Home/Directory/professional cloud architect

professional cloud architect Practice Questions

Page 2 of 3 (240 total questions)

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?
View Question & Answer ➔
Your startup needs a serverless backend that can automatically handle complex, multi-step business logic with conditions and retries, while integrating with Cloud Functions and BigQuery. Which service is best for orchestration?
View Question & Answer ➔
A media company wants to analyze a massive library of videos to automatically generate summaries and identify celebrities. Which pre-trained AI API should they use?
View Question & Answer ➔
Your team is running a large-scale Hadoop cluster on GCE VMs. They want to move to a more serverless environment to reduce costs during times when no jobs are running. What is the most cost-effective path?
View Question & Answer ➔
Your organization is running a critical ML model in production. You want to be alerted automatically if the distribution of incoming feature data significantly deviates from the training data, potentially causing model performance to drop. Which Vertex AI component should you use?
View Question & Answer ➔
You are migrating a 200 TB HDFS cluster to Google Cloud. You want a storage solution that is HDFS-compatible but offers the durability and lower cost of Cloud Storage. Which tool allows you to treat a GCS bucket as an HDFS filesystem?
View Question & Answer ➔
A team of data scientists is performing hyperparameter tuning on a complex deep learning model. They want to automate the process of finding the optimal set of parameters to maximize model accuracy. Which Vertex AI component is designed for this?
View Question & Answer ➔
A manufacturing company wants to implement edge computing to process sensor data locally before sending summaries to GCP. They want to use the same Kubernetes-based tools they use in the cloud. Which GCP brand covers this hybrid/edge use case?
View Question & Answer ➔
A media agency wants to automatically generate subtitles for their library of thousands of videos in multiple languages. Which pre-trained GCP Speech API is best suited for this batch processing task?
View Question & Answer ➔
which tool provides a managed environment for building, training, and deploying ML models with a focus on 'Data-Centric AI' and integrated data labeling services?
View Question & Answer ➔
You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?
View Question & Answer ➔
A DevOps team wants to ensure that all Docker images deployed to GKE clusters are scanned for vulnerabilities and that only images with 'Medium' or lower severity vulnerabilities are allowed to run. Which combination of tools is required?
View Question & Answer ➔
You are implementing a CI/CD pipeline for a fleet of microservices. You want to ensure that only tested and approved container images are deployed to production. Which GCP service provides a centralized model for image governance and metadata?
View Question & Answer ➔
An organization wants to run their CI/CD workloads in a way that minimizes infrastructure management and costs, only paying for the exact time the build step is running. Which service is best?
View Question & Answer ➔
A company wants to implement a standardized 'Software Supply Chain' security policy that requires all code to be built on Google-managed infrastructure, scanned for vulnerabilities, and then cryptographically signed before it can be deployed to GKE. Which service handles the 'signing and verification' part?
View Question & Answer ➔
A DevOps team wants to automate the deployment of GKE workloads using a continuous delivery pipeline that supports Canary deployments and automatic rollbacks. Which service integrates these CD best practices natively?
View Question & Answer ➔
Your organization wants to strictly control which container images can be deployed in production. They want to ensure that every image has been scanned for vulnerabilities within the last 24 hours. Which tool helps with this 'continuous verification'?
View Question & Answer ➔
Scenario: To improve the reliability of an automated deployment process, you want to ensure that a 'Canary' deployment only becomes fully live if its error rate (measured in Cloud Logging) is below 1%. Solution ?
View Question & Answer ➔
How can you ensure that your GKE cluster only runs container images that were built by your specific CI/CD pipeline and have passed a security audit?
View Question & Answer ➔
An organization wants to run their CI/CD workloads on-premises but still use the managed Google Cloud Build interface to trigger and monitor them. Which feature enables this hybrid CI/CD model?
View Question & Answer ➔
Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?
View Question & Answer ➔
Your organization wants to move their complex ETL pipelines from locally managed Spark clusters to a serverless model that doesn't require manual cluster provisioning or tuning. Which Dataproc feature provides this?
View Question & Answer ➔
Your team is deploying a machine learning model for image classification. They want to ensure that the model is automatically updated when its performance falls below a certain threshold in production. Which Vertex AI component orchestrates this end-to-end workflow?
