Scenario Based MCQ Questions and Answers

Mastering Scenario Based is crucial for cloud certification success. This dedicated practice set features 231 Scenario Based MCQ questions and answers designed to mirror real exam scenarios across various GCP certifications.

📝 231 Questions⏱️ 90 min🎯 Pass: 70%

About Scenario Based Practice Questions

This detailed quiz focuses on Scenario Based, covering key concepts and scenarios often found in GCP exams.

  • Comprehensive coverage of Scenario Based features.
  • Scenario-based questions testing design and troubleshooting skills.
  • Detailed explanations to reinforce learning.

All 231 Scenario Based Questions

Browse through the complete list of questions and answers below. Use this resource to review specific concepts or check your understanding of Scenario Based.

1

A retail company needs to store petabytes of customer transaction data and run complex SQL queries for monthly reporting. Which service is the best fit?

BigQuery
Dataprep
Cloud Dataproc
Data Fusion
View Explanation
✓ Correct Answer: BigQueryExplanation:BigQuery is designed for large-scale data warehousing and analytics.
2

Your company wants to migrate an existing MySQL database to the cloud but doesn't want to manage the operating system or database patching. What should they use?

Cloud SQL
Cloud Spanner
Cloud KMS
AlloyDB
View Explanation
✓ Correct Answer: Cloud SQLExplanation:Cloud SQL is a managed relational database service.
3

A startup wants to build a chatbot for their website that can understand natural language and answer common customer questions. Which service should they use?

Dialogflow
Speech-to-Text
Vision API
AutoML
View Explanation
✓ Correct Answer: DialogflowExplanation:Dialogflow is the primary service for building conversational interfaces.
4

An organization needs to store medical records for 10 years for compliance. The records are rarely accessed but must be available within a few hours if requested. Which Cloud Storage class is most cost-effective?

Archive Storage
Standard Storage
Nearline Storage
Coldline Storage
View Explanation
✓ Correct Answer: Archive StorageExplanation:Archive storage is designed for long-term data preservation at the lowest cost.
5

You are hosting a global web application and want to ensure that users in Europe and Asia experience low latency. Which service will cache your static content at edge locations?

Cloud CDN
Network Service Tiers
Cloud Load Balancing
Cloud DNS
View Explanation
✓ Correct Answer: Cloud CDNExplanation:Cloud CDN uses Google's global network to serve content closer to users.
6

Your security team wants to be alerted if any user in the GCP project attempts to delete a critical Cloud Storage bucket. Which service can provide this monitoring?

Cloud Audit Logs and Cloud Monitoring
Cloud Armor
VPC Firewalls
Identity Platform
View Explanation
✓ Correct Answer: Cloud Audit Logs and Cloud MonitoringExplanation:Audit logs record activities, and Monitoring can trigger alerts based on those logs.
7

A developer wants to run a small piece of Node.js code whenever a new file is uploaded to a Cloud Storage bucket. Which service is the best fit for this event-driven task?

Cloud Functions
App Engine
Cloud Run
Compute Engine
View Explanation
✓ Correct Answer: Cloud FunctionsExplanation:Cloud Functions is the standard serverless choice for simple, event-driven logic.
8

A company is moving a massive 200 Terabyte dataset from their on-premises data center to Google Cloud. Their internet connection is slow. What should they use to transfer the data physically?

Transfer Appliance
Cloud Storage Transfer Service
BigQuery Data Transfer Service
Cloud Interconnect
View Explanation
✓ Correct Answer: Transfer ApplianceExplanation:Transfer Appliance is a physical device used for offline data migration.
9

You need to define your infrastructure (VMs, networks, and databases) using code so that you can reproduce your environment exactly. Which GCP service provides this capability?

Cloud Deployment Manager
App Engine
Cloud Build
Artifact Registry
View Explanation
✓ Correct Answer: Cloud Deployment ManagerExplanation:Deployment Manager is GCP's native Infrastructure-as-Code service.
10

Which Google Cloud whitepaper or framework provides best practices for designing and operating reliable, secure, and cost-optimized systems?

Google Cloud Architecture Framework
Google Cloud Adoption Framework
Google SRE Book
The Google Cloud SLA
View Explanation
✓ Correct Answer: Google Cloud Architecture FrameworkExplanation:The Architecture Framework provides the guiding principles for well-architected systems.
11

An enterprise wants to ensure that its developers can only access Google Cloud resources from the company's approved network locations. Which service should they use?

VPC Service Controls
Cloud IAM
Cloud Armor
Identity-Aware Proxy
View Explanation
✓ Correct Answer: VPC Service ControlsExplanation:VPC Service Controls help define a security perimeter around your data and services.
12

A university wants to provide virtual Windows desktops to its students so they can access specialized software remotely. Which GCP solution is tailored for this?

Chrome Enterprise or specialized GCE images
Dialogflow
Cloud Workstations
Cloud Shell
View Explanation
✓ Correct Answer: Cloud WorkstationsExplanation:Cloud Workstations provides managed development environments in the cloud.
13

To improve security, your team wants to rotate database passwords every 30 days automatically. Which service is designed to manage and rotate these secrets?

Secret Manager
Cloud Armor
Cloud Identity
Cloud KMS
View Explanation
✓ Correct Answer: Secret ManagerExplanation:Secret Manager is the central place to store and rotate sensitive information.
14

A gaming company needs a database that can handle millions of users globally with high transactional consistency and 99.999% availability. Which service should they choose?

Cloud Spanner
Cloud SQL
AlloyDB
Data Catalog
View Explanation
✓ Correct Answer: Cloud SpannerExplanation:Spanner is the only relational database that provides global scale and the highest level of availability.
15

A developer wants to quickly deploy a containerized web application without managing any servers or clusters. Which 'serverless container' service is best?

Cloud Run
Google Compute Engine
Google Kubernetes Engine (GKE)
Preemptible VMs
View Explanation
✓ Correct Answer: Cloud RunExplanation:Cloud Run allows you to run containers in a fully managed environment.
16

Your organization uses both GCP and AWS. You need a single dashboard to monitor the health of all your cloud resources. Which service provides this capability?

Cloud Monitoring
Cloud Trace
Cloud Build
Cloud Logging
View Explanation
✓ Correct Answer: Cloud MonitoringExplanation:Google Cloud Monitoring is designed to be multi-cloud and can ingest metrics from AWS.
17

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Cluster Placement or Proximity Placement Groups
Cloud Load Balancing
Virtual Private Cloud (VPC) peering
Spread Placement Groups
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
18

What is the primary benefit of the 'Google Cloud Free Tier' for new users?

It provides a $300 credit and access to 'Always Free' resources to learn and test the platform
It makes all services free forever
It gives you a free Google Pixel phone
It allows you to bypass security rules
View Explanation
✓ Correct Answer: It provides a $300 credit and access to 'Always Free' resources to learn and test the platformExplanation:The free tier is intended to help users get started with Google Cloud at no cost.
19

A company wants to identify which of its thousands of images contain a company logo. Which pre-trained AI service should they use?

Cloud Vision AI
Vertex AI Search
Cloud Video AI
Document AI
View Explanation
✓ Correct Answer: Cloud Vision AIExplanation:Cloud Vision AI can detect objects, faces, and logos within images.
20

Which Google Cloud service provides a list of all compliance reports (like SOC, ISO, and PCI-DSS) that Google has achieved for its data centers?

Compliance Reports Manager
Cloud Audit Logs
Secret Manager
Policy Troubleshooter
View Explanation
✓ Correct Answer: Compliance Reports ManagerExplanation:Google provides a central portal for all compliance-related documentation.
21

Scenario: A company wants to host a public website that must be reachable via a single IP address globally. Which load balancer should they use?

Global HTTP(S) Load Balancer
Network Load Balancer
Internal HTTP(S) Load Balancer
Cloud DNS
View Explanation
✓ Correct Answer: Global HTTP(S) Load BalancerExplanation:Global load balancers provide a single anycast IP.
22

Scenario: An administrator needs to move 50TB of data from their on-premises server to Google Cloud Storage. They have a slow internet connection. What is the BEST option?

Transfer Appliance
gsutil cp
gcloud storage cp
Cloud VPN
View Explanation
✓ Correct Answer: Transfer ApplianceExplanation:Transfer Appliance is a physical device for offline large-scale data migration.
23

Scenario: A developer wants to run a background task every day at midnight to generate reports from BigQuery data. They want a serverless, low-cost solution. Which service combination is BEST?

Cloud Scheduler + Cloud Functions
Cron job on a GCE VM
Cloud Run (always on)
Compute Engine with a Windows task
View Explanation
✓ Correct Answer: Cloud Scheduler + Cloud FunctionsExplanation:Cloud Scheduler can trigger serverless functions on a schedule.
24

Scenario: To reduce costs, a company wants to ensure that all VMs in their production project are shutdown every weekend automatically. Which feature should they use?

Instance Schedules (Compute Engine)
Cloud Billing alerts
IAM roles
Budget limits
View Explanation
✓ Correct Answer: Instance Schedules (Compute Engine)Explanation:Instance schedules allow you to define start/stop times for VM instances.
25

Scenario: An organization needs to ensure that the data stored in their Cloud Storage buckets is encrypted using keys that they rotate and manage themselves. Which service is and feature are needed?

Cloud KMS + CMEK
IAM + ACLs
Cloud SQL + TDE
Secret Manager + SAS
View Explanation
✓ Correct Answer: Cloud KMS + CMEKExplanation:CMEK allows for customer-managed encryption in GCS.
26

Scenario: A team wants to deploy a web application to the nearest region to their users in London. They don't want to manage servers and only want to pay when a request is active. Which service should they use?

Cloud Run (in europe-west2)
GKE Standard Cluster
App Engine Standard
Compute Engine VM
View Explanation
✓ Correct Answer: Cloud Run (in europe-west2)Explanation:Cloud Run is a serverless, request-based container platform.
27

Scenario: To improve security, a company wants to ensure that developers can only access the Google Cloud Console if they are on the corporate network (specific CIDR). Which feature should be used?

Context-Aware Access (Cloud Identity)
IAM Roles
VPC Firewall Rules
VPC Service Controls
View Explanation
✓ Correct Answer: Context-Aware Access (Cloud Identity)Explanation:Context-Aware Access (Access Context Manager) allows for location-based security policies.
28

Scenario: To lower latency for users in Europe, a company wants to cache video files at the edge. Solution?

Cloud CDN
Network Service Tiers
Cloud Load Balancing
Cloud DNS
View Explanation
✓ Correct Answer: Cloud CDNExplanation:CDN caches content at PoPs.
29

Scenario: You need to extract tables and key-value pairs from thousands of scanned PDF invoices. Solution?

Document AI Form Parser
Cloud Vision API
BigQuery
Cloud Storage
View Explanation
✓ Correct Answer: Document AI Form ParserExplanation:Form Parser extracts structured data.
30

Scenario: A company wants to run a legacy SQL Server database on GCP without managing the OS. Solution?

Cloud SQL for SQL Server
Compute Engine with SQL installed
Cloud Spanner
BigQuery
View Explanation
✓ Correct Answer: Cloud SQL for SQL ServerExplanation:Cloud SQL handles managed SQL Server.
31

Scenario: You want to host a simple static website with the lowest possible cost. Solution?

Cloud Storage bucket (static website hosting)
Compute Engine VM
Cloud Run
App Engine
View Explanation
✓ Correct Answer: Cloud Storage bucket (static website hosting)Explanation:GCS is the cheapest for static sites.
32

Scenario: You need to build a pipeline that automatically trains a model when new data arrives in BigQuery. Solution?

Vertex AI Pipelines
Cloud Functions
Cloud Build
Compute Engine
View Explanation
✓ Correct Answer: Vertex AI PipelinesExplanation:Vertex AI Pipelines orchestrate ML workflows.
33

Scenario: An organization needs a high-performance, consistent-latency connection to GCP for their on-prem data center. Solution?

Cloud Interconnect
Cloud VPN
Virtual Private Cloud (VPC)
Cloud Load Balancing
View Explanation
✓ Correct Answer: Cloud InterconnectExplanation:Interconnect offers deterministic performance.
34

Scenario: A developer needs to quickly test a new containerized app globally without setting up a cluster. Solution?

Cloud Run
Google Kubernetes Engine (GKE)
App Engine
Spot VMs
View Explanation
✓ Correct Answer: Cloud RunExplanation:Cloud Run is for fast, serverless container deployments.
35

Scenario: You must identify and redact social security numbers from user-uploaded text records. Solution?

Cloud DLP
Cloud Armor
Cloud KMS
Cloud Logging
View Explanation
✓ Correct Answer: Cloud DLPExplanation:DLP handles PII redaction.
36

Scenario: You want to run a web app that requires custom OS drivers and high-end GPUs. Solution?

Compute Engine
Cloud Run
GKE
App Engine
View Explanation
✓ Correct Answer: Compute EngineExplanation:GCE provides full OS and hardware control.
37

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Virtual Private Cloud (VPC) peering
Cluster Placement or Proximity Placement Groups
Spread Placement Groups
Cloud Load Balancing
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
38

Scenario: A company wants to connect multiple branch offices to their GCP VPC over the public internet. Solution?

Cloud VPN
Cloud Load Balancing
Cloud DNS
Virtual Private Cloud (VPC)
View Explanation
✓ Correct Answer: Cloud VPNExplanation:Cloud VPN uses IPsec over the internet.
39

Scenario: You are designing a hybrid cloud architecture where your on-premises app needs to trigger a serverless function in GCP when a database change occurs. Solution?

On-prem app -> Cloud Pub/Sub -> Cloud Functions
On-prem app -> Direct Cloud Function call (exposed public IP)
On-prem app -> GCS bucket -> Cloud Functions
Cloud VPN and Shared VPC
View Explanation
✓ Correct Answer: On-prem app -> Cloud Pub/Sub -> Cloud FunctionsExplanation:Cloud Pub/Sub provides an asynchronous, scalable, and decoupled messaging layer that can be securely triggered from on-premises sources to invoke serverless logic in GCP.
40

Scenario: You are deploying a mission-critical application and want to minimize the risk of a single human making a catastrophic change. Solution?

Implement 'Multi-Party Approval' for critical operations via customized workflows or specialized IAM proxying
Use 'Owner' role for everyone
Trust and Verify
Use the Activity API to monitor
View Explanation
✓ Correct Answer: Implement 'Multi-Party Approval' for critical operations via customized workflows or specialized IAM proxyingExplanation:Multi-party approval (using tools like Terraform with PR approvals or customized automation) is a key architectural safeguard for high-stakes environments.
41

Scenario: To lower the cost of a high-end AI training workload, you want to use GPUs that can be reclaimed by Google with a 1-minute notice. What should you use?

Preemptible/Spot GPUs
Standard GPUs
TPU pods (Always on)
CPU-based training
View Explanation
✓ Correct Answer: Preemptible/Spot GPUsExplanation:Spot/Preemptible GPUs offer significant discounts (up to 91%) for fault-tolerant workloads that can handle interruptions.
42

Scenario: A fintech startup wants to launch a new app in 5 different global regions simultaneously with a single SSL-encrypted endpoint. Solution?

Global HTTP(S) Load Balancer with backends in all five regions
Five different regional load balancers with Geo-DNS
A single VM in London
VPC Network Peering
View Explanation
✓ Correct Answer: Global HTTP(S) Load Balancer with backends in all five regionsExplanation:The Global Load Balancer provides a single Anycast IP address that automatically routes users to the nearest healthy region, simplifying global deployment.
43

Scenario: To lower the RTO of a disaster recovery plan, an architect wants to maintain a 'Pilot Light' environment in a secondary region. Which GCE configuration should they use?

MIG with 1 instance in the DR region and data replication enabled
Complete copy of the production environment running 24/7
Backup files on a local disk
Cloud VPN
View Explanation
✓ Correct Answer: MIG with 1 instance in the DR region and data replication enabledExplanation:A 'Pilot Light' architecture involves keeping a minimal version of your environment always running in the secondary region, with core data synchronized and ready to scale out if needed.
44

Scenario: You want to ensure that if your on-premises data center is hit by a disaster, your primary business applications in GCP can continue to run with zero manual reconfiguration of networking. Solution ?

Use Cloud Router with BGP for dynamic routing between on-prem and GCP via VPN/Interconnect
Use static routes
Manually update the IPs of your VMs
Use a public load balancer
View Explanation
✓ Correct Answer: Use Cloud Router with BGP for dynamic routing between on-prem and GCP via VPN/InterconnectExplanation:Cloud Router with BGP automatically discovers and propagates network changes, ensuring seamless connectivity and failover without manual intervention.
45

Scenario: You want to ensure that your CI/CD pipeline in Cloud Build can only deploy to a GKE cluster if the build was triggered by a specific branch in your Git repository. Solution ?

Use 'Build Triggers' with branch filtering in Cloud Build
Manually trigger every build
Use IAM roles on the developer accounts
Use VPC Service Controls
View Explanation
✓ Correct Answer: Use 'Build Triggers' with branch filtering in Cloud BuildExplanation:Cloud Build triggers allow you to automate builds based on events in source control, with fine-grained filters for branches, tags, and pull requests.
46

Scenario: You are designing a globally distributed application that requires a single anycast IP address to route users to the closest healthy region. Solution ?

Global External HTTP(S) Load Balancer
Regional External Load Balancer
Cloud DNS with Weighted Round Robin
VPC Network Peering
View Explanation
✓ Correct Answer: Global External HTTP(S) Load BalancerExplanation:The Global Load Balancer is the only one that provides a single global IP address and performs geography-based routing natively on the Google network.
47

Scenario: To minimize the blast radius of a potential credential theft, you want to ensure that your developers can only access the production GCP project during business hours. Solution ?

IAM Conditions (Time-restricted access)
Deleting their roles at 5 PM every day
Changing the passwords daily
VPC Service Controls
View Explanation
✓ Correct Answer: IAM Conditions (Time-restricted access)Explanation:IAM Conditions can restrict role grants based on several factors, including the day of the week and the time of the day.
48

Scenario: You are designing a data lake and want to move objects from a standard bucket to a Coldline bucket after 30 days of no access. Solution ?

Object Lifecycle Management rule (Age: 30 days)
Manual migration
Cloud Dataflow
There is no way
View Explanation
✓ Correct Answer: Object Lifecycle Management rule (Age: 30 days)Explanation:Lifecycle management rules are the standard, automated way to transition data between storage classes.
49

Scenario: To improve security for a financial application, an architect wants to ensure that all database access from GKE pods is encrypted and authenticated using IAM identities, not static passwords. Solution ?

