You have successfully created a development environment in a project for an application. This application uses Compute Engine and Cloud SQL. Now, you need to create a production environment for this application.
The security team has forbidden the existence of network routes between these 2 environments, and asks you to follow Google-recommended practices. What should you do?

• A.Create a new production subnet in the existing VPC and a new production Cloud SQL instance in your existing project, and deploy your application using those resources.
• B.Ask the security team to grant you the Project Editor role in an existing production project used by another division of your company. Once they grant you that role, replicate the setup you have in the development environment in that project.
• C.Create a new project, enable the Compute Engine and Cloud SQL APIs in that project, and replicate the setup you have created in the development environment.
• D.Create a new project, modify your existing VPC to be a Shared VPC, share that VPC with your new project, and replicate the setup you have in the development environment in that new project, in the Shared VPC.

Comment: *

Name: *

Email: *

Verification: *

You have downloaded and installed the gcloud command line interface (CLI) and have authenticated with your Google Account. Most of your Compute Engine instances in your project run in the europe-west1-d zone. You want to avoid having to specify this zone with each CLI command when managing these instances. What should you do?

• A.Set the europe-west1-d zone as the default zone using the gcloud config subcommand.
• B.In the Settings page for Compute Engine under Default location, set the zone to europe-west1-d.
• C.In the CLI installation directory, create a file called default.conf containing zone=europe-west1-d.
• D.Create a Metadata entry on the Compute Engine page with key compute/zone and value europe- west1-d

Comment: *

Name: *

Email: *

Verification: *

You have an application that looks for its licensing server on the IP 10.0.3.21. You need to deploy the licensing server on Compute Engine. You do not want to change the configuration of the application and want the application to be able to reach the licensing server. What should you do?

• A.Start the licensing server with an automatic ephemeral IP address, and then promote it to a static internal IP address.
• B.Reserve the IP 10.0.3.21 as a static internal IP address using gcloud and assign it to the licensing server.
• C.Reserve the IP 10.0.3.21 as a static public IP address using gcloud and assign it to the licensing server.
• D.Use the IP 10.0.3.21 as a custom ephemeral IP address and assign it to the licensing server.

Comment: *

Name: *

Email: *

Verification: *

An application generates daily reports in a Compute Engine virtual machine (VM). The VM is in the project corp-iot-insights. Your team operates only in the project corp-aggregate-reports and needs a copy of the daily exports in the bucket corp-aggregate-reports-storage. You want to configure access so that the daily reports from the VM are available in the bucket corp-aggregate-reports-storage and use as few steps as possible while following Google-recommended practices. What should you do?

• A.Move both projects under the same folder.
• B.Grant the VM Service Account the role Storage Object Creator on corp-aggregate-reports-storage.
• C.Create a Shared VPC network between both projects. Grant the VM Service Account the role Storage Object Creator on corp-iot-insights.
• D.Make corp-aggregate-reports-storage public and create a folder with a pseudo-randomized suffix name. Share the folder with the IoT team.

Comment: *

Name: *

Email: *

Verification: *

Every employee of your company has a Google account. Your operational team needs to manage a large number of instances on Compute Engine. Each member of this team needs only administrative access to the servers. Your security team wants to ensure that the deployment of credentials is operationally efficient and must be able to determine who accessed a given instance. What should you do?

• A.Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key in the metadata of each instance.
• B.Ask each member of the team to generate a new SSH key pair and to send you their public key. Use a configuration management tool to deploy those keys on each instance.
• C.Ask each member of the team to generate a new SSH key pair and to add the public key to their Google account. Grant the "compute.osAdminLogin" role to the Google group corresponding to this team.
• D.Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key as a project-wide public SSH key in your Cloud Platform project and allow project-wide public SSH keys on each instance.

Comment: *

Name: *

Email: *

Verification: *