View Question & Answer ➔
A news website wants to automatically translate user comments into 100 languages in real-time. They want a solution that scales to millions of requests with zero server management. Which service is best?
View Question & Answer ➔
Your data science team is training multiple versions of the same model and needs a centralized way to manage model metadata, versions, and lineage. Which Vertex AI component is essential for this?
View Question & Answer ➔
An organization wants to share ML features (e.g., user embeddings, product popularity) across different teams and projects to ensure feature consistency and reduce redundant computation. Which service should they use?
View Question & Answer ➔
An organization wants to move their complex Hadoop/Spark jobs to GCP. They want to avoid managing clusters but still need the ability to customize the software environment (e.g., install specific Python libraries). Which Dataproc feature supports this?
View Question & Answer ➔
Which tool provides a way to 'Shadow' production traffic and send a copy to a new version of a service to test its performance and accuracy without impacting real users?
View Question & Answer ➔
Your organization is running a massive distributed training job for a large language model (LLM). They need specialized hardware that can handle the matrix multiplication required for deep learning at extreme scale. Which GCP resource should they use?
View Question & Answer ➔
A financial company wants to automate their data processing pipeline to handle late-arriving data. They use Dataflow and want to ensure that it only waits for a specific 'grace period' before finalizing a window of data. Which concept should they implement?
View Question & Answer ➔
To improve security and reduce cost, you want to identify all Service Accounts in your organization that have not been used for the last 90 days. Which tool provide this information?
View Question & Answer ➔
Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?
View Question & Answer ➔
A financial services client needs to ensure that their cloud-based application is compliant with residency requirements that specify data must never leave the European Union. How can they enforce this at the organization level?
View Question & Answer ➔
An organization is migrating their on-premises identity system to GCP. They want to ensure that all their employees can use their existing enterprise credentials to log in to the Google Cloud Console. Which tool is necessary?
View Question & Answer ➔
A company wants to analyze their GCP spend across different business departments. They have labeled each project with a 'department' tag. What is the most effective way to produce these reports?
View Question & Answer ➔
An organization following zero-trust principles wants to allow employees to access internal GCP resources only if they are using a company-managed device with an active antivirus and are located in a specific country. Which GCP service enables this context-aware access?
View Question & Answer ➔
A SaaS provider wants to ensure that all customer data is stored in the region where the customer is located to comply with local laws. They manage hundreds of GCP projects. How can they enforce this at scale?
View Question & Answer ➔
Scenario: To improve security, an architect wants to ensure that all VMs in a production VPC must use a specific Service Account and that 'default' service accounts are never used. How can this be enforced?
View Question & Answer ➔
A security auditor needs to view the effective IAM permissions of a specific user across all projects in the organization. Which tool provides a way to search for 'Who has what access' across the entire resource hierarchy?
View Question & Answer ➔
An organization following the 'Least Privilege' principle wants to restrict all developers from creating new GCP projects. How should they implement this organizational control?
View Question & Answer ➔
Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?
View Question & Answer ➔
Your organization wants to transition from a monolithic application to microservices and wants a way to manage, secure, and monitor the communication between these services across multiple GKE clusters. Which Anthos component is best?
View Question & Answer ➔
Which GCP service provides a way to run managed Jupyter notebooks with integrated access to GCP datasets and ML training resources?
View Question & Answer ➔
Your BigQuery analysts are complaining that repetitive, complex queries are running slowly and consuming too many slots. You want to precompute and cache the results of these queries in a way that BigQuery automatically manages and refreshes. Which feature should you implement?
View Question & Answer ➔
Scenario: To reduce the cost of a data warehouse, you want to store 5 years of historical data in BigQuery but only pay for the cheaper 'long-term storage' price. How do you qualify for this lower price?
View Question & Answer ➔
You are designing a disaster recovery plan for a data analytics platform. You want to ensure that if a region fails, your BigQuery data is safe and available in another region with an RTO of less than 1 hour. Which feature is most effective?
