organization needs to ensure that the Google Cloud resources of each of your departments are
segregated from one another. Each department has several environments of its own: development, testing,
and production. Which strategy should your organization choose?

A. Create a project per department, and create a folder per

environment in each project.
B. Create a folder per department, and create a project per
environment in each folder. Most Voted
C. Create a Cloud Identity domain per department, and create a
project per environment in each domain.
D. Create a Cloud Identity domain per environment, and create a
project per department in each domain.

Correct Answer: B

https://shapingpixel.com/
 93) Your organization is defining the resource hierarchy for its new application in Google Cloud. You need
separate development and production environments. The production environment will be deployed in
Compute Engine in two regions. Which structure should your organization choose?

A. Create a single project for all environments. Use labels to

segregate resources by environment.
B. Create a single project for all environments. Use tags to
segregate resources by environment.
C. Create one project for the development environment and one
project for the production environment. Most Voted
D. Create two projects for the development environment and two
projects for the production environment (one for each region).

Correct Answer: C

https://shapingpixel.com/
 94) Your organization meant to purchase a 3-year Committed Use Discount, but accidentally purchased a 1-
year Committed Use Discount instead. What should your organization do?

A. Contact your financial institution.

B. Contact Trust and Safety.
C. Contact Cloud Billing Support. Most Voted
D. Contact Technical Support.

Correct Answer: C

https://shapingpixel.com/
 95) Your organization needs to allow a production job to have access to a BigQuery dataset. The
production job is running on a Compute Engine instance that is part of an instance group.
What should be included in the IAM Policy on the BigQuery dataset?

A. The Compute Engine instance group

B. The project that owns the Compute Engine instance
C. The Compute Engine service account Most Voted
D. The Compute Engine instance

Correct Answer: C

https://shapingpixel.com/
 96) How do Migrate for Compute Engine and Migrate for Anthos differ?

A. Unlike Migrate for Anthos, Migrate for Compute Engine

assumes that the migration source is VMware vSphere.
B. Migrate for Compute Engine charges for ingress, but Migrate
for Anthos does not.
C. Migrate for Compute Engine is closed source, and Migrate for
Anthos is open source.
D. Migrate for Anthos migrates to containers, and Migrate for
Compute Engine migrates to virtual machines.

Correct Answer: D

https://shapingpixel.com/
 97) Your large and frequently changing organization's user information is stored in an on-premises LDAP
database. The database includes user passwords and group and organization membership.
How should your organization provision Google accounts and groups to access Google Cloud resources?

A. Replicate the LDAP infrastructure on Compute Engine

B. Use the Firebase Authentication REST API to create users
C. Use Google Cloud Directory Sync to create users Most Voted
D. Use the Identity Platform REST API to create users

Correct Answer: C

https://shapingpixel.com/
 98) An organization is planning its cloud expenditure.
What should the organization do to control costs?

A. Consider cloud resource costs as capital expenditure in annual

planning.
B. Use only cloud resources; they have no cloud infrastructure
costs.
C. Review cloud resource costs frequently because costs depend
on usage.
D. Assess cloud resources costs only when SLO is not met by
their cloud provider.
Correct Answer: C

https://shapingpixel.com/
 99) An organization is using machine learning to make predictions. One of their datasets mistakenly
includes mislabeled data.
How will the prediction be impacted?

A. Increased risk of privacy leaks

B. Increased risk of inaccuracy
C. Decreased model compatibility
D. Decreased model training time

Correct Answer: B

https://shapingpixel.com/
 100) A global organization is developing an application to manage payments and online bank accounts in
multiple regions. Each transaction must be handled consistently in their database, and they anticipate
almost unlimited growth in the amount of data stored.
Which Google Cloud product should the organization choose?

A. Cloud SQL
B. Cloud Spanner Most Voted
C. Cloud Storage
D. BigQuery

Correct Answer: B

https://shapingpixel.com/
 101) An e-commerce organization is reviewing their cloud data storage.
What type of raw data can they store in a relational database without any processing?

A. Product inventory
B. Product photographs
C. Instructional videos
D. Customer chat history

Correct Answer: A

https://shapingpixel.com/
102) An organization wants to digitize and share large volumes of historical text and images.
Why is a public cloud a better option than an on-premises solution?

A. In-house hardware management

B. Provides physical encryption key
C. Cost-effective at scale
D. Optimizes capital expenditure

Correct Answer: C

https://shapingpixel.com/
 103) An organization wants to develop an application that can be personalized to user preferences
throughout the year.
Why should they build a cloud-native application instead of modernizing their existing on-premises
application?

