Google Cloud

Google Cloud Certified – Associate Data Practitioner

PR000306

Become a certified Associate Data Practitioner with exam code PR000306 to validate your data skills in Google Cloud.

492 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 371–380 of 492

Q371

A company needs to ensure that its Cloud IAM policies are based on least privilege. What should they do?

  • A Audit roles regularly
  • B Use default roles
  • C Assign all roles to admins
  • D Remove role constraints
Explanation Regular auditing of roles helps maintain least privilege; default roles may not be sufficient, while assigning all roles is too permissive.
Q372

What happens when you set a Google Cloud Storage bucket's access control to 'public'?

  • A Data is fully encrypted
  • B Anyone can read data
  • C Only admins can access it
  • D It affects billing costs
Explanation Setting a bucket to public allows anyone to read its data; encryption status and billing costs are not directly impacted by access settings.
Q373

Which service is best for managing Kubernetes clusters?

  • A Cloud Functions
  • B Cloud Run
  • C GKE
  • D App Engine
Explanation GKE (Google Kubernetes Engine) is specifically designed for managing Kubernetes clusters, while the others serve different container deployment options.
Q374

A company needs to securely share data with external partners while maintaining control over access. Which Google Cloud service should they use?

  • A Cloud Storage
  • B BigQuery
  • C Cloud IAM
  • D Data Loss Prevention API
Explanation Cloud Storage can be used to share files securely with fine-grained IAM access controls, whereas the others do not focus on direct file sharing.
Q375

What happens when you delete a Google Cloud Pub/Sub subscription?

  • A Messages are permanently lost
  • B Messages are retained for 7 days
  • C Only unacknowledged messages are lost
  • D Subscription is archived for recovery
Explanation When a subscription is deleted, all messages in it are permanently lost, including those that have not yet been acknowledged, while the other options imply retention or recovery that doesn't occur.
Q376

Which Google Cloud service is primarily used for data warehousing?

  • A BigQuery
  • B Cloud Storage
  • C Datastore
  • D Firestore
Explanation BigQuery is designed for large-scale data analysis, whereas the others serve different data storage needs.
Q377

A company needs to securely share datasets while controlling access. Which service should they use?

  • A BigQuery
  • B Cloud Storage
  • C Data Catalog
  • D Cloud IAM
Explanation BigQuery supports dataset sharing with fine-grained access controls, unlike the others that focus on different functionalities.
Q378

What happens when you set a Cloud Function trigger to run on Google Cloud Pub/Sub?

  • A Function runs on storage change.
  • B Function runs on message arrival.
  • C Function runs daily.
  • D Function runs on HTTP request.
Explanation Setting a trigger to Pub/Sub means the function executes with each incoming message, not on storage changes or schedules.
Q379

Which service allows real-time data processing in Google Cloud?

  • A Cloud Pub/Sub
  • B Cloud Storage
  • C BigQuery
  • D Cloud Functions
Explanation Cloud Pub/Sub is designed for real-time data processing; the others focus on storage or batch processing.
Q380

A company needs to store sensitive customer data in Google Cloud. Which service is best for encryption at rest?

  • A Google Cloud IAM
  • B Google Cloud Datastore
  • C Google Cloud Key Management
  • D Google Cloud Load Balancer
Explanation Google Cloud Key Management handles encryption keys; the others do not specialize in data encryption.