Google Cloud Digital

Leader Crash Course

Practice Questions and Answers

Copyright TechCommanders
Draft Version 1.1 7/31/21
2021
Copyright

Copyright © 2021 TechCommanders, LLC

All rights reserved. No part of this publication may be reproduced, distributed, or

transmitted in any form or by any means, including photocopying, recording, or
other electronic or mechanical methods, without the prior written permission of the
publisher, except in the case of brief quotations embodied in critical reviews and
certain other noncommercial uses permitted by copyright law. For permission
requests, write to the publisher, addressed “Attention: Permissions Coordinator,” at
the address below.

Any references to historical events, real people, or real places are used fictitiously.
Names, characters, and places are products of the author’s imagination.

Front cover image by Self.

Book design by Self

Printed by TechCommanders, LLC., in the United States of America.

First printing edition 2021.

TechCommanders, LLC

Jacksonville, FL 32256

www.TechCommanders.com

2
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Disclosure

TechCommanders, LLC is an independent entity from Google and

Google Cloud. This publication may be used in assisting
candidates, students, and readers to better prepare for the Google
Cloud Digital Leader exam.
Neither TechCommanders, LLC nor Google and or Google Cloud
warrant this publication will ensure passing the Google Cloud
Digital Leader exam.
The Google Cloud and Google Cloud Digital Leader are trademarks
or registered trademarks of Google in the United States and/or
other countries. All other trademarks are trademarks of their
respective owners.

3
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Google Cloud
Digital Leader
Practice
Questions
BEFORE YOU BEGIN
The main objective of these mock exams is to validate you have
understood the objectives for the exam.
Answers with explanations are on the following pages.

If you do well on these exam questions(Over 75%) you should feel

confident to sit for and pass the Cloud Digital Leader exam
immediately!

Additional FREE and Membership Practice Questions are available

online at
https://TechCommanders.com

4
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 GCP PROFESSIONAL SECURITY ENGINEER
PRACTICE EXAM
50 QUESTIONS

1. Which of the following are the current options for paid support
in GCP? (Select Three)
A. Standard
B. Enhanced
C. Premium
D. Role
E. Premier

2. You are looking for a one stop reference page for GCP
support. What Page would you select? (Select One)
A. Compliance Hub
B. Support Hub
C. Google Cloud Platform Status
D. Pricing Page

3. A customer deploys an application to App Engine and needs

to check for Open Web Application Security Project (OWASP)
vulnerabilities. Which service should be used to accomplish this?
(Select One)
A. Cloud Armor

5
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 B. Binary Authorization
C. Cloud Security Scanner
D. Forseti Security

4. GCP provides three main compliance resource webpages.

What are they? (Select Three)
A. Support Hub
B. Compliance Reports Manager
C. GDPR Home Page
D. Compliance Offerings
E. TechCentral

5. Which of the following statements describe the features of a

preemptible VM instance? (Select Three)
A. Instance is alive for no more than 24 hours
B. Instance is alive for no more than 12 hours
C. Discounted Significantly
D. Can use free tier credits
E. Can be pre-empted with a 30 second notice
F. Can be pre-empted with a 30 minute notice

6. Virtual Machine vCPU and memory usage for each of these

categories can receive one of the following discounts? (Select
Three)
A. Sustained-Use
B. Committed-Use

6
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 C. Spot Instances
D. Military Discounts
E. Preemptible VMs

7. All Google Cloud Platform services are associated with a

project that is used to provide what functions? (Select Four)
A. Enable Services and APIs
B. Track Resource Usage
C. Manage Container Deployments
D. Manage DNS Services
E. Enable Billing
F. Manage Permissions and Credentials

8. What cloud deployment model is generally deployed between

organizations such as non-profits, hospitals or even enterprises
that share similar requirements or interests? (Select One)
A. Hybrid
B. Private
C. Public
D. Community

9 What cloud service model would you want to select if you want
to solve a particular business problem by providing CRM services
in the cloud to your enterprises? (Select One)
A. PaaS
B. IaaS
7
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 C. SaaS
D. CaaS

10 Your company has signed up with a cloud provider and you

will be using storage and virtual machines with the provider. The
provider has provided your organization some expectations for
what the service should perform at. What type of agreement
provides a guarantee of a certain level of service such as
"Uptime"? (Select One)
A. Interconnection Agreement
B. Service Level Agreement
C. Warranty
D. Performance Agreement

11. Which of the following NIST Cloud characteristics uses the

business model of shared resources in a cloud
environment? (Select One)
A. Broad Network Access
B. Elasticity
C. Availability
D. Multi-Tenancy

12. A customer has contacted you about migrating to Google

Cloud. The customer would like to migrate their data from on
premises as soon as possible. They don’t have the budget to
rewrite code, and they want the most direct route. What migration
option should suggest to the customer? (Select One)
A. Lift and Shift
B. Improve and Move

8
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 C. Rip and Replace
D. None, since the customer is not cloud native ready.

13. What load balancer type is supported with Cloud Armor

security policies? (Select One)
A. Regional SSL
B. HTTP(S) Only
C. HTTP(S) and SSL
D. SSL Proxy, HTTP(S) and SSL

14. When creating a project in Google Cloud it is important to

understand quotas limits of a project. By default you can create up
to _______ networks per project. (Select One)
A. 10
B. 100
C. 5
D. 50

15. Compute Engine provides machine type recommendations to

help you optimize the resource utilization of your virtual machine
(VM) instances. What is this capability called? (Select One)

A. Recommendation Engine
B. Best Practice Recommendations
C. Rightsizing Recommendations
D. App Engine
E. None of the Above

9
Google Cloud Digital Leader Crash Course - 50 Practice Questions
16. App Engine has been deployed in your customers GCP cloud
deployment. The customer would like to know more about the
benefits of App Engine Flexible. Please advise them on the
benefits of App Engine Flexible (Select Two)
A. Supports autoscaling
B. Supports Docker containers
C. Supports mainframe connectivity
D. Source code is written in specific versions of the
supported programming languages only

17. Cloud Data Loss Prevention (DLP) is a fully managed service

designed to help discover, classify, and protect the most sensitive
data. DLP provides three key features (Select Two)
A. Classification
B. De-Identification
C. De-classification
D. Reinspection

18. What service is a fully managed real-time messaging service

that allows you to send and receive messages between
independent applications. (Select One)

A. Cloud Pub-Sub
B. Cloud BigTable
C. Cloud Spanner
D. Cloud DNS
E. Cloud Datastore

10
Google Cloud Digital Leader Crash Course - 50 Practice Questions
19. Projects are important from a cloud deployment perspective
for several reasons and provide multiple benefits. What are the
two main benefits of using a project? (Select Two).
A. A project associates objects and services with billing
B. A project facilitates organization of services and
objects
C. A project facilitates monitoring and management
D. A project is responsible for linking APIS to
organizations

20. You have been contacted by the enterprise support team

which has told you there have reports of significant latency at
specific times for an application running on GCP. They would like
you to review the issue and provide them insight into why the
application is latent at specific times? What Google Cloud service
could you use to inspect latency data that has been collected in
near real time? (Select One)

A. Cloud Debug
B. Cloud Trace
C. VPC Trace Logs
D. Cloud Profiler

21. The Organization resource is the root node in the Google Cloud
Platform hierarchy and is the hierarchical super node of projects.
What are the types of customers an organization resource is
available for? (Select Two)
A. Google Workspace
B. Gmail
C. Google for Education
D. Cloud Identity

11
Google Cloud Digital Leader Crash Course - 50 Practice Questions
22 . Your development team is moving to a container-based
application and will also be having a culture shift by moving to a
DevOps based culture. The development lead has requested they
use Google Container Registry(GCR) for their docker containers.