A. Developers can rely on the cloud provider for all source code
B. Developers can launch new features in an agile way Most
C. IT managers can migrate existing application architecture
without needing updates
D. IT managers can accelerate capital expenditure planning

Correct Answer: B

https://shapingpixel.com/
 104) Which technology allows organizations to run multiple computer operating systems on a single
piece of physical hardware?

A. Hypervisor
B. Containers
C. Serverless computing
D. Open source

Correct Answer: A

A hypervisor abstracts the underlying hardware from the host’s operating system and apps
and is the core technology behind virtualization. A hypervisor allows a physical server to
operate multiple VMs as guests run alongside each other. Each VM can run a different OS.

https://shapingpixel.com/
 105) An organization is making a strategic change to customer support in response to
feedback. They plan to extend their helpline availability hours.
Why is the organization making this change?

A. Users expect professional expertise

B. Users require personalization
C. Users expect always-on services
D. Users require regional access

Correct Answer: C

https://shapingpixel.com/
 106) How does a large hotel chain benefit from storing their customer
reservation data in the cloud?

A. On-premises hardware access to transaction data

B. Real-time data transformation at scale within an on-premises
database
C. Real-time business transaction accuracy at scale
D. Physical hardware access during peak demand

Correct Answer: C

https://shapingpixel.com/
 107) An organization wants to transform multiple types of structured and unstructured data in the cloud
from various sources. The data must be readily accessible for analysis and insights.
Which cloud data storage system should the organization use?

A. Relational database
B. Private data center
C. Data field
D. Data warehouse

Correct Answer: D

A data warehouse is an enterprise system used for the analysis and reporting of
structured and semi-structured data from multiple sources

https://cloud.google.com/learn/what-is-a-data-warehouse

https://shapingpixel.com/
 108) An organization wants to use all available data to offer predictive suggestions on their website that
improve over time.
Which method should the organization use?

A. Data automation
B. Trends analysis
C. Machine learning
D. Multiple regression

Correct Answer: C

Predictive analytics is closely tied to machine learning. Regardless of the specific

technique, an organization might employ, the general process begins with an algorithm
that trains itself by having access to an understood outcome (such as a customer
purchase).

https://shapingpixel.com/
 109) Google's Enterprise Support offers you _____. (Choose the most complete answer.)

A. more predictable rates and more flexible configuration

than Role-Based Support
B. the fastest response times and opportunities to work
directly with a dedicated TAM contact
C. the fastest response times
D. the ability to work directly with a dedicated TAM
contact

Correct Answer: B

Enterprise Support gives you the fastest response times and allows you to work
directly with a dedicated TAM (or Technical Account Management) contact.

https://shapingpixel.com/
 110) Which Google product generates highly personalized product recommendations?

A. Recommendations ML
B. Recommendations OCR
C. Recommendations AI
D. Auto Recommendations

Correct Answer: C

You should know that the Recommendations AI product will generate highly
personalized product recommendations.

https://shapingpixel.com/
 111) Which of the following statements about GCP Database Migration Service and
Datastream is false?

A. Datastream is low latency and won't bog down your source database.
B. Database Migration Service has integrations with services such as BigQuery,
Cloud Spanner, Dataflow, and Data Fusion.
C. With Database Migration Service, if you are migrating to a serverless option
like Cloud SQL, then you don’t have to worry about over- or under-
provisioning.
D. With Database Migration Service, you can start the process with just a few
clicks and then enjoy continuous data replication from source to destination.

Correct Answer: B
A basic mySQL “lift and shift” can involve many steps and take a lot of time depending upon the amount
of data involved. That is why Google built the Database Migration Service to make migrations as painless
as possible. You can start the process with just a few clicks and then enjoy continuous data replication
from source to destination. In addition, if you are migrating to a serverless option like Cloud SQL, then
you don’t have to worry about over- or under-provisioning. DBMS uses change data capture and
replication to synchronize your data across databases, storage systems, and applications. It is low
latency, and won’t bog down your source database. And it has integrations with services such as
BigQuery, Cloud Spanner, Dataflow, and Data Fusion.
https://shapingpixel.com/
 112) Which of the following statements about GCP tools/services is false?

A. You can find the latest ISO/IEC certificates, SOC reports, and
self-assessments in the Container Registry.
B. Container Registry is tightly integrated with all of Google’s
container services.
C. The resources found in the Compliance Reports Manager tool
can be used to aid your own company’s reporting and compliance
efforts.
D. All of the GCP services receive independent verification for
security, privacy, and compliance.

