Google Cloud-Digital-Leader 시험

Question No : 1

A customer of yours has an SLA with their client that a particular service will respond within 4 sec-
onds. The end client has reported that it feels slower. Your engineers do a trial at the client site and notice that there seems to be a delay for many of the requests. It's your team's responsibility to identify the issue quickly within the strict timeline for fixes according to the contract, and then fix it.
What should you do?

• A.Recommend a move to serverless technologies which will scale automatically on demand.
• B.Add logging statements at multiple points in the application, build it, and deploy it. Now new requests will give us information on latency in the logs.
• C.Check if the browsers used by the client are different from yours. If they are, that's most likely the issue. Ensure that everybody uses the latest version of the browser that you are also using.
• D.Use Cloud Trace to collect latency data and track how requests propagate and why there is a delay.

답을 확인하기

정답:
Explanation:
Cloud Trace is a built-in tool in the Operations suite to identify issues like latency.
-> Such fixes are unlikely to change core issues like the service itself being architected or written sub-optimally. Though changes like browser, networking, etc. are helpful, it would be the wrong approach to first recommend that the customer upgrade all their hardware and software.
-> Rewriting code and logging information is going to be time consuming. In general though, logging should always be included in code and it can give good insights. But tracing is way more specific and comprehensive for this requirement.
-> In certain cases, we might identify scaling as the issue. But we should first identify the core problem. So, start with tracing. We can also achieve scale in server-ful technologies.
Reference link- https://cloud.google.com/trace

Question No : 2

What issues can arise when organizations integrate third-party systems into their cloud infrastructure?

• A.Third-party systems may not be powerful enough to run many critical business applications.
• B.Without sufficient security measures and regular checks, unsecured third-party systems can pose a threat to data security.
• C.Over-reliance on third-party systems limits an organization's potential for innovation.
• D.Third-party systems are less capable of addressing an organization's security requirements.

답을 확인하기

정답:
Explanation:
Because unsecured third-party systems are a cybersecurity threat.

Question No : 3

In terms of Cloud SQL for MySQL Features offered by Google Cloud Platform which of the statements is/are correct?

• A.Do not support Private IP (private service access).
• B.Customer data is encrypted on Google's internal networks and in database tables, temporary files, and backups.
• C.Do not Provide automated and on-demand backups and point-in-time recovery.
• D.None of the above

답을 확인하기

정답:
Explanation:
Cloud SQL for MySQL:
Features
- Fully managed MySQL Community Edition databases in the cloud.
- Cloud SQL instances support MySQL 8.0, 5.7 (default), and 5.6, and provide up to 624 GB of RAM and 64 TB of data storage, with the option to automatically increase the storage size, as needed.
- Create and manage instances in the Google Cloud Console.
- Instances are available in the Americas, EU, Asia, and Australia.
- Customer data is encrypted on Google's internal networks and in database tables, temporary files, and backups.
- Support for secure external connections with the Cloud SQL Auth proxy or with the SSL/TLS protocol.
- Support for private IP (private services access).
- Data replication between multiple zones with automatic failover.
- Import and export databases using mysqldump, or import and export CSV files.
- Support for MySQL wire protocol and standard MySQL connectors.
- Automated and on-demand backups and point-in-time recovery.
- Instance cloning.
- Integration with Google Cloud's operations suite logging and monitoring.

Question No : 4

You are a database manager working for a new product that will need millions of reading and writ-ing from the database, with zero downtime, key-value i.e. NoSQL features, no manual steps should be required to ensure consistency, repair data, synchronize writes and deletes,.
Which of the follow-ing database you choose?