What would be some reasons your development team would want

to use Container Registry instead of a third party
application? (Select Two).
A. GCR provides a single place for teams to manage
Docker images, perform vulnerability analysis, and
decide who can access what with fine-grained access
control.
B. Costs for use are based only on Google Cloud Platform
usage.
C. GCR allows for migration from any container solution
and is licensed based per container.
D. GCR does not provide fine grained access controls but
allows you to extend third party solutions.

23. Which of the following features are supported by GCP Cloud

Storage? (Select Two)
A. Object Versioning
B. Object Lifecycle Management
C. Object Analysis Management
D. Object Antivirus Scanning

12
Google Cloud Digital Leader Crash Course - 50 Practice Questions
24. "Scale to Zero" is phrase or common buzzword used in Cloud.
Google has some great capabilities around this. What would be
the best statement to describe what "Scale to Zero" really means
for Google Cloud? (Select One)

A. Scaling to zero allows containers to be run only when

there is demand.
B. Scaling to zero allows virtual machines to be run only
when there is demand.
C. Scaling to zero allows containers to be run only when
there is a budget.
D. Scaling to zero allows virtual machines to be run only
when there is a budget.

25. Your development team has been migrating the enterprise

data warehouse service to Google Cloud. They chose Google
BigQuery specifically for large amounts of data they will
query. What is the best reason below for selecting BigQuery over
BigTable? (Select One)
A. BigQuery is what you use when you have collected a
large amount of data and need to ask questions about
it.
B. BigQuery is cheaper than AWS comparables.
C. Latency is critical and BigQuery is a low latency service
as compared to BigTable
D. BigQuery is a low latency data warehouse.

26. Which Google Cloud Service or API has a use case for Machine
Learning Teams with ML Expertise? (Select One)
A. Vision API
B. DLP API

13
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 C. Vertex AI
D. TensorFlow

27. You’re currently considering moving your on-premises

CI pipeline from on premises to Google Cloud Platform. You would
like to have code maintained in a private Git repository which is
hosted on the Google Cloud Platform. What service would you
choose? (Select One)
A. Container Registry
B. Kubernetes Engine
C. Cloud Source Repositories
D. Cloud Build
E. Cloud Run

28. What is the term used for a set of techniques known in

machine learning in the training and operation of deep learning
models? (Select One) ?
A. Tensors
B. TensorFlow
C. Pre-Trained
D. TPU

29. The machine learning team at your company has decided to

start using Google Cloud ML based services. They are specifically
interested in running cutting-edge machine learning models with
AI services on Google Cloud backed by ASICs. What service would
they select? (Select One)
A. Cloud TPU

14
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 B. Cloud Tensor
C. Cloud Vision
D. Vision API

30 A data pipeline is a set of actions (workflow) that ingest raw

data from disparate sources and move the data to a destination
for storage and analysis. Your development would like to use a
GCP service that can be used for data processing for both batch
and real-time data streaming applications. It is important to note
that the service must also be able to extract data to endpoints for
a data analytics application.
What service on GCP would you select? (Select One)

A. Cloud Dataflow
B. Cloud Pub/Sub
C. Cloud Datastore
D. Cloud BigQuery

31. Your company has decided to migrate over 600 Petabytes of

data from on premises to Cloud Storage. This data migration has a
short migration window and is preferred to transfer online. The
development team is aware that the network bandwidth is
sufficient for transferring this data in less than two weeks. What
option for data transfer would you select based on the information
given for a network based transfer? (Select One)
A. Cloud Pub/Sub
B. Cloud Datastore
C. Cloud Storage Transfer Service
D. Transfer Appliance

15
Google Cloud Digital Leader Crash Course - 50 Practice Questions
32. Software Development Lifecycle (SDLC) is a widely used
framework with application development teams. Which of the
following two statements properly describe what SDLC is? (Select
Two)
A. The Software Development Life Cycle (SDLC) is a
process that produces software with the highest
quality and lowest cost in the shortest time possible.
B. SDLC provides a baseline for developers so can they
compare past performance of deployments.
C. SDLC is a proprietary method that is only used for on
premise deployments. SDLC will not be a good
framework for cloud deployments.
D. SDLC provides a well-structured flow of phases that
help an organization to quickly produce high-quality
software which is well-tested and ready for
production use

33. The company that has hired you to design a cloud application
that will transform their business is now requiring the following
requirements. They want to utilize as many GCP data focused
services as possible

1. Enterprise Data Warehouse (EDW) with SQL

2. Fast response times for OLAP workloads up to petabyte-scale,

3. Supports Big Data services and BI Tools.

4. Fully managed service

16
Google Cloud Digital Leader Crash Course - 50 Practice Questions
What service would you recommend the customer consider based
on the limited information? (Select One)
A. BigTable
B. BigQuery
C. Cloud Spanner
D. Cloud SQL

34. The Google Cloud Adoption Framework serves both as a map

for determining where your business information technology
capabilities are now, and as a guide to where you want to
be. What phase of the framework is when "The extent to which
your IT departments are supported by a mandate from leadership
to migrate to Google Cloud."? (Select One)
A. Learn
B. Lead
C. Secure
D. Scale

35. The Google Cloud Adoption Framework has three themes.

Which of the following are NOT themes in the Google Cloud
Adoption Framework? (Select Two)
(Note, ensure on the exam you do not confuse the "themes" and
"topics" as they are documented.)

A. Lead
B. Learn
C. Tactical
D. Strategic
E. Transformational

17
Google Cloud Digital Leader Crash Course - 50 Practice Questions
36. You’re currently working a Google Cloud project for the
company you for. The project you’re on has now been fully
migrated and the applications are currently deployed in
production as of last week with cloud native capacity. When
referring to the Google Cloud Adoption Framework what phase
would this be your now in? (Select One)
A. Assess
B. Plan
C. Deploy
D. Optimize

37. _____________is a sparsely populated table that can scale to

billions of rows and thousands of columns with low latency. This
feature will allow your enterprise to store terabytes or even
petabytes of data.
What is the service being referenced? (Select One)
A. Cloud Bigtable
B. Cloud BigQuery
C. Cloud Datastore
D. Cloud Spanner

38. Your currently working on a Machine Language project for the

customer. The customer has asked you to validate the
supportability of machine language technologies with GCP. What
capability is a Machine Language computation library solution that
is directly supported by Google Cloud Platform and supports data
flow graphing? (Select One)
A. Cloud TPU
B. TensorFlow
C. Cloud Tensor
18
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 D. Vertex AI

