Saturday, July 30, 2022

Google Cloud - Q&A

 

  1. What is critical outcome of API Management? - Measuring and tracking business performance.
  2. Who provides highest level of security? Titan Security Keys 
  3. 4 key benefits to manage cloud costs? Visibility, Accountability, Control and Intelligent recommendations.
  4. What is Chronicle? Its is a service built on top of Google Cloud Infrastructure, to ingest data (logs etc) and scan for threats.
  5. Types of support? Basic, Standard, Enhanced and Premium. 
  6. What is
    1. DataProc - Hadoop/Spark
    2. DataFlow - Streaming Data
    3. DataPrep - wrangle data based on tabular/interactive or visual structure
    4. DataPlex - Unified Data Management
  7. Three components of Google Clouds defence-in-depth data security design? Sharding, encryption key, key encryption key
  8. What is
    1. Cloud Profiler - Analyze application performance (CPU)
    2. Cloud Debugger - Monitor Performance
    3. Cloud trace - Optimize code
    4. Cloud Monitoring - monitor the performance of the entire cloud infra.
    5. Cloud Vision API - identify images/text etc in a document
  9. What is BYOIP? - Bring your own IP.
  10. Build a new application on cloud while keeping old application On-Premise. What is this pattern called? - Invent in Brownfield. [Greenfield implies something completely new]
  11. Minimize payment for traffic from Google cloud to Internet? use Cloud VPN.
  12. Your org uses Active Directory to authenticate users. Google account access must be removed when their AD account is terminated. ---- Use single sign on in the Google domain
  13. Migrating on Premise to Google Cloud. Functions owned by the cloud provider? - Infra arch and Hardware Maintenance
  14. Which product provides consistent platform for multi-cloud application deployments and extends other Google Cloud services to your environment? - Anthos

  15. Your organization needs to restrict access to a Cloud Storage bucket. Only employees who are based in Canada should be allowed to view the contents.What is the most effective and efficient way to satisfy this requirement? - Configure Armor to allow access to only IP from Canada

  16. Google Cloud managed solutions to automate your build, testing, and deployment process? - Cloud Build

  17. Google Cloud to privately and securely access your large volume of on-premises data, and you also want to minimize latency? - Google Edge network

  18. 2 hour SLA - Enhanced support model

  19. Plug-and-play AI components which can easily build ML services -AI Hub

  20. Recommendations AI delivers highly personalized product recommendations at scale.

  21. Document AI uses AI to unlock insights from documents.

  22. Cloud Talent Solution uses AI with job search and talent acquisition capabilities.

  23. Preview, Early Access, Alpha, and Beta do not have any SLA commitments.

  24. Which of the following NIST Cloud characteristics uses the business model of shared resources in a cloud environment? - Multi-Tenancy

  25. What are the network requirements for Private Google Access?

    1. Because Private Google Access is enabled on a per-subnet basis, you must use a VPC network. Legacy networks are not supported because they don't support subnets.
    2. - Private Google Access does not automatically enable any API. You must separately enable the Google APIs you need to use via the APIs & services page in the Google Cloud Console.
    3. If you use the private.googleapis.com or the restricted.googleapis.com domain names, you'll need to create DNS records to direct traffic to the IP addresses associated with those domains.
    4. Your network must have appropriate routes for the destination IP ranges used by Google APIs and services. These routes must use the default internet gateway next hop. If you use the private.googleapis.com or the restricted.googleapis.com domain names, you only need one route (per domain). Otherwise, you'll need to create multiple routes.
    5. Egress firewalls must permit traffic to the IP address ranges used by Google APIs and services. The implied allow egress firewall rule satisfies this requirement. For other ways to meet the firewall requirement.
  26. manage a bunch of API keys for external services that are accessed by different applications, which are used by a few teams - Store the information in Secret Manager is a secure and convenient storage system for API keys, passwords, certificates, and other sensitive data. Secret Manager provides a central place and single source of truth to manage access, and audit secrets across Google Cloud.
  27. Which Google Cloud product gives you a consistent platform for multi-cloud application deployments and extends other Google Cloud services to your environment? - Anthos
  28. Bigtable is the best suited for time series data. It also has high read-write throughput and ability to scale globally.
  29. VM instances that only have internal IP addresses (no external IP addresses) can use Private Google Access. They can reach the external IP addresses of Google APIs and services. 
  30. Google offers Firebase, In terms of Firebase Console, any particular message that has to be delivered to a customer at a certain degree of change in behavior can be managed through _________________ >> notification composer
  31. Google Clouds WebApp and API Protection (WAAP) protects the application from BOTS.
  32. You are working with a user to set up an application in a new VPC behind a firewall and it is noticed that the user is concerned about data egress. Therefore, to provide assistance you want to configure the fewest open egress ports >>> Setup a low priority rule (65534) that blocks all egress. Create a high priority rule (1000) that allows only specific port.
  33. Container Registry is only multi-regional but Artifact Registry supports multi regional or regional repositories
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)