Udemy Notes

Question 1

Organize Memory, SSD, and Persistent Disks from fast to slow

Answer 1

Memory is the fastest
Then SSD
Then Persistent

Question 2

Whats the command if you want to see the configurations for a kubernetes cluster?

Answer 2

D. Use “kubectl config use-context” and “kubectl config view” to review the output.

Question 3

If you have projects from a different Cloud Organization and want to move it to your own billing account, how would that work? The simplest way

Answer 3

You would just link the projects to your own billing account

Question 4

From these, BigTable, FireStore, Cloud Storage.

Which one is used for unstructured data like images/videos?

Answer 4

Cloud Storage

Question 5

From these, BigTable, FireStore, Cloud Storage.

Which one is used for structured data like analytical queries or operational tasks?

Answer 5

BigTable

Question 6

From these, BigTable, FireStore, Cloud Storage.

Which one is used for NoSQL, event driven, real time data?

Answer 6

Firestore

Question 7

If you want a low-cost storage that you aren’t going to access frequently, and that you need to stay compliant, what should you pick?

Answer 7

Coldline Storage

Question 8

If you want to update the configs of a infrastructure using deployment manager, what should the command be?

Answer 8

B. gcloud deployment-manager deployments update –config <deployment-config-path></deployment-config-path>

Question 9

If you want to find the RDP credentials for a VM and give it to others, how would you do it?

Answer 9

B. After the VM has been created, use “gcloud compute reset-windows-password” to retrieve the login credentials for the VM.

Question 10

Can you log into a VM with JSON private key?

Answer 10

No, JSON private key are used to provide API access permissions and does not translate to credentials

Question 11

Difference between deployment manager and managed instance groups when it comes to lots of VMs?

Answer 11

Deployment manager is where you manage resources, configs of a VM while MiGs is for autoscaling and load balancing

Question 12

App Engine Native feature of splitting?

Answer 12

You can use App Engine to split traffic between versions of your apps

Question 13

Whats one big reason you’d put data in BigQuery over BigTable?

Answer 13

When you want to analyze data

Question 14

When scaling a Compute Engine VM setup using a custom image, what is the correct process to quickly create multiple identical instances?

Answer 14

✅ Create a custom image from a snapshot, then create instances from that image.

Question 15

What must you do to get logs from a VM running?

Answer 15

You need to install cloud logging agent so that the Cloud Logging app has someone sending more logs to it

Only simple log data is sent to cloud logging by default

Question 16

WHat storage provides high IOPs?

Answer 16

Local SSDs

Question 17

You need to deploy a new Compute Engine VM for a website, but the project doesn’t exist yet. What are the correct steps to follow?

Answer 17

1. Create a new project using the Cloud SDK (gcloud projects create).
2. Enable the Compute Engine API in that project (gcloud services enable compute.googleapis.com).
3. Create the VM instance specifying the new project (gcloud compute instances create –project <PROJECT_ID>).</PROJECT_ID>

Question 18

How can you estimate how much an on-demand BigQuery query will cost before running it?

Answer 18

Run a dry run query in the command line to estimate the number of bytes read,
then use the BigQuery Pricing Calculator to convert those bytes into a dollar cost

Question 19

How do you group Google Cloud resources so they share common IAM policies and can be managed together?

Answer 19

Use Folders in the Google Cloud resource hierarchy.
Rule: Set IAM at the folder → policies inherit to all projects/resources under it.

Question 20

You must SSH into many Compute Engine VMs securely without giving them public IPs. What should you use?

Answer 20

Cloud IAP for SSH/TCP (IAP TCP forwarding).
Rule: Identity-aware SSH over an IAP tunnel; no public IPs needed.

Question 21

How can you avoid typing the zone (e.g., europe-west1-d) every time you run a gcloud command for your Compute Engine instances?

Answer 21

This sets the default zone for all future gcloud commands in your current configuration.

Question 22

VMs in QuickServe-frontend must read BigQuery data in QuickServe-database. What’s the Google-recommended IAM setup?

Answer 22

Grant the frontend VM’s service account roles/bigquery.dataViewer on the QuickServe-database (project or specific datasets), and only the minimal roles it needs in QuickServe-frontend.

Question 23

Your app (TCP on port 389) must be internet-facing and must preserve the original client IP. Which GCP load balancer?

Answer 23

External passthrough TCP Network Load Balancer (a.k.a. External TCP NLB).

Question 24

What’s the simplest way to get real-time visibility and alerts for firewall changes and new VM creations in Google Cloud?

Answer 24

Create log-based metrics in Cloud Logging (filtering Cloud Audit Logs for firewall + instance actions), then add Cloud Monitoring alerts on those metrics.

Question 25

How can you prevent your proxy username and password from being logged when using the gcloud CLI?

Answer 25

Set them as environment variables:

Question 26

Your Data Studio dashboard’s sales charts stopped showing correctly, and data comes from BigQuery where nightly jobs recalculate tables. What should you do first?

Answer 26

Check the nightly job in the BigQuery interface and review its job history for errors.

Question 27

You’re moving an app from local (ADC) to a Compute Engine VM. What’s the Google-recommended way to authenticate with minimal changes?

Answer 27

Attach a service account to the VM and grant it only the required IAM roles. Let ADC pick it up automatically (no keys).

Question 28

Does IAM affect individuals or groups of accounts?

Answer 28

Groups

Question 29

For building a mobile app that processes time-series data, which GCP services should you use for: 1️⃣ Data processing, 2️⃣ Storage, and 3️⃣ Analytics?

Answer 29

1️⃣ Cloud Dataflow → Data processing (ETL pipeline) 2️⃣ Cloud Bigtable → Time-series storage 3️⃣ BigQuery → Analytics

Question 30

Your VMs need to write sensor data into a specific Cloud Storage bucket. What’s the Google-recommended way to grant access?