39. Google Cloud Supports various international compliance

standards. What is the international compliance standard that
provides guidelines for information security controls applicable to
the provision and use of cloud services? (Select One)

A. ISO 27001
B. ISO 27002
C. ISO 27017
D. ISO 27000

40. Your company is looking to utilize the power of the GCP Cloud.
You need to setup you VMs with a stable block storage solution
that is fully managed. What is the solution you need to specify?
(Select One)
A. Cloud Storage
B. Persistent Disk
C. Cloud Spanner
D. Cloud FileStore

41. Your currently reviewing services in GCP for your

deployments for container and cloud native solutions. Which of
the following two statements would be correct regarding the main
difference in use case for Cloud Run as opposed to Cloud
Functions? (Select Two)

19
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 A. Cloud Run uses containers and makes them invocable
via HTTP requests while Cloud Functions is Google's
event-driven serverless platform that does not use
containers.
B. Cloud Run is a cloud native service while Cloud
Functions is not cloud native.
C. Cloud Functions is based on Knative, which means that
similar solutions will likely show up on other managed
Kubernetes platforms.
D. Cloud Run is a managed serverless service that is event
based. (Triggers, Webhook)

42. Your organization has deployed services in GCP and now

would like to access, manage, and monitor these services over an
internet connection. Your organization does not need to have a
well provisioned network, nor does it need to have a dedicated
link. What connectivity option would you select? (Select One)
A. Cloud VPN
B. Cloud Interconnect
C. Carrier Peering
D. Partner Interconnect

43. Which of the following two statements are true about service
accounts in GCP? (Select Two)
A. A service account is an identity for your programs to
use to authenticate and gain access to GCP APIs.
(Server to Server)

20
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 B. A service account is an identity for your users to use to
authenticate and gain access to GCP APIs. (User to
Server)
C. Each service account is associated with a key pair,
which is managed by GCP
D. Google Rotates the keys for service accounts weekly

44. You want to provide private access options that let virtual
machine (VM) instances reach supported APIs and services without
requiring an external IP address.
What solution with GCP would you select? (Select One)

A. Cloud VPC
B. Cloud VPN
C. Private Access
D. Cloud Interconnect

45. Cloud Identity is an Identity as a Service (IDaaS) solution that

centrally manages users and groups. Cloud Identity has two
specific versions. What are the two specific versions? (Select Two)

A. Free
B. Basic
C. Private
D. Premium
E. Commercial

46. Cloud SQL is a fully managed database service that makes it

easy to set-up, maintain, manage, and administer your relational
MySQL databases in the cloud. What are three benefits/features of
using Cloud SQL? (Select Two)

A. Flexible Pricing
21
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 B. Supports all SQL Versions
C. A Managed Service
D. Extends to your on-premises databases.

47. Which of the following statements would be true regarding

Google Migrate for Compute Engine? (Select Two)

A. Formerly called Velostrata before Google purchased

them
B. Google Migrate for Compute is a migration service
which provides for data migrations transparently in the
background.
C. Google Migrate for Compute is a partner service which
provides for data migrations transparently in the
foreground.
D. VCenter is not required for VMWare Migrations

48. Your new employer has hired you to help transform the
current on premises environment to a cloud native deployment on
Google Cloud. One of the first tasks you need to determine is
focused on connecting securely to Google Cloud without a private
link. You have been asked to provide a link that will be secure but
also low overhead. What option would you select? (Select One)

A. Cloud Peering
B. Cloud VPN
C. Partner Interconnect
D. Direct Peering

22
Google Cloud Digital Leader Crash Course - 50 Practice Questions
49. Your new team is discussing cloud spending and is wanting to
ensure they use a funding model that uses their monthly allocation
of funds. They do not have authorization for a large procurement.
What type of funding model should be selected?

A. CAPEX
B. OPEX
C. Public
D. Private
E. Hybrid

50. The National Institute for Science and Technology (NIST)

provides five essential characteristics of cloud computing. Which
of the following has the correct characteristics? (Select One)

A. Broad Network Access, Resource Pooling, Rapid

Elasticity, Measured Service and Replication
B. On Demand Self Service , Broad Network Access,
Resource Pooling, Rapid Elasticity, Measured Service
C. On Demand Self Service , Private Network Access,
Resource Pooling, Rapid Elasticity, Measured Service
D. Broad Network Access, Resource Pooling, Rapid
Elasticity, Measured Service and Performance

GOOGLE CLOUD DIGITAL LEADER PRACTICE EXAM ONE

50 QUESTIONS
WITH ANSWERS AND EXPLANATIONS

23
Google Cloud Digital Leader Crash Course - 50 Practice Questions
1. Which of the following are the current options for paid support
in GCP? (Select Three)
F. Standard
G. Enhanced
H. Premium
I. Role
J. Premier

Correct Answer(s): A, B, C. GCP provides three options for paid

support which are Standard, Enhanced and Premium.

Basic Support is included with your Google Cloud subscription

which cover only Case, phone, and chat support for billing issues
only

https://cloud.google.com/support

2. You are looking for a one stop reference page for GCP
support. What Page would you select? (Select One)
E. Compliance Hub
F. Support Hub
G. Google Cloud Platform Status
H. Pricing Page

Correct Answer(s): B: Support Hub

Explanation: Google provides a page that brings together
everything needed around support. Its called the Support Hub
https://cloud.google.com/support-hub

24
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 3. A customer deploys an application to App Engine and needs
to check for Open Web Application Security Project (OWASP)
vulnerabilities. Which service should be used to accomplish this?
(Select One)
E. Cloud Armor
F. Binary Authorization
G. Cloud Security Scanner
H. Forseti Security

Correct Answer(s): C. Cloud Security Scanner

Explanation: Web Security Scanner identifies security
vulnerabilities in your App Engine, Google Kubernetes Engine
(GKE), and Compute Engine web applications. It crawls your
application, following all links within the scope of your starting
URLs, and attempts to exercise as many user inputs and event
handlers as possible.
Currently, Web Security Scanner only supports public URLs and IPs
that aren't behind a firewall. Web Security Scanner currently
supports the App Engine standard environment and App Engine
flexible environments, Compute Engine instances, and GKE
resources.

Please review this page before the exam

https://cloud.google.com/security-command-
center/docs/concepts-web-security-scanner-overview

4. GCP provides three main compliance resource webpages.

What are they? (Select Three)
F. Support Hub
G. Compliance Reports Manager
H. GDPR Home Page
I. Compliance Offerings

25
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 J. TechCentral

Correct Answer(s): B, C, D: Compliance Reports Manager, GDPR

Home Page, Compliance Offerings

Explanation: GCP provides three main compliance resource

webpages

Compliance Offerings -
https://cloud.google.com/security/compliance/offerings
Compliance Reports Manager -
https://cloud.google.com/security/compliance/compliance-
reports-manager
GDPR Resource Center -
https://cloud.google.com/security/gdpr/resource-center

5. Which of the following statements describe the features of a

preemptible VM instance? (Select Three)
G. Instance is alive for no more than 24 hours
H. Instance is alive for no more than 12 hours
I. Discounted Significantly
J. Can use free tier credits
K. Can be pre-empted with a 30 second notice
L. Can be pre-empted with a 30 minute notice

Correct Answer(s): A, C, E. Instance is alive for no more than 24

hours, Discounted Significantly, Can be pre-empted with a 30
second notice.
Explanation: Preemptible VM is an instance that you can create
and run at a lower cost than normal instances.

