Google Associate Cloud Engineer - Practice Test 3
A company based in Boston, MA (United States) operates a mission-critical analytics pipeline that continuously processes data stored in Google Cloud Storage. You need to configure the optimal data storage solution to minimize costs while ensuring high availability and performance for these frequently accessed files. What is the most appropriate configuration?
For 'mission-critical' data that is 'used continually,' the Standard storage class is required due to its high availability and low latency, which is suitable for frequently accessed data. While 'mission-critical' might suggest multi-regional for some, the primary concern here is continuous access for users in a single geographic location (Boston), making regional storage sufficient for cost optimization and performance. Regional storage provides zonal redundancy, which is typically adequate for localized high availability.
You are deploying several applications on distinct Compute Engine instances within the same Google Cloud project. You need to ensure that each instance uses a specific, granular service account when interacting with Google Cloud APIs. What is the most appropriate method to achieve this?
To ensure granular control over which service account a Compute Engine instance uses for Google Cloud API calls, the service account should be explicitly specified during instance creation. This directly associates the desired service account with the instance. While service accounts can be updated post-creation, specifying them at creation is the most efficient and recommended practice.
Your organization manages multiple Google Cloud projects under a unified billing account. You need to create a solution to visualize cost metrics that are dynamically calculated based on custom business rules and automate the data pipeline. What is the most effective approach to achieve this?
The key requirements are dynamic calculations and automation. Exporting billing data to BigQuery provides a robust, automated pipeline for detailed cost data. Looker Studio can then connect directly to BigQuery to create dynamic, custom dashboards, fulfilling all specified needs.
Your application is deployed on Google Cloud within a managed instance group (MIG). You observe errors in Cloud Logging indicating that a process on one specific VM is unresponsive. You need to quickly replace this problematic VM within the MIG. What is the most efficient way to achieve this?
The `gcloud compute instance-groups managed recreate-instances` command is specifically designed to recreate one or more instances within a MIG, which is the most direct and efficient method for replacing a problematic VM. This command ensures that a new VM is provisioned based on the current instance template, effectively replacing the unresponsive one. While the console option 'Replace VMs' might seem similar, the `gcloud` command provides a programmatic and often quicker way to target a specific instance for recreation.
You need to configure secure SSH access to a specific Compute Engine instance for a group of users named 'dev1'. These users should only be able to connect to this single instance within the Google Cloud project. What is the most appropriate method to achieve this?
OS Login allows you to manage SSH access to Compute Engine instances using IAM roles. By enabling OS Login on the instance and granting the 'compute.osLogin' role to the 'dev1' group, you provide them with SSH access controlled at the instance level. This method centralizes user access management and avoids distributing SSH keys, which is a security best practice.