Use the Cloud SQL Auth Proxy with IAM database authentication
Use a VPC firewall rule
Use hardcoded passwords in K8s secrets
Use a public IP for the database
View Explanation
✓ Correct Answer: Use the Cloud SQL Auth Proxy with IAM database authenticationExplanation:IAM database authentication allows you to login to Cloud SQL using IAM credentials, eliminating the risk of stolen or leaked database passwords.
50

Scenario: You want to ensure that all data stored in a specific Cloud Storage bucket is automatically deleted after 7 years to comply with data privacy regulations. Solution ?

Object Lifecycle Management rule (Age: 2555 days, Action: Delete)
Bucket Lock
A daily script to delete old data
Cloud Dataflow
View Explanation
✓ Correct Answer: Object Lifecycle Management rule (Age: 2555 days, Action: Delete)Explanation:Lifecycle rules are the ideal, native way to automate data deletion based on age in Cloud Storage.
51

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Spread Placement Groups
Virtual Private Cloud (VPC) peering
Cloud Load Balancing
Cluster Placement or Proximity Placement Groups
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
52

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?

Preemptible VMs
Cloud Run
Google Compute Engine
Google Cloud Functions
View Explanation
✓ Correct Answer: Google Cloud FunctionsExplanation:Google Cloud Functions is a serverless compute service that automatically scales with demand, making it ideal for unpredictable traffic without infrastructure management.
53

A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?

Cloud SQL
Cloud Spanner
Data Fusion
AlloyDB
View Explanation
✓ Correct Answer: Cloud SQLExplanation:Cloud SQL is a fully managed relational database service that supports high availability and automated backups out of the box.
54

You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?

Persistent Disk
Cloud SQL
Google Compute Engine running a web server
Google Cloud Storage configured for static website hosting
View Explanation
✓ Correct Answer: Google Cloud Storage configured for static website hostingExplanation:Google Cloud Storage supports static website hosting directly, offering high durability and low cost compared to running a VM.
55

Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?

Cloud Load Balancing
Virtual Private Cloud (VPC)
Cloud CDN
Cloud DNS
View Explanation
✓ Correct Answer: Cloud CDNExplanation:Cloud CDN caches content at edge locations around the world, significantly reducing latency for global users.
56

Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?

Virtual Private Cloud (VPC)
Cloud Key Management Service
Cloud IAM
Google Cloud Armor
View Explanation
✓ Correct Answer: Google Cloud ArmorExplanation:Google Cloud Armor provides always-on detection and automatic inline mitigations to minimize application downtime and latency during a DDoS attack.
57

Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?

Cloud Key Management Service
Google Cloud Armor
Cloud IAM
Google Cloud Storage
View Explanation
✓ Correct Answer: Cloud Key Management ServiceExplanation:Cloud Key Management Service is a managed service that makes it easy to create and control the cryptographic keys used to encrypt your data.
58

You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?

Looker
Cloud Dataflow
Data Catalog
BigQuery
View Explanation
✓ Correct Answer: BigQueryExplanation:BigQuery is designed for large-scale data warehousing and analytics, allowing you to run SQL queries on petabytes of data.
59

Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?

Cloud Storage Archive
Google Cloud Functions
Cloud SQL
Cloud Firestore (or Stream service)
View Explanation
✓ Correct Answer: Cloud Firestore (or Stream service)Explanation:High-throughput ingestion is a core use case for scalable services like Cloud Firestore or dedicated streaming services.
60

Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?

Cloud Deployment Manager
Cloud Build
Google Compute Engine
Cloud Source Repositories
View Explanation
✓ Correct Answer: Cloud Deployment ManagerExplanation:Cloud Deployment Manager allows you to model and provision all your cloud infrastructure resources through code templates.
61

You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?

Active Assist
Cloud Trace
Cloud Monitoring
Cloud Build
View Explanation
✓ Correct Answer: Cloud BuildExplanation:Cloud Build is a fully managed build service that compiles source code, runs tests, and produces software packages.
62

A law firm wants to digitize millions of scanned contracts. You need an AI service to extract text, forms, and tables from these PDF documents automatically. Which service is designed for this?

AutoML
Speech-to-Text
Document AI
Translation API
View Explanation
✓ Correct Answer: Document AIExplanation:Document AI uses machine learning to extract text, handwriting, and data from scanned documents.
63

You are building a customer support chatbot that needs to understand natural language intent (e.g., 'book a flight'). Which service provides Natural Language Understanding (NLU) capabilities?

Translation API
Dialogflow
Natural Language API
Vision API
View Explanation
✓ Correct Answer: DialogflowExplanation:Dialogflow provides conversational AI capabilities to build interfaces like chatbots that understand natural language.
64

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?

AutoML
Speech-to-Text
Vertex AI
Vision API
View Explanation
✓ Correct Answer: Vertex AIExplanation:Vertex AI is the comprehensive platform for the entire machine learning lifecycle, from building models to deployment.
65

You need to grant developers read-only access to Google Cloud Storage buckets without giving them access to other services. What's the best approach using Cloud IAM?

Create long-term access keys for each developer
Share full administrative credentials
Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a group
Use Google Compute Engine instance profiles
View Explanation
✓ Correct Answer: Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a groupExplanation:Cloud IAM allows you to define granular permissions. Attaching policies to groups follows the principle of least privilege and simplifies management.
66

Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?

Cloud IAM Users with Multi-Factor Authentication
Create duplicate users in both accounts
Share access keys between accounts
Cloud IAM Roles with cross-account access
View Explanation
✓ Correct Answer: Cloud IAM Roles with cross-account accessExplanation:Cloud IAM Roles allow secure cross-account access without sharing long term credentials. Users can assume roles temporarily.
67

Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?

Google Cloud Functions
General Purpose instances
Memory Optimized instances
Compute Optimized Google Compute Engine instances
View Explanation
✓ Correct Answer: Compute Optimized Google Compute Engine instancesExplanation:Compute Optimized Google Compute Engine instances provide high-performance processors ideal for compute-intensive applications.
68

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Virtual Private Cloud (VPC) peering
Cloud Load Balancing
Cluster Placement or Proximity Placement Groups
Spread Placement Groups
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
69

Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?

Local SSD
Cloud Storage Coldline
Persistent Disk
Cloud Storage Nearline
View Explanation
✓ Correct Answer: Persistent DiskExplanation:Persistent Disk volumes persist independently from virtual machine instances and can be attached/detached as needed.
70

You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?

Cloud SQL backups
Google Cloud Storage versioning
Persistent Disk Snapshots
Google Compute Engine Image/AMI
View Explanation
✓ Correct Answer: Persistent Disk SnapshotsExplanation:Persistent Disk Snapshots are incremental backups typically stored in Google Cloud Storage, providing point-in-time recovery.
71

You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?

Virtual Private Cloud (VPC)
Cloud CDN
Cloud Interconnect
Cloud DNS
View Explanation
✓ Correct Answer: Virtual Private Cloud (VPC)Explanation:Virtual Private Cloud (VPC) enables you to launch cloud resources in a logically isolated virtual network with full control over IP addressing, subnets, and routing.
72

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?

Google Cloud Functions
Google Compute Engine
Google Kubernetes Engine (GKE)
App Engine
View Explanation
✓ Correct Answer: Google Cloud FunctionsExplanation:Google Cloud Functions is a serverless compute service that automatically scales with demand, making it ideal for unpredictable traffic without infrastructure management.
73

A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?

Cloud SQL
AlloyDB
Cloud Spanner
AutoML
View Explanation
✓ Correct Answer: Cloud SQLExplanation:Cloud SQL is a fully managed relational database service that supports high availability and automated backups out of the box.
74

You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?

Google Cloud Storage configured for static website hosting
Persistent Disk
Cloud SQL
Google Compute Engine running a web server
View Explanation
✓ Correct Answer: Google Cloud Storage configured for static website hostingExplanation:Google Cloud Storage supports static website hosting directly, offering high durability and low cost compared to running a VM.
75

Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?

Cloud CDN
Virtual Private Cloud (VPC)
Cloud VPN
Network Service Tiers
View Explanation
✓ Correct Answer: Cloud CDNExplanation:Cloud CDN caches content at edge locations around the world, significantly reducing latency for global users.
76

Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?

Cloud Key Management Service
Cloud IAM
Google Cloud Armor
Virtual Private Cloud (VPC)
View Explanation
✓ Correct Answer: Google Cloud ArmorExplanation:Google Cloud Armor provides always-on detection and automatic inline mitigations to minimize application downtime and latency during a DDoS attack.
77

Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?

Google Cloud Armor
Cloud IAM
Google Cloud Storage
Cloud Key Management Service
View Explanation
✓ Correct Answer: Cloud Key Management ServiceExplanation:Cloud Key Management Service is a managed service that makes it easy to create and control the cryptographic keys used to encrypt your data.
78

You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?

Cloud Pub/Sub
Data Fusion
Cloud Dataproc
BigQuery
View Explanation
✓ Correct Answer: BigQueryExplanation:BigQuery is designed for large-scale data warehousing and analytics, allowing you to run SQL queries on petabytes of data.
79

Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?

Google Cloud Functions
Cloud SQL
Cloud Storage Archive
Cloud Firestore (or Stream service)
View Explanation
✓ Correct Answer: Cloud Firestore (or Stream service)Explanation:High-throughput ingestion is a core use case for scalable services like Cloud Firestore or dedicated streaming services.
80

Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?