View Question & Answer ➔
You are hosting a very large dataset in BigQuery. You want to minimize the amount of data scanned for common queries that filter by 'date'. What should you do?
View Question & Answer ➔
An organization wants to manage their data in GCP following the 'Principle of Least Privilege'. They want to ensure that a group of analysts can ONLY query data in BigQuery but cannot delete or modify any tables. Which IAM role should they be granted?
View Question & Answer ➔
To protect your BigQuery environment from accidental high-cost queries (e.g., a 'SELECT *' on a petabyte-scale table), what is the most effective preventative control?
View Question & Answer ➔
To ensure that sensitive data (like credit card numbers) is never stored in cleartext in your BigQuery tables, which service should you integrate into your ETL pipeline?
View Question & Answer ➔
Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?
View Question & Answer ➔
You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?
View Question & Answer ➔
You are designing a disaster recovery plan for a mission-critical web application on GCE. You need to ensure that the application can be recovered in a different region with a Recovery Time Objective (RTO) of 15 minutes. Which component is crucial?
View Question & Answer ➔
An application requires extremely high IOPS and lowest possible latency for temporary swap space. Which disk type should you choose?
View Question & Answer ➔
Your company is audit-heavy and needs to track every single configuration change made to any resource in the Google Cloud organization over the last 10 years. What is the most efficient way to achieve this?
View Question & Answer ➔
Your team is adopting SRE principles and wants to define an 'Error Budget' for a critical service. Which metric is necessary to calculate this?
View Question & Answer ➔
You are designing a high-throughput data ingestion pipeline for log files. The logs must be stored for 7 days for real-time analysis in BigQuery and then archived to Cloud Storage for long-term compliance. Which architecture is best?
View Question & Answer ➔
An organization wants to automate the identification and classification of PII in their BigQuery tables. They want a periodic report of sensitive columns. Which service provides this functionality natively?
View Question & Answer ➔
What is the primary log type you should enable to meet FedRAMP high compliance in GCP for tracking internal system changes by Google personnel?
View Question & Answer ➔
An organization wants to analyze the latency of their microservices architecture at the individual RPC level. They want to see which specific service call is causing a delay in a user request. Which tool should they use?
View Question & Answer ➔
You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?
View Question & Answer ➔
You are hosting a Java-based application on GCE and noticing that the CPU usage is periodically spiking to 100%. You want to identify the specific function or line of code that is consuming the most CPU in production with minimal impact on performance. Which tool should you use?
View Question & Answer ➔
An organization wants to monitor all administrative actions across their entire GCP Organization, including changes to IAM policies and project deletions. They want to route all these logs to a central security project for long-term analysis in BigQuery. What should they create?
View Question & Answer ➔
Which tool provides a way to 'Replay' archived logs to test how a new monitoring or log processing rule would have behaved in the past?
View Question & Answer ➔
Which Cloud Logging feature allows you to create a real-time graph of the number of '404' errors appearing in your web server logs?
View Question & Answer ➔
What is the primary log type that captures information about when a GCP resource (like a VM) was created or deleted?
View Question & Answer ➔
Which Cloud Monitoring feature allows you to combine multiple metrics into a single health score for an entire multi-tier application?
View Question & Answer ➔
An organization wants to analyze their GCP console activity to identify if any account has been used from an unusual location. Which log type is most relevant?
View Question & Answer ➔
A global gaming company wants to route users to the closest regional cluster to minimize latency while using a single anycast IP address. Which load balancer should they implement?
View Question & Answer ➔
A media company is experiencing slow website performance for users in Asia. They have a global load balancer and backends in us-east1 and us-west1. What is the most effective solution to lower latency for Asian users?
View Question & Answer ➔
You need stateful firewall rules at the Google Compute Engine instance level. What should you configure?
View Question & Answer ➔
Scenario: You are designing a multi-tier web application. You need a way to ensure that the database tier can only be accessed by the application tier, and the application tier can only be accessed by the load balancer. How would you do this in GCP?
View Question & Answer ➔
You are hosting a globally available application. You want to ensure that traffic is routed based on the healthiest backend, not just proximity. Which tool handles this?
