Brief Summary
This video provides a comprehensive set of real exam question answers for the Google Cloud Digital Leader certification exam. It covers topics such as data security, data visualisation, cloud migration, cost optimisation, site reliability engineering, and various Google Cloud products and services. The video aims to help viewers understand key concepts and best practices for using Google Cloud effectively.
- Data security and permissions management using Cloud Identity and Access Management (IAM).
- Utilising data visualisation tools like Data Lab and Data Studio.
- Cost-effective cloud migration strategies and resource management.
- Understanding site reliability engineering (SRE) principles and practices.
- Leveraging various Google Cloud products for specific use cases.
Introduction
The video introduces a set of real exam question answers for the Google Cloud Digital Leader certification. It encourages viewers to subscribe to the channel and provides a link to download the question answers in PDF format from shaping pixel.com.
Question 1: Controlling Permissions
A company uses Google Cloud to store secure customer data, and the data security manager needs to control user permissions. The correct approach is to assign roles using Cloud Identity, which allows managing and authorising user accounts across applications and projects. User access lists are for customising access to specific objects, and authentications are included within roles. Resources refer to folders and projects, not user permissions.
Question 2: Exploring and Visualising Data
To explore and visualise data in Google Cloud, the appropriate tools are Data Lab and Data Studio. Data Lab allows interactive exploration, visualisation, analysis, and transformation using Python and SQL. Data Studio enables creating data stories with various charts and graphs. Cloud Firestore is a NoSQL database, and Data Proc is for processing and analysing data, not primarily for visualisation.
Question 3: Migrating Workloads to the Cloud
When migrating workloads to the cloud to serve customers worldwide while adhering to local data storage regulations, the best approach is to select a public cloud provider that guarantees data location in the required geographic area. Public clouds offer on-demand computing services, including compute and storage, over the public internet.
Question 4: Application Modernisation
When deciding between Migrate for Compute Engine and Migrate for Anthos for application modernisation, the key difference is that Migrate for Anthos migrates to containers, while Migrate for Compute Engine migrates to virtual machines. Migrate for Compute Engine does not charge for ingress traffic. Migrate for Anthos does not require manual operating system upgrades because it is a containerised system.
Question 5: Cost-Effective Computing Power
For an organisation needing a large amount of extra computing power for only two weeks, the most cost-effective approach is to start a powerful virtual machine without using a committed use discount. Committed use contracts require committing to pay for resources for one to three years, which is not suitable for short-term needs.
Question 6: Reducing BigQuery Costs
Operations in BigQuery that reduce the total cost of ownership include queries retrieving results from the cache, batch loading data from local files, and running a query on an external data source. Customers are not charged for these operations. Using Google Pi Quarry charges for the amount of data processed.
Question 7: Planning Cloud Infrastructure Expenditures
To plan cloud infrastructure expenditures, an organisation should review cloud resource costs frequently because costs change often based on use. Financial governance and the variable nature of cloud resources require ongoing monitoring and control.
Question 8: Software Developer's Contribution to SRE
A software developer can contribute to site reliability engineering by focusing on implementing automation. SRE teams hire software engineers to automate tasks traditionally performed manually by system administrators.
Question 9: Identifying Virtual Machine Security Vulnerabilities
To identify virtual machines with security vulnerabilities, use the Security Command Centre to identify virtual machines running vulnerable disk images. The Security Command Centre provides centralised visibility and control over Google Cloud assets.
Question 10: Connecting and Managing IoT Devices
To securely connect and manage IoT devices, use IoT Core, a fully managed service that allows connecting to and managing IoT devices securely. Traffic Director helps deploy global load balancing, and IoT Hub and IoT Portal are not Google Cloud products.
Question 11: Optimising Windows Server License Costs
To optimise Windows Server license costs for workloads only needed during working hours, migrate the workloads to Compute Engine with the bring your own license model. This allows using existing licenses on compliant hardware configurations.
Question 12: Google Cloud Service for Time-Restricted Project
For a time-restricted project requiring developers to be free from infrastructure management and needing data integration, cleaning, and transformation, Cloud Data Fusion is the best choice. It is a fully managed service for building and managing data pipelines.
Question 13: Locating Virtual Machines for Fast Communication
To achieve redundancy and extremely fast communication between virtual machines, locate them in multiple regions using multiple zones per region. A multi-region architecture provides higher availability.
Question 14: Cloud Offerings for BFSI Industry
For a client in the BFSI industry requiring complete control of data, operating system, run times, and middleware, Infrastructure as a Service (IaaS) is the most suitable cloud offering. IaaS provides complete control over these elements.
Question 15: Public Cloud Provider Ownership
In a public cloud environment, the public cloud provider owns hardware maintenance and hardware capacity management. The customer is responsible for other functions.