Cloud Deployment Manager
Google Compute Engine
Cloud Build
Cloud Source Repositories
View Explanation
✓ Correct Answer: Cloud Deployment ManagerExplanation:Cloud Deployment Manager allows you to model and provision all your cloud infrastructure resources through code templates.
81

You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?

Active Assist
Cost Management
Cloud Build
Cloud Monitoring
View Explanation
✓ Correct Answer: Cloud BuildExplanation:Cloud Build is a fully managed build service that compiles source code, runs tests, and produces software packages.
82

A law firm wants to digitize millions of scanned contracts. You need an AI service to extract text, forms, and tables from these PDF documents automatically. Which service is designed for this?

Translation API
AutoML
Speech-to-Text
Document AI
View Explanation
✓ Correct Answer: Document AIExplanation:Document AI uses machine learning to extract text, handwriting, and data from scanned documents.
83

You are building a customer support chatbot that needs to understand natural language intent (e.g., 'book a flight'). Which service provides Natural Language Understanding (NLU) capabilities?

Vertex AI
Dialogflow
Speech-to-Text
Document AI
View Explanation
✓ Correct Answer: DialogflowExplanation:Dialogflow provides conversational AI capabilities to build interfaces like chatbots that understand natural language.
84

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?

Vertex AI
AutoML
Dialogflow
Speech-to-Text
View Explanation
✓ Correct Answer: Vertex AIExplanation:Vertex AI is the comprehensive platform for the entire machine learning lifecycle, from building models to deployment.
85

You need to grant developers read-only access to Google Cloud Storage buckets without giving them access to other services. What's the best approach using Cloud IAM?

Share full administrative credentials
Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a group
Use Google Compute Engine instance profiles
Create long-term access keys for each developer
View Explanation
✓ Correct Answer: Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a groupExplanation:Cloud IAM allows you to define granular permissions. Attaching policies to groups follows the principle of least privilege and simplifies management.
86

Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?

Cloud IAM Users with Multi-Factor Authentication
Cloud IAM Roles with cross-account access
Share access keys between accounts
Create duplicate users in both accounts
View Explanation
✓ Correct Answer: Cloud IAM Roles with cross-account accessExplanation:Cloud IAM Roles allow secure cross-account access without sharing long term credentials. Users can assume roles temporarily.
87

Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?

Google Cloud Functions
General Purpose instances
Memory Optimized instances
Compute Optimized Google Compute Engine instances
View Explanation
✓ Correct Answer: Compute Optimized Google Compute Engine instancesExplanation:Compute Optimized Google Compute Engine instances provide high-performance processors ideal for compute-intensive applications.
88

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Cluster Placement or Proximity Placement Groups
Cloud Load Balancing
Spread Placement Groups
Virtual Private Cloud (VPC) peering
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
89

Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?

Google Cloud Storage
Persistent Disk
Local SSD
Cloud Storage Coldline
View Explanation
✓ Correct Answer: Persistent DiskExplanation:Persistent Disk volumes persist independently from virtual machine instances and can be attached/detached as needed.
90

You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?

Cloud SQL backups
Google Cloud Storage versioning
Persistent Disk Snapshots
Google Compute Engine Image/AMI
View Explanation
✓ Correct Answer: Persistent Disk SnapshotsExplanation:Persistent Disk Snapshots are incremental backups typically stored in Google Cloud Storage, providing point-in-time recovery.
91

You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?

Network Service Tiers
Virtual Private Cloud (VPC)
Cloud DNS
Cloud CDN
View Explanation
✓ Correct Answer: Virtual Private Cloud (VPC)Explanation:Virtual Private Cloud (VPC) enables you to launch cloud resources in a logically isolated virtual network with full control over IP addressing, subnets, and routing.
92

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?

Google Cloud Functions
App Engine
Google Compute Engine
Preemptible VMs
View Explanation
✓ Correct Answer: Google Cloud FunctionsExplanation:Google Cloud Functions is a serverless compute service that automatically scales with demand, making it ideal for unpredictable traffic without infrastructure management.
93

A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?

Cloud Spanner
AlloyDB
Cloud Interconnect
Cloud SQL
View Explanation
✓ Correct Answer: Cloud SQLExplanation:Cloud SQL is a fully managed relational database service that supports high availability and automated backups out of the box.
94

You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?

Persistent Disk
Google Cloud Storage configured for static website hosting
Cloud SQL
Google Compute Engine running a web server
View Explanation
✓ Correct Answer: Google Cloud Storage configured for static website hostingExplanation:Google Cloud Storage supports static website hosting directly, offering high durability and low cost compared to running a VM.
95

Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?

Cloud Load Balancing
Network Service Tiers
Cloud DNS
Cloud CDN
View Explanation
✓ Correct Answer: Cloud CDNExplanation:Cloud CDN caches content at edge locations around the world, significantly reducing latency for global users.
96

Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?

Cloud Key Management Service
Google Cloud Armor
Cloud IAM
Virtual Private Cloud (VPC)
View Explanation
✓ Correct Answer: Google Cloud ArmorExplanation:Google Cloud Armor provides always-on detection and automatic inline mitigations to minimize application downtime and latency during a DDoS attack.
97

Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?

Cloud Key Management Service
Google Cloud Armor
Cloud IAM
Google Cloud Storage
View Explanation
✓ Correct Answer: Cloud Key Management ServiceExplanation:Cloud Key Management Service is a managed service that makes it easy to create and control the cryptographic keys used to encrypt your data.
98

You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?

Cloud Dataflow
Data Catalog
BigQuery
Data Fusion
View Explanation
✓ Correct Answer: BigQueryExplanation:BigQuery is designed for large-scale data warehousing and analytics, allowing you to run SQL queries on petabytes of data.
99

Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?

Cloud SQL
Cloud Storage Archive
Cloud Firestore (or Stream service)
Google Cloud Functions
View Explanation
✓ Correct Answer: Cloud Firestore (or Stream service)Explanation:High-throughput ingestion is a core use case for scalable services like Cloud Firestore or dedicated streaming services.
100

Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?

Cloud Deployment Manager
Cloud Build
Cloud Source Repositories
Google Compute Engine
View Explanation
✓ Correct Answer: Cloud Deployment ManagerExplanation:Cloud Deployment Manager allows you to model and provision all your cloud infrastructure resources through code templates.
101

You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?

Cloud Trace
Cloud Build
Cloud Logging
Cloud Monitoring
View Explanation
✓ Correct Answer: Cloud BuildExplanation:Cloud Build is a fully managed build service that compiles source code, runs tests, and produces software packages.
102

A law firm wants to digitize millions of scanned contracts. You need an AI service to extract text, forms, and tables from these PDF documents automatically. Which service is designed for this?

Speech-to-Text
Vertex AI
Document AI
Translation API
View Explanation
✓ Correct Answer: Document AIExplanation:Document AI uses machine learning to extract text, handwriting, and data from scanned documents.
103

You are building a customer support chatbot that needs to understand natural language intent (e.g., 'book a flight'). Which service provides Natural Language Understanding (NLU) capabilities?

Dialogflow
Vertex AI
AutoML
Translation API
View Explanation
✓ Correct Answer: DialogflowExplanation:Dialogflow provides conversational AI capabilities to build interfaces like chatbots that understand natural language.
104

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?

Speech-to-Text
Dialogflow
Vertex AI
Natural Language API
View Explanation
✓ Correct Answer: Vertex AIExplanation:Vertex AI is the comprehensive platform for the entire machine learning lifecycle, from building models to deployment.
105

You need to grant developers read-only access to Google Cloud Storage buckets without giving them access to other services. What's the best approach using Cloud IAM?

Use Google Compute Engine instance profiles
Create long-term access keys for each developer
Share full administrative credentials
Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a group
View Explanation
✓ Correct Answer: Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a groupExplanation:Cloud IAM allows you to define granular permissions. Attaching policies to groups follows the principle of least privilege and simplifies management.
106

Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?

Create duplicate users in both accounts
Cloud IAM Roles with cross-account access
Share access keys between accounts
Cloud IAM Users with Multi-Factor Authentication
View Explanation
✓ Correct Answer: Cloud IAM Roles with cross-account accessExplanation:Cloud IAM Roles allow secure cross-account access without sharing long term credentials. Users can assume roles temporarily.
107

Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?

Compute Optimized Google Compute Engine instances
Memory Optimized instances
General Purpose instances
Google Cloud Functions
View Explanation
✓ Correct Answer: Compute Optimized Google Compute Engine instancesExplanation:Compute Optimized Google Compute Engine instances provide high-performance processors ideal for compute-intensive applications.
108

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Cluster Placement or Proximity Placement Groups
Spread Placement Groups
Virtual Private Cloud (VPC) peering
Cloud Load Balancing
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
109

Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?

Persistent Disk
Cloud Storage Nearline
Cloud Storage Archive
Filestore
View Explanation
✓ Correct Answer: Persistent DiskExplanation:Persistent Disk volumes persist independently from virtual machine instances and can be attached/detached as needed.
110

You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?

Google Cloud Storage versioning
Google Compute Engine Image/AMI
Persistent Disk Snapshots
Cloud SQL backups
View Explanation
✓ Correct Answer: Persistent Disk SnapshotsExplanation:Persistent Disk Snapshots are incremental backups typically stored in Google Cloud Storage, providing point-in-time recovery.
111

You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?

