Free Practice Questions for Google Professional-Cloud-Architect Exam

https://cloud.google.com/functions/docs/securing/authenticating#authenticating_function_to_function_calls

According to Google Cloud Storage documentation, the soft-delete policy is a feature enabled by default on new buckets (starting in 2024) to protect against accidental or malicious deletion. It retains deleted objects for a specified retention period (default is seven days). For workloads involving large files—such as the video files Cymbal uses for Vertex AI training—this policy can lead to unexpected cost spikes.

When soft-delete is active, objects that are deleted are not immediately removed from the billing cycle; instead, they continue to incur charges at the same rate as "live" objects until the retention period expires. In an AI training environment where datasets are frequently updated, replaced, or temporary "scratch" files are created and deleted, the volume of soft-deleted bytes can quickly double or triple the effective storage footprint.

Options B and D are incorrect because moving from dual-region or multi-region to a single region would actually reduce storage costs, as regional storage is priced lower. Option A is incorrect because disabling the policy would stop the retention of deleted bytes, thereby lowering the bill. Therefore, checking for an active or recently enabled soft-delete policy is the standard troubleshooting step for sudden increases in storage costs associated with high-churn, large-file datasets.

According to Google Cloud Hybrid Connectivity documentation, Cloud VPN is the standard and recommended solution for establishing a secure, encrypted connection over the public internet between an on-premises network and a Google Cloud VPC. This aligns with Cymbal’s requirement for "secure communication" while maintaining manageability. Unlike SSH tunnels (Option B), which are fragile and difficult to scale at an enterprise level, Cloud VPN utilizes IPsec protocols to create a stable and encrypted site-to-site tunnel.

+1

To satisfy the "secure and manageable" criteria, the implementation must include strictly defined VPC Firewall Rules. This ensures the principle of least privilege is applied, restricting on-premises systems to only the necessary cloud resources and ports required for their specific business functions. VPC Peering (Option D) is technically incorrect here as it is designed for connecting two VPCs within the cloud, not for on-premises to cloud connectivity. A Bastion Host (Option A) provides a secure gateway for administrative login (SSH/RDP) but does not provide the transparent, network-level connectivity required for the automated "legacy file-based integrations" and "data transfers" mentioned in Cymbal’s environment. By using Cloud VPN with granular firewalling, Cymbal achieves a secure extension of their data center into Google Cloud.

The Google Cloud database migration path follows a "like-for-like" managed service strategy. Cloud SQL is the recommended destination for MySQL and SQL Server workloads that do not require the massive horizontal scale of Spanner, fitting Cymbal’s "Technical Stack Modernization" goals. Memorystore is the managed service for Redis, and Firestore is the native NoSQL replacement for MongoDB.

For the image storage requirement, Cloud Storage Coldline is the mathematically correct choice for data accessed "less and less frequently" with a retention period exceeding 90 days. According to Cloud Storage documentation, Coldline is specifically designed for data accessed at most once a quarter (90 days). Using Object Lifecycle Management to move images from Standard to Coldline allows Cymbal to "reduce costs" while keeping images "immediately accessible" (unlike Archive storage, which may have different trade-offs). Option C is less optimal because Nearline is intended for 30-day access patterns; given the images stay for 90+ days and usage drops significantly, the deeper savings of Coldline are preferred. Option A is over-engineered (Spanner for all) and expensive, while Option B contradicts the requirement to "reduce costs" by increasing operational overhead

According to the Google Cloud Migration Framework, a phased approach (also known as a Phased Migration) is the highly recommended best practice for complex enterprise workloads like Cymbal's product catalog. This strategy minimizes business risk and operational disruption by avoiding the "Big Bang" approach (Option D), which is often cited in the Google Cloud Architecture Framework as being high-risk for large-scale migrations.