• A.Cloud SQL
• B.Cloud BigTable
• C.Cloud Spanner
• D.Cloud Firestore

답을 확인하기

정답:
Explanation:
Cloud BigTable
Key features
High throughput at low latency
Bigtable is ideal for storing very large amounts of data in a key-value store and supports high read and write throughput at low latency for fast access to large amounts of data. Throughput scales linearly―you can increase QPS (queries per second) by adding Bigtable nodes. Bigtable is built with proven infrastructure that powers Google products used by billions such as Search and Maps. Cluster resizing without downtime
Scale seamlessly from thousands to millions of reads/writes per second. Bigtable throughput can be dynamically adjusted by adding or removing cluster nodes without restarting, meaning you can increase the size of a Bigtable cluster for a few hours to handle a large load, then reduce the cluster's size again―all without any downtime.
Flexible, automated replication to optimize any workload
Write data once and automatically replicate where needed with eventual consistency―giving you control for high availability and isolation of reading and write workloads. No manual steps are needed to ensure consistency, repair data, or synchronize writes and deletes. Benefit from a high availability SLA of 99.999% for instances with multi-cluster routing across 3 or more regions (99.9% for single-cluster instances).

Question No : 5

With respect to the Core Feature of Standby Instances of Cloud SQL which one of the options is correct.?

• A.The standby instance is used in high availability to replace the primary instance when failover occurs. The standby instance appears in the Google Cloud Console but does not get billed. When failover occurs, connections to the primary instance need to be manually transferred to the standby instance.
• B.The standby instance is used in high availability to replace the primary instance when failover occurs. The standby instance appears in the Google Cloud Console but does not get billed. When failover occurs, connections to the primary instance are automatically transferred to the standby instance.
• C.The standby instance is used in high availability to replace the primary instance when failover occurs. The standby instance doesn't appear in the Google Cloud Console. When failover occurs, connections to the primary instance are automatically transferred to the standby instance.
• D.None of the Above.

답을 확인하기

정답:
Explanation:
The standby instance is used in high availability to replace the primary instance when failover occurs. The standby instance doesn't appear in the Google Cloud Console. When failover occurs, connections to the primary instance are automatically transferred to the standby instance.
Cloud SQL Key Terms:
Cloud SQL instance
A Cloud SQL instance corresponds to one virtual machine (VM). The VM includes the database instance and accompanying software containers to keep the database instance up and running. Database instance
A database instance is the set of software and files that operate the databases: MySQL, PostgreSQL or
SQL Server.
High availability
Cloud SQL instances using high availability (HA) provide greater reliability than non-HA instances. HA in Cloud SQL works by having two synchronized instances: a primary instance and a standby instance. Each instance has exactly one VM. Each instance is in a different zone in the same region. Failover
A failover is when Cloud SQL switches serving from the original primary instance to the standby instance.
Auto failover is a mechanism that automatically triggers failover when a Cloud SQL instance didn't issue a heartbeat in the previous interval.
Standby instances
The standby instance is used in high availability to replace the primary instance when failover occurs. The standby instance doesn't appear in the Google Cloud Console. When failover occurs, connections to the primary instance are automatically transferred to the standby instance. Clone
When you clone a Cloud SQL instance, you create a new instance that is a copy of the source instance, but is completely independent. After cloning is complete, changes to the source instance are not reflected in the clone, and changes in the clone are not reflected in the source instance. Replication
Replication is the ability to create copies of a Cloud SQL instance or an on-premises database, and offload work to the copies. The main reason for using replication is to scale the use of data in a database without degrading performance on the primary instance. Read replica
The read replica is an exact copy of the primary instance. Data and other changes on the primary instance are updated in almost real time on the read replica. Send your write transactions to the primary instance, and your read requests to the read replica. The read replica processes queries, read requests, and analytics traffic, thus reducing the load on the primary instance. Source server
Replication copies transactions from a primary instance to one or more read replicas. The primary instance is also called the source server. The source server can be a Cloud SQL primary instance, or a server outside of Google Cloud, such as an on-premises server or a server running in a different cloud. If the source server is outside of Google Cloud, we call it Replication from an external server. Cloud SQL Auth proxy client
The Cloud SQL Auth proxy client is open source software maintained by Cloud SQL. It connects to a companion process, the Cloud SQL Auth proxy server, running on your Cloud SQL instance. You run the Cloud SQL Auth proxy client on your own servers. The Cloud SQL Auth proxy client can be used to establish a secure SSL/TLS connection to the database instance, and/or to avoid having to open the
firewall. Authentication is done through Identity and Access Management (IAM).