Cloud DNS
Network Service Tiers
Cloud Interconnect
Virtual Private Cloud (VPC)
View Explanation
✓ Correct Answer: Virtual Private Cloud (VPC)Explanation:Virtual Private Cloud (VPC) enables you to launch cloud resources in a logically isolated virtual network with full control over IP addressing, subnets, and routing.
112

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?

Spot VMs
Google Kubernetes Engine (GKE)
Bare Metal Solution
Google Cloud Functions
View Explanation
✓ Correct Answer: Google Cloud FunctionsExplanation:Google Cloud Functions is a serverless compute service that automatically scales with demand, making it ideal for unpredictable traffic without infrastructure management.
113

A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?

Cloud Spanner
AlloyDB
Cost Management
Cloud SQL
View Explanation
✓ Correct Answer: Cloud SQLExplanation:Cloud SQL is a fully managed relational database service that supports high availability and automated backups out of the box.
114

You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?

Persistent Disk
Cloud SQL
Google Compute Engine running a web server
Google Cloud Storage configured for static website hosting
View Explanation
✓ Correct Answer: Google Cloud Storage configured for static website hostingExplanation:Google Cloud Storage supports static website hosting directly, offering high durability and low cost compared to running a VM.
115

Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?

Virtual Private Cloud (VPC)
Cloud CDN
Network Service Tiers
Cloud Load Balancing
View Explanation
✓ Correct Answer: Cloud CDNExplanation:Cloud CDN caches content at edge locations around the world, significantly reducing latency for global users.
116

Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?

Virtual Private Cloud (VPC)
Cloud Key Management Service
Cloud IAM
Google Cloud Armor
View Explanation
✓ Correct Answer: Google Cloud ArmorExplanation:Google Cloud Armor provides always-on detection and automatic inline mitigations to minimize application downtime and latency during a DDoS attack.
117

Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?

Cloud Key Management Service
Google Cloud Armor
Cloud IAM
Google Cloud Storage
View Explanation
✓ Correct Answer: Cloud Key Management ServiceExplanation:Cloud Key Management Service is a managed service that makes it easy to create and control the cryptographic keys used to encrypt your data.
118

You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?

BigQuery
Data Fusion
Cloud Pub/Sub
Cloud Dataflow
View Explanation
✓ Correct Answer: BigQueryExplanation:BigQuery is designed for large-scale data warehousing and analytics, allowing you to run SQL queries on petabytes of data.
119

Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?

Cloud Storage Archive
Google Cloud Functions
Cloud SQL
Cloud Firestore (or Stream service)
View Explanation
✓ Correct Answer: Cloud Firestore (or Stream service)Explanation:High-throughput ingestion is a core use case for scalable services like Cloud Firestore or dedicated streaming services.
120

Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?

Cloud Deployment Manager
Cloud Build
Cloud Source Repositories
Google Compute Engine
View Explanation
✓ Correct Answer: Cloud Deployment ManagerExplanation:Cloud Deployment Manager allows you to model and provision all your cloud infrastructure resources through code templates.
121

You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?

Cloud Build
Cost Management
Cloud Logging
Active Assist
View Explanation
✓ Correct Answer: Cloud BuildExplanation:Cloud Build is a fully managed build service that compiles source code, runs tests, and produces software packages.
122

A law firm wants to digitize millions of scanned contracts. You need an AI service to extract text, forms, and tables from these PDF documents automatically. Which service is designed for this?

Document AI
Speech-to-Text
Translation API
Natural Language API
View Explanation
✓ Correct Answer: Document AIExplanation:Document AI uses machine learning to extract text, handwriting, and data from scanned documents.
123

You are building a customer support chatbot that needs to understand natural language intent (e.g., 'book a flight'). Which service provides Natural Language Understanding (NLU) capabilities?

Speech-to-Text
Natural Language API
Vertex AI
Dialogflow
View Explanation
✓ Correct Answer: DialogflowExplanation:Dialogflow provides conversational AI capabilities to build interfaces like chatbots that understand natural language.
124

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?

Natural Language API
Vision API
Speech-to-Text
Vertex AI
View Explanation
✓ Correct Answer: Vertex AIExplanation:Vertex AI is the comprehensive platform for the entire machine learning lifecycle, from building models to deployment.
125

You need to grant developers read-only access to Google Cloud Storage buckets without giving them access to other services. What's the best approach using Cloud IAM?

Share full administrative credentials
Use Google Compute Engine instance profiles
Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a group
Create long-term access keys for each developer
View Explanation
✓ Correct Answer: Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a groupExplanation:Cloud IAM allows you to define granular permissions. Attaching policies to groups follows the principle of least privilege and simplifies management.
126

Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?

Create duplicate users in both accounts
Cloud IAM Roles with cross-account access
Share access keys between accounts
Cloud IAM Users with Multi-Factor Authentication
View Explanation
✓ Correct Answer: Cloud IAM Roles with cross-account accessExplanation:Cloud IAM Roles allow secure cross-account access without sharing long term credentials. Users can assume roles temporarily.
127

Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?

Memory Optimized instances
General Purpose instances
Compute Optimized Google Compute Engine instances
Google Cloud Functions
View Explanation
✓ Correct Answer: Compute Optimized Google Compute Engine instancesExplanation:Compute Optimized Google Compute Engine instances provide high-performance processors ideal for compute-intensive applications.
128

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Cluster Placement or Proximity Placement Groups
Cloud Load Balancing
Virtual Private Cloud (VPC) peering
Spread Placement Groups
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
129

Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?

Local SSD
Cloud Storage Archive
Persistent Disk
Cloud Storage Nearline
View Explanation
✓ Correct Answer: Persistent DiskExplanation:Persistent Disk volumes persist independently from virtual machine instances and can be attached/detached as needed.
130

You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?

Cloud SQL backups
Google Cloud Storage versioning
Google Compute Engine Image/AMI
Persistent Disk Snapshots
View Explanation
✓ Correct Answer: Persistent Disk SnapshotsExplanation:Persistent Disk Snapshots are incremental backups typically stored in Google Cloud Storage, providing point-in-time recovery.
131

You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?

Cloud DNS
Cloud VPN
Cloud Load Balancing
Virtual Private Cloud (VPC)
View Explanation
✓ Correct Answer: Virtual Private Cloud (VPC)Explanation:Virtual Private Cloud (VPC) enables you to launch cloud resources in a logically isolated virtual network with full control over IP addressing, subnets, and routing.
132

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?

Google Cloud Functions
Preemptible VMs
Google Compute Engine
Cloud Run
View Explanation
✓ Correct Answer: Google Cloud FunctionsExplanation:Google Cloud Functions is a serverless compute service that automatically scales with demand, making it ideal for unpredictable traffic without infrastructure management.
133

A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?

AlloyDB
Cloud Spanner
Cloud SQL
Google Kubernetes Engine (GKE)
View Explanation
✓ Correct Answer: Cloud SQLExplanation:Cloud SQL is a fully managed relational database service that supports high availability and automated backups out of the box.
134

You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?

Google Cloud Storage configured for static website hosting
Google Compute Engine running a web server
Cloud SQL
Persistent Disk
View Explanation
✓ Correct Answer: Google Cloud Storage configured for static website hostingExplanation:Google Cloud Storage supports static website hosting directly, offering high durability and low cost compared to running a VM.
135

Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?

Cloud Load Balancing
Cloud CDN
Network Service Tiers
Cloud DNS
View Explanation
✓ Correct Answer: Cloud CDNExplanation:Cloud CDN caches content at edge locations around the world, significantly reducing latency for global users.
136

Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?

Google Cloud Armor
Cloud IAM
Virtual Private Cloud (VPC)
Cloud Key Management Service
View Explanation
✓ Correct Answer: Google Cloud ArmorExplanation:Google Cloud Armor provides always-on detection and automatic inline mitigations to minimize application downtime and latency during a DDoS attack.
137

Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?

Google Cloud Armor
Google Cloud Storage
Cloud IAM
Cloud Key Management Service
View Explanation
✓ Correct Answer: Cloud Key Management ServiceExplanation:Cloud Key Management Service is a managed service that makes it easy to create and control the cryptographic keys used to encrypt your data.
138

You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?

BigQuery
Looker
Cloud Pub/Sub
Cloud Dataflow
View Explanation
✓ Correct Answer: BigQueryExplanation:BigQuery is designed for large-scale data warehousing and analytics, allowing you to run SQL queries on petabytes of data.
139

Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?

Google Cloud Functions
Cloud SQL
Cloud Storage Archive
Cloud Firestore (or Stream service)
View Explanation
✓ Correct Answer: Cloud Firestore (or Stream service)Explanation:High-throughput ingestion is a core use case for scalable services like Cloud Firestore or dedicated streaming services.
140

Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?

Cloud Build
Cloud Deployment Manager
Cloud Source Repositories
Google Compute Engine
View Explanation
✓ Correct Answer: Cloud Deployment ManagerExplanation:Cloud Deployment Manager allows you to model and provision all your cloud infrastructure resources through code templates.
141

You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?

Cost Management
Terraform
Cloud Trace
Cloud Build
View Explanation
✓ Correct Answer: Cloud BuildExplanation:Cloud Build is a fully managed build service that compiles source code, runs tests, and produces software packages.
142

A law firm wants to digitize millions of scanned contracts. You need an AI service to extract text, forms, and tables from these PDF documents automatically. Which service is designed for this?