26
Google Cloud Digital Leader Crash Course - 50 Practice Questions
However, Compute Engine might stop (pre-empt) these instances if
it requires access to those resources for other tasks. Preemptible
instances are excess Compute Engine capacity, so their availability
varies with usage.

Live at most 24 hours Can be pre-empted with a 30 second

notification via API and are Discounted significantly

https://cloud.google.com/compute/docs/instances/preemptible

6. Virtual Machine vCPU and memory usage for each of these

categories can receive one of the following discounts? (Select
Three)
F. Sustained-Use
G. Committed-Use
H. Spot Instances
I. Military Discounts
J. Preemptible VMs

Correct Answer(s): A, B, E: Sustained, Committed and Preemptible

Explanation: vCPU and memory usage for each of these
categories can receive discounts

VM vCPU and memory usage for each of these categories can

receive discounts

Sustained-use discounts—Google offers up to 30% off for

workloads that run for most of the billing month on GCP services.

Committed-use discounts—users can save up to 57% by

committing to use an instance for a certain time period, with no
upfront payment and with the flexibility to change instances during
the commitment period.

27
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Preemptible VMs—similar to the concept of AWS spot instances,
Google offers up to 79% off for Virtual Machines that may be shut
down at any time and replaced by others.

Sustained use discounts

https://cloud.google.com/compute/docs/sustained-use-discounts

Committed use discounts -

https://cloud.google.com/compute/docs/instances/signing-up-
committed-use-discounts

Discounts for preemptible VM instances -

https://cloud.google.com/compute/docs/instances/preemptible

7. All Google Cloud Platform services are associated with a

project that is used to provide what functions? (Select Four)
G. Enable Services and APIs
H. Track Resource Usage
I. Manage Container Deployments
J. Manage DNS Services
K. Enable Billing
L. Manage Permissions and Credentials

Correct Answer(s): A,B,E,F: Enable Services and APIs, Track

Resource Usage, Enable Billing, Manage Permissions and
Credentials.
Explanation A Project facilitates organization of services and
objects and also use this method of segmentation for billing and
accounting.

• Track resource and quota usage

• Enable billing
• Manage permissions and credentials

28
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 • Enable services and APIs

https://cloud.google.com/storage/docs/projects#:~:text=A%20project%2
0consists%20of%20a,monitoring%20settings%20for%20those%20APIs.&
text=You%20can%20have%20one%20project,Storage%20data%2C%20in
to%20logical%20groups.

8. What cloud deployment model is generally deployed between

organizations such as non-profits, hospitals or even enterprises
that share similar requirements or interests? (Select One)
E. Hybrid
F. Private
G. Public
H. Community

Correct Answer(s): D: Community

Explanation: Community Cloud – The cloud infrastructure is
planned for selective use by a particular community of consumers
from organizations that have mutual interests like security needs,
policy, and compliance considerations.
https://csrc.nist.gov/glossary/term/community_cloud

9 What cloud service model would you want to select if you want
to solve a particular business problem by providing CRM services
in the cloud to your enterprises? (Select One)
E. PaaS
F. IaaS
G. SaaS
H. CaaS

Correct Answer(s): C. SaaS

Explanation: SaaS - Software as a Service (SaaS) provides you a
complete product that is run and managed by the service provider.
29
Google Cloud Digital Leader Crash Course - 50 Practice Questions
You worry only about using the software and not about
infrastructure.

SaaS provides the lowest level of flexibility and management

control over the infrastructure. (Example: Google Gsuite and MS
O365)
https://csrc.nist.gov/glossary/term/saas

10 Your company has signed up with a cloud provider and you

will be using storage and virtual machines with the provider. The
provider has provided your organization some expectations for
what the service should perform at. What type of agreement
provides a guarantee of a certain level of service such as
"Uptime"? (Select One)
E. Interconnection Agreement
F. Service Level Agreement
G. Warranty
H. Performance Agreement

Correct Answer(s): B. Service Level Agreement (SLA)

Explanation: A service level agreement (SLA) is a contract
between a service provider (either internal or external) and the
end user that defines the level of service expected from the
service provider. Some common SLA's are uptime, Response
Time, etc.
https://csrc.nist.gov/glossary/term/service_level_agreement

11. Which of the following NIST Cloud characteristics uses the

business model of shared resources in a cloud
environment? (Select One)
E. Broad Network Access
F. Elasticity
G. Availability
H. Multi-Tenancy

30
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Correct Answer(s): D. Multi-Tenancy
Explanation. In cloud computing, multitenancy means that
multiple customers of a cloud vendor are using the same
computing resources. Even though they share resources, cloud
customers aren't aware of each other, and their data is kept totally
separate. Multitenancy is a crucial component of cloud computing;
without it, cloud services would be far less practical. Multitenant
architecture is a feature in many types of public cloud computing,
including IaaS, PaaS, SaaS, containers, and serverless computing.

https://www.cloudflare.com/learning/cloud/what-is-multitenancy/

https://www.nist.gov/system/files/documents/itl/cloud/NIST_SP-
500-291_Version-2_2013_June18_FINAL.pdf

12. A customer has contacted you about migrating to Google

Cloud. The customer would like to migrate their data from on
premises as soon as possible. They don’t have the budget to
rewrite code, and they want the most direct route. What migration
option should suggest to the customer? (Select One)
E. Lift and Shift
F. Improve and Move
G. Rip and Replace
H. None, since the customer is not cloud native ready.
Correct Answer(s): A. Lift and Shift
Explanation. With Lift and Shift migrations, the customer could
move workloads from a source environment to a target
environment with few or no modifications or refactoring.
Please review this page before the exam.
https://cloud.google.com/architecture/migration-to-gcp-getting-
started

13. What load balancer type is supported with Cloud Armor

security policies? (Select One)
31
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 E. Regional SSL
F. HTTP(S) Only
G. HTTP(S) and SSL
H. SSL Proxy, HTTP(S) and SSL
Correct Answer(s): B: HTTP(S) Only
Explanation. Google Cloud Armor security policies protect your
application by providing Layer 7 filtering and by scrubbing
incoming requests for common web attacks or other Layer 7
attributes to potentially block traffic before it reaches your load
balanced backend services or backend buckets. Each security
policy is made up of a set of rules that filter traffic based on
conditions such as an incoming request's IP address, IP range,
region code, or request headers.

Google Cloud Armor security policies are available only for

backend services behind an external HTTP(S) load balancer. The
load balancer can be in Premium Tier or Standard Tier.
Google Cloud Armor security policies and IP DENY lists and ALLOW
lists are available only for HTTP(S) load balancing.

