Google Professional Cloud Architect Exam Questions Free

1. A manufacturing plant's IoT devices continuously send data during operations. You need to process and analyze the incoming telemetry data. After processing, the data should be retained, but it will only be accessed once every month or two. Your CIO has issued a directive to incorporate managed services wherever possible. You want a cost-effective solution to process the incoming streams of data. What steps should you take to achieve this goal?

2. A healthcare organization is migrating its on-premises infrastructure to Google Cloud. The organization wants to define a catalog of pre-approved resources for different departments to provision in the cloud. Additionally, they want to enforce compliance policies during the provisioning process. Which Google Cloud service can help achieve these requirements?

3. A media company is seeking assistance in expanding the reach of existing recorded video content to new audiences in emerging regions. Taking into account both the business and technical requirements of company, what steps should be taken to achieve this goal?

4. You have several Compute Engine instances running NGINX and Tomcat for a web application. In your web server logs, many login failures come from a single IP address, which looks like a brute force attack. How can you block this traffic?

5. Your company's DevOps team used Cloud Source Repositories, Cloud Build, and Artifact Registry to successfully implement the build portion of an application's CI/CD process.. However, the deployment process is erroring out. Initial troubleshooting shows that the runtime environment does not have access to the build images. You need to advise the team on how to resolve the issue.
What could cause this problem?

6. Your client is mandated by law to adhere to the Payment Card Industry Data Security Standard (PCI-DSS). Although the client undergoes formal audits periodically, these audits may not suffice for continuous compliance. To facilitate adherence to PCI-DSS requirements more seamlessly, the client seeks to proactively monitor for common violations and detect them early, without replacing the existing audit processes.

what recommendations would you propose to help the client engage in continuous compliance and promptly identify violations?

7. Your organization aims to monitor the occupancy status of meeting rooms reserved for scheduled meetings. With 1000 meeting rooms distributed across 5 offices on 3 continents, each room is fitted with a motion sensor that transmits its status every second. To cater to the data ingestion requirements of this sensor network, the receiving infrastructure must be capable of handling potential inconsistencies in device connectivity. What type of solution should be devised to address this scenario?

8. You are designing a future-proof hybrid environment that will require network connectivity between Google Cloud and your on-premises environment. You want to ensure that the Google Cloud environment you are designing is compatible with your on-premises networking environment. What steps should be taken to achieve this compatibility?

9. A company, Skyhigh, is exploring database solutions to store the analytics data generated from its trial delivery operations. Currently relying on a small cluster of MongoDB NoSQL database servers, the company aims to transition to a managed NoSQL database service offering consistent low latency, seamless throughput scalability, and the capability to manage the expected petabytes of data as they expand into new markets. What steps should be taken in this scenario?

10. Employees at Star corporation will utilize Google Workspace. The existing on-premises network does not meet the necessary criteria for connecting to Google's public infrastructure. What steps should be taken in this situation?

11. A startup is interested in implementing a multi-layered security approach for their Compute Engine instances. What are some strategies that you can be employed to enhance the security of Compute Engine instances for startup?

12. A company has recently migrated its critical applications to Google Cloud Platform (GCP) to take advantage of its scalability and flexibility. The company wants to ensure business continuity in case of unexpected disasters or outages. As part of their disaster recovery strategy, they have implemented the following:

1. Regular data backups to Google Cloud Storage.
2. Utilization of multiple GCP regions for redundancy.
3. Implementation of Google Cloud's Traffic Director for load balancing across regions.

Which of the following statements regarding the company's disaster recovery strategy is most accurate?

13. You are responsible for monitoring a critical application hosted on Google Cloud Platform. The application consists of multiple microservices running on Compute Engine instances. You need to set up monitoring and alerting to ensure the availability and performance of these services.

Which combination of Google Cloud services would you use to achieve comprehensive monitoring, logging, and alerting for this application?

14. A Games studio wants you to make sure their new gaming platform is being operated according to Google best practices. You want to verify that Google-recommended security best practices are being met while also providing the operations teams with the metrics they need. What should you do? (Choose two)

15. One of Healthcare firm's customers is an internationally renowned research and hospital facility. Many of their patients are well-known public personalities. Sources both inside and outside have tried many times to obtain health information on these patients for malicious purposes. The hospital requires that patient information stored in Cloud Storage buckets not leave the geographic areas in which the buckets are hosted. You need to ensure that information stored in Cloud Storage buckets in the "europe-west2" region does not leave that area. What should you do?

16. In your organization, there is a 3-tier web application running within the same Google Cloud Virtual Private Cloud (VPC). The web, API, and database tiers can scale independently. The desired network traffic flow should move from the web tier to the API tier and then to the database tier, without any direct traffic between the web and database tiers. How can you configure the network with minimal steps to achieve this setup?

17. A financial services company operating on Google Cloud is required to comply with strict regulatory guidelines for disaster recovery planning. The company needs to ensure that data is replicated across geographically dispersed locations and that recovery time objectives (RTOs) are minimized. Which combination of Google Cloud services and features would best meet these requirements?