Question No : 6

You are working with the head of the IT team and planning the move of computing systems. The questionnaire indicates that they have a reporting application that runs almost 24 hours every day of the week. When there is extra load, it queues up the processing and executes tasks when there is less demand.
Which of these compute options would you recommend for them?

• A.Use a serverless option - App Engine Standard for Flex
• B.Use a server-based option - Compute Engine.
• C.Use a serverless option - Cloud Functions
• D.Serverless option - Cloud Run

답을 확인하기

정답:
Explanation:
- Because Compute Engine VMs are the preferred compute option as they are long-running.

Question No : 7

You are leading projects in an IT services company. Your customer's project requires analyzing im-ages. They have many 10s of 1000s of raw images that they have made available to you. Your small technology team needs to build a machine learning model. The images are unlabeled. You don't have the people or the capacity to label the images.
What is your approach?

• A.Look for open-source labeled images that closely resemble the given images.
• B.Request data labeling service from Google.
• C.Tell the customer it is their duty to label the images.
• D.Hire temporary workers who can quickly label the images.

답을 확인하기

정답:
Explanation:
Google's Data Labeling Service lets you work with human labelers to generate highly accurate labels for a collection of data that you can use in machine learning models.
Reference: -> https://cloud.google.com/vertex-ai/docs/datasets/data-labeling-job -> https://cloud.google.com/ai-platform/data-labeling/docs

Question No : 8

Your customer is making a decision on whether to move to Google Cloud. Their key concern is about 10,000 VMs that are part of their IT infrastructure used across more than 110 applications. They are apprehensive of too many changes at this stage. They want to get to Google Cloud in the easiest way possible with minimal disruption.
What option would you recommend for them?

• A.Use Migrate for Anthos
• B.Lift and shift the VMs to serverless options like App Engine Flex.
• C.Re-architect on-prem to use Kubernetes and then slowly extend and bridge the on-prem data center to the Google Cloud data center.
• D.Use Migrate for Compute

답을 확인하기

정답:
Explanation:
Migrate for Compute Engine’s advanced replication migration technology copies instance data to Google Cloud in the background with no interruptions to the source workload that’s running.



https://cloud.google.com/migrate/compute-engine

Question No : 9

A retail store has discovered a cost-effective solution for creating self-service kiosks. They can use existing check-out hardware and purchase a virtual customer service application.
Why do they also need an API?

• A.To connect the check-out hardware to the public cloud.
• B.To connect the new application with the legacy system.
• C.To migrate all customer data for disaster recovery.
• D.To update the check-out hardware remotely.

답을 확인하기

정답:
Explanation:
APIs can create new business value by connecting legacy systems (the checkout hardware) with new software (the virtual customer service application).

Question No : 10

Your team is working on building a machine learning model. There are a bunch of terminologies that are being used.
What is an "instance" or an "example"?

• A.An input variable is used in making predictions.
• B.g. number of rooms in a house price prediction model.
• C.One row of a dataset containing one or more input columns and possibly a prediction result.
• D.An answer for a prediction task,¬ either the answer produced by a machine learning system or the right answer supplied in training data.
• E.g. image contains a "cat".
• F.The "knobs" that you tweak during successive runs of training a model.
• G.g. learning rate

답을 확인하기

정답:
Explanation:
One row of a dataset containing one or more input columns and possibly a prediction result.



https://developers.google.com/machine-learning/guides/rules-of-ml#terminology

Question No : 11

A fitness band company is continuously ingesting data from millions of its consumers. Different kinds of data based on time, like location, heartbeat rate, temperature, movement, etc. are connect-ed.
They need a high throughput database that can write data very fast. Since their users are spread across the world, they need the database to be geographically scalable. Consumers also want to see near-real-time visualizations of their activities.
Which of these databases would be a good fit?

• A.Cloud SQL
• B.Bigtable
• C.Spanner
• D.Firestore

답을 확인하기

정답:
Explanation:
Bigtable is the best suited for time series data. It also has high read-write throughput and ability to scale globally.

Question No : 12

What are the network requirements for Private Google Access?