Question 16: Disaster Recovery Pattern for Banking Company
For a banking company designing a disaster recovery plan for historical compliance-oriented data where speedy access is not a requirement, a cold disaster recovery pattern is appropriate. This pattern involves setting up the infrastructure rapidly in case of a disaster.
Question 17: Cost-Optimised Rendering Software on Google Cloud
To run rendering software on Google Cloud in a cost-optimised way, deploy the application on Compute Engine using preemptible instances. Preemptible instances offer a significant discount but can be stopped if Compute Engine needs the capacity.
Question 18: Cloud Deployment Models for Global Insurance Company
For a global insurance company requiring customer data with client-identifying data to be stored on-premises and other data on the public cloud, a hybrid cloud deployment model is the most appropriate. This model combines public cloud and on-premises resources.
Question 19: Restricting Virtual Machine Communication
To restrict all virtual machines from having an external IP address, define an organisation policy at the root organisation node. This provides centralised control over all resources.
Question 20: Data Storage and Processing on Google Cloud
Before migrating customer credit card data to Google Cloud, an organisation should learn more about the privacy aspects of the Google Cloud platform. The organisation retains control of the data and can control who has access to it.
Question 21: Managing Mission-Critical Workloads
To manage mission-critical workloads consistently and centrally while stopping infrastructure management, migrate the workloads to a public cloud. This provides centralised management and reduces the need for infrastructure management.
Question 22: Cloud Build Deployment Services
Cloud Build can deploy to Kubernetes, App Engine, and Cloud Functions. It performs deployments using command-line tools as part of a continuous deployment pipeline.
Question 23: Secure Data Processing
To process data both on-premises and in the cloud without sending sensitive data over the public internet, order a partner interconnect connection with your network provider. This allows passing traffic between networks using the service provider's network.
Question 24: Application-Level Monitoring
To configure application-level monitoring and monitor service level objectives (SLOs), use Cloud Monitoring. It provides visibility into application and infrastructure performance and allows creating custom dashboards and alerts.
Question 25: Storage Location for Application Images
To select a storage location for application images after the CI part of a pipeline has built them, store the images in Container Registry. Pushing and pulling images are common tasks in Container Registry.
Question 26: Support Plans for E-Retail Website
For an e-retail website needing responses to Priority One cases in one hour while maintaining cost control, the enhanced support plan is the most appropriate choice. It includes a one-hour response time for P1 cases.
Question 27: Choosing a Service Model
SaaS is the right choice of service model when you want to minimise the level of management by the customer. It offloads all infrastructure and application management to the SaaS vendor.
Question 28: Benefits of Apigee
The benefits of Apigee include the ability to predict API traffic patterns, modernise legacy services via restful interfaces, and record and analyse business metrics. Apigee allows users to predict API traffic patterns through metrics and modernise legacy services by packaging them as APIs.
Question 29: Faster Application Deployments
To make application deployments faster when VM-based application upgrades take a long time due to OS boot times, convert the applications into containers. This eliminates the OS boot time problem.
Question 30: Google Infrastructure Security Layers
The Google infrastructure security layer that provides denial-of-service protection is internet communication. Google front end and denial-of-service protection are provided at this layer.
Question 31: Authenticating Users with Active Directory
To remove Google account access when an active directory account is terminated, configure single sign-on (SSO) in the Google domain. SSO allows logging in with a single ID and password to different systems.
Question 32: Storage Configurations for Documentary Film Editing
For content editors in New York and London needing to collaborate on editing projects with a maximum video availability time of 15 minutes, use dual-region storage with turbo replication. Turbo replication allows asynchronously replicating cloud storage objects to a separate region within 15 minutes.
Question 33: Reducing Overhead in Infrastructure Management
To reduce overhead in infrastructure management and keep costs low without sacrificing security and quality of service after acquiring three startups, host all subsidiaries' services together with existing services on the public cloud.
Question 34: Migrating Data to Google Cloud
To migrate over 1 TB of data from a private data centre to the cloud within 1 to 2 days, use Storage Transfer Service. It allows migrating data from a private data centre to Google Cloud with optimised network bandwidth.
Question 35: Standard vs. Coldline Storage
Coldline storage is for infrequently accessed data. The categorisation is based on how frequently data is accessed.
Question 36: Storage Option for Infrequently Accessed Data
To store infrequently accessed data older than 30 days, use Coldline storage. It is best suited for data that is planned to be read or modified at most once per quarter.
Question 37: Unlimited Availability of Computing Resources
A public cloud provides nearly unlimited availability of computing resources without requiring your organisation to procure and provision new equipment.
Question 38: Defining a Private Cloud
A private cloud is a collection of resources that are not shared with the general public.