View Question & Answer ➔
You are migrating a large web application that uses a custom SSL termination logic based on client IP headers. You need a load balancer that passes the original TCP packet to the backend without modification. Which one should you choose?
View Question & Answer ➔
What is the primary difference between IAM roles and ACLs in Cloud Storage?
View Question & Answer ➔
What is the primary benefit of 'Regional Cloud Storage' over 'Multi-Regional Cloud Storage'?
View Question & Answer ➔
To protect against a ransomware attack that deletes all objects in a Cloud Storage bucket, which feature should you enable?
View Question & Answer ➔
How can you optimize Cloud Storage performance for very high read/write throughput (thousands of requests per second)?
View Question & Answer ➔
Your company is running a stateful application on GKE. You need to ensure that when a pod is rescheduled to a different node, it can still access its persistent data. What must you use?
View Question & Answer ➔
A global enterprise needs to implement a Disaster Recovery (DR) solution for their multi-region GKE deployment. They want to ensure that in the event of a regional failure, user traffic is automatically rerouted to the secondary region with minimal latency. What is the key component?
View Question & Answer ➔
You need to explicitly deny traffic from a specific IP address to your Google Compute Engine instances. Can VPC Firewall Rules natively handle explicit deny rules?
View Question & Answer ➔
You need stateless firewall rules at the subnet level in your Virtual Private Cloud (VPC). What should you configure?
View Question & Answer ➔
To prevent unauthorized lateral movement in a GKE cluster if a pod is compromised, what security feature should you implement?
View Question & Answer ➔
Scenario: To secure a GKE cluster for a HIPAA-compliant workload, an architect wants to ensure that all administrative actions (e.g., creating a deployment) are logged. Which tool is essential?
View Question & Answer ➔
How can you securely store and retrieve secrets in GKE without hardcoding them in your application code or Dockerfile?
View Question & Answer ➔
To improve the security of a GKE cluster, an architect wants to ensure that all pods are forbidden from running as the 'root' user and that they cannot access the host's filesystem. Which Kubernetes resource handles these security constraints?
View Question & Answer ➔
You are building a high-performance transactional system on GKE. You want to ensure that your database pods always run on VMs with the fastest possible local storage for low-latency scratch space. Which GKE feature helps with this?
View Question & Answer ➔
In a GKE Autopilot cluster, what is the primary billing metric for your workloads?
View Question & Answer ➔
An organization wants to implement 'Workload Identity' for their GKE clusters. What is the core security problem this feature solves?
View Question & Answer ➔
Which GKE feature allows you to run your pods on 'Spot' VMs to save up to 90% on compute costs, while automatically handling the potential for instance reclamation?
View Question & Answer ➔
You need to monitor CPU utilization of your Google Compute Engine instances and set up alarms for automated actions. Which service should you use?
View Question & Answer ➔
Your application running on Google Compute Engine needs a central location for log aggregation and real-time analysis. Which Google Cloud Observability capability should you use?
View Question & Answer ➔
What is the primary benefit of 'Workload Identity' for GKE compared to using node-level service accounts?
View Question & Answer ➔
A global conglomerate wants to manage their GCP infrastructure using Terraform but wants to ensure that no developer can bypass the Terraform process and make manual changes in the console. How should they approach this?
View Question & Answer ➔
An organization wants to centralize the management of all their GCP projects and enforce strict constraints on which APIs can be enabled in their environment. Where is the best place to apply these 'Organization Policies'?
View Question & Answer ➔
An organization wants to ensure that no developer can create a VM with a public IP address. How can they enforce this at the organization level?
View Question & Answer ➔
Your organization is running several projects in a single GCP project. You want to ensure that Project A cannot access the VPC of Project B. What is the fundamental way to achieve this isolation?
View Question & Answer ➔
Your organization is audit-heavy. You need to provide a report of all IAM policy changes (e.g., who granted what role to whom) across the entire organization over the last 6 months. Where should you look?
View Question & Answer ➔
An organization following the 'Principle of Least Privilege' noticed that many developers have the 'Editor' role at the project level. They want to find a more granular set of permissions that better matches actual usage. Which tool automatically provides these recommendations?
View Question & Answer ➔
How can you ensure that your Google Cloud organization is protected from an 'account takeover' of a super-administrator user?
View Question & Answer ➔

