Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Google
  3. Google Associate Cloud Engineer

Google Google Associate Cloud Engineer Exam (page: 8)
Google Associate Cloud Engineer
Updated on: 25-Dec-2025

Viewing Page 8 of 59
Google Associate Cloud Engineer PDF 343 Questions

You have one project called proj-sa where you manage all your service accounts. You want to be able to use a service account from this project to take snapshots of VMs running in another project called proj-vm.
What should you do?

  1. Download the private key from the service account, and add it to each VMs custom metadata.
  2. Download the private key from the service account, and add the private key to each VM's SSH keys.
  3. Grant the service account the IAM Role of Compute Storage Admin in the project called proj-vm.
  4. When creating the VMs, set the service account's API scope for Compute Engine to read/write.

Answer(s): C

Explanation:

https://gtseres.medium.com/using-service-accounts-across-projects-in-gcp-cf9473fef8f0

You create the service account in proj-sa and take note of the service account email, then you go to proj-vm in IAM > ADD and add the service account's email as new member and give it the Compute Storage Admin role.

https://cloud.google.com/compute/docs/access/iam#compute.storageAdmin



You created a Google Cloud Platform project with an App Engine application inside the project. You initially configured the application to be served from the us-central region. Now you want the application to be served from the asia-northeast1 region.
What should you do?

  1. Change the default region property setting in the existing GCP project to asia-northeast1.
  2. Change the region property setting in the existing App Engine application from us-central to asia- northeast1.
  3. Create a second App Engine application in the existing GCP project and specify asia-northeast1 as the region to serve your application.
  4. Create a new GCP project and create an App Engine application inside this new project. Specify asia-northeast1 as the region to serve your application.

Answer(s): D

Explanation:

https://cloud.google.com/appengine/docs/flexible/managing-projects-apps- billing#:~:text=Each%20Cloud%20project%20can%20contain%20only%20a%20single%20App%20Eng ine%20application%2C%20and%20once%20created%20you%20cannot%20change%20the%20locatio n%20of%20your%20App%20Engine%20application.

Two App engine can't be running on the same project: you can check this easy diagram for more info:
https://cloud.google.com/appengine/docs/standard/an-overview-of-app- engine#components_of_an_application
And you can't change location after setting it for your app Engine. https://cloud.google.com/appengine/docs/standard/locations

App Engine is regional and you cannot change an apps region after you set it. Therefore, the only way to have an app run in another region is by creating a new project and targeting the app engine to run in the required region (asia-northeast1 in our case).

Ref: https://cloud.google.com/appengine/docs/locations



You need to grant access for three users so that they can view and edit table data on a Cloud Spanner instance.
What should you do?

  1. Run gcloud iam roles describe roles/spanner.databaseUser. Add the users to the role.
  2. Run gcloud iam roles describe roles/spanner.databaseUser. Add the users to a new group. Add the group to the role.
  3. Run gcloud iam roles describe roles/spanner.viewer --project my-project. Add the users to the role.
  4. Run gcloud iam roles describe roles/spanner.viewer --project my-project. Add the users to a new group. Add the group to the role.

Answer(s): B

Explanation:

https://cloud.google.com/spanner/docs/iam#spanner.databaseUser Using the gcloud tool, execute the gcloud iam roles describe roles/spanner.databaseUser command on Cloud Shell. Attach the users to a newly created Google group and add the group to the role.



You create a new Google Kubernetes Engine (GKE) cluster and want to make sure that it always runs a supported and stable version of Kubernetes.
What should you do?

  1. Enable the Node Auto-Repair feature for your GKE cluster.
  2. Enable the Node Auto-Upgrades feature for your GKE cluster.
  3. Select the latest available cluster version for your GKE cluster.
  4. Select "Container-Optimized OS (cos)" as a node image for your GKE cluster.

Answer(s): B

Explanation:

Creating or upgrading a cluster by specifying the version as latest does not provide automatic upgrades. Enable node auto-upgrades to ensure that the nodes in your cluster are up-to-date with the latest stable version.

https://cloud.google.com/kubernetes-engine/versioning-and-upgrades

Node auto-upgrades help you keep the nodes in your cluster up to date with the cluster master version when your master is updated on your behalf.
When you create a new cluster or node pool with Google Cloud Console or the gcloud command, node auto-upgrade is enabled by default. Ref: https://cloud.google.com/kubernetes-engine/docs/how-to/node-auto-upgrades



You have an instance group that you want to load balance. You want the load balancer to terminate the client SSL session. The instance group is used to serve a public web application over HTTPS. You want to follow Google-recommended practices.
What should you do?