Question 39: Computing Resource for Event-Driven Application
For an event-driven application needing automatic infrastructure management and scaling to zero when there is no activity, Cloud Functions is the primary compute resource to select.
Question 40: Optimising Google Cloud Spend
To provide a management committee with an at-a-glance overview of monthly costs and savings, use cost breakdown reports.
Question 41: Database for Worldwide High-Speed Data Storage
For worldwide high-speed data storage of a large amount of unstructured data from millions of sensors, choose Cloud Bigtable.
Question 42: Fully Managed Google Cloud Storage Solution
For a global packaging and printing company needing a fully managed Google Cloud Storage solution with web content management, file sharing, media processing, and data analysis capabilities, use Filestore.
Question 43: Managed Service for Streaming Data Pipelines
To build streaming data pipelines without managing individual servers and with automatic scaling, choose Dataflow.
Question 44: Organizational Transformation with Cloud Technology
When an organisation adopts cloud technology to create new ways of communicating and collaborating for its customers, employees, and stakeholders, it results in organisational transformation.
Question 45: Automating Build, Testing, and Deployment
To automate build, testing, and deployment processes using a Google Cloud managed solution, use Cloud Build.
Question 46: Cost Benefit for Adopting Cloud Native Architecture
A major cost benefit of adopting cloud-native architecture is managed services with high operational savings.
Question 47: Centralised Security and Risk Management
To gain centralised visibility and control, discover misconfigurations and vulnerabilities, and detect threats targeting Google Cloud assets, use Security Command Centre.
Question 48: Hierarchically Organise and Group Resources
To hierarchically organise and group resources, manage access control, and configuration settings for container resources, use Resource Manager API.
Question 49: Establishing Private Network Connectivity
To establish private network connectivity between an on-premises network and workloads running in Google Cloud as soon as possible, use Cloud VPN.
Question 50: Detection and Classification of Stored Sensitive Data
To detect and classify stored sensitive data, use Cloud Data Loss Prevention (DLP).
Question 51: Fully Featured Cloud-Based Compute Platform
For a fully featured cloud-based compute platform for a mobile app, use Firebase.
Question 52: Database for Global Multiplayer Game
For a global multiplayer game needing a database that can constantly capture player statistics and return consistent rankings, choose Cloud Spanner.
Question 53: Maintaining Custom Images
To maintain custom images when migrating from a shared facility to Google Cloud, use Compute Engine.
Question 54: Scalable, Secure, and Serverless Document Database
For a news media chain needing a scalable, secure, and serverless document database with a powerful query engine, use Firestore.
Question 55: Migrating Data Management Solutions
To dynamically scale up or down and run transactional SQL queries against historical data, use Cloud Spanner.
Question 56: Responsibilities of Customers Using Public Cloud
Customers using the public cloud are always responsible for web client protection and data protection.
Question 57: Categorising Objects in Static Images
To categorise objects in a large group of static images using machine learning, use Cloud Vision API.
Question 58: Ensuring Integrity of Logs
To ensure the integrity of logs, implement log versioning on log buckets in Cloud Storage and copy the logs to another project with a different owner.
Question 59: Reducing Risk of Handling Personal Identifiable Information
To reduce the risk of handling personal identifiable information, use Cloud Data Loss Prevention.
Question 60: Segregating Service Level Resources
To segregate service level resources such as compute, storage, and networking resources being used by various projects, use projects.
Question 61: Migrating Data from On-Premises to Cloud Storage
To move terabytes of data from on-premises file servers to Cloud Storage using an existing dedicated interconnect connection, use Storage Transfer Service.
Question 62: Network Connectivity with Google Cloud
To allow encrypted traffic to Google Cloud and have higher throughput, use Cloud Interconnect.
Question 63: Data Analytics Warehouse
To pay only for the data you store and the queries you perform for data analytics, use BigQuery.
Question 64: Solution for New Application Development
For developers to focus on writing code, with zero configuration deployment, scalable service, and security, use App Engine.
Question 65: Running Container-Based Application
To run a container-based application with fine-grained control of traffic and scaling policies, use Google Kubernetes Engine (GKE).
Question 66: Compute Service for Image Data
To process and serve a large amount of image data in Cloud Storage without infrastructure management, use Cloud Run.
Question 67: Recommendations Based on Security Risks
To get specific recommendations based on security risks and compliance violations, use Security Command Centre.
Question 68: Scenarios Not Suitable for Content Delivery Network
A CDN is not suitable for a website for a small construction company located in the United States and a family history website with only a few visitors annually.
Question 69: Consistent Platform for Multicloud Application Deployments
To provide a consistent platform for multicloud application deployments and extend Google Cloud services to your organisation's environment, use Anthos.
Question 70: Protecting Website from Bots
To protect a website from bots and ensure it is being accessed only by human users, use reCAPTCHA Enterprise.