18. A healthcare company wants to connect one of their data centers to Google Cloud. The data center is in a remote location over 100 kilometers from a Google-owned point of presence. They can't afford new hardware, but their existing firewall can accommodate future throughput growth. They also shared these data points:
• Servers in their on-premises data center need to talk to Google Kubernetes Engine (GKE) resources in the cloud.
• Both on-premises servers and cloud resources are configured with private RFC 1918 IP addresses.
• The service provider has informed the customer that basic Internet connectivity is a best-effort service with no SLA.
You need to recommend a connectivity option. What should you recommend?

19. Your new software, hosted on Google Cloud, is in public beta, and you want to design meaningful service level objectives (SLOs) before the software becomes generally available. What should you do?

20. Your client established an Identity and Access Management (IAM) resource structure within Google Cloud during the startup phase. As the company has expanded, multiple departments and teams have emerged. To align with Google's recommended practices, you aim to propose a resource hierarchy. What steps should you take?

21. A shipping company's warehouse and inventory system, developed in Java and employing a microservices architecture within GKE, has encountered a perplexing issue. Seemingly at unpredictable intervals, specific requests experience a considerable 5-10 times slowdown compared to their usual performance. Despite exhaustive attempts by the development team to recreate the problem in testing environments, the root cause of this erratic behavior eludes identification. In light of this complex scenario, What steps should be taken to address this situation?

22. Anonymous users from all over the world access a public health information website hosted in an on-premises EHR data center. The servers that host this website are older, and users are complaining about sluggish response times. There has also been a recent increase of distributed denial-of-service attacks toward the website. The attacks always come from the same IP address ranges. EHR management has identified the public health information website as an easy, low risk application to migrate to Google Cloud. You need to improve access latency and provide a security solution that will prevent the denial-of-service traffic from entering your Virtual Private Cloud (VPC) network. What should you do?

23. The sales team of XYZ Corporation operates remotely and travels to various sites for their work. Irrespective of their whereabouts, these employees require access to web-based sales tools hosted in the XYZ data center. XYZ has decided to phase out its existing Virtual Private Network (VPN) infrastructure and transition to a BeyondCorp access model for enhanced security. Each sales representative possesses a Google Workspace account, which they utilize for single sign-on (SSO). What steps should you take to implement this transition effectively?

24. You are working with a client who is using Google Kubernetes Engine (GKE) to migrate applications from a virtual machine–based environment to a microservices-based architecture. Your client has a complex legacy application that stores a significant amount of data on the file system of its VM. You do not want to re-write the application to use an external service to store the file system data. What should you do?

25. You need to grant a user (user@example.com) the Editor role (roles/editor) on your GCP project using the gcloud CLI.

Which of the following commands would you use to update the IAM policy and add the user with the Editor role?

26. You are working at Building Block, a software development company, currently hosts their existing application on Ubuntu Linux VMs in an on-premises hypervisor. They want to migrate their application to Google Cloud with minimal refactoring. What should you do?

27. A company is planning to migrate its on-premises data warehouse to Google BigQuery for better scalability and performance. The company wants to optimize costs while ensuring minimal impact on existing analytics processes. Which approach would be most effective in achieving these goals?

28. Pixel Solution regularly updates its IOT software every 4 to 6 weeks. Despite the majority of releases being successful, you have encountered some instances where problematic releases resulted in the unavailability of IOT software, requiring software developers to roll back the release. To enhance the reliability of software releases and avoid similar issues in the future, what steps should you take?

29. Your company wants to try out the cloud with low risk. They intend to archive around 100 TB of log data to the cloud to explore the serverless analytics capabilities offered there, all while using this data for long-term disaster recovery purposes. What are the two recommended steps they should follow? (Select two)

30. You are working in a mixed environment of VMs and Kubernetes. Some of your resources are on-premises, and some are in Google Cloud. Using containers as a part of your CI/CD pipeline has sped up releases significantly. You want to start migrating some of those VMs to containers so you can get similar benefits. You want to automate the migration process where possible. What should you do?

31. A development team is preparing for a major update to a critical application running on Google Cloud Compute Engine instances. Which testing approach would be most effective in ensuring minimal downtime and optimal performance during the update process?

32. You have deployed a Flask web application named test.py written in Python using Cloud Run. While the application performed as expected in testing and staging environments, upon deployment to the production environment, product search results displayed items that should have been filtered out based on user preferences. The developer suspects that the performance issue may be linked to the 'user.productFilter' variable, either being unset or incorrectly evaluated. You aim to gain visibility into the situation while minimizing user impact, considering this is not a critical bug. What steps should be taken to address this situation?

33. To implement load balancing for a web-based application with multiple backends in different regions, you aim to route traffic to the closest backend to the end user and also to different backends based on the accessed URL. Which of the following methods could achieve this?

34. The database administration team has asked you to help them improve the performance of their new database server running on Google Compute Engine. The database is used for importing and normalizing the company’s performance statistics. It is built with MySQL running on Debian Linux. They have an n1-standard-8 virtual machine with 80 GB of SSD zonal persistent disk which they can't restart until the next maintenance event. What should they change to get better performance from this system as soon as possible and in a cost-effective manner?

35. You are a DevOps engineer responsible for managing a healthcare application hosted on Google Cloud Platform (GCP). The application handles sensitive patient data and must comply with strict regulatory requirements for data security and privacy. As part of your role, you need to evaluate the quality control measures implemented in the GCP environment to ensure data integrity and security. When evaluating quality control measures in Google Cloud for the healthcare application, which of the following strategies would be most effective in ensuring data integrity and security?

36. You are the data compliance officer for Codehard Games and must protect customers' personally identifiable information (PII). Codehard Games wants to make sure they can generate anonymized usage reports about their new game and delete PII data after a specific period of time. The solution should have minimal cost. You need to ensure compliance while meeting business and technical requirements. What should you do?

37. You are designing a large distributed application with 30 microservices. Each of your distributed microservices needs to connect to a database backend. You want to store the credentials securely. Where should you store the credentials?

38. Your task involves setting up Virtual Private Cloud (VPC) Service Controls for Startup. Startup aims to permit Cloud Shell usage for its developers while ensuring that they do not possess complete access to managed services. Balancing these opposing objectives with startup' business necessities is essential. What actions would you recommend to address these challenges effectively?

39. You are the data compliance officer for a MNC and must protect customers' personally identifiable information (PII), like credit card information. Company wants to personalize product recommendations for its large industrial customers. You need to respect data privacy and deliver a solution. What should you do?

40. Your team is working on an application that utilizes Cloud Bigtable for its high throughput and scalability. To ensure changes do not break existing functionality, you plan to integrate the Cloud Bigtable Emulator into your Continuous Integration/Continuous Deployment (CI/CD) pipeline.

Which of the following approaches is the most effective way to integrate the Google Cloud Bigtable Emulator into your CI/CD pipeline for automated testing?

41. You have been approached by a client who has developed a secure messaging application. This application is built on open source technology and consists of two components. The first component is a web application, developed in Go, which handles user registration and IP address authorization. The second component is an encrypted chat protocol that utilizes TCP to communicate with the backend chat servers running Debian. The application is designed to terminate a user's session if their IP address does not match the registered IP address. The client expects the number of users to fluctuate significantly throughout the day and wants the application to be easily scalable to meet the demand. What steps you can take to address their requirements?

42. Hackbox, a software development company, wants to streamline the process of releasing new applications. They aim to establish an automation pipeline that will enable them to efficiently develop, test, and deploy their applications.

43. You set up an autoscaling managed instance group to serve web traffic for an upcoming launch. After configuring the instance group as a backend service to an HTTP(S) load balancer, you notice that virtual machine (VM) instances are being terminated and re-launched every minute. The instances do not have a public IP address. You have verified that the appropriate web response is coming from each instance using the curl command. You want to ensure that the backend is configured correctly. What should you do?

44. TechWave Solutions is developing a service for integrating social media platforms using Google Cloud. As a manager with no technical background, Mahesh is focused on keeping the project within its allocated budget and swiftly addressing any unforeseen spikes in costs. Your responsibility involves configuring both access permissions and billing arrangements for this project.
What should you do?

45. A software company developers have developed a new application. Initially, the application was set to run on Compute Engine instances with 15 GB of RAM and 4 CPUs. These instances stored data locally. However, after several months of running the application, historical data shows that it now requires 30 GB of RAM. The management at software company is looking to reduce costs. What should you do?

46. As you embark on a new project, your upcoming task involves establishing a Dedicated Interconnect connecting two data centers. To guarantee that your resources are exclusively deployed in regions where your data centers reside, it is crucial to avoid any IP address overlaps that may lead to conflicts during the interconnect setup. Opting for RFC 1918 class B address space is your preference. What steps should you take to achieve this objective?

47. Your customer is moving their corporate applications to Google Cloud. The security team wants detailed visibility of all resources in the organization. You use Resource Manager to set yourself up as the Organization Administrator. Which Identity and Access Management (IAM) roles should you give to the security team while following Google recommended practices?

48. Symphony Systems operates a complex application hosted on a Compute Engine instance within the Google Cloud ecosystem. The application demands seamless access to multiple Google Cloud services for its functionality. However, Symphony Systems adheres to stringent security protocols and aims to avoid storing any sensitive credentials directly on the VM instance.

In this intricate scenario, the challenge lies in establishing a secure mechanism that grants the application the necessary permissions to interact with various Google Cloud services without compromising the system's integrity or exposing sensitive credentials.

How should Symphony Systems strategically address this complex scenario while maintaining the security and efficiency of its operations?

49. Melody Marketplace's user account management app enables users to delete their accounts at their convenience. In addition, the company offers a generous 60-day return policy for users. The customer service team aims to ensure that they can process refunds or replacements for items, even if a customer's account has been deleted.

50. In order to optimize expenses, the Engineering Director has mandated that all developers migrate their development infrastructure resources from on-premises virtual machines (VMs) to Google Cloud. These resources undergo frequent start/stop events throughout the day and need to maintain their state. Your task is to devise a plan for running the development environment on Google Cloud while ensuring the finance department has clear visibility into the costs. Which two steps should you follow? (Choose two)