Vision API
Vertex AI
Dialogflow
Document AI
View Explanation
✓ Correct Answer: Document AIExplanation:Document AI uses machine learning to extract text, handwriting, and data from scanned documents.
143

You are building a customer support chatbot that needs to understand natural language intent (e.g., 'book a flight'). Which service provides Natural Language Understanding (NLU) capabilities?

Dialogflow
Vertex AI
AutoML
Speech-to-Text
View Explanation
✓ Correct Answer: DialogflowExplanation:Dialogflow provides conversational AI capabilities to build interfaces like chatbots that understand natural language.
144

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?

Speech-to-Text
AutoML
Translation API
Vertex AI
View Explanation
✓ Correct Answer: Vertex AIExplanation:Vertex AI is the comprehensive platform for the entire machine learning lifecycle, from building models to deployment.
145

You need to grant developers read-only access to Google Cloud Storage buckets without giving them access to other services. What's the best approach using Cloud IAM?

Use Google Compute Engine instance profiles
Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a group
Share full administrative credentials
Create long-term access keys for each developer
View Explanation
✓ Correct Answer: Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a groupExplanation:Cloud IAM allows you to define granular permissions. Attaching policies to groups follows the principle of least privilege and simplifies management.
146

Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?

Cloud IAM Users with Multi-Factor Authentication
Create duplicate users in both accounts
Share access keys between accounts
Cloud IAM Roles with cross-account access
View Explanation
✓ Correct Answer: Cloud IAM Roles with cross-account accessExplanation:Cloud IAM Roles allow secure cross-account access without sharing long term credentials. Users can assume roles temporarily.
147

Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?

Google Cloud Functions
Compute Optimized Google Compute Engine instances
Memory Optimized instances
General Purpose instances
View Explanation
✓ Correct Answer: Compute Optimized Google Compute Engine instancesExplanation:Compute Optimized Google Compute Engine instances provide high-performance processors ideal for compute-intensive applications.
148

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Spread Placement Groups
Cluster Placement or Proximity Placement Groups
Cloud Load Balancing
Virtual Private Cloud (VPC) peering
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
149

Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?

Google Cloud Storage
Cloud Storage Coldline
Cloud Storage Nearline
Persistent Disk
View Explanation
✓ Correct Answer: Persistent DiskExplanation:Persistent Disk volumes persist independently from virtual machine instances and can be attached/detached as needed.
150

You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?

Persistent Disk Snapshots
Google Cloud Storage versioning
Cloud SQL backups
Google Compute Engine Image/AMI
View Explanation
✓ Correct Answer: Persistent Disk SnapshotsExplanation:Persistent Disk Snapshots are incremental backups typically stored in Google Cloud Storage, providing point-in-time recovery.
151

You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?

Virtual Private Cloud (VPC)
Cloud DNS
Cloud CDN
Network Service Tiers
View Explanation
✓ Correct Answer: Virtual Private Cloud (VPC)Explanation:Virtual Private Cloud (VPC) enables you to launch cloud resources in a logically isolated virtual network with full control over IP addressing, subnets, and routing.
152

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?

Google Kubernetes Engine (GKE)
App Engine
Preemptible VMs
Google Cloud Functions
View Explanation
✓ Correct Answer: Google Cloud FunctionsExplanation:Google Cloud Functions is a serverless compute service that automatically scales with demand, making it ideal for unpredictable traffic without infrastructure management.
153

A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?

Cloud SQL
Cloud Spanner
AlloyDB
Google Kubernetes Engine (GKE)
View Explanation
✓ Correct Answer: Cloud SQLExplanation:Cloud SQL is a fully managed relational database service that supports high availability and automated backups out of the box.
154

You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?

Persistent Disk
Cloud SQL
Google Compute Engine running a web server
Google Cloud Storage configured for static website hosting
View Explanation
✓ Correct Answer: Google Cloud Storage configured for static website hostingExplanation:Google Cloud Storage supports static website hosting directly, offering high durability and low cost compared to running a VM.
155

Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?

Cloud CDN
Cloud Interconnect
Network Service Tiers
Cloud VPN
View Explanation
✓ Correct Answer: Cloud CDNExplanation:Cloud CDN caches content at edge locations around the world, significantly reducing latency for global users.
156

Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?

Virtual Private Cloud (VPC)
Cloud Key Management Service
Cloud IAM
Google Cloud Armor
View Explanation
✓ Correct Answer: Google Cloud ArmorExplanation:Google Cloud Armor provides always-on detection and automatic inline mitigations to minimize application downtime and latency during a DDoS attack.
157

Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?

Cloud Key Management Service
Google Cloud Armor
Cloud IAM
Google Cloud Storage
View Explanation
✓ Correct Answer: Cloud Key Management ServiceExplanation:Cloud Key Management Service is a managed service that makes it easy to create and control the cryptographic keys used to encrypt your data.
158

You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?

Cloud Pub/Sub
Dataprep
Looker
BigQuery
View Explanation
✓ Correct Answer: BigQueryExplanation:BigQuery is designed for large-scale data warehousing and analytics, allowing you to run SQL queries on petabytes of data.
159

Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?

Google Cloud Functions
Cloud SQL
Cloud Storage Archive
Cloud Firestore (or Stream service)
View Explanation
✓ Correct Answer: Cloud Firestore (or Stream service)Explanation:High-throughput ingestion is a core use case for scalable services like Cloud Firestore or dedicated streaming services.
160

Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?

Cloud Deployment Manager
Cloud Build
Google Compute Engine
Cloud Source Repositories
View Explanation
✓ Correct Answer: Cloud Deployment ManagerExplanation:Cloud Deployment Manager allows you to model and provision all your cloud infrastructure resources through code templates.
161

You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?

Cloud Monitoring
Cloud Logging
Active Assist
Cloud Build
View Explanation
✓ Correct Answer: Cloud BuildExplanation:Cloud Build is a fully managed build service that compiles source code, runs tests, and produces software packages.
162

A law firm wants to digitize millions of scanned contracts. You need an AI service to extract text, forms, and tables from these PDF documents automatically. Which service is designed for this?

Speech-to-Text
Vision API
Document AI
Vertex AI
View Explanation
✓ Correct Answer: Document AIExplanation:Document AI uses machine learning to extract text, handwriting, and data from scanned documents.
163

You are building a customer support chatbot that needs to understand natural language intent (e.g., 'book a flight'). Which service provides Natural Language Understanding (NLU) capabilities?

Vertex AI
Translation API
Speech-to-Text
Dialogflow
View Explanation
✓ Correct Answer: DialogflowExplanation:Dialogflow provides conversational AI capabilities to build interfaces like chatbots that understand natural language.
164

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?

Translation API
Vertex AI
Speech-to-Text
Document AI
View Explanation
✓ Correct Answer: Vertex AIExplanation:Vertex AI is the comprehensive platform for the entire machine learning lifecycle, from building models to deployment.
165

You need to grant developers read-only access to Google Cloud Storage buckets without giving them access to other services. What's the best approach using Cloud IAM?

Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a group
Share full administrative credentials
Use Google Compute Engine instance profiles
Create long-term access keys for each developer
View Explanation
✓ Correct Answer: Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a groupExplanation:Cloud IAM allows you to define granular permissions. Attaching policies to groups follows the principle of least privilege and simplifies management.
166

Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?

Cloud IAM Roles with cross-account access
Share access keys between accounts
Cloud IAM Users with Multi-Factor Authentication
Create duplicate users in both accounts
View Explanation
✓ Correct Answer: Cloud IAM Roles with cross-account accessExplanation:Cloud IAM Roles allow secure cross-account access without sharing long term credentials. Users can assume roles temporarily.
167

Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?

Compute Optimized Google Compute Engine instances
Memory Optimized instances
General Purpose instances
Google Cloud Functions
View Explanation
✓ Correct Answer: Compute Optimized Google Compute Engine instancesExplanation:Compute Optimized Google Compute Engine instances provide high-performance processors ideal for compute-intensive applications.
168

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Cluster Placement or Proximity Placement Groups
Cloud Load Balancing
Virtual Private Cloud (VPC) peering
Spread Placement Groups
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
169

Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?

Cloud Storage Nearline
Google Cloud Storage
Persistent Disk
Cloud Storage Archive
View Explanation
✓ Correct Answer: Persistent DiskExplanation:Persistent Disk volumes persist independently from virtual machine instances and can be attached/detached as needed.
170

You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?

Persistent Disk Snapshots
Cloud SQL backups
Google Compute Engine Image/AMI
Google Cloud Storage versioning
View Explanation
✓ Correct Answer: Persistent Disk SnapshotsExplanation:Persistent Disk Snapshots are incremental backups typically stored in Google Cloud Storage, providing point-in-time recovery.
171

You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?

Cloud DNS
Cloud CDN
Network Service Tiers
Virtual Private Cloud (VPC)
View Explanation
✓ Correct Answer: Virtual Private Cloud (VPC)Explanation:Virtual Private Cloud (VPC) enables you to launch cloud resources in a logically isolated virtual network with full control over IP addressing, subnets, and routing.
172

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?

Google Compute Engine
Spot VMs
Google Kubernetes Engine (GKE)
Google Cloud Functions
View Explanation
✓ Correct Answer: Google Cloud FunctionsExplanation:Google Cloud Functions is a serverless compute service that automatically scales with demand, making it ideal for unpredictable traffic without infrastructure management.
173

A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?

Cloud SQL
Cloud Spanner
AlloyDB
Persistent Disk
View Explanation
✓ Correct Answer: Cloud SQLExplanation:Cloud SQL is a fully managed relational database service that supports high availability and automated backups out of the box.
174

You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?