Correct Answer: A
All of the GCP services receive independent verification for security, privacy, and compliance.
Directly access certifications, risk assessments, and audit reports, by visiting the Compliance Reports
Manager tool. Here you’ll find key resources including the latest ISO/IEC certificates, SOC reports,
and self-assessments. These documents not only provide peace of mind, but they can be used to aid
your own company’s reporting and compliance efforts as well. Container Registry is tightly integrated
with all of Google’s container services.
https://shapingpixel.com/
 113) Which of the following is not a level of organizational GCP support?

A. Ultra
B. Basic
C. Standard
D. Premium

Correct Answer: A

You should pick the right level of support for your organization. There are four options:
Basic, Standard, Enhanced, and Premium.

https://shapingpixel.com/
 114) If you need to migrate data in Oracle to a new type of database in GCP, then _____
might be a better choice than Database Migration Service.

A. Datastream
B. Data Fusion
C. Cloud Spanner
D. Dataflow

Correct Answer: A

Google built the Database Migration Service to make migrations as painless as possible. Now if
you need to do something more complicated than a basic mySQL "lift and shift," like migrating
to a new type of database, then Datastream might be a better choice. So if you are trying to
migrate something like an Oracle database to the cloud, you should check Datastream out.

https://shapingpixel.com/
 115) A _____ is a custom-designed ASIC (or application-specific integrated circuit)
that is used for ML workloads.

A. datastream
B. cloud TPU
C. cloud GPU
D. container registry

Correct Answer: C

A cloud TPU (or tensor processing unit) is a custom-designed ASIC (or

application-specific integrated circuit) that is used for ML workloads.

https://shapingpixel.com/
 116) Which GCP tool offers an easy, centralized location to store and manage all
your Docker container images?

A. Compliance Reports Manager

B. Container Registry
C. Database Migration Service
D. Cloud TPU

Correct Answer: B

Container Registry offers an easy, centralized location to store and manage all your Docker
container images.

https://shapingpixel.com/
 117) Which Google product is used to dynamically translate between languages?

A. Vision OCR
B. Natural Language
C. Text AI
D. Translation

Correct Answer: D

Translation is used to dynamically translate between languages.

https://shapingpixel.com/
 118) Which of the following statements about GCP Container Registry is false?

A. It gives you partial control over who can access, view,

or download images.
B. It allows you to access your images quickly and reliably.
C. It allows you to flag outdated or compromised images
and prevent them from being deployed in the future.
D. It helps increase the security of your images.

Correct Answer: A

Container Registry helps increase security. It gives you complete control over who can access,
view, or download images. You can flag outdated or compromised images and prevent them
from being deployed in the future. And because it’s hosted by Google, your images can be
accessed quickly and reliably.

https://shapingpixel.com/
 119) Your organization is developing an application that will manage payments and online bank accounts
located around the world. The most critical requirement for your database is that each transaction is
handled consistently. Your organization anticipates almost unlimited growth in the amount of data stored.
Which Google Cloud product should your organization choose?

A. Cloud SQL
B. Cloud Storage
C. Firestore
D. Cloud Spanner

Correct Answer: D

CloudSpanner is fully managed relationship database. A proprietary relational

database designed for scale.

https://shapingpixel.com/
120) An organization is searching for an open-source machine learning platform to build and deploy their own
custom machine learning applications using TPUs.
Which Google Cloud product or service should the organization use?

A. TensorFlow Most Voted

B. BigQuery ML
C. Vision API
D. AutoML Vision

Correct Answer: A

TensorFlow is a free and open-source software library for machine learning and
artificial intelligence. TPUs used for TensorFlow

https://shapingpixel.com/
 121) An organization operates their entire IT infrastructure from Google Cloud.
What should they do to prepare for data breaches?

A. Reduce reliance on multi-factor authentication

B. Data security is Google's responsibility, so preparation is minimal
C. Create an incident plan to mitigate impacts Most Voted
D. Strengthen their data center perimeter security

Correct Answer: C

data security is responsible for both cloud vendor and customer

https://shapingpixel.com/
122) An organization wants to migrate legacy applications currently hosted in their data center to the cloud. The
current architecture dictates that each application needs its own operating system (OS) instead of sharing an OS.
Which infrastructure solution should they choose?