← PreviousPage 2 of 3Next →

professional cloud architect Practice Questions

Your data science team needs a fully managed environment to build, train, and deploy custom machine learning models using TensorFlow. Which platform provides these end-to-end MLOps capabilities?

Your startup needs a serverless backend that can automatically handle complex, multi-step business logic with conditions and retries, while integrating with Cloud Functions and BigQuery. Which service is best for orchestration?

A media company wants to analyze a massive library of videos to automatically generate summaries and identify celebrities. Which pre-trained AI API should they use?

Your team is running a large-scale Hadoop cluster on GCE VMs. They want to move to a more serverless environment to reduce costs during times when no jobs are running. What is the most cost-effective path?

Your organization is running a critical ML model in production. You want to be alerted automatically if the distribution of incoming feature data significantly deviates from the training data, potentially causing model performance to drop. Which Vertex AI component should you use?

You are migrating a 200 TB HDFS cluster to Google Cloud. You want a storage solution that is HDFS-compatible but offers the durability and lower cost of Cloud Storage. Which tool allows you to treat a GCS bucket as an HDFS filesystem?

A team of data scientists is performing hyperparameter tuning on a complex deep learning model. They want to automate the process of finding the optimal set of parameters to maximize model accuracy. Which Vertex AI component is designed for this?

A manufacturing company wants to implement edge computing to process sensor data locally before sending summaries to GCP. They want to use the same Kubernetes-based tools they use in the cloud. Which GCP brand covers this hybrid/edge use case?

A media agency wants to automatically generate subtitles for their library of thousands of videos in multiple languages. Which pre-trained GCP Speech API is best suited for this batch processing task?

which tool provides a managed environment for building, training, and deploying ML models with a focus on 'Data-Centric AI' and integrated data labeling services?

You are designing a CI/CD pipeline. You need a service to compile source code, run tests, and produce software packages that are ready to deploy. Which service handles the build phase?

A DevOps team wants to ensure that all Docker images deployed to GKE clusters are scanned for vulnerabilities and that only images with 'Medium' or lower severity vulnerabilities are allowed to run. Which combination of tools is required?

You are implementing a CI/CD pipeline for a fleet of microservices. You want to ensure that only tested and approved container images are deployed to production. Which GCP service provides a centralized model for image governance and metadata?

An organization wants to run their CI/CD workloads in a way that minimizes infrastructure management and costs, only paying for the exact time the build step is running. Which service is best?

A DevOps team wants to automate the deployment of GKE workloads using a continuous delivery pipeline that supports Canary deployments and automatic rollbacks. Which service integrates these CD best practices natively?

Your organization wants to strictly control which container images can be deployed in production. They want to ensure that every image has been scanned for vulnerabilities within the last 24 hours. Which tool helps with this 'continuous verification'?

Scenario: To improve the reliability of an automated deployment process, you want to ensure that a 'Canary' deployment only becomes fully live if its error rate (measured in Cloud Logging) is below 1%. Solution ?

How can you ensure that your GKE cluster only runs container images that were built by your specific CI/CD pipeline and have passed a security audit?

An organization wants to run their CI/CD workloads on-premises but still use the managed Google Cloud Build interface to trigger and monitor them. Which feature enables this hybrid CI/CD model?

Your team wants to automate the provisioning of infrastructure to ensure consistency across environments. You need to define your infrastructure as code (IaC) using declarative templates. Which service should you use?

Your organization wants to move their complex ETL pipelines from locally managed Spark clusters to a serverless model that doesn't require manual cluster provisioning or tuning. Which Dataproc feature provides this?

Your team is deploying a machine learning model for image classification. They want to ensure that the model is automatically updated when its performance falls below a certain threshold in production. Which Vertex AI component orchestrates this end-to-end workflow?