Please refer to this page before the exam.

https://cloud.google.com/armor/docs/security-policy-overview

14. When creating a project in Google Cloud it is important to

understand quotas limits of a project. By default you can create up
to _______ networks per project. (Select One)
E. 10
F. 100
G. 5
H. 50

Correct Answer(s): C. 5

32
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Explanation. By default ,the limit is 5 per project. You can contact
support to have this adjusted as needed. The exam has a few
trivia around projects and quotas.
https://cloud.google.com/vpc/docs/using-vpc

15. Compute Engine provides machine type recommendations to

help you optimize the resource utilization of your virtual machine
(VM) instances. What is this capability called? (Select One)

F. Recommendation Engine
G. Best Practice Recommendations
H. Rightsizing Recommendations
I. App Engine
J. None of the Above

Correct Answer(s): C: Rightsizing Recommendations

Explanation: Compute Engine provides machine type
recommendations to help you optimize the resource utilization of
your virtual machine (VM) instances. These recommendations are
generated automatically based on system metrics gathered by the
Cloud Monitoring service over the previous 8 days. Use these
recommendations to resize your instance's machine type to use
the instance’s resources more efficiently. This feature is also
known as rightsizing recommendations

https://cloud.google.com/compute/docs/instances/apply-machine-
type-recommendations-for-instances

16. App Engine has been deployed in your customers GCP cloud
deployment. The customer would like to know more about the
benefits of App Engine Flexible. Please advise them on the
benefits of App Engine Flexible (Select Two)
E. Supports autoscaling
33
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 F. Supports Docker containers
G. Supports mainframe connectivity
H. Source code is written in specific versions of the
supported programming languages only

Correct Answer(s): A,B. Supports Autoscaling and Supports

Docker Containers.
Explanation: Autoscaling is supported in both Flexible and
Standard environments. Flexible Environment does run a Docker
container that includes a custom runtime or source code written in
other programming languages.
https://cloud.google.com/appengine/docs/the-appengine-
environments

17. Cloud Data Loss Prevention (DLP) is a fully managed service

designed to help discover, classify, and protect the most sensitive
data. DLP provides three key features (Select Two)
E. Classification
F. De-Identification
G. De-classification
H. Reinspection
Correct Answer(s): A, B, E. Classification. De-classification and
Inspection
Explanation: Classification is the process to inspect the data and
know what data we have, how sensitive it is, and the likelihood.
Inspection and classification happen here.
De-identification is the process of removing, masking, replacing
information from data.
Please review this page before the exam
https://cloud.google.com/dlp/docs

34
Google Cloud Digital Leader Crash Course - 50 Practice Questions
18. What service is a fully managed real-time messaging service
that allows you to send and receive messages between
independent applications. (Select One)

F. Cloud Pub-Sub
G. Cloud BigTable
H. Cloud Spanner
I. Cloud DNS
J. Cloud Datastore

Correct Answer(s): A. Cloud Pub/Sub

Explanation: Google Cloud Pub/Sub is a scalable, durable event
ingestion and delivery system.

Pub/Sub allows services to communicate asynchronously, with

latencies on the order of 100 milliseconds.

Pub/Sub is used for streaming analytics and data integration

pipelines to ingest and distribute data. It is equally effective as
messaging-oriented middleware for service integration or as a
queue to parallelize tasks.

Pub/Sub enables you to create systems of event producers and

consumers, called publishers and subscribers. Publishers
communicate with subscribers asynchronously by broadcasting
events, rather than by synchronous remote procedure calls (RPCs).

https://cloud.google.com/pubsub/docs/overview

19. Projects are important from a cloud deployment perspective

for several reasons and provide multiple benefits. What are the
two main benefits of using a project? (Select Two).
E. A project associates objects and services with billing
35
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 F. A project facilitates organization of services and
objects
G. A project facilitates monitoring and management
H. A project is responsible for linking APIS to
organizations
Correct Answer(s): A, B: A project associates objects and services
with billing and a project facilitates organization of services and
objects
Explanation: A project organizes all Google Cloud resources. A
project consists of a set of users; a set of APIs; and billing,
authentication, and monitoring settings for those APIs. A project
does not manage monitoring or link APIS or link APIs to
organizations https://cloud.google.com/docs/overview#projects

20. You have been contacted by the enterprise support team

which has told you there have reports of significant latency at
specific times for an application running on GCP. They would like
you to review the issue and provide them insight into why the
application is latent at specific times? What Google Cloud service
could you use to inspect latency data that has been collected in
near real time? (Select One)

E. Cloud Debug
F. Cloud Trace
G. VPC Trace Logs
H. Cloud Profiler

Correct Answer(s): A: Cloud Trace

36
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Explanation: Cloud Trace formerly Stackdriver Trace is a
distributed tracing system that collects latency data from your
applications and displays it in the Google Cloud Console. You can
track how requests propagate through your application and
receive detailed near real-time performance insights. Cloud Trace
automatically analyses all your application's traces to generate in-
depth latency reports to surface performance degradations, and
can capture traces from all your VMs, containers, or App Engine
projects.

Please review this page before the exam

https://cloud.google.com/trace

21. The Organization resource is the root node in the Google Cloud
Platform hierarchy and is the hierarchical super node of projects.
What are the types of customers an organization resource is
available for? (Select Two)
E. Google Workspace
F. Gmail
G. Google for Education
H. Cloud Identity

Correct Answer(s): A and D: Gsuite and Cloud Identity

Explanation: An Organization resource is available for G Suite and
Cloud Identity customers. Organizations are confusing at first, but
for this exam we must understand the GCP cloud hierarchy details
and what role an Org Administrator is about as well.
https://cloud.google.com/resource-manager/docs/creating-
managing-organization

37
Google Cloud Digital Leader Crash Course - 50 Practice Questions
22 . Your development team is moving to a container-based
application and will also be having a culture shift by moving to a
DevOps based culture. The development lead has requested they
use Google Container Registry(GCR) for their docker containers.

What would be some reasons your development team would want

to use Container Registry instead of a third party
application? (Select Two).
E. GCR provides a single place for teams to manage
Docker images, perform vulnerability analysis, and
decide who can access what with fine-grained access
control.
F. Costs for use are based only on Google Cloud Platform
usage.
G. GCR allows for migration from any container solution
and is licensed based per container.
H. GCR does not provide fine grained access controls but
allows you to extend third party solutions.
Correct Answer(s): A, B .
Explanation: Google Container Registry (GCR) provides secure,
private Docker image storage on Google Cloud Platform and is
usage based. No licensing or subscription required. GCR does
provide resource level access fully integrated with Cloud IAM. (fine
grained access control)
https://cloud.google.com/container-registry

23. Which of the following features are supported by GCP Cloud

Storage? (Select Two)
E. Object Versioning
F. Object Lifecycle Management
G. Object Analysis Management
H. Object Antivirus Scanning

38
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Correct Answer(s): A. Object Versioning and Object Lifecycle
Management
Explanation: Object Lifecycle and Object Versioning
https://cloud.google.com/storage/docs/lifecycle

24. "Scale to Zero" is phrase or common buzzword used in Cloud.