Question 71: Economical Solution to Store Data
For an economical solution to store data such as files, graphical images, and videos, and to access and share them securely, use Cloud Storage.
Question 72: Cloud Computing Model for New Service
To help developers create a new service while freeing them of infrastructure and management tasks, use serverless computing.
Question 73: Machine Learning Model for Website Visitors
To build a machine learning model to predict the behaviour of visitors to a public website using database skills, use BigQuery ML.
Question 74: Cloud Computing Concepts
Elasticity refers to increasing or decreasing compute resources based on demand.
Question 75: Migrating Database to Cloud SQL
To migrate an application's working database from another cloud provider to Cloud SQL with minimal disruption and secure data transit, use Database Migration Service.
Question 76: Workloads in Development Environment
To ensure that workloads in the development environment are fully isolated from production, put the development resources in their own project.
Question 77: Modernise Workloads
To modernise workloads as much as possible by adopting Cloud Native Technologies, migrate the workloads using Migrate for Anthos.
Question 78: Move to Google Cloud
To move to Google Cloud as quickly as possible with minimal changes to the current environment while using the maximum amount of managed Services Google offers, migrate the workloads to Compute Engine.
Question 79: Set Up Support
To set up support to minimise costs, enroll in enhanced support.
Question 80: Checking and Maintaining User Names and Passwords
To check and maintain user names and passwords and control their access to different resources based on their identity, choose Identity Platform.
Question 81: Build Machine Learning Models
To build machine learning models using standard SQL and data in a data warehouse, use BigQuery ML.
Question 82: Control the Cost
To control the cost to run this application, leverage sustained use discounts for your virtual machines.
Question 83: Configuring Google Cloud Environment
When initially configuring your Google Cloud environment, define your resource hierarchy with an organisation node on top.
Question 84: Optimize its Cost
To optimise its cost, turn on committed use discount sharing and create a commitment for the combined usage.
Question 85: Consider Security and Privacy Regulation
To ensure that it is in compliance with global standards, comply with data security and privacy regulations in each geographical region.
Question 86: Optimize its Use
To optimise its use of Google Cloud's discounts on virtual machine based workloads, choose three-year committed use discount for 200 CPUs.
Question 87: Minimize How Much It Pays
To minimise how much it pays for data traffic from the Google Network to the internet, choose the standard network service tire.
Question 88: Migrate Your On-Premises Environment
To migrate the container images and the virtual machine discs, use Artifact Registry and Cloud Storage.
Question 89: Access Control to Production Systems
To manage Access Control to production systems, assign the proper role to the Google group in the Project's IAM policy.
Question 90: Gain Greater Visibility
To gain greater visibility into its Cloud resource costs, use building dashboards and resource labels.
Question 91: Process Large Amounts of Data
To process large amounts of data from an online application that operates continuously, use Dataflow.
Question 92: Ensure That the Google Cloud Resources
To ensure that the Google Cloud resources of each of your departments are segregated from one another, create a folder per department and create a project per environment in each folder.
Question 93: Defining the Resource Hierarchy
To define the resource hierarchy for its new application in Google Cloud, create one project for the development environment and one project for the production environment.
Question 94: Accidentally Purchased a One-Year Committed Ed Discount
To resolve this issue, contact Cloud building support.
Question 95: Access to a BigQuery Data Set
To allow a production job to have access to a BigQuery data set, include the compute engine service account in the IAM policy on the BigQuery data set.
Question 96: How Do Migrate for Compute Engine and Migrate for Anthos Differ
Migrate for Anthos migrates to containers and Migrate for Compute Engine migrates to Virtual machines.
Question 97: Provision Google Accounts and Groups
To provision Google accounts and groups to access Google Cloud resources, use Google Cloud directory sync to create users.
Question 98: Control Costs
To control costs, review Cloud resources cost frequently because cost depend on usage.
Question 99: How Will the Prediction Be Impacted
The prediction will be impacted by increased risk of inaccuracy.
Question 100: Google Cloud Product
To manage payments and online bank accounts in multiple regions, choose Cloud Spanner.
Question 101: Relational Database
They can store product inventory in a relational database without any processing.
Question 102: Public Cloud
A public Cloud is a better option than an on premises solution because it is cost effective at scale.
Question 103: Cloud Native Application
They should build a cloud native application instead of modernizing their existing on premises application because developers can launch new features in an agile way.
Question 104: Computer Operating Systems
A hypervisor allows organizations to run multiple computer operating systems on a single piece of physical hardware.
Question 105: Strategic Change to Customer Support
The organization is making this change because users expect always on service.
Question 106: Customer Reservation Data
A large Hotel chain benefit from storing their customer reservation data in the cloud because of
