Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

Google Updated Associate-Cloud-Engineer Exam Questions and Answers by tessa

Page: 26 / 26

Google Associate-Cloud-Engineer Exam Overview :

Exam Name: Google Cloud Certified - Associate Cloud Engineer
Exam Code: Associate-Cloud-Engineer Dumps
Vendor: Google Certification: Google Cloud Certified
Questions: 363 Q&A's Shared By: tessa
Question 104

You are the Google Cloud systems administrator for your organization. User A reports that they received an error when attempting to access the Cloud SQL database in their Google Cloud project, while User B can access the database. You need to troubleshoot the issue for User A, while following Google-recommended practices.

What should you do first?

Options:

A.

Confirm that network firewall rules are not blocking traffic for User A.

B.

Review recent configuration changes that may have caused unintended modifications to permissions.

C.

Verify that User A has the Identity and Access Management (IAM) Project Owner role assigned.

D.

Review the error message that User A received.

Discussion
Question 105

You have an application that reads data from a Pub/Sub topic. During local development, you authenticated using your personal credentials to test the application. You now want to deploy the application to Vertex AI and have created a new service account to be used as the application ' s identity. You need to ensure that the deployed application can still access the Pub/Sub topic. What should you do?

Options:

A.

Extract your access token by using the gcloud auth print-access-token command, and store it with the application.

B.

Grant the relevant IAM roles to the service account used as your agent identity.

C.

Create a secret in Secret Manager to store your personal credentials, and configure the application ' s authentication code to use this secret.

D.

Generate a JSON private key for the service account, and upload the key as Vertex AI metadata.

Discussion
Billy
It was like deja vu! I was confident going into the exam because I had already seen those questions before.
Vincent Jun 22, 2026
Definitely. And the best part is, I passed! I feel like all that hard work and preparation paid off. Cramkey is the best resource for all students!!!
Atlas
What are these Dumps? Would anybody please explain it to me.
Reign Jun 2, 2026
These are exam dumps for a variety of IT certifications. They have a vast collection of updated questions and answers, which are very helpful in preparing for the exams.
Joey
I highly recommend Cramkey Dumps to anyone preparing for the certification exam. They have all the key information you need and the questions are very similar to what you'll see on the actual exam.
Dexter Jun 14, 2026
Agreed. It's definitely worth checking out if you're looking for a comprehensive and reliable study resource.
Everleigh
I must say that they are updated regularly to reflect the latest exam content, so you can be sure that you are getting the most accurate information. Plus, they are easy to use and understand, so even new students can benefit from them.
Huxley Jun 15, 2026
That's great to know. So, you think new students should buy these dumps?
Question 106

You are deploying an application to Cloud Run. Your application requires the use of an API that runs on Google Kubernetes Engine (GKE). You need to ensure that your Cloud Run service can privately reach the API on GKE, and you want to follow Google-recommended practices. What should you do?

Options:

A.

Deploy an ingress resource on the GKE cluster to expose the API to the internet. Use Cloud Armor to filter for IP addresses that can connect to the API. On the Cloud Run service, configure the application to fetch its public IP address and update the Cloud Armor policy on startup to allow this IP address to call the API on ports 80 and 443.

B.

Create an egress firewall rule on the VPC to allow connections to 0.0.0.0/0 on ports 80 and 443.

C.

Create an ingress firewall rule on the VPC to allow connections from 0.0.0.0/0 on ports 80 and 443.

D.

Deploy an internal Application Load Balancer to expose the API on GKE to the VPC. Configure Cloud DNS with the IP address of the internal Application Load Balancer. Deploy a Serverless VPC Access connector to allow the Cloud Run service to call the API through the FQDN on Cloud DNS.

Discussion
Question 107

After a recent security incident, your startup company wants better insight into what is happening in the Google Cloud environment. You need to monitor unexpected firewall changes and instance creation. Your company prefers simple solutions. What should you do?

Options:

A.

Use Cloud Logging filters to create log-based metrics for firewall and instance actions. Monitor the changes and set up reasonable alerts.

B.

Install Kibana on a compute Instance. Create a log sink to forward Cloud Audit Logs filtered for firewalls andcompute instances to Pub/Sub. Target the Pub/Sub topic to push messages to the Kibana instance. Analyze the logs on Kibana in real time.

C.

Turn on Google Cloud firewall rules logging, and set up alerts for any insert, update, or delete events.

D.

Create a log sink to forward Cloud Audit Logs filtered for firewalls and compute instances to Cloud Storage.Use BigQuery to periodically analyze log events in the storage bucket.

Discussion
Page: 26 / 26
Title
Questions
Posted

Associate-Cloud-Engineer
PDF

$36.75  $104.99

Associate-Cloud-Engineer Testing Engine

$43.75  $124.99

Associate-Cloud-Engineer PDF + Testing Engine

$57.75  $164.99