A news website wants to automatically translate user comments into 100 languages in real-time. They want a solution that scales to millions of requests with zero server management. Which service is best?

Your data science team is training multiple versions of the same model and needs a centralized way to manage model metadata, versions, and lineage. Which Vertex AI component is essential for this?

An organization wants to share ML features (e.g., user embeddings, product popularity) across different teams and projects to ensure feature consistency and reduce redundant computation. Which service should they use?

An organization wants to move their complex Hadoop/Spark jobs to GCP. They want to avoid managing clusters but still need the ability to customize the software environment (e.g., install specific Python libraries). Which Dataproc feature supports this?

Which tool provides a way to 'Shadow' production traffic and send a copy to a new version of a service to test its performance and accuracy without impacting real users?

Your organization is running a massive distributed training job for a large language model (LLM). They need specialized hardware that can handle the matrix multiplication required for deep learning at extreme scale. Which GCP resource should they use?

A financial company wants to automate their data processing pipeline to handle late-arriving data. They use Dataflow and want to ensure that it only waits for a specific 'grace period' before finalizing a window of data. Which concept should they implement?

To improve security and reduce cost, you want to identify all Service Accounts in your organization that have not been used for the last 90 days. Which tool provide this information?

Your organization has multiple cloud accounts. Users in Account A need temporary access to resources in Account B. What Cloud IAM feature should you use?

A financial services client needs to ensure that their cloud-based application is compliant with residency requirements that specify data must never leave the European Union. How can they enforce this at the organization level?

An organization is migrating their on-premises identity system to GCP. They want to ensure that all their employees can use their existing enterprise credentials to log in to the Google Cloud Console. Which tool is necessary?

A company wants to analyze their GCP spend across different business departments. They have labeled each project with a 'department' tag. What is the most effective way to produce these reports?

An organization following zero-trust principles wants to allow employees to access internal GCP resources only if they are using a company-managed device with an active antivirus and are located in a specific country. Which GCP service enables this context-aware access?

A SaaS provider wants to ensure that all customer data is stored in the region where the customer is located to comply with local laws. They manage hundreds of GCP projects. How can they enforce this at scale?

Scenario: To improve security, an architect wants to ensure that all VMs in a production VPC must use a specific Service Account and that 'default' service accounts are never used. How can this be enforced?

A security auditor needs to view the effective IAM permissions of a specific user across all projects in the organization. Which tool provides a way to search for 'Who has what access' across the entire resource hierarchy?

An organization following the 'Least Privilege' principle wants to restrict all developers from creating new GCP projects. How should they implement this organizational control?

Your application requires high CPU performance for compute-intensive workloads like video encoding. Which Google Compute Engine instance type is optimized for this?

Your organization wants to transition from a monolithic application to microservices and wants a way to manage, secure, and monitor the communication between these services across multiple GKE clusters. Which Anthos component is best?

Which GCP service provides a way to run managed Jupyter notebooks with integrated access to GCP datasets and ML training resources?

Your BigQuery analysts are complaining that repetitive, complex queries are running slowly and consuming too many slots. You want to precompute and cache the results of these queries in a way that BigQuery automatically manages and refreshes. Which feature should you implement?

Scenario: To reduce the cost of a data warehouse, you want to store 5 years of historical data in BigQuery but only pay for the cheaper 'long-term storage' price. How do you qualify for this lower price?

You are designing a disaster recovery plan for a data analytics platform. You want to ensure that if a region fails, your BigQuery data is safe and available in another region with an RTO of less than 1 hour. Which feature is most effective?

You are hosting a very large dataset in BigQuery. You want to minimize the amount of data scanned for common queries that filter by 'date'. What should you do?

An organization wants to manage their data in GCP following the 'Principle of Least Privilege'. They want to ensure that a group of analysts can ONLY query data in BigQuery but cannot delete or modify any tables. Which IAM role should they be granted?

To protect your BigQuery environment from accidental high-cost queries (e.g., a 'SELECT *' on a petabyte-scale table), what is the most effective preventative control?

