- Home
- Google Associate Cloud Engineer Exam
- Google.Associate-Cloud-Engineer.v2024-07-17.q126
- Question 104
Valid Associate-Cloud-Engineer Dumps shared by ExamDiscuss.com for Helping Passing Associate-Cloud-Engineer Exam! ExamDiscuss.com now offer the newest Associate-Cloud-Engineer exam dumps, the ExamDiscuss.com Associate-Cloud-Engineer exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Associate-Cloud-Engineer dumps with Test Engine here:
Access Associate-Cloud-Engineer Dumps Premium Version
(328 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 104/126
You have deployed an application on a Compute Engine instance. An external consultant needs to access the Linux-based instance. The consultant is connected to your corporate network through a VPN connection, but the consultant has no Google account. What should you do?
Correct Answer: C
The best option is to instruct the external consultant to generate an SSH key pair, and request the public key from the consultant. Then, add the public key to the instance yourself, and have the consultant access the instance through SSH with their private key. This way, you can grant the consultant access to the instance without requiring a Google account or exposing the instance's public IP address. This option also follows the best practice of using user-managed SSH keys instead of service account keys for SSH access1.
Option A is not feasible because the external consultant does not have a Google account, and therefore cannot use Identity-Aware Proxy (IAP) to access the instance. IAP requires the user to authenticate with a Google account and have the appropriate IAM permissions to access the instance2. Option B is not secure because it exposes the instance's public IP address, which can increase the risk of unauthorized access or attacks. Option D is not correct because it reverses the roles of the public and private keys. The public key should be added to the instance, and the private key should be kept by the consultant. Sharing the private key with anyone else can compromise the security of the SSH connection3.
References:
* 1: https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys
* 2: https://cloud.google.com/iap/docs/using-tcp-forwarding
* 3: https://cloud.google.com/compute/docs/instances/connecting-advanced#sshbetweeninstances
Option A is not feasible because the external consultant does not have a Google account, and therefore cannot use Identity-Aware Proxy (IAP) to access the instance. IAP requires the user to authenticate with a Google account and have the appropriate IAM permissions to access the instance2. Option B is not secure because it exposes the instance's public IP address, which can increase the risk of unauthorized access or attacks. Option D is not correct because it reverses the roles of the public and private keys. The public key should be added to the instance, and the private key should be kept by the consultant. Sharing the private key with anyone else can compromise the security of the SSH connection3.
References:
* 1: https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys
* 2: https://cloud.google.com/iap/docs/using-tcp-forwarding
* 3: https://cloud.google.com/compute/docs/instances/connecting-advanced#sshbetweeninstances
- Question List (126q)
- Question 1: You want to select and configure a solution for storing and ...
- Question 2: Your company uses a large number of Google Cloud services ce...
- Question 3: You need to enable traffic between multiple groups of Comput...
- Question 4: Your team maintains the infrastructure for your organization...
- Question 5: You have one GCP account running in your default region and ...
- Question 6: You have been asked to migrate a docker application from dat...
- Question 7: Your projects incurred more costs than you expected last mon...
- Question 8: You are assisting a new Google Cloud user who just installed...
- Question 9: Your company has an existing GCP organization with hundreds ...
- Question 10: You have created an application that is packaged into a Dock...
- Question 11: Your team is running an on-premises ecommerce application. T...
- Question 12: You are monitoring an application and receive user feedback ...
- Question 13: You are running multiple microservices in a Kubernetes Engin...
- Question 14: You have an application that uses Cloud Spanner as a backend...
- Question 15: You have been asked to create robust Virtual Private Network...
- Question 16: A team of data scientists infrequently needs to use a Google...
- Question 17: You are developing a new web application that will be deploy...
- Question 18: The DevOps group in your organization needs full control of ...
- Question 19: Your company's security vulnerability management policy wont...
- Question 20: You need to deploy an application, which is packaged in a co...
- Question 21: You have a managed instance group comprised of preemptible V...
- Question 22: You have deployed an application on a single Compute Engine ...
- Question 23: You significantly changed a complex Deployment Manager templ...
- Question 24: You have an object in a Cloud Storage bucket that you want t...
- Question 25: Your company has multiple projects linked to a single billin...
- Question 26: All development (dev) teams in your organization are located...
- Question 27: Your company is moving its continuous integration and delive...
- Question 28: Your organization has user identities in Active Directory. Y...
- Question 29: Your company has embraced a hybrid cloud strategy where some...
- Question 30: You have a single binary application that you want to run on...
- Question 31: You recently deployed a new version of an application to App...
- Question 32: Your company has workloads running on Compute Engine and on-...
- Question 33: You want to configure autohealing for network load balancing...
- Question 34: Your organization needs to grant users access to query datas...
- Question 35: Your company has a large quantity of unstructured data in di...
- Question 36: Your organization uses G Suite for communication and collabo...
- Question 37: You have 32 GB of data in a single file that you need to upl...
- Question 38: You have an instance group that you want to load balance. Yo...
- Question 39: Your company has an internal application for managing transa...
- Question 40: You installed the Google Cloud CLI on your workstation and s...
- Question 41: During a recent audit of your existing Google Cloud resource...
- Question 42: You need to set up permissions for a set of Compute Engine i...
- Question 43: You are working with a user to set up an application in a ne...
- Question 44: You have created a new project in Google Cloud through the g...
- Question 45: Your existing application running in Google Kubernetes Engin...
