NotJustExam Interactive Question Bank | [Google] GCP-CDL

Question 1

You are migrating workloads to the cloud. The goal of the migration is to serve customers worldwide as quickly as possible According to local regulations, certain data is required to be stored in a specific geographic area, and it can be served worldwide. You need to design the architecture and deployment for your workloads.
What should you do?

A. Select a public cloud provider that is only active in the required geographic area
B. Select a private cloud provider that globally replicates data storage for fast data access
C. Select a public cloud provider that guarantees data location in the required geographic area
D. Select a private cloud provider that is only active in the required geographic area

Correct Answer: C

Explanation:

The suggested answer C is correct.
Reasoning: The question specifies two key requirements: 1) data must be stored in a specific geographic area due to local regulations, and 2) the application must serve customers worldwide as quickly as possible. Option C, selecting a public cloud provider that guarantees data location, directly addresses both requirements. Public cloud providers offer a global infrastructure, allowing worldwide service, while also providing mechanisms to ensure data residency within specific regions to comply with regulations. This is often achieved through the use of regions and availability zones.
Why other options are incorrect:

A: Selecting a public cloud provider only active in the required geographic area would satisfy the data residency requirement but would severely limit the ability to serve customers worldwide.
B: Private cloud providers, while offering control over data location, typically do not have the global infrastructure needed for fast, global data access. Globally replicating data in a private cloud can be complex and expensive. Furthermore, globally replicating the data might violate the data residency requirements, even if a primary copy is stored in the required region.
D: Similar to option A, selecting a private cloud provider that is only active in the required geographic area would not allow serving customers worldwide.

Therefore, the best approach is to leverage a public cloud provider's global footprint while ensuring data location guarantees for regulatory compliance.

Data Residency, https://www.ibm.com/cloud/learn/data-residency
AWS Global Infrastructure, https://aws.amazon.com/about-aws/global-infrastructure/

Question 2

Your organization needs a large amount of extra computing power within the next two weeks.
After those two weeks, the need for the additional resources will end.
Which is the most cost-effective approach?

A. Use a committed use discount to reserve a very powerful virtual machine
B. Purchase one very powerful physical computer
C. Start a very powerful virtual machine without using a committed use discount
D. Purchase multiple physical computers and scale workload across them

Correct Answer: C

Explanation:

The AI agrees with the suggested answer of C: Start a very powerful virtual machine without using a committed use discount.
The reason for this recommendation is that the scenario explicitly states the need for extra computing power is only for two weeks. Committed Use Discounts (CUDs) typically require a commitment period of one to three years, making them unsuitable and not cost-effective for such a short duration. Starting a virtual machine on-demand provides the required computing power without any long-term commitments.
Here's a breakdown of why the other options are not ideal:

A: Use a committed use discount to reserve a very powerful virtual machine: This is not cost-effective as CUDs are for longer periods (1-3 years).
B: Purchase one very powerful physical computer: Purchasing a physical computer involves a significant upfront cost and is not suitable for a temporary need. It also takes time to procure and set up.
D: Purchase multiple physical computers and scale workload across them: Similar to option B, this is expensive and time-consuming and does not align with the temporary nature of the requirement.

Citations:

Google Cloud Committed Use Discounts, https://cloud.google.com/compute/docs/instances/signing-up-committed-use-discounts
Google Cloud Virtual Machines, https://cloud.google.com/compute/vm-instance

Question 3

Your organization needs to plan its cloud infrastructure expenditures.
Which should your organization do?

A. Review cloud resource costs frequently, because costs change often based on use
B. Review cloud resource costs annually as part of planning your organization's overall budget
C. If your organization uses only cloud resources, infrastructure costs are no longer part of your overall budget
D. Involve fewer people in cloud resource planning than your organization did for on-premises resource planning

Correct Answer: A

Explanation:

The AI agrees with the suggested answer, which is A. Review cloud resource costs frequently, because costs change often based on use.
Reasoning: Cloud resource costs are dynamic and can fluctuate significantly based on usage, demand, and the pricing models offered by cloud providers. Regularly reviewing these costs is essential for effective budget management, identifying potential cost optimization opportunities, and avoiding unexpected expenses. This proactive approach helps organizations maintain financial control over their cloud infrastructure.
Why other options are incorrect:

B: Reviewing costs annually is insufficient. The dynamic nature of cloud pricing requires more frequent reviews.
C: Infrastructure costs are always relevant, regardless of whether the resources are on-premises or in the cloud. Ignoring these costs would lead to inaccurate budgeting.
D: Cloud resource planning may require different expertise but should involve appropriate stakeholders to ensure alignment with business needs and effective cost management. Reducing the number of people involved could lead to oversights and missed opportunities for optimization.