To ensure that sensitive data (like credit card numbers) is never stored in cleartext in your BigQuery tables, which service should you integrate into your ETL pipeline?

Your application requires persistent block storage that survives Google Compute Engine instance termination. Which service should you use?

You need to create a backup of your Persistent Disk volume for disaster recovery. What feature should you use?

You are designing a disaster recovery plan for a mission-critical web application on GCE. You need to ensure that the application can be recovered in a different region with a Recovery Time Objective (RTO) of 15 minutes. Which component is crucial?

An application requires extremely high IOPS and lowest possible latency for temporary swap space. Which disk type should you choose?

Your company is audit-heavy and needs to track every single configuration change made to any resource in the Google Cloud organization over the last 10 years. What is the most efficient way to achieve this?

Your team is adopting SRE principles and wants to define an 'Error Budget' for a critical service. Which metric is necessary to calculate this?

You are designing a high-throughput data ingestion pipeline for log files. The logs must be stored for 7 days for real-time analysis in BigQuery and then archived to Cloud Storage for long-term compliance. Which architecture is best?

An organization wants to automate the identification and classification of PII in their BigQuery tables. They want a periodic report of sensitive columns. Which service provides this functionality natively?

What is the primary log type you should enable to meet FedRAMP high compliance in GCP for tracking internal system changes by Google personnel?

An organization wants to analyze the latency of their microservices architecture at the individual RPC level. They want to see which specific service call is causing a delay in a user request. Which tool should they use?

You need to create a logically isolated section of your cloud environment where you can launch resources in a virtual network that you define. Which service provides this?

You are hosting a Java-based application on GCE and noticing that the CPU usage is periodically spiking to 100%. You want to identify the specific function or line of code that is consuming the most CPU in production with minimal impact on performance. Which tool should you use?

An organization wants to monitor all administrative actions across their entire GCP Organization, including changes to IAM policies and project deletions. They want to route all these logs to a central security project for long-term analysis in BigQuery. What should they create?

Which tool provides a way to 'Replay' archived logs to test how a new monitoring or log processing rule would have behaved in the past?

Which Cloud Logging feature allows you to create a real-time graph of the number of '404' errors appearing in your web server logs?

What is the primary log type that captures information about when a GCP resource (like a VM) was created or deleted?

Which Cloud Monitoring feature allows you to combine multiple metrics into a single health score for an entire multi-tier application?

An organization wants to analyze their GCP console activity to identify if any account has been used from an unusual location. Which log type is most relevant?

A global gaming company wants to route users to the closest regional cluster to minimize latency while using a single anycast IP address. Which load balancer should they implement?

A media company is experiencing slow website performance for users in Asia. They have a global load balancer and backends in us-east1 and us-west1. What is the most effective solution to lower latency for Asian users?

You need stateful firewall rules at the Google Compute Engine instance level. What should you configure?

Scenario: You are designing a multi-tier web application. You need a way to ensure that the database tier can only be accessed by the application tier, and the application tier can only be accessed by the load balancer. How would you do this in GCP?

You are hosting a globally available application. You want to ensure that traffic is routed based on the healthiest backend, not just proximity. Which tool handles this?

You are migrating a large web application that uses a custom SSL termination logic based on client IP headers. You need a load balancer that passes the original TCP packet to the backend without modification. Which one should you choose?

What is the primary difference between IAM roles and ACLs in Cloud Storage?

What is the primary benefit of 'Regional Cloud Storage' over 'Multi-Regional Cloud Storage'?

To protect against a ransomware attack that deletes all objects in a Cloud Storage bucket, which feature should you enable?

How can you optimize Cloud Storage performance for very high read/write throughput (thousands of requests per second)?

Your company is running a stateful application on GKE. You need to ensure that when a pod is rescheduled to a different node, it can still access its persistent data. What must you use?

A global enterprise needs to implement a Disaster Recovery (DR) solution for their multi-region GKE deployment. They want to ensure that in the event of a regional failure, user traffic is automatically rerouted to the secondary region with minimal latency. What is the key component?