Answer 30

Create a service account and grant it the roles/storage.objectCreator IAM role on that specific bucket.

Question 31

Your VMs need to write sensor data into a specific Cloud Storage bucket. What’s the Google-recommended way to grant access?

Answer 31

Create a service account and grant it the roles/storage.objectCreator IAM role on that specific bucket.

Question 32

You need a monitoring pod to run on every GKE node (and follow autoscaling). What Kubernetes object should you use?

Answer 32

Rule: Use a DaemonSet for “one pod per node” workloads (monitoring, logging, CNI, etc.). Why it’s correct (quick): DaemonSet automatically schedules one pod per node, adds pods on scale-up, removes them on scale-down → perfect for cluster autoscaler + node-level agents.

Question 33

How do you automate a daily list of Compute Engine instances across prod and dev projects?

Answer 33

Create two gcloud configurations (prod/dev). In a script, activate each config and run: gcloud compute instances list Rule: Use gcloud config to switch projects/accounts cleanly in automation.

Question 34

Dev on App Engine is ready. You need a new production project. What’s the correct approach?

Answer 34

Use gcloud to create a new project, then deploy the app to that project.

Question 35

Clients must reach your Compute Engine VM over UDP 636. What should you do?

Answer 35

Add a network tag to the VM, and Create an ingress firewall rule allowing UDP:636 for that tag. Rule: Tags don’t open ports by themselves—firewall (ingress) rules do.

Question 36

You need a Compute Engine VM that never routes public Internet traffic. What should you do?

Answer 36

Create the instance without a public IP address.

Question 37

How should you share proposed infra changes for your GCP stack following best practices?

Answer 37

Use Deployment Manager templates and store them in Cloud Source Repositories (version control, reviews, history). Rule: IaC lives in Git, not in object storage.

Question 38

Colleagues must manage buckets and objects for your photo app. Which IAM role?

Answer 38

A: ✅ Storage Admin (roles/storage.admin) Rule: Need bucket-level + object-level management → Storage Admin. Object-only roles (Object Admin/Creator) are too narrow; Project Editor is too broad.

Question 39

BrightWeb needs to archive older versions of data after 30 days. The older versions are accessed monthly for reports and sometimes updated. What should they do?

Answer 39

Add a bucket lifecycle rule that moves older object versions after 30 days to Nearline Storage, which is ideal for monthly access with low retrieval costs.

Question 40

StudyPal’s Compute Engine instance runs 9 AM–6 PM and needs daily backups retained 30 days with minimal management. What should you do?

Answer 40

Use the Compute Engine → Disks → Snapshot Schedule feature to schedule daily snapshots at 1 AM and set auto-delete after 30 days.

Question 41

VMs have only internal IPs and must access a file in Cloud Storage without Internet access. What should you configure?

Answer 41

Enable Private Google Access on the subnet. This lets internal-only VMs reach Google APIs (like Cloud Storage) privately.

Question 42

You must direct home.techfolio.com, techfolio.com, and www.techfolio.com to your load balancer’s IP. How should you configure DNS?

Answer 42

Create one A record for techfolio.com → load-balancer IP and two CNAME records for www and home → techfolio.com.

Question 43

You need the fastest, simplest way to deploy a project-management platform on GCP. What should you do?

Answer 43

Search for the PMP in Google Cloud Marketplace and deploy it directly from there (no CLI or code needed).

Question 44

InnovaGro wants to deploy via a Kubernetes manifest but minimize infrastructure management. What should they use?

Answer 44

Use GKE Autopilot, which keeps full Kubernetes API control while Google manages the nodes, scaling, and patching.

Question 45

QuickVote receives unpredictable spikes of real-time votes. How should you store and process them efficiently?

Answer 45

Publish votes to Pub/Sub, then trigger Cloud Functions to process each message in real time for automatic scaling and low latency.

Question 46

Only application servers in subnet-b should reach database servers in subnet-a. How do you configure this?

Answer 46

Create service accounts sa-app and sa-db, attach them to their respective servers, and make an ingress firewall rule allowing traffic from sa-app → sa-db.

Question 47

Skyline Apps acquired a startup and must give its SREs identical custom roles in both organizations. How can you do this?

Answer 47

Run gcloud iam roles copy \ --source-organization \ --destination-organization to replicate the roles across orgs.

Question 48

Foodify’s app uses Compute Engine instances for dynamic content and Cloud Storage for images/docs. How should traffic be distributed?

Answer 48

Use an external HTTP(S) load balancer with a managed SSL certificate, and configure a URL map to route static requests → Cloud Storage.

Question 49

How should Pixellite Studios migrate: 300 TB video files (on-prem SAN) Amazon Redshift warehouse 20 GB PNG files in S3 — without custom code?

Answer 49

A: Use Transfer Appliance for videos Use BigQuery Data Transfer Service for Redshift data Use Storage Transfer Service for S3 PNGs

Question 50

Is BigTable/BigQuery good for unstructured data like images/videos?

Answer 50

No

Question 51

What is Firestore optimized for?

Answer 51

Designed for applications requiring real-time syncing or structured/semi structured storage

Question 52

What is Filestore optimized for?

Answer 52

For applications requiring shared file systems such as web content management or persistent storage for applications

Question 53

What storage is optimized to handle unstructured data like images/videos?

Answer 53

Cloud Storage

Question 54

What makes someone want to upload their app to Cloud run over another service like Cloud App Engine?

Answer 54

You use cloud run when you need a serverless platform that is used for low/unpredictable traffic as it only charges as you go App Engine is designed for applications that require a higher level of customization and control over the runtime environment