Google Compute Engine running a web server
Google Cloud Storage configured for static website hosting
Persistent Disk
Cloud SQL
View Explanation
✓ Correct Answer: Google Cloud Storage configured for static website hostingExplanation:Google Cloud Storage supports static website hosting directly, offering high durability and low cost compared to running a VM.
175

Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?

Network Service Tiers
Cloud Interconnect
Cloud CDN
Cloud DNS
View Explanation
✓ Correct Answer: Cloud CDNExplanation:Cloud CDN caches content at edge locations around the world, significantly reducing latency for global users.
176

Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?

Cloud IAM
Google Cloud Armor
Cloud Key Management Service
Virtual Private Cloud (VPC)
View Explanation
✓ Correct Answer: Google Cloud ArmorExplanation:Google Cloud Armor provides always-on detection and automatic inline mitigations to minimize application downtime and latency during a DDoS attack.
177

Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?

Cloud Key Management Service
Google Cloud Armor
Google Cloud Storage
Cloud IAM
View Explanation
✓ Correct Answer: Cloud Key Management ServiceExplanation:Cloud Key Management Service is a managed service that makes it easy to create and control the cryptographic keys used to encrypt your data.
178

You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?

Data Fusion
Cloud Dataflow
BigQuery
Cloud Dataproc
View Explanation
✓ Correct Answer: BigQueryExplanation:BigQuery is designed for large-scale data warehousing and analytics, allowing you to run SQL queries on petabytes of data.
179

Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?

Cloud Firestore (or Stream service)
Google Cloud Functions
Cloud Storage Archive
Cloud SQL
View Explanation
✓ Correct Answer: Cloud Firestore (or Stream service)Explanation:High-throughput ingestion is a core use case for scalable services like Cloud Firestore or dedicated streaming services.
180

Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?

Google Compute Engine
Cloud Deployment Manager
Cloud Source Repositories
Cloud Build
View Explanation
✓ Correct Answer: Cloud Deployment ManagerExplanation:Cloud Deployment Manager allows you to model and provision all your cloud infrastructure resources through code templates.
181

You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?

Cloud Build
Anthos
Active Assist
Cloud Logging
View Explanation
✓ Correct Answer: Cloud BuildExplanation:Cloud Build is a fully managed build service that compiles source code, runs tests, and produces software packages.
182

A law firm wants to digitize millions of scanned contracts. You need an AI service to extract text, forms, and tables from these PDF documents automatically. Which service is designed for this?

Speech-to-Text
Vision API
Document AI
Natural Language API
View Explanation
✓ Correct Answer: Document AIExplanation:Document AI uses machine learning to extract text, handwriting, and data from scanned documents.
183

You are building a customer support chatbot that needs to understand natural language intent (e.g., 'book a flight'). Which service provides Natural Language Understanding (NLU) capabilities?

Dialogflow
AutoML
Translation API
Speech-to-Text
View Explanation
✓ Correct Answer: DialogflowExplanation:Dialogflow provides conversational AI capabilities to build interfaces like chatbots that understand natural language.
184

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?

Speech-to-Text
Vertex AI
Dialogflow
Natural Language API
View Explanation
✓ Correct Answer: Vertex AIExplanation:Vertex AI is the comprehensive platform for the entire machine learning lifecycle, from building models to deployment.
185

You need to grant developers read-only access to Google Cloud Storage buckets without giving them access to other services. What's the best approach using Cloud IAM?

Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a group
Create long-term access keys for each developer
Use Google Compute Engine instance profiles
Share full administrative credentials
View Explanation
✓ Correct Answer: Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a groupExplanation:Cloud IAM allows you to define granular permissions. Attaching policies to groups follows the principle of least privilege and simplifies management.
186

Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?

Cloud IAM Roles with cross-account access
Cloud IAM Users with Multi-Factor Authentication
Share access keys between accounts
Create duplicate users in both accounts
View Explanation
✓ Correct Answer: Cloud IAM Roles with cross-account accessExplanation:Cloud IAM Roles allow secure cross-account access without sharing long term credentials. Users can assume roles temporarily.
187

Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?

Google Cloud Functions
General Purpose instances
Memory Optimized instances
Compute Optimized Google Compute Engine instances
View Explanation
✓ Correct Answer: Compute Optimized Google Compute Engine instancesExplanation:Compute Optimized Google Compute Engine instances provide high-performance processors ideal for compute-intensive applications.
188

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Cluster Placement or Proximity Placement Groups
Cloud Load Balancing
Virtual Private Cloud (VPC) peering
Spread Placement Groups
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
189

Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?

Persistent Disk
Cloud Storage Nearline
Filestore
Cloud Storage Archive
View Explanation
✓ Correct Answer: Persistent DiskExplanation:Persistent Disk volumes persist independently from virtual machine instances and can be attached/detached as needed.
190

You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?

Google Compute Engine Image/AMI
Persistent Disk Snapshots
Google Cloud Storage versioning
Cloud SQL backups
View Explanation
✓ Correct Answer: Persistent Disk SnapshotsExplanation:Persistent Disk Snapshots are incremental backups typically stored in Google Cloud Storage, providing point-in-time recovery.
191

You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?

Virtual Private Cloud (VPC)
Cloud DNS
Cloud VPN
Cloud Interconnect
View Explanation
✓ Correct Answer: Virtual Private Cloud (VPC)Explanation:Virtual Private Cloud (VPC) enables you to launch cloud resources in a logically isolated virtual network with full control over IP addressing, subnets, and routing.
192

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?

Google Cloud Functions
Cloud Run
Preemptible VMs
Spot VMs
View Explanation
✓ Correct Answer: Google Cloud FunctionsExplanation:Google Cloud Functions is a serverless compute service that automatically scales with demand, making it ideal for unpredictable traffic without infrastructure management.
193

A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?

Cloud Run
Cloud SQL
Cloud Spanner
AlloyDB
View Explanation
✓ Correct Answer: Cloud SQLExplanation:Cloud SQL is a fully managed relational database service that supports high availability and automated backups out of the box.
194

You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?

Google Compute Engine running a web server
Persistent Disk
Google Cloud Storage configured for static website hosting
Cloud SQL
View Explanation
✓ Correct Answer: Google Cloud Storage configured for static website hostingExplanation:Google Cloud Storage supports static website hosting directly, offering high durability and low cost compared to running a VM.
195

Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?

Cloud CDN
Virtual Private Cloud (VPC)
Cloud Load Balancing
Cloud DNS
View Explanation
✓ Correct Answer: Cloud CDNExplanation:Cloud CDN caches content at edge locations around the world, significantly reducing latency for global users.
196

Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?

Google Cloud Armor
Cloud IAM
Cloud Key Management Service
Virtual Private Cloud (VPC)
View Explanation
✓ Correct Answer: Google Cloud ArmorExplanation:Google Cloud Armor provides always-on detection and automatic inline mitigations to minimize application downtime and latency during a DDoS attack.
197

Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?

Cloud Key Management Service
Cloud IAM
Google Cloud Armor
Google Cloud Storage
View Explanation
✓ Correct Answer: Cloud Key Management ServiceExplanation:Cloud Key Management Service is a managed service that makes it easy to create and control the cryptographic keys used to encrypt your data.
198

You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?

Data Fusion
BigQuery
Cloud Dataproc
Data Catalog
View Explanation
✓ Correct Answer: BigQueryExplanation:BigQuery is designed for large-scale data warehousing and analytics, allowing you to run SQL queries on petabytes of data.
199

Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?

Google Cloud Functions
Cloud Firestore (or Stream service)
Cloud SQL
Cloud Storage Archive
View Explanation
✓ Correct Answer: Cloud Firestore (or Stream service)Explanation:High-throughput ingestion is a core use case for scalable services like Cloud Firestore or dedicated streaming services.
200

Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?

Cloud Source Repositories
Google Compute Engine
Cloud Build
Cloud Deployment Manager
View Explanation
✓ Correct Answer: Cloud Deployment ManagerExplanation:Cloud Deployment Manager allows you to model and provision all your cloud infrastructure resources through code templates.
201

You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?

Cloud Trace
Cloud Build
Cloud Logging
Cloud Monitoring
View Explanation
✓ Correct Answer: Cloud BuildExplanation:Cloud Build is a fully managed build service that compiles source code, runs tests, and produces software packages.
202

A law firm wants to digitize millions of scanned contracts. You need an AI service to extract text, forms, and tables from these PDF documents automatically. Which service is designed for this?

Vision API
Translation API
Document AI
Vertex AI
View Explanation
✓ Correct Answer: Document AIExplanation:Document AI uses machine learning to extract text, handwriting, and data from scanned documents.
203

You are building a customer support chatbot that needs to understand natural language intent (e.g., 'book a flight'). Which service provides Natural Language Understanding (NLU) capabilities?

Dialogflow
Translation API
AutoML
Vertex AI
View Explanation
✓ Correct Answer: DialogflowExplanation:Dialogflow provides conversational AI capabilities to build interfaces like chatbots that understand natural language.
204

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?

Vertex AI
Speech-to-Text
Vision API
Natural Language API
View Explanation
✓ Correct Answer: Vertex AIExplanation:Vertex AI is the comprehensive platform for the entire machine learning lifecycle, from building models to deployment.
205

You need to grant developers read-only access to Google Cloud Storage buckets without giving them access to other services. What's the best approach using Cloud IAM?

Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a group
Create long-term access keys for each developer
Share full administrative credentials
Use Google Compute Engine instance profiles
View Explanation
✓ Correct Answer: Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a groupExplanation:Cloud IAM allows you to define granular permissions. Attaching policies to groups follows the principle of least privilege and simplifies management.
206

Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?

Cloud IAM Users with Multi-Factor Authentication
Cloud IAM Roles with cross-account access
Share access keys between accounts
Create duplicate users in both accounts
View Explanation
✓ Correct Answer: Cloud IAM Roles with cross-account accessExplanation:Cloud IAM Roles allow secure cross-account access without sharing long term credentials. Users can assume roles temporarily.
207

Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?

Compute Optimized Google Compute Engine instances
Memory Optimized instances
General Purpose instances
Google Cloud Functions
View Explanation
✓ Correct Answer: Compute Optimized Google Compute Engine instancesExplanation:Compute Optimized Google Compute Engine instances provide high-performance processors ideal for compute-intensive applications.
208

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Virtual Private Cloud (VPC) peering
Cloud Load Balancing
Spread Placement Groups
Cluster Placement or Proximity Placement Groups
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
209

Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?

Filestore
Persistent Disk
Local SSD
Google Cloud Storage
View Explanation
✓ Correct Answer: Persistent DiskExplanation:Persistent Disk volumes persist independently from virtual machine instances and can be attached/detached as needed.
210

You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?

Persistent Disk Snapshots
Google Compute Engine Image/AMI
Google Cloud Storage versioning
Cloud SQL backups
View Explanation
✓ Correct Answer: Persistent Disk SnapshotsExplanation:Persistent Disk Snapshots are incremental backups typically stored in Google Cloud Storage, providing point-in-time recovery.
211

You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?

Cloud Load Balancing
Virtual Private Cloud (VPC)
Cloud CDN
Network Service Tiers
View Explanation
✓ Correct Answer: Virtual Private Cloud (VPC)Explanation:Virtual Private Cloud (VPC) enables you to launch cloud resources in a logically isolated virtual network with full control over IP addressing, subnets, and routing.
212

You are designing a serverless microservices architecture for a new startup. The application needs to handle unpredictable traffic spikes without managing any underlying infrastructure. Which compute service should you use?

Google Kubernetes Engine (GKE)
Cloud Run
Preemptible VMs
Google Cloud Functions
View Explanation
✓ Correct Answer: Google Cloud FunctionsExplanation:Google Cloud Functions is a serverless compute service that automatically scales with demand, making it ideal for unpredictable traffic without infrastructure management.
213

A financial application requires a relational database that supports high availability and automated backups. The database must be fully managed to reduce operational overhead. Which service fits these requirements?

Cloud SQL
Cloud Spanner
Cloud Dataproc
AlloyDB
View Explanation
✓ Correct Answer: Cloud SQLExplanation:Cloud SQL is a fully managed relational database service that supports high availability and automated backups out of the box.
214

You need to host a static website (HTML, CSS, JS) with the lowest possible cost and high durability. You do not need server-side processing. Which storage solution should you choose?

Google Compute Engine running a web server
Persistent Disk
Google Cloud Storage configured for static website hosting
Cloud SQL
View Explanation
✓ Correct Answer: Google Cloud Storage configured for static website hostingExplanation:Google Cloud Storage supports static website hosting directly, offering high durability and low cost compared to running a VM.
215

Your media company streams video content to users globally. Users in different regions are experiencing high latency. You need to improve performance by caching content closer to the users. Which service should you implement?

Cloud CDN
Virtual Private Cloud (VPC)
Cloud Load Balancing
Cloud DNS
View Explanation
✓ Correct Answer: Cloud CDNExplanation:Cloud CDN caches content at edge locations around the world, significantly reducing latency for global users.
216

Your public-facing web application is under a Distributed Denial of Service (DDoS) attack. You need a managed service to detect and mitigate these attacks automatically. What should you enable?

Google Cloud Armor
Virtual Private Cloud (VPC)
Cloud IAM
Cloud Key Management Service
View Explanation
✓ Correct Answer: Google Cloud ArmorExplanation:Google Cloud Armor provides always-on detection and automatic inline mitigations to minimize application downtime and latency during a DDoS attack.
217

Company policy requires that all database encryption keys be managed centrally and rotated annually. You need a secure, durable service to store and manage these cryptographic keys. Which service should you use?

Cloud IAM
Google Cloud Armor
Google Cloud Storage
Cloud Key Management Service
View Explanation
✓ Correct Answer: Cloud Key Management ServiceExplanation:Cloud Key Management Service is a managed service that makes it easy to create and control the cryptographic keys used to encrypt your data.
218

You are analyzing petabytes of data for business intelligence reports. You need a fully managed, serverless enterprise data warehouse that supports SQL queries. Which service is best suited for this task?

Cloud Pub/Sub
Dataprep
Data Fusion
BigQuery
View Explanation
✓ Correct Answer: BigQueryExplanation:BigQuery is designed for large-scale data warehousing and analytics, allowing you to run SQL queries on petabytes of data.
219

Your application generates millions of clickstream events per second. You need a service to ingest and buffer this data in real-time before processing it. Which service fits this need?

Cloud Storage Archive
Cloud Firestore (or Stream service)
Cloud SQL
Google Cloud Functions
View Explanation
✓ Correct Answer: Cloud Firestore (or Stream service)Explanation:High-throughput ingestion is a core use case for scalable services like Cloud Firestore or dedicated streaming services.
220

Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?

Cloud Build
Cloud Source Repositories
Cloud Deployment Manager
Google Compute Engine
View Explanation
✓ Correct Answer: Cloud Deployment ManagerExplanation:Cloud Deployment Manager allows you to model and provision all your cloud infrastructure resources through code templates.
221

You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?

Cloud Build
Anthos
Cloud Monitoring
Cloud Logging
View Explanation
✓ Correct Answer: Cloud BuildExplanation:Cloud Build is a fully managed build service that compiles source code, runs tests, and produces software packages.
222

A law firm wants to digitize millions of scanned contracts. You need an AI service to extract text, forms, and tables from these PDF documents automatically. Which service is designed for this?

AutoML
Vertex AI
Document AI
Translation API
View Explanation
✓ Correct Answer: Document AIExplanation:Document AI uses machine learning to extract text, handwriting, and data from scanned documents.
223

You are building a customer support chatbot that needs to understand natural language intent (e.g., 'book a flight'). Which service provides Natural Language Understanding (NLU) capabilities?

Speech-to-Text
Vision API
Translation API
Dialogflow
View Explanation
✓ Correct Answer: DialogflowExplanation:Dialogflow provides conversational AI capabilities to build interfaces like chatbots that understand natural language.
224

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?

Vertex AI
Speech-to-Text
AutoML
Document AI
View Explanation
✓ Correct Answer: Vertex AIExplanation:Vertex AI is the comprehensive platform for the entire machine learning lifecycle, from building models to deployment.
225

You need to grant developers read-only access to Google Cloud Storage buckets without giving them access to other services. What's the best approach using Cloud IAM?

Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a group
Share full administrative credentials
Create long-term access keys for each developer
Use Google Compute Engine instance profiles
View Explanation
✓ Correct Answer: Create an Cloud IAM policy with Google Cloud Storage read permissions and attach it to a groupExplanation:Cloud IAM allows you to define granular permissions. Attaching policies to groups follows the principle of least privilege and simplifies management.
226

Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?

Cloud IAM Users with Multi-Factor Authentication
Create duplicate users in both accounts
Share access keys between accounts
Cloud IAM Roles with cross-account access
View Explanation
✓ Correct Answer: Cloud IAM Roles with cross-account accessExplanation:Cloud IAM Roles allow secure cross-account access without sharing long term credentials. Users can assume roles temporarily.
227

Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?

General Purpose instances
Google Cloud Functions
Memory Optimized instances
Compute Optimized Google Compute Engine instances
View Explanation
✓ Correct Answer: Compute Optimized Google Compute Engine instancesExplanation:Compute Optimized Google Compute Engine instances provide high-performance processors ideal for compute-intensive applications.
228

Your High Performance Computing (HPC) workload requires low network latency between Google Compute Engine instances. What feature should you use?

Cluster Placement or Proximity Placement Groups
Cloud Load Balancing
Spread Placement Groups
Virtual Private Cloud (VPC) peering
View Explanation
✓ Correct Answer: Cluster Placement or Proximity Placement GroupsExplanation:Placement groups pack instances close together in a single availability zone or data center for low-latency, high-throughput networking.
229

Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?

Persistent Disk
Local SSD
Filestore
Google Cloud Storage
View Explanation
✓ Correct Answer: Persistent DiskExplanation:Persistent Disk volumes persist independently from virtual machine instances and can be attached/detached as needed.
230

You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?

Google Compute Engine Image/AMI
Cloud SQL backups
Google Cloud Storage versioning
Persistent Disk Snapshots
View Explanation
✓ Correct Answer: Persistent Disk SnapshotsExplanation:Persistent Disk Snapshots are incremental backups typically stored in Google Cloud Storage, providing point-in-time recovery.
231

You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?

Cloud Interconnect
Cloud CDN
Cloud VPN
Virtual Private Cloud (VPC)
View Explanation
✓ Correct Answer: Virtual Private Cloud (VPC)Explanation:Virtual Private Cloud (VPC) enables you to launch cloud resources in a logically isolated virtual network with full control over IP addressing, subnets, and routing.