A. Virtual machines Most Voted

B. Open source
C. Serverless computing
D. Containers

Correct Answer: A

Virtual machines would be the best infrastructure solution for an organization that wants to
migrate legacy applications currently hosted in their data center to the cloud and maintain the
current architecture that dictates that each application needs its own operating system (OS)
instead of sharing an OS.

https://shapingpixel.com/
124) An organization is training a machine learning model to predict extreme weather events in their country.
How should they collect data to maximize prediction accuracy?

A. Collect all weather data evenly across all cities Most Voted
B. Collect all weather data primarily from at-risk cities
C. Collect extreme weather data evenly across all cities
D. Collect extreme weather data primarily from at-risk cities

Correct Answer: A

https://shapingpixel.com/
124) An organization needs to search an application's source code to identify a potential issue. The
application is distributed across multiple containers.
Which Google Cloud product should the organization use?

A. Google Cloud Console

B. Cloud Trace Most Voted
C. Cloud Monitoring
D. Cloud Logging

Correct Answer: B

So, if the organization needs to search the source code to identify a potential issue,
they can use tools like Cloud Source Repositories or other source code management
tools. However, if they need to trace issues in a distributed application running across
multiple containers, they should use Google Trace.

https://shapingpixel.com/
125) An organization's web developers and operations personnel use different systems.
How will increasing communication between the teams reduce issues caused by silos?

A. By assigning blame for failures and establishing

consequences
B. By combining job role responsibilities to ensure that everyone
has shared access
C. By increasing data encryption to strengthen workflows
D. By emphasizing shared ownership of business outcomes

Correct Answer: D

https://shapingpixel.com/
126) An organization is migrating their business applications from on-premises to the cloud.
How could this impact their operations and personnel costs?

A. Reduced on-premises infrastructure management costs Most

B. Increased on-premises hardware maintenance costs
C. Reduced cloud software licensing costs
D. Increased cloud hardware management costs

Correct Answer: A

A cloud migration strategy is the plan an organization makes to move its data and
applications from an on-premises architecture to the cloud.

https://shapingpixel.com/
127) A retail company stores their product inventory in a legacy system. Often, customers find products on the
company's website and want to purchase them in-store.
However, when they arrive, they discover that the products are out of stock.
How could the company benefit from using an application programming interface (API)?

A. To create personalized product recommendations for customers

B. To optimize their on-premises legacy system stability
C. By manually linking each inventory system to the website on a case-by-case basis
D. By programmatically connecting the inventory system to their website

Correct Answer: D

https://shapingpixel.com/
128) A hotel wants to modernize their legacy systems so that customers can make reservations through a mobile app.
What's the benefit of using an application programming interface (API) to do this?

A. They do not have to develop the end-user application

B. They can deprecate their legacy systems
C. They can transform their systems to be cloud-native
D. They do not have to rewrite the legacy system

Correct Answer: C

https://shapingpixel.com/
129) An organization has servers running mission-critical workloads on-premises around the world. They want to
modernize their infrastructure with a multi-cloud architecture.
What benefit could the organization experience?

A. Ability to disable regional network connectivity during cyber attacks

B. Ability to keep backups of their data on-premises in case of failure
C. Full management access to their regional infrastructure
D. Reduced likelihood of system failure during high demand events

Correct Answer: C

https://shapingpixel.com/
 130) An organization needs to run frequent updates for their business app.
Why should the organization use Google Kubernetes Engine (GKE)?

A. Customer expectations can be adjusted without using marketing tools

B. Seamless changes can be made without causing any application downtime. Most Voted
C. GKE handles version control seamlessly and out of the box
D. GKE is well suited for all monolithic applications

Correct Answer: D

https://cloud.google.com/architecture/migrating-a-monolithic-app-to-microservices-
gke#SnippetTab

https://shapingpixel.com/
131) An organization wants to use Apigee to manage all their application programming interfaces (APIs).
What will Apigee enable the organization to do?

A. Increase application privacy

B. Measure and track API performance Most Voted
C. Analyze application development speed
D. Market and sell APIs

Correct Answer: B

Apigee enables organizations to measure and track the performance of their APIs, including
traffic, usage, and response time

https://shapingpixel.com/
132) What is an example of unstructured data that organizations can capture from social media?

A. Post comments Most Voted

B. Tagging
C. Profile picture
D. Location

Correct Answer: C

https://shapingpixel.com/
 133) An organization relies on online seasonal sales for the majority of their annual revenue.
Why should the organization use App Engine for their customer app?