  1. Configure an HTTP(S) load balancer.
  2. Configure an internal TCP load balancer.
  3. Configure an external SSL proxy load balancer.
  4. Configure an external TCP proxy load balancer.

Answer(s): A


Reference:

https://cloud.google.com/load-balancing/docs/https/ According to this guide for setting up an HTTP (S) load balancer in GCP: The client SSL session terminates at the load balancer. Sessions between the load balancer and the instance can either be HTTPS (recommended) or HTTP.
https://cloud.google.com/load-balancing/docs/ssl



Viewing Page 8 of 59



Share your comments for Google Google Associate Cloud Engineer exam with other users:

Muhammad Rawish Siddiqui 12/3/2023 12:11:00 PM

question # 56, answer is true not false.
SAUDI ARABIA


Amaresh Vashishtha 8/27/2023 1:33:00 AM

i would be requiring dumps to prepare for certification exam
Anonymous


Asad 9/8/2023 1:01:00 AM

very helpful
PAKISTAN


Blessious Phiri 8/13/2023 3:10:00 PM

control file is the heart of rman backup
Anonymous


Senthil 9/19/2023 5:47:00 AM

hi could you please upload the ibm c2090-543 dumps
Anonymous


Harry 6/27/2023 7:20:00 AM

appriciate if you could upload this again
AUSTRALIA


Anonymous 7/10/2023 4:10:00 AM

please upload the dump
SWEDEN


Raja 6/20/2023 5:30:00 AM

i found some questions answers mismatch with explanation answers. please properly update
UNITED STATES


Doora 11/30/2023 4:20:00 AM

nothing to mention
Anonymous


deally 1/19/2024 3:41:00 PM

knowable questions
UNITED STATES


Sonia 7/23/2023 4:03:00 PM

very helpfull
UNITED STATES


binEY 10/6/2023 5:15:00 AM

good questions
Anonymous


Neha 9/28/2023 1:58:00 PM

its helpful
Anonymous


Desmond 1/5/2023 9:11:00 PM

i just took my oracle exam and let me tell you, this exam dumps was a lifesaver! without them, iam not sure i would have passed. the questions were tricky and the answers were obscure, but the exam dumps had everything i needed. i would recommend to anyone looking to pass their oracle exams with flying colors (and a little bit of cheating) lol.
SINGAPORE


Davidson OZ 9/9/2023 6:37:00 PM

22. if you need to make sure that one computer in your hot-spot network can access the internet without hot-spot authentication, which menu allows you to do this? answer is ip binding and not wall garden. wall garden allows specified websites to be accessed with users authentication to the hotspot
Anonymous


381 9/2/2023 4:31:00 PM

is question 1 correct?
Anonymous


Laurent 10/6/2023 5:09:00 PM

good content
Anonymous


Sniper69 5/9/2022 11:04:00 PM

manged to pass the exam with this exam dumps.
UNITED STATES


Deepak 12/27/2023 2:37:00 AM

good questions
SINGAPORE


dba 9/23/2023 3:10:00 AM

can we please have the latest exam questions?
Anonymous


Prasad 9/29/2023 7:27:00 AM

please help with jn0-649 latest dumps
HONG KONG


GTI9982 7/31/2023 10:15:00 PM

please i need this dump. thanks
CANADA


Elton Riva 12/12/2023 8:20:00 PM

i have to take the aws certified developer - associate dva-c02 in the next few weeks and i wanted to know if the questions on your website are the same as the official exam.
Anonymous


Berihun Desalegn Wonde 7/13/2023 11:00:00 AM

all questions are more important
Anonymous


gr 7/2/2023 7:03:00 AM

ques 4 answer should be c ie automatically recover from failure
Anonymous


RS 7/27/2023 7:17:00 AM

very very useful page
INDIA


Blessious Phiri 8/12/2023 11:47:00 AM

the exams are giving me an eye opener
Anonymous


AD 10/22/2023 9:08:00 AM

3rd so far, need to cover more
Anonymous


Matt 11/18/2023 2:32:00 AM

aligns with the pecd notes
Anonymous


Sri 10/15/2023 4:38:00 PM

question 4: b securityadmin is the correct answer. https://docs.snowflake.com/en/user-guide/security-access-control-overview#access-control-framework
GERMANY


H.T.M. D 6/25/2023 2:55:00 PM

kindly please share dumps
Anonymous


Satish 11/6/2023 4:27:00 AM

it is very useful, thank you
Anonymous


Chinna 7/30/2023 8:37:00 AM

need safe rte dumps
FRANCE


1234 6/30/2023 3:40:00 AM

can you upload the cis - cpg dumps
Anonymous