Google Professional Cloud Architect Google Certified Professional – Cloud Architect (GCP) Online Training
Google Professional Cloud Architect Online Training
The questions for Professional Cloud Architect were last updated at Apr 26,2025.
- Exam Code: Professional Cloud Architect
- Exam Name: Google Certified Professional – Cloud Architect (GCP)
- Certification Provider: Google
- Latest update: Apr 26,2025
For this question, refer to the Dress4Win case study.
You want to ensure Dress4Win’s sales and tax records remain available for infrequent viewing by auditors for at least 10 years. Cost optimization is your top priority .
Which cloud services should you choose?
- A . Google Cloud Storage Coldline to store the data, and gsutil to access the data.
- B . Google Cloud Storage Nearline to store the data, and gsutil to access the data.
- C . Google Bigtabte with US or EU as location to store the data, and gcloud to access the data.
- D . BigQuery to store the data, and a web server cluster in a managed instance group to access the data. Google Cloud SQL mirrored across two distinct regions to store the data, and a Redis cluster in a managed instance group to access the data.
For this question, refer to the Dress4Win case study.
Dress4Win would like to become familiar with deploying applications to the cloud by successfully deploying some applications quickly, as is. They have asked for your recommendation .
What should you advise?
- A . Identify self-contained applications with external dependencies as a first move to the cloud.
- B . Identify enterprise applications with internal dependencies and recommend these as a first move to the cloud.
- C . Suggest moving their in-house databases to the cloud and continue serving requests to on-premise applications.
- D . Recommend moving their message queuing servers to the cloud and continue handling requests to on-premise applications.
For this question, refer to the Dress4Win case study.
The Dress4Win security team has disabled external SSH access into production virtual machines (VMs) on Google Cloud Platform (GCP). The operations team needs to remotely manage the VMs, build and push Docker containers, and manage Google Cloud Storage objects .
What can they do?
- A . Grant the operations engineers access to use Google Cloud Shell.
- B . Configure a VPN connection to GCP to allow SSH access to the cloud VMs.
- C . Develop a new access request process that grants temporary SSH access to cloud VMs when an operations engineer needs to perform a task.
- D . Have the development team build an API service that allows the operations team to execute specific remote procedure calls to accomplish their tasks.
For this question, refer to the Dress4Win case study.
Dress4Win has asked you for advice on how to migrate their on-premises MySQL
deployment to the cloud. They want to minimize downtime and performance impact to their on-premises solution during the migration .
Which approach should you recommend?
- A . Create a dump of the on-premises MySQL master server, and then shut it down, upload it to the cloud environment, and load into a new MySQL cluster.
- B . Setup a MySQL replica server/slave in the cloud environment, and configure it for asynchronous replication from the MySQL master server on-premises until cutover.
- C . Create a new MySQL cluster in the cloud, configure applications to begin writing to both on-premises and cloud MySQL masters, and destroy the original cluster at cutover.
- D . Create a dump of the MySQL replica server into the cloud environment, load it into: Google Cloud Datastore, and configure applications to read/write to Cloud Datastore at cutover.
For this question, refer to the Dress4Win case study.
Dress4Win has end-to-end tests covering 100% of their endpoints. They want to ensure that the move to the cloud does not introduce any new bugs .
Which additional testing methods should the developers employ to prevent an outage?
- A . They should enable Google Stackdriver Debugger on the application code to show errors in the code.
- B . They should add additional unit tests and production scale load tests on their cloud staging environment.
- C . They should run the end-to-end tests in the cloud staging environment to determine if the code is working as intended.
- D . They should add canary tests so developers can measure how much of an impact the new release causes to latency.
Topic 5, Misc Questions
Your company has a Google Cloud project that uses BigQuery for data warehousing They
have a VPN tunnel between the on-premises environment and Google Cloud that is configured with Cloud VPN. The security team wants to avoid data exfiltration by malicious insiders, compromised code, and accidental oversharing .
What should they do?
- A . Configure Private Google Access for on-premises only.
- B . Perform the following tasks:
1) Create a service account.
2) Give the BigQuery JobUser role and Storage Reader role to the service account.
3) Remove all other IAM access from the project. - C . Configure VPC Service Controls and configure Private Google Access.
- D . Configure Private Google Access.
You need to develop procedures to verify resilience of disaster recovery for remote recovery using GCP. Your production environment is hosted on-premises. You need to establish a secure, redundant connection between your on premises network and the GCP network.
What should you do?
- A . Verify that Dedicated Interconnect can replicate files to GCP. Verify that direct peering can establish a
secure connection between your networks if Dedicated Interconnect fails. - B . Verify that Dedicated Interconnect can replicate files to GCP. Verify that Cloud VPN can establish a secure connection between your networks if Dedicated Interconnect fails.
- C . Verify that the Transfer Appliance can replicate files to GCP. Verify that direct peering can establish a
secure connection between your networks if the Transfer Appliance fails. - D . Verify that the Transfer Appliance can replicate files to GCP. Verify that Cloud VPN can establish a secure connection between your networks if the Transfer Appliance fails.
You are developing an application using different microservices that should remain internal to the cluster. You want to be able to configure each microservice with a specific number of replicas. You also want to be able to address a specific microservice from any other microservice in a uniform way, regardless of the number of replicas the microservice scales to. You need to implement this solution on Google Kubernetes Engine .
What should you do?
- A . Deploy each microservice as a Deployment. Expose the Deployment in the cluster using a Service, and use the Service DNS name to address it from other microservices within the cluster.
- B . Deploy each microservice as a Deployment. Expose the Deployment in the cluster using an Ingress, and use the Ingress IP address to address the Deployment from other microservices within the cluster.
- C . Deploy each microservice as a Pod. Expose the Pod in the cluster using a Service, and use the Service DNS name to address the microservice from other microservices within the cluster.
- D . Deploy each microservice as a Pod. Expose the Pod in the cluster using an Ingress, and use the Ingress IP address name to address the Pod from other microservices within the cluster.
You have deployed several instances on Compute Engine. As a security requirement, instances cannot have a public IP address. There is no VPN connection between Google Cloud and your office, and you need to connect via SSH into a specific machine without violating the security requirements .
What should you do?
- A . Configure Cloud NAT on the subnet where the instance is hosted. Create an SSH connection to the Cloud NAT IP address to reach the instance.
- B . Add all instances to an unmanaged instance group. Configure TCP Proxy Load Balancing with the instance group as a backend. Connect to the instance using the TCP Proxy IP.
- C . Configure Identity-Aware Proxy (IAP) for the instance and ensure that you have the role of IAP-secured Tunnel User. Use the gcloud command line tool to ssh into the instance.
- D . Create a bastion host in the network to SSH into the bastion host from your office location. From the bastion host, SSH into the desired instance.
You need to reduce the number of unplanned rollbacks of erroneous production deployments in your company’s web hosting platform. Improvement to the QA/Test processes accomplished an 80% reduction .
Which additional two approaches can you take to further reduce the rollbacks? Choose 2 answers
- A . Introduce a green-blue deployment model.
- B . Replace the QA environment with canary releases.
- C . Fragment the monolithic platform into microservices.
- D . Reduce the platform’s dependency on relational database systems.
- E . Replace the platform’s relational database systems with a NoSQL database.
Latest Professional Cloud Architect Dumps Valid Version with 168 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