A. Automatically adjusts physical inventory in real time

B. Autoscales during peaks in demand Most Voted
C. Runs maintenance during seasonal sales
D. Recommends the right products to customers

Correct Answer: B

App Engine is a platform-as-a-service (PaaS) that allows an organization to deploy and

scale their web applications automatically. It can automatically adjust the number of
resources (such as servers) allocated to an application based on the amount of traffic it
receives.

https://shapingpixel.com/
134) Your organization recently migrated its compute workloads to Google Cloud. You want these workloads in Google
Cloud to privately and securely access your large volume of on-premises data, and you also want to minimize latency.
What should your organization do?

A. Use Storage Transfer Service to securely make your data available to Google Cloud
B. Create a VPC between your on-premises data center and your Google resources Most
C. Peer your on-premises data center to Google's Edge Network Most Voted
D. Use Transfer Appliance to securely make your data available to Google Cloud

Correct Answer: A

Creating a virtual private cloud (VPC) between your on-premises data center and your
Google Cloud resources is a good solution to allow your workloads in Google Cloud to
privately and securely access your large volume of on-premises data.
https://cloud.google.com/vpc/docs/configure-private-google-access-hybrid

https://shapingpixel.com/
135) Your organization consists of many teams. Each team has many Google Cloud projects. Your organization
wants to simplify the management of identity and access policies for these projects.
How can you group these projects to meet this goal?

A. Group each team's projects into a separate domain

B. Assign labels based on the virtual machines that are part of
each team's projects
C. Use folders to group each team's projects Most Voted
D. Group each team's projects into a separate organization node

Correct Answer: C
Folders are nodes in the Cloud Platform Resource Hierarchy. A folder can contain projects, other folders,
or a combination of both. Organizations can use folders to group projects under the organization node in
a hierarchy. For example, your organization might contain multiple departments, each with its own set of
Google Cloud resources. Folders allow you to group these resources on a per-department basis. Folders
are used to group resources that share common IAM policies. While a folder can contain multiple folders
or resources, a given folder or resource can have exactly one parent.
https://cloud.google.com/resource-manager/docs/creating-managing-folders

https://shapingpixel.com/
137) An organization needs to categorize text-based customer reviews on their website using a pre-trained
machine learning model.
Which Google Cloud product or service should the organization use?

A. Cloud Natural Language API Most Voted

B. Dialogflow
C. Recommendations AI
D. TensorFlow

Correct Answer: A

https://cloud.google.com/natural-language/

https://shapingpixel.com/
 137) Your team is publishing research results and needs to make large amounts of data available to other
researchers within the professional community and the public at minimum cost.
How should you host the data?

A. Use a Cloud Storage bucket and enable ‘Requester Pays’.

B. Use a Cloud Storage bucket and provide Signed URLs for the data files. Most Voted
C. Use a Cloud Storage bucket and set up a Cloud Interconnect connection to allow access to the data.
D. Host the data on-premises, and set up a Cloud Interconnect connection to allow access to the data.

Correct Answer: A

https://cloud.google.com/storage/docs/requester-pays

https://shapingpixel.com/
138) Your company needs to segment Google Cloud resources used by each team from the others. The teams'
efforts are changing frequently, and you need to reduce operational risk and maintain cost visibility. Which approach
does Google recommend?

A. One project per team.

B. One organization per team.
C. One project that contains all of each team's resources.
D. One top-level folder per team

Correct Answer: D

https://cloud.google.com/resource-manager/docs/creating-managing-folders

https://shapingpixel.com/
139) Your organization needs to restrict access to a Cloud Storage bucket. Only employees who are based in Canada
should be allowed to view the contents.
What is the most effective and efficient way to satisfy this requirement?

A. Deploy the Cloud Storage bucket to a Google Cloud region in Canada

B. Configure Google Cloud Armor to allow access to the bucket only from IP addresses
based in Canada
C. Give each employee who is based in Canada access to the bucket
D. Create a group consisting of all Canada-based employees, and give the group access
to the bucket

Correct Answer: B

https://cloud.google.com/armor/docs/common-use-cases

https://shapingpixel.com/
140) Your organization runs all its workloads on Compute Engine virtual machine instances. Your organization has a
security requirement: the virtual machines are not allowed to access the public internet. The workloads running on
those virtual machines need to access BigQuery and Cloud Storage, using their publicly accessible interfaces, without
violating the security requirement.
Which Google Cloud product or feature should your organization use?

A. Identity-Aware Proxy
B. Cloud NAT (network address translation)
C. VPC internal load balancers
D. Private Google Access

Correct Answer: D

https://cloud.google.com/vpc/docs/private-google-access

https://shapingpixel.com/