• A.Private Google Access automatically enables any AP
• B.Your network must have appropriate routes for the destination IP ranges used by Google APIs and services.
• C.Both A and B
• D.None of the Above

답을 확인하기

정답:
Explanation:
Network requirements for Private Google Access:
- Because Private Google Access is enabled on a per-subnet basis, you must use a VPC network. Legacy networks are not supported because they don't support subnets.
- Private Google Access does not automatically enable any API. You must separately enable the Google APIs you need to use via the APIs & services page in the Google Cloud Console.
- If you use the private.googleapis.com or the restricted.googleapis.com domain names, you'll need to create DNS records to direct traffic to the IP addresses associated with those domains.
- Your network must have appropriate routes for the destination IP ranges used by Google APIs and services. These routes must use the default internet gateway next hop. If you use
the private.googleapis.com or the restricted.googleapis.com domain names, you only need one route (per domain). Otherwise, you'll need to create multiple routes.
- Egress firewalls must permit traffic to the IP address ranges used by Google APIs and services. The implied allow egress firewall rule satisfies this requirement. For other ways to meet the firewall requirement.

Question No : 13

A partner of yours used to have their own private data center. Your company was already on Google Cloud and now they have also moved to Google Cloud. You are investigating whether there are ways to collaborate better or shared services.
What would be one good option to consider?

• A.Use Private Service Access within Google Cloud.
• B.Use VPC Peering to share resources privately between your two organizations.
• C.Use public IP addresses as before. It will automatically be routed internally only.
• D.Use VPC Shared Networks to share common resources.

답을 확인하기

정답:
Explanation:
VPC Network Peering allows internal IP address connectivity across two Virtual Private Cloud (VPC)
networks regardless of whether they belong to the same project or the same organization.
-> Shared VPC is only within an organization - it allows an organization to connect resources from multiple projects to a common Virtual Private Cloud (VPC) network, so that they can communicate with each other securely and efficiently using internal IPs from that network. -> Private Google Access is only to access Google APIs and services
Reference: -> https://cloud.google.com/vpc/docs/vpc-peering
-> https://cloud.google.com/vpc/docs/private-google-access -> https://cloud.google.com/vpc/docs/shared-vpc

Question No : 14

What are the key features of Google Cloud Identity.

• A.Multi-factor authentication (MFA)
• B.Single sign-on (SSO)
• C.Works with your favorite apps and Endpoint management
• D.All of the Above

답을 확인하기

정답:
Explanation:
Cloud Identity:
A unified identity, access, app, and endpoint management (IAM/EMM) platform.
- Give users easy access to apps with single sign-on.
- Multi-factor authentication protects user and company data.
- Endpoint management enforces policies for personal and corporate devices
KEY FEATURES:
Modernize IT and strengthen security
Multi-factor authentication (MFA)
Help protect your user accounts and company data with a wide variety of MFA verification methods
such as push notifications, Google Authenticator, phishing-resistant Titan Security Keys, and using
your Android or iOS device as a security key.
Endpoint management
Improve your company’s device security posture on Android, iOS, and Windows devices using a unified console. Set up devices in minutes and keep your company data more secure with endpoint management. Enforce security policies, wipe company data, deploy apps, view reports, and export details.
Single sign-on (SSO)
Enable employees to work from virtually anywhere, on any device, with single sign-on to thousands of pre-integrated apps, both in the cloud and on-premises. Works with your favorite apps
Cloud Identity integrates with hundreds of cloud applications out of the box―and we’re constantly adding more to the list so you can count on us to be your single identity platform today and in the future.

Question No : 15

Your Google Cloud Platform [GCP] admin has to manage a bunch of API keys for external services that are accessed by different applications, which are used by a few teams.
What is the best way to manage them?

• A.Share the information in a Github repository and grant access to the repo in IAM as required.
• B.Store the information in Secret Manager and give IAM read permissions as re-quired.
• C.Store the information in Kubernetes Secrets and only grant read permissions to users as required.
• D.Encrypt the information and store it in Cloud Storage for centralized access. Give the decrypt key only to the users who need to access it.

답을 확인하기

정답:
Explanation:
Store the information in Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data. Secret Manager provides a central place and single source of truth to manage access, and audit secrets across Google Cloud. https://cloud.google.com/secret-manager