Citation 1: Google Cloud Pricing Overview, https://cloud.google.com/products/calculator/
Citation 2: AWS Pricing, https://aws.amazon.com/pricing/
Citation 3: Azure Pricing, https://azure.microsoft.com/en-us/pricing

Question 4

The operating systems of some of your organization's virtual machines may have a security vulnerability.
How can your organization most effectively identify all virtual machines that do not have the latest security update?

A. View the Security Command Center to identify virtual machines running vulnerable disk images
B. View the Compliance Reports Manager to identify and download a recent PCI audit
C. View the Security Command Center to identify virtual machines started more than 2 weeks ago
D. View the Compliance Reports Manager to identify and download a recent SOC 1 audit

Correct Answer: A

Explanation:

The AI assistant agrees with the suggested answer A.
Reasoning: Security Command Center (SCC) is Google Cloud's centralized security management and threat detection service. It provides visibility into the security posture of your Google Cloud resources, including virtual machines. A key function of SCC is to identify vulnerabilities, including those related to outdated software or disk images. By using SCC, organizations can effectively identify VMs running vulnerable disk images and prioritize remediation efforts.
Why other options are incorrect:

B and D: Compliance Reports Manager is primarily focused on compliance reporting (PCI, SOC) and not for identifying security vulnerabilities in virtual machines.
C: Identifying VMs started more than 2 weeks ago does not directly correlate with whether they have the latest security updates. A VM started recently could still be vulnerable if it was created from an outdated image.

The reason for choosing option A is because it directly addresses the question of identifying VMs with security vulnerabilities through its ability to scan and identify vulnerable disk images, making it the most effective solution in this scenario. Security Command Center is designed to provide visibility into security risks and offers features to identify vulnerable VMs.

Citations:

Security Command Center Overview, https://cloud.google.com/security-command-center/docs/overview

Question 5

You are currently managing workloads running on Windows Server for which your company owns the licenses. Your workloads are only needed during working hours, which allows you to shut down the instances during the weekend. Your Windows Server licenses are up for renewal in a month, and you want to optimize your license cost.
What should you do?

A. Renew your licenses for an additional period of 3 years. Renew your licenses for an additional period of 3 years. Negotiate a cost reduction with your current hosting provider wherein infrastructure cost is reduced when workloads are not in use
B. Renew your licenses for an additional period of 2 years. Negotiate a cost reduction by committing to an automatic renewal of the licenses at the end of the 2 year period
C. Migrate the workloads to Compute Engine with a bring-your-own-license (BYOL) model
D. Migrate the workloads to Compute Engine with a pay-as-you-go (PAYG) model

Correct Answer: D

Explanation:

The AI assistant agrees with the suggested answer D.

Reasoning: The scenario describes a company with expiring Windows Server licenses seeking to optimize costs, especially since their workloads are only needed during working hours and instances are shut down on weekends. Migrating to Compute Engine with a pay-as-you-go (PAYG) model is the most suitable solution.

With PAYG, the company only pays for the compute resources they consume while the instances are running. Since the workloads are shut down during off-peak hours and weekends, the cost savings can be significant. The expiring licenses make this option even more attractive, as they avoid the cost of renewing licenses that would go unused for a large portion of the time.

Reasons for not choosing the other options:

A & B: Renewing the licenses (options A & B) would incur costs for the entire license period, even during the times when the instances are shut down, failing to optimize costs effectively. Furthermore, negotiating infrastructure cost reduction does not directly address the Windows License cost.
C: While migrating to Compute Engine with a bring-your-own-license (BYOL) model (option C) seems viable initially, it has potential drawbacks. Since the current licenses are expiring soon, the company would need to renew them. BYOL is beneficial if the existing licenses have long-term validity or if the usage is close to 24/7. However, in the scenario presented, renewing licenses for limited working-hour usage may be more expensive than the PAYG model. The cost benefits of BYOL diminish with intermittent usage.

Citations:

Google Cloud Pricing Overview, https://cloud.google.com/products/calculator/
Bring Your Own License (BYOL) in Google Cloud, https://cloud.google.com/migrate/byol

Question 6

Your organization runs a distributed application in the Compute Engine virtual machines. Your organization needs redundancy, but it also needs extremely fast communication (less than 10 milliseconds) between the parts of the application in different virtual machines.
Where should your organization locate this virtual machines?