Google has some great capabilities around this. What would be
the best statement to describe what "Scale to Zero" really means
for Google Cloud? (Select One)

E. Scaling to zero allows containers to be run only when

there is demand.
F. Scaling to zero allows virtual machines to be run only
when there is demand.
G. Scaling to zero allows containers to be run only when
there is a budget.
H. Scaling to zero allows virtual machines to be run only
when there is a budget.
Correct Answer(s): A: Scaling to zero allows containers to be run
only when there is demand.
Explanation: Scaling to zero allows containers to be run only when
there is demand.

For certain workloads, this can provide lower baseline resource

usage and lets you scale down instances when in the public cloud
to cost less. Cloud Run is a service that provides this capacity.
https://dzone.com/articles/scale-to-zero-with-kubernetes

25. Your development team has been migrating the enterprise

data warehouse service to Google Cloud. They chose Google
BigQuery specifically for large amounts of data they will
query. What is the best reason below for selecting BigQuery over
BigTable? (Select One)
39
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 E. BigQuery is what you use when you have collected a
large amount of data and need to ask questions about
it.
F. BigQuery is cheaper than AWS comparables.
G. Latency is critical and BigQuery is a low latency service
as compared to BigTable
H. BigQuery is a low latency data warehouse.
Correct Answer(s): A: BigQuery is what you use when you have
collected a large amount of data and need to ask questions about
it.
Explanation: BigQuery Vs BigTable

•BigQuery is what you use when you have collected a large amount
of data, and need to ask questions about it. (It’s Serverless)

•BigTable is a database which is designed to be the foundation for

a large, scalable application.

•Use BigTable when you are making any kind of app that needs to
read and write data, and scale is a potential issue.(Low Latency)

•Use BigQuery when you have collected a large amount of data,

and then need to ask questions about it (Query).
https://cloud.google.com/blog/topics/developers-
practitioners/bigtable-vs-bigquery-whats-difference

26. Which Google Cloud Service or API has a use case for Machine
Learning Teams with ML Expertise? (Select One)
E. Vision API
F. DLP API
G. Vertex AI
H. TensorFlow
40
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Correct Answer(s): A Vision API
Explanation: The Google Cloud Vision API allows developers to
easily integrate vision detection features within applications,
including image labelling, face and landmark detection, optical
character recognition (OCR), and tagging of explicit content.

•Detect objects and faces, read printed and handwritten text, and
build valuable metadata into your image catalog.

•Meant for ML Teams with Expertise

https://cloud.google.com/vision

27. You’re currently considering moving your on-premises

CI pipeline from on premises to Google Cloud Platform. You would
like to have code maintained in a private Git repository which is
hosted on the Google Cloud Platform. What service would you
choose? (Select One)
F. Container Registry
G. Kubernetes Engine
H. Cloud Source Repositories
I. Cloud Build
J. Cloud Run
Correct Answer(s): C. Cloud Source Repositories
Explanation: Cloud Source Repositories is a secure hosted private
Git on Google Cloud.
https://cloud.google.com/source-repositories/

28. What is the term used for a set of techniques known in

machine learning in the training and operation of deep learning
models? (Select One) ?

41
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 E. Tensors
F. TensorFlow
G. Pre-Trained
H. TPU
Correct Answer(s): A. Tensors
Explanation: Tensors are a term and a set of techniques known in
machine learning in the training and operation of deep learning
models can be described in terms of tensors. Tensors play an
important role in ML by encoding multi-dimensional data
https://www.tensorflow.org/guide/tensor

29. The machine learning team at your company has decided to

start using Google Cloud ML based services. They are specifically
interested in running cutting-edge machine learning models with
AI services on Google Cloud backed by ASICs. What service would
they select? (Select One)
E. Cloud TPU
F. Cloud Tensor
G. Cloud Vision
H. Vision API
Correct Answer(s): A. Cloud TPU
Explanation: Cloud TPU is a custom-designed machine learning
ASIC that powers Google products like Translate, Photos, Search,
Assistant, and Gmail.

Built for AI on Google Cloud, Cloud TPU is designed to run cutting-

edge machine learning models with AI services on Google Cloud.
https://cloud.google.com/tpu

42
Google Cloud Digital Leader Crash Course - 50 Practice Questions
30 A data pipeline is a set of actions (workflow) that ingest raw
data from disparate sources and move the data to a destination
for storage and analysis. Your development would like to use a
GCP service that can be used for data processing for both batch
and real-time data streaming applications. It is important to note
that the service must also be able to extract data to endpoints for
a data analytics application.
What service on GCP would you select? (Select One)

E. Cloud Dataflow
F. Cloud Pub/Sub
G. Cloud Datastore
H. Cloud BigQuery
Correct Answer(s): A. Cloud Dataflow
Explanation: Google Cloud Dataflow is a cloud-based data
processing service for both batch and real-time data streaming
applications. It enables developers to set up processing pipelines
for integrating, preparing, and analysing large data sets, such as
those found in Web analytics or big data analytics applications.
Data Extraction to Endpoints
https://cloud.google.com/dataflow

31. Your company has decided to migrate over 600 Petabytes of

data from on premises to Cloud Storage. This data migration has a
short migration window and is preferred to transfer online. The
development team is aware that the network bandwidth is
sufficient for transferring this data in less than two weeks. What
option for data transfer would you select based on the information
given for a network based transfer? (Select One)
E. Cloud Pub/Sub
F. Cloud Datastore
G. Cloud Storage Transfer Service
H. Transfer Appliance

43
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Correct Answer(s): C. Cloud Storage Transfer Service
Explanation: Cloud Storage Transfer Service would be the best
option since Network bandwidth is not an issue. With Storage
Transfer Service you can transfer petabytes of data from on-
premises sources to Cloud Storage over networks. Cloud Storage
Appliance would work as well however, that would be an offline
transfer which was not the stated requirement in this scenario.
Cloud Pub/Sub is meant for streaming data for GCP applications
not for migrating data.
https://cloud.google.com/storage-transfer/docs/overview

32. Software Development Lifecycle (SDLC) is a widely used

framework with application development teams. Which of the
following two statements properly describe what SDLC is? (Select
Two)
E. The Software Development Life Cycle (SDLC) is a
process that produces software with the highest
quality and lowest cost in the shortest time possible.
F. SDLC provides a baseline for developers so can they
compare past performance of deployments.
G. SDLC is a proprietary method that is only used for on
premise deployments. SDLC will not be a good
framework for cloud deployments.
H. SDLC provides a well-structured flow of phases that
help an organization to quickly produce high-quality
software which is well-tested and ready for
production use

Correct Answer(s): A, D:

44
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Explanation: The Software Development Life Cycle (SDLC) is a
process that produces software with the highest quality and lowest
cost in the shortest time possible. SDLC provides a well-structured
flow of phases that help an organization to quickly produce high-
quality software which is well-tested and ready for production use.
SDLC can be used with any software deployment that requires a
rigorous framework and is not a proprietary process or
framework.
https://stackify.com/what-is-sdlc/

33. The company that has hired you to design a cloud application
that will transform their business is now requiring the following
requirements. They want to utilize as many GCP data focused
services as possible

1. Enterprise Data Warehouse (EDW) with SQL

2. Fast response times for OLAP workloads up to petabyte-scale,

3. Supports Big Data services and BI Tools.

4. Fully managed service

What service would you recommend the customer consider based

on the limited information? (Select One)
E. BigTable
F. BigQuery
G. Cloud Spanner
H. Cloud SQL

Correct Answer(s): B. BigQuery

45
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Explanation: BigQuery is correct answer. On the exam you must
remember the difference use case between BigTable and
BigQuery. https://cloud.google.com/bigquery

34. The Google Cloud Adoption Framework serves both as a map

for determining where your business information technology
capabilities are now, and as a guide to where you want to
be. What phase of the framework is when "The extent to which
your IT departments are supported by a mandate from leadership
to migrate to Google Cloud."? (Select One)
E. Learn
F. Lead
G. Secure
H. Scale
Correct Answer(s): B. Lead
Explanation: Before taking the Cloud Leader exam you must
review this page. Expect several questions on the adoption
framework.

The framework assesses four themes:

• Learn. The quality and scale of your learning programs.

• Lead. The extent to which your IT departments are

supported by a mandate from leadership to migrate to
Google Cloud.

• Scale. The extent to which you use cloud-native services, and

how much operational automation you currently have in
place.

• Secure. The capability to protect your current environment

from unauthorized and inappropriate access.
46
Google Cloud Digital Leader Crash Course - 50 Practice Questions
https://cloud.google.com/architecture/migration-to-gcp-getting-
started#gcp_adoption_framework

35. The Google Cloud Adoption Framework has three themes.

Which of the following are NOT themes in the Google Cloud
Adoption Framework? (Select Two)
(Note, ensure on the exam you do not confuse the "themes" and
"topics" as they are documented.)

F. Lead
G. Learn
H. Tactical
I. Strategic
J. Transformational
Correct Answer(s): A, B : Learn, Lead

Learn and Lead are "topics" not Themes.

We must review this page before the exam. We can expect several
questions directly from this page.

https://cloud.google.com/architecture/migration-to-gcp-getting-
started#gcp_adoption_framework

Themes are.
Tactical. There are no coherent plans covering all the individual
workloads you have in place. You're mostly interested in a quick
return on investments and little disruption to your IT organization.
Strategic. There is a plan in place to develop individual workloads
with an eye to future scaling needs. You're interested in the mid-
term goal to streamline operations to be more efficient than they
are today.

47
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Transformational. Cloud operations work smoothly, and you use
data that you gather from those operations to improve your IT
business. You're interested in the long-term goal of making the IT
department one of the engines of innovation in your organization.

36. You’re currently working a Google Cloud project for the

company you for. The project you’re on has now been fully
migrated and the applications are currently deployed in
production as of last week with cloud native capacity. When
referring to the Google Cloud Adoption Framework what phase
would this be your now in? (Select One)
E. Assess
F. Plan
G. Deploy
H. Optimize

Correct Answer(s): D. Optimize

Explanation: Optimize is correct and shows full cloud native
capacity.

https://cloud.google.com/architecture/migration-to-gcp-getting-
started#gcp_adoption_framework

There are four phases of your migration:

Assess. In this phase, you perform a thorough assessment and

discovery of your existing environment in order to understand
your app and environment inventory, identify app dependencies
and requirements, perform total cost of ownership calculations,
and establish app performance benchmarks.

48
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Plan. In this phase, you create the basic cloud infrastructure for
your workloads to live in and plan how you will move apps. This
planning includes identity management, organization and project
structure, networking, sorting your apps, and developing a
prioritized migration strategy.

Deploy. In this phase, you design, implement, and execute a

deployment process to move workloads to Google Cloud. You
might also have to refine your cloud infrastructure to deal with
new needs.

Optimize. In this phase, you begin to take full advantage of cloud-

native technologies and capabilities to expand your business's
potential to things such as performance, scalability, disaster
recovery, costs, training, as well as opening the doors to machine
learning and artificial intelligence integrations for your app.

37. _____________is a sparsely populated table that can scale to

billions of rows and thousands of columns with low latency. This
feature will allow your enterprise to store terabytes or even
petabytes of data.
What is the service being referenced? (Select One)
E. Cloud Bigtable
F. Cloud BigQuery
G. Cloud Datastore
H. Cloud Spanner
Correct Answer(s): A Cloud BigTable
Explanation: Use BigTable when you are making any kind of app
that needs to read and write data, and scale is a potential
issue.(Low Latency)
https://cloud.google.com/bigtable

49
Google Cloud Digital Leader Crash Course - 50 Practice Questions
38. Your currently working on a Machine Language project for the
customer. The customer has asked you to validate the
supportability of machine language technologies with GCP. What
capability is a Machine Language computation library solution that
is directly supported by Google Cloud Platform and supports data
flow graphing? (Select One)
E. Cloud TPU
F. TensorFlow
G. Cloud Tensor
H. Vertex AI
Correct Answer(s): B. TensorFlow
Explanation: TensorFlow is an end-to-end open source platform
for machine learning Core Libraries

•Build and train ML models easily using intuitive high-level APIs

•Train and deploy models in the cloud, on-prem, in the browser, or

on-device no matter what language you use

https://www.tensorflow.org/

39. Google Cloud Supports various international compliance

standards. What is the international compliance standard that
provides guidelines for information security controls applicable to
the provision and use of cloud services? (Select One)

E. ISO 27001
F. ISO 27002
G. ISO 27017
H. ISO 27000

Correct Answer(s): C. ISO 27017

50
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 Explanation: ISO/IEC 27017:2015 gives guidelines for information
security controls applicable to the provision and use of cloud
services by providing additional implementation guidance for
relevant controls specified in ISO/IEC 27002 and additional controls
with implementation guidance that specifically relate to cloud
services

ISO 27001 outlines and provides the requirements for an

information security management system (ISMS), specifies a set of
best practices, and details the security controls that can help
manage information risks but it's not specific to cloud. ISO 27002 is
related to security controls to implement ISO 27001 and ISO 27018
relates to one of the most critical components of cloud privacy: the
protection of Personally Identifiable Information (PII).

Please review the page below before the exam.

https://cloud.google.com/security/compliance/iso-27017

40. Your company is looking to utilize the power of the GCP Cloud.
You need to setup you VMs with a stable block storage solution
that is fully managed. What is the solution you need to specify?
(Select One)
E. Cloud Storage
F. Persistent Disk
G. Cloud Spanner
H. Cloud FileStore

Correct Answer(s): B. Persistent Disk

Explanation: Compute Engine VM comes with a single root
persistent disk which is hosted on Persistent Disk.

51
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Persistent disks are durable network storage devices that your
instances can access like physical disks in a desktop or a server.
The data on each persistent disk is distributed across several
physical disks. Compute Engine manages the physical disks and
the data distribution for you to ensure redundancy and optimal
performance.