- Question 46: You need to host an application on a Compute Engine instance...
- Question 47: You have an application that looks for its licensing server ...
- Question 48: You need to manage multiple Google Cloud Platform (GCP) proj...
- Question 49: You have developed a containerized web application that will...
- Question 50: You need to set up a policy so that videos stored in a speci...
- Question 51: The sales team has a project named Sales Data Digest that ha...
- Question 52: You are performing a monthly security check of your Google C...
- Question 53: You need to manage a third-party application that will run o...
- Question 54: Your company has developed a new application that consists o...
- Question 55: You have an on-premises data analytics set of binaries that ...
- Question 56: You created an instance of SQL Server 2017 on Compute Engine...
- Question 57: You are assigned to maintain a Google Kubernetes Engine (GKE...
- Question 58: Your organization has three existing Google Cloud projects. ...
- Question 59: Your company wants to migrate their on-premises workloads to...
- Question 60: You need to provide a cost estimate for a Kubernetes cluster...
- Question 61: The core business of your company is to rent out constructio...
- Question 62: Your application development team has created Docker images ...
- Question 63: You've deployed a microservice called myapp1 to a Google Kub...
- Question 64: You are asked to set up application performance monitoring o...
- Question 65: You are setting up a Windows VM on Compute Engine and want t...
- Question 66: You want to find out when users were added to Cloud Spanner ...
- Question 67: Your company runs its Linux workloads on Compute Engine inst...
- Question 68: You have a number of compute instances belonging to an unman...
- Question 69: You manage an App Engine Service that aggregates and visuali...
- Question 70: Your company developed an application to deploy on Google Ku...
- Question 71: You have a Dockerfile that you need to deploy on Kubernetes ...
- Question 72: You want to configure an SSH connection to a single Compute ...
- Question 73: You need to produce a list of the enabled Google Cloud Platf...
- Question 74: You have a Bigtable instance that consists of three nodes th...
- Question 75: You created a Kubernetes deployment by running kubectl run n...
- Question 76: Your management has asked an external auditor to review all ...
- Question 77: Your company is moving from an on-premises environment to Go...
- Question 78: You recently discovered that your developers are using many ...
- Question 79: Your organization is a financial company that needs to store...
- Question 80: You are deploying an application to a Compute Engine VM in a...
- Question 81: You are storing sensitive information in a Cloud Storage buc...
- Question 82: You have a web application deployed as a managed instance gr...
- Question 83: You are given a project with a single virtual private cloud ...
- Question 84: You are building an application that will run in your data c...
- Question 85: You are hosting an application from Compute Engine virtual m...
- Question 86: A colleague handed over a Google Cloud Platform project for ...
- Question 87: You have created a code snippet that should be triggered whe...
- Question 88: You are running a web application on Cloud Run for a few hun...
- Question 89: Your application is running on Google Cloud in a managed ins...
- Question 90: You created a Kubernetes deployment by running kubectl run n...
- Question 91: Your company publishes large files on an Apache web server t...
- Question 92: You are the team lead of a group of 10 developers. You provi...
- Question 93: You have successfully created a development environment in a...
- Question 94: You will have several applications running on different Comp...
- Question 95: You want to permanently delete a Pub/Sub topic managed by Co...
- Question 96: You created a cluster.YAML file containing * resources: * na...
- Question 97: Youare configuring Cloud DNS. You want !to create DNS record...
- Question 98: You deployed a new application inside your Google Kubernetes...
- Question 99: Your company is moving its entire workload to Compute Engine...
- Question 100: You are running a data warehouse on BigQuery. A partner comp...
- Question 101: Every employee of your company has a Google account. Your op...
- Question 102: You have a batch workload that runs every night and uses a l...
- Question 103: Your company implemented BigQuery as an enterprise data ware...
- Question 104: You have deployed an application on a Compute Engine instanc...
- Question 105: Your finance team wants to view the billing report for your ...
- Question 106: You need to create a copy of a custom Compute Engine virtual...
- Question 107: You are working for a hospital that stores Its medical image...
- Question 108: An employee was terminated, but their access to Google Cloud...
- Question 109: You have two subnets (subnet-a and subnet-b) in the default ...
- Question 110: You are managing a Data Warehouse on BigQuery. An external a...
- Question 111: You deployed an LDAP server on Compute Engine that is reacha...
- Question 112: You recently received a new Google Cloud project with an att...
- Question 113: You have been asked to set up the billing configuration for ...
- Question 114: Your learn wants to deploy a specific content management sys...
- Question 115: You are running multiple VPC-native Google Kubernetes Engine...
- Question 116: You want to add a new auditor to a Google Cloud Platform pro...
- Question 117: You are building an application that processes data files up...
- Question 118: You have a Compute Engine instance hosting an application us...
- Question 119: Your company's infrastructure is on-premises, but all machin...
- Question 120: You create a new Google Kubernetes Engine (GKE) cluster and ...
- Question 121: You need to grant access for three users so that they can vi...
- Question 122: You have a number of applications that have bursty workloads...
- Question 123: You deployed an application on a managed instance group in C...
- Question 124: You are migrating a production-critical on-premises applicat...
- Question 125: You are migrating a business critical application from your ...
- Question 126: You are building a new version of an application hosted in a...
[×]
Download PDF File
Enter your email address to download Google.Associate-Cloud-Engineer.v2024-07-17.q126.pdf