A. In a single zone within a single region
B. In different zones within a single region
C. In multiple regions, using one zone per region
D. In multiple regions, using multiple zones per region

Correct Answer: B

Explanation:

The AI suggests to agree with the suggested answer.

The suggested answer is B: In different zones within a single region.

Reasoning: Placing the virtual machines in different zones within a single region provides the necessary redundancy while maintaining extremely fast communication (less than 10 milliseconds). Zones within a region are geographically close, ensuring low latency. This setup addresses the organization's need for both redundancy and speed.

Why other options are not suitable:

A. In a single zone within a single region: This option does not provide redundancy. If the single zone fails, the entire application fails.
C. In multiple regions, using one zone per region: This option increases latency due to the distance between regions, violating the requirement for extremely fast communication (less than 10 milliseconds).
D. In multiple regions, using multiple zones per region: Similar to option C, this option also introduces high latency due to inter-region communication, failing to meet the application's speed requirements.

The primary reason for choosing option B is that it balances redundancy with low latency, meeting the organization's specific requirements.

Citations:

Google Cloud Regions and Zones, https://cloud.google.com/compute/docs/regions-zones

Question 7

An organization decides to migrate their on-premises environment to the cloud. They need to determine which resource components still need to be assigned ownership.
Which two functions does a public cloud provider own? (Choose two.)

A. Hardware maintenance
B. Infrastructure architecture
C. Infrastructure deployment automation
D. Hardware capacity management
E. Fixing application security issues

Correct Answer: AD

Explanation:

The AI assistant agrees with the suggested answer of AD.

Reasoning: In a public cloud model, the cloud provider assumes responsibility for managing and maintaining the underlying infrastructure. This includes the physical hardware and ensuring sufficient capacity to meet the needs of its customers. Therefore:

A. Hardware maintenance: Public cloud providers own and manage the physical hardware infrastructure, including servers, networking equipment, and storage devices. They are responsible for all hardware maintenance, repairs, and replacements.
D. Hardware capacity management: Public cloud providers are responsible for ensuring that they have sufficient hardware capacity to meet the demands of their customers. This includes monitoring resource utilization, forecasting future needs, and adding or removing hardware as necessary.

Reasons for not choosing the other answers:

B. Infrastructure architecture: While the cloud provider designs the overall infrastructure, customers have significant control over the architecture of their own applications and services within that infrastructure.
C. Infrastructure deployment automation: Customers often implement their own deployment automation tools and processes to manage their applications and services within the cloud infrastructure. While cloud providers offer tools and services to assist with automation, the customer typically owns this function.
E. Fixing application security issues: Customers are responsible for the security of their own applications and data within the cloud. While cloud providers offer security tools and services, the ultimate responsibility for application security lies with the customer (Shared Responsibility Model).

Citations:

Cloud Shared Responsibility Model, https://www.trendmicro.com/en_us/what-is/shared-responsibility-model.html

Question 8

You are a program manager within a Software as a Service (SaaS) company that offers rendering software for animation studios. Your team needs the ability to allow scenes to be scheduled at will and to be interrupted at any time to restart later. Any individual scene rendering takes less than 12 hours to complete, and there is no service-level agreement (SLA) for the completion time for all scenes. Results will be stored in a global Cloud Storage bucket. The compute resources are not bound to any single geographical location. This software needs to run on Google Cloud in a cost-optimized way.
What should you do?

A. Deploy the application on Compute Engine using preemptible instances
B. Develop the application so it can run in an unmanaged instance group
C. Create a reservation for the minimum number of Compute Engine instances you will use
D. Start more instances with fewer virtual centralized processing units (vCPUs) instead of fewer instances with more vCPUs

Correct Answer: A

Explanation:

The AI agrees with the suggested answer A, deploying the application on Compute Engine using preemptible instances.

Reasoning:
The problem highlights the need for a cost-optimized solution for rendering animation scenes. The key requirements are:

Scenes can be scheduled at will and interrupted at any time to restart later.
Individual scene rendering takes less than 12 hours.
No SLA for completion time.
Compute resources are not bound to a specific geographical location.

