Question 1

You have a storage bucket that contains the following objects:

- folder-a/image-a-1.jpg

- folder-a/image-a-2.jpg

- folder-b/image-b-1.jpg

- folder-b/image-b-2.jpg

Cloud CDN is enabled on the storage bucket, and all four objects have been successfully cached. You want to

remove the cached copies of all the objects with the prefix folder-a, using the minimum number of commands.

What should you do?

Options :

A : Add an appropriate lifecycle rule on the storage bucket.

B : Issue a cache invalidation command with pattern /folder-a/*.

C : Make sure that all the objects with prefix folder-a are not shared publicly.

D :

Disable Cloud CDN on the storage bucket. Wait 90 seconds. Re-enable Cloud CDN on the storage bucket.

Answer: B

Question 2

You have deployed a proof-of-concept application by manually placing instances in a single Compute Engine

zone. You are now moving the application to production, so you need to increase your application availability

and ensure it can autoscale.

How should you provision your instances?

Options :

A : Create a single managed instance group, specify the desired region, and select Multiple zones for the location

B : Create a managed instance group for each region, select Single zone for the location, and manually distribute instances across the zones in that region.

C : Create an unmanaged instance group in a single zone, and then create an HTTP load balancer for the instance group

D : Create an unmanaged instance group for each zone, and manually distribute the instances across the desired zones.

Answer: A

Question 3

You have the following firewall ruleset applied to all instances in your Virtual Private Cloud (VPC):

You are using a new user account. You must assign the appropriate identity and Access Management (IAM) user roles to this new user account before updating the firewall rule. The new user account must be able to apply the update and view firewall logs. What should you do?

Options :

A : Assign the compute.securityAdmin and logging.viewer rule to the new user account. Apply the new firewall rule with a priority of 50.

B : Assign the compute.securityAdmin and logging.bucketWriter role to the new user account. Apply the new firewall rule with a priority of 150.

C : Assign the compute.orgSecurityPolicyAdmin and logging.viewer role to the new user account. Apply the new firewall rule with a priority of 50.

D : Assign the compute.orgSecurityPolicyAdmin and logging.bucketWriter role to the new user account. Apply the new firewall rule with a priority of 150.

Answer: A

Question 4

You have applications running in the us-west1 and us-east1 regions. You want to build a highly available VPN that provides 99.99% availability to connect your applications from your project to the cloud services provided by your partners project while minimizing the amount of infrastructure required Your partners services are also in the us-west1 and us-east1 regions. You want to implement the simplest solution. What should you do?

Options :

A : Create one Cloud Router and one HA VPN gateway in each region of your VPC and your partners VPC. Connect your VPN gateways to the partners gateways. Enable global dynamic routing in each VPC.

B : Create one Cloud Router and one HA VPN gateway in the us-west1 region of your VPC. Create one OpenVPN Access Server in each region of your partner-s VPC. Conned your VPN gateway to your partner-s servers.

C : Create one OpenVPN Access Server in each region of your VPC and your partners VPC. Connect your servers to the partner-s servers.

D : Create one Cloud Router and one HA VPN gateway in the us-west1 region of your VPC and your partners VPC. Connect your VPN gateways to the partners gateways with a pair of tunnels Enable global dynamic routing in each VPC

Answer: A

Question 5

You have recently been put in charge of managing identity and access management for your organization. You

have several projects and want to use scripting and automation wherever possible. You want to grant the editor

role to a project member.

Which two methods can you use to accomplish this? (Choose two.)

Options :

A : GetIamPolicy() via REST API

B : setIamPolicy() via REST API

C : gcloud pubsub add-iam-policy-binding Sprojectname --member user:Susername --role roles/editor

D : gcloud projects add-iam-policy-binding Sprojectname --member user:Susername --role roles/editor

E :

Enter an email address in the Add members field, and select the desired role from the drop-down menu in the GCP Console.

Answer: D,E

Smartly Prepare Exam with Free Online Professional-Cloud-Network-Engineer Practice Test

Buying Options: