google cloud-digital-leader practice test
Google Cloud Digital Leader
Question 1
Topic 3, General Google Cloud knowledge
Topic 3
Your organization consists of many teams. Each team has many Google Cloud projects. Your organization wants to simplify
the management of identity and access policies for these projects.
How can you group these projects to meet this goal?
-
A. Group each team’s projects into a separate domain
-
B. Assign labels based on the virtual machines that are part of each team’s projects
-
C. Use folders to group each team’s projects
-
D. Group each team’s projects into a separate organization node
Answer:
C
Question 2
Topic 3, General Google Cloud knowledge
Topic 3
Your organization recently migrated its compute workloads to Google Cloud. You want these workloads in Google Cloud to
privately and securely access your large volume of on-premises data, and you also want to minimize latency.
What should your organization do?
-
A. Use Storage Transfer Service to securely make your data available to Google Cloud
-
B. Create a VPC between your on-premises data center and your Google resources
-
C. Peer your on-premises data center to Google’s Edge Network
-
D. Use Transfer Appliance to securely make your data available to Google Cloud
Answer:
B
Question 3
Topic 3, General Google Cloud knowledge
Topic 3
Your large and frequently changing organizations user information is stored in an on-premises LDAP database. The
database includes user passwords and group and organization membership.
How should your organization provision Google accounts and groups to access Google Cloud resources?
-
A. Replicate the LDAP infrastructure on Compute Engine
-
B. Use the Firebase Authentication REST API to create users
-
C. Use Google Cloud Directory Sync to create users
-
D. Use the Identity Platform REST API to create users
Answer:
C
Explanation:
You can run a single instance of Google Cloud Directory Sync to synchronize user accounts and groups to Google Cloud.
Reference: https://cloud.google.com/architecture/identity/federating-gcp-with-active-directory-introduction

Question 4
Topic 3, General Google Cloud knowledge
Topic 3
How do Migrate for Compute Engine and Migrate for Anthos differ?
-
A. Unlike Migrate for Anthos, Migrate for Compute Engine assumes that the migration source is VMware vSphere.
-
B. Migrate for Compute Engine charges for ingress, but Migrate for Anthos does not.
-
C. Migrate for Compute Engine is closed source, and Migrate for Anthos is open source.
-
D. Migrate for Anthos migrates to containers, and Migrate for Compute Engine migrates to virtual machines.
Answer:
D
Explanation:
Reference: https://cloud.google.com/migrate/anthos

Question 5
Topic 3, General Google Cloud knowledge
Topic 3
Your company needs to segment Google Cloud resources used by each team from the others. The teams efforts are
changing frequently, and you need to reduce operational risk and maintain cost visibility. Which approach does Google
recommend?
-
A. One project per team.
-
B. One organization per team.
-
C. One project that contains all of each team’s resources.
-
D. One top-level folder per team.
Answer:
A
Explanation:
Reference: https://cloud.google.com/security/infrastructure/design
Question 6
Topic 3, General Google Cloud knowledge
Topic 3
Your team is publishing research results and needs to make large amounts of data available to other researchers within the
professional community and the public at minimum cost.
How should you host the data?
-
A. Use a Cloud Storage bucket and enable “Requester Pays.”
-
B. Use a Cloud Storage bucket and provide Signed URLs for the data files.
-
C. Use a Cloud Storage bucket and set up a Cloud Interconnect connection to allow access to the data.
-
D. Host the data on-premises, and set up a Cloud Interconnect connection to allow access to the data.
Answer:
D
Question 7
Topic 3, General Google Cloud knowledge
Topic 3
Your organization needs to allow a production job to have access to a BigQuery dataset. The production job is running on a
Compute Engine instance that is part of an instance group.
What should be included in the IAM Policy on the BigQuery dataset?
-
A. The Compute Engine instance group
-
B. The project that owns the Compute Engine instance
-
C. The Compute Engine service account
-
D. The Compute Engine instance
Answer:
A
Explanation:
Reference: https://cloud.google.com/compute/docs/instance-groups

Question 8
Topic 3, General Google Cloud knowledge
Topic 3
Your organization meant to purchase a 3-year Committed Use Discount, but accidentally purchased a 1-year Committed Use
Discount instead. What should your organization do?
-
A. Contact your financial institution.
-
B. Contact Trust and Safety.
-
C. Contact Cloud Billing Support.
-
D. Contact Technical Support.
Answer:
B
Question 9
Topic 3, General Google Cloud knowledge
Topic 3
Your organization is defining the resource hierarchy for its new application in Google Cloud. You need separate development
and production environments. The production environment will be deployed in Compute Engine in two regions. Which
structure should your organization choose?
-
A. Create a single project for all environments. Use labels to segregate resources by environment.
-
B. Create a single project for all environments. Use tags to segregate resources by environment.
-
C. Create one project for the development environment and one project for the production environment.
-
D. Create two projects for the development environment and two projects for the production environment (one for each region).
Answer:
D
Question 10
Topic 3, General Google Cloud knowledge
Topic 3
Your organization needs to ensure that the Google Cloud resources of each of your departments are segregated from one
another. Each department has several environments of its own: development, testing, and production. Which strategy should
your organization choose?
-
A. Create a project per department, and create a folder per environment in each project.
-
B. Create a folder per department, and create a project per environment in each folder.
-
C. Create a Cloud Identity domain per department, and create a project per environment in each domain.
-
D. Create a Cloud Identity domain per environment, and create a project per department in each domain.
Answer:
D
Explanation:
Reference: https://cloud.google.com/identity/docs/setup