Preemptible VMs are a suitable choice because:

They offer significantly lower prices compared to standard Compute Engine instances (up to 80% cheaper).
They can be terminated by Google Cloud with 24 hours notice, which aligns with the requirement that scenes can be interrupted and restarted.
Since scenes take less than 12 hours to render, there is a good chance they will complete before preemption. Even if preempted, the rendering can restart from the last saved checkpoint (assuming the application is designed to handle interruptions).
The absence of an SLA makes the potential for preemption acceptable.

Reasons for not choosing other options:

B: Develop the application so it can run in an unmanaged instance group: While unmanaged instance groups provide flexibility, they don't directly address the cost optimization requirement as effectively as preemptible instances. Also this doesn't provide the cost-saving benefits of preemptible instances.
C: Create a reservation for the minimum number of Compute Engine instances you will use: Reservations guarantee that capacity is available, but they don't reduce costs. They also contradict the cost optimization goal.
D: Start more instances with fewer virtual centralized processing units (vCPUs) instead of fewer instances with more vCPUs: This might offer some flexibility in resource allocation, but it doesn't inherently provide cost savings and can lead to increased overhead in managing a larger number of instances. Preemptible instances offer a more direct and significant cost reduction.

Question 9

Your manager wants to restrict communication of all virtual machines with internet access; with resources in another network; or with a resource outside Compute
Engine. It is expected that different teams will create new folders and projects in the near future.
How would you restrict all virtual machines from having an external IP address?

A. Define an organization policy at the root organization node to restrict virtual machine instances from having an external IP address
B. Define an organization policy on all existing folders to define a constraint to restrict virtual machine instances from having an external IP address
C. Define an organization policy on all existing projects to restrict virtual machine instances from having an external IP address
D. Communicate with the different teams and agree that each time a virtual machine is created, it must be configured without an external IP address

Correct Answer: A

Explanation:

The AI agrees with the suggested answer (A).
Reasoning:
Option A, defining an organization policy at the root organization node, is the most effective approach because it ensures that the restriction applies to all current and future projects and folders within the organization. This centralized control is crucial when dealing with the expectation of new teams creating new folders and projects in the future. Organization policies are designed for exactly this kind of overarching governance.

Why other options are not suitable:

B: Defining an organization policy on all existing folders is insufficient because new folders might be created without the policy.
C: Defining an organization policy on all existing projects has the same issue as option B. New projects might be created without the policy.
D: Relying on communication and agreement is not a reliable method for enforcing security restrictions, as it depends on manual compliance and is prone to human error.

Therefore, using an organization policy at the root node provides the necessary centralized and automated enforcement required in this scenario.

Citations:

Google Cloud Organization Policies, https://cloud.google.com/resource-manager/docs/organization-policy/overview

Question 10

Your multinational organization has servers running mission-critical workloads on its premises around the world. You want to be able to manage these workloads consistently and centrally, and you want to stop managing infrastructure.
What should your organization do?

A. Migrate the workloads to a public cloud
B. Migrate the workloads to a central office building
C. Migrate the workloads to multiple local co-location facilities
D. Migrate the workloads to multiple local private clouds

Correct Answer: A

Explanation:

The AI assistant agrees with the suggested answer: A. Migrate the workloads to a public cloud.
The primary reason for this recommendation is that migrating to a public cloud allows the organization to centralize management of its mission-critical workloads and eliminate the need to manage infrastructure, aligning perfectly with the stated requirements. Public clouds offer services that handle infrastructure management, allowing the organization to focus on its core business functions.
Let's break down why the other options are not ideal:

B. Migrate the workloads to a central office building: This option still requires the organization to manage its own infrastructure, which contradicts the desire to stop managing infrastructure.
C. Migrate the workloads to multiple local co-location facilities: While co-location can reduce some infrastructure management burdens, it doesn't eliminate them entirely. The organization would still need to manage hardware and networking to some extent. Additionally, it introduces complexities related to managing multiple locations.
D. Migrate the workloads to multiple local private clouds: This option involves significant infrastructure management overhead, defeating the purpose of the question. The organization would be responsible for maintaining the private cloud infrastructure in multiple locations.

Therefore, the public cloud solution (Option A) is the best fit as it enables central management and removes the burden of infrastructure management.

Citations:

What is Cloud Computing? - A Definition, https://www.googlecloud.com/learn/what-is-cloud-computing
Public cloud - Amazon Web Services, https://aws.amazon.com/what-is/public-cloud/

[Google] GCP-CDL - Cloud Digital Leader Exam Dumps & Study Guide

Free [Google] GCP-CDL - Cloud Digital Leader Practice Questions Preview

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10