By starting with a pilot project focused on a specific product category, Cymbal can validate the technical architecture of their new generative AI tools—such as Vertex AI Search and Retail API—in a controlled environment. This allows the team to refine the Human-in-the-Loop (HITL) review processes and ensure that the AI-generated attributes and descriptions meet their accuracy standards before a global rollout. This "crawl-walk-run" methodology aligns with the Google Cloud Adoption Framework, specifically the "Scale" and "Learn" themes, by allowing the organization to build expertise and adjust governance policies based on real-world results from the pilot.

Furthermore, a gradual expansion helps in managing costs effectively, as Cymbal can optimize resource allocation (like moving from on-premises databases to Cloud Spanner or Cloud SQL) based on the performance metrics observed during the initial phase. Options A and B are too prescriptive regarding specific compute choices without first establishing a successful migration pattern and do not address the primary requirement of "proper change management" and risk mitigation.

According to the Google Cloud Architecture Framework: Performance Excellence, Local SSDs are the optimal choice for "scratch" space, temporary files, and workloads requiring the lowest possible latency and highest IOPS. Unlike Persistent Disks (Option C) or Filestore (Option B), which are network-attached, Local SSDs are physically attached to the server that hosts the virtual machine instance.

This physical proximity eliminates network latency, providing sub-millisecond access times which are critical for "frequently accessed and modified" temporary files during AI training and inference. For generative AI, where data shuffling and checkpointing are intensive, the high throughput of Local SSDs prevents the storage layer from becoming a bottleneck for the expensive GPU/TPU accelerators.

While the data on Local SSDs is ephemeral (lost if the VM is deleted or undergoes certain maintenance events), this perfectly matches Cymbal's requirement for "temporary files." Furthermore, Local SSDs can be more cost-effective than provisioning high-performance Persistent Disks of equivalent speed, as their performance is not tied to the disk size. Cloud Storage (Option A) is unsuitable for this specific use case due to the significantly higher latency of object-based storage compared to block-based local storage.

According to the Google Cloud Architecture Framework for modernizing applications, Google Kubernetes Engine (GKE) is the most suitable compute platform for services requiring high scalability and availability. Cymbal’s AI-powered virtual agents must handle "anticipated growth" and fluctuating customer demands from their web and mobile apps. GKE’s Horizontal Pod Autoscaler (HPA) and Cluster Autoscaler ensure that the compute resources expand automatically during peak shopping hours and shrink during low-traffic periods to "minimize costs."

GKE is explicitly mentioned in Cymbal’s "Existing Technical Environment" as their preferred platform for containerized applications. Leveraging GKE for the virtual agents allows the development team to use a microservices approach, isolating the agent's logic from other catalog enrichment tasks. Option D (Single large VM) is a "legacy" approach that creates a single point of failure and does not scale efficiently. Option A (Cloud SQL) is a database service, not a compute resource for running agent logic. While Vertex AI Agent Builder (Option B) is the tool used to create the agents, the underlying compute that hosts the integrated application and handles the traffic orchestration is best served by a managed Kubernetes environment like GKE, which aligns with their requirement for "Scalability and Performance."

A "cloud-first" modernization strategy for a retail product catalog typically involves moving from legacy relational databases to high-performance, managed services. AlloyDB for PostgreSQL is Google Cloud's premier choice for demanding transactional workloads. It offers superior performance (up to 4x faster than standard PostgreSQL) and built-in high availability, making it ideal for the low-latency requirements of web applications and AI virtual agents.

Option A follows the architecturally sound pattern of separating structured data from unstructured assets. Cloud Storage is the industry standard for storing "product images," providing massive scalability, high availability, and low cost through lifecycle management.

Option B is less ideal because Bigtable is not designed for storing binary image blobs efficiently, and Spanner can be significantly more expensive and complex to manage if global multi-region consistency is not a strict requirement for the "minimizing operational costs" goal. Option C is incorrect because Filestore (NFS) is not a suitable primary database for a modern web application catalog. Option D is technically flawed as Cloud Storage is not an efficient primary database for structured application queries, and BigQuery is an analytical warehouse, not an image store. By combining AlloyDB and Cloud Storage, Cymbal achieves a performant, scalable, and cost-optimized foundation for their digital transformation.