Persistent disks are located independently from your virtual

machine (VM) instances, so you can detach or move persistent
disks to keep your data even after you delete your instances.
Persistent disk performance scales automatically with size, so you
can resize your existing persistent disks or add more persistent
disks to an instance to meet your performance and storage space
requirements.
Image is loaded onto root disk during boot process
https://cloud.google.com/compute/docs/disks

41. Your currently reviewing services in GCP for your

deployments for container and cloud native solutions. Which of
the following two statements would be correct regarding the main
difference in use case for Cloud Run as opposed to Cloud
Functions? (Select Two)
E. Cloud Run uses containers and makes them invocable
via HTTP requests while Cloud Functions is Google's
event-driven serverless platform that does not use
containers.
F. Cloud Run is a cloud native service while Cloud
Functions is not cloud native.
G. Cloud Functions is based on Knative, which means that
similar solutions will likely show up on other managed
Kubernetes platforms.
H. Cloud Run is a managed serverless service that is event
based. (Triggers, Webhook)
Correct Answer(s): A and B.
52
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Explanation: Cloud Run uses containers and makes them
invocable via HTTP requests while Cloud Functions is Google's
event-driven serverless platform that does not use containers.
https://cloud.google.com/run

42. Your organization has deployed services in GCP and now

would like to access, manage, and monitor these services over an
internet connection. Your organization does not need to have a
well provisioned network, nor does it need to have a dedicated
link. What connectivity option would you select? (Select One)
E. Cloud VPN
F. Cloud Interconnect
G. Carrier Peering
H. Partner Interconnect

Correct Answer(s): A: Cloud VPN

Explanation: Cloud VPN provides private-to-private connectivity
and your internet connection meets your business requirements.
•Ensures VMs that you provisioned in GCP can communicate
directly with on-premises resources via a private IP range.
•Private RFC1918 addresses
•IPSEC Tunnels
•IPSEC VPN tunnels encrypt data by using industry-standard IPsec
protocols as traffic traverses the public Internet.
https://cloud.google.com/hybrid-connectivity

43. Which of the following two statements are true about service
accounts in GCP? (Select Two)

53
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 E. A service account is an identity for your programs to
use to authenticate and gain access to GCP APIs.
(Server to Server)
F. A service account is an identity for your users to use to
authenticate and gain access to GCP APIs. (User to
Server)
G. Each service account is associated with a key pair,
which is managed by GCP
H. Google Rotates the keys for service accounts weekly
Correct Answer(s): A, C: A service account is an identity for your
programs to use to authenticate and gain access to GCP APIs.
(Server to Server) and Each service account is associated with a key
pair, which is managed by GCP
Explanation: A service account is an identity for your programs to
use to authenticate and gain access to GCP APIs. (Server to Server)

•Service accounts authenticate applications running on your virtual

machine instances to other GCP services.
•Each service account is associated with a key pair, which is
managed by GCP. It is used for service-to-service authentication
within GCP.
•Google rotates the keys daily..
https://cloud.google.com/iam/docs/service-accounts

44. You want to provide private access options that let virtual
machine (VM) instances reach supported APIs and services without
requiring an external IP address.
What solution with GCP would you select? (Select One)

E. Cloud VPC
54
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 F. Cloud VPN
G. Private Access
H. Cloud Interconnect
Correct Answer(s): C: Private Access
Explanation: Google Cloud provides several private access options
that let virtual machine (VM) instances reach supported APIs and
services without requiring an external IP address.

•Option supports the APIs and services that you need to access.

•Private Google Access, Private Google Connect, etc

https://cloud.google.com/vpc/docs/private-access-options

45. Cloud Identity is an Identity as a Service (IDaaS) solution that

centrally manages users and groups. Cloud Identity has two
specific versions. What are the two specific versions? (Select Two)

F. Free
G. Basic
H. Private
I. Premium
J. Commercial

Correct Answer(s): A, D: Free and Premium

Explanation: Cloud Identity is an Identity as a Service (IDaaS)
solution that centrally manages users and groups.

•Configure Cloud Identity to federate identities between Google

and other identity providers, such as Active Directory and Azure
Active Directory.

•Use Identity and Access Management (IAM) to manage access to

Google Cloud resources for each Cloud Identity account.

55
Google Cloud Digital Leader Crash Course - 50 Practice Questions
•Use to create a GCP Organization (Super User is the Org Admin)

•Two Editions – Free and Premium

https://support.google.com/cloudidentity/answer/7431902?hl=en#
zippy=%2Cdevice-management

46. Cloud SQL is a fully managed database service that makes it

easy to set-up, maintain, manage, and administer your relational
MySQL databases in the cloud. What are three benefits/features of
using Cloud SQL? (Select Two)

E. Flexible Pricing
F. Supports all SQL Versions
G. A Managed Service
H. Extends to your on-premises databases.

Correct Answer(s): A and C: Flexible Pricing and is a Managed

Service
Explanation: Fully managed relational database service for
MySQL, PostgreSQL, and SQL Server. Cloud SQL is a fully managed
database service that makes it easy to set-up, maintain, manage,
and administer your relational MySQL databases in the cloud.
What are three benefits/features of using Cloud SQL?
(Select Three)

•Flexible Pricing

•Managed Service

•Supports Application Replication

https://cloud.google.com/sql

47. Which of the following statements would be true regarding

Google Migrate for Compute Engine? (Select Two)

56
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 E. Formerly called Velostrata before Google purchased
them
F. Google Migrate for Compute is a migration service
which provides for data migrations transparently in the
background.
G. Google Migrate for Compute is a partner service which
provides for data migrations transparently in the
foreground.
H. VCenter is not required for VMWare Migrations

Correct Answer(s): D: Formerly called Velostrata before Google

purchased them and Google Migrate for Compute is a migration
service which provides for data migrations transparently in the
background.
Explanation: Google Migrate for Compute Engine is a migration
service which provides for data migrations transparently in the
background.

●Enterprises can validate, run, and migrate applications into

Google Cloud without rewriting them, modifying the image, or
changing management processes.

●Google bought Velostrata and rebranded to Google Cloud

Migrate for Compute

https://cloud.google.com/migrate/compute-engine

48. Your new employer has hired you to help transform the
current on premises environment to a cloud native deployment on
Google Cloud. One of the first tasks you need to determine is
focused on connecting securely to Google Cloud without a private
link. You have been asked to provide a link that will be secure but
also low overhead. What option would you select? (Select One)

E. Cloud Peering
F. Cloud VPN

57
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 G. Partner Interconnect
H. Direct Peering

Correct Answer(s): B: Cloud VPN.

Explanation: Cloud VPN provides private-to-private connectivity,
and your internet connection meets your business requirements.
Ensure VMs that you provisioned in GCP can communicate directly
with on-premises resources via a private IP range.

https://cloud.google.com/blog/products/networking/google-cloud-
network-connectivity-options-explained

49. Your new team is discussing cloud spending and is wanting to

ensure they use a funding model that uses their monthly allocation
of funds. They do not have authorization for a large procurement.
What type of funding model should be selected?

F. CAPEX
G. OPEX
H. Public
I. Private
J. Hybrid
Correct Answer(s): B: Operational Expenditures (OPEX)
Explanation: Capital Expenditures (Capex) are investments made
by an organization for long-term benefits in the future.
Operational Expenditures (Opex) are the ongoing costs related to
day-to-day operations
https://www.cloudhealthtech.com/blog/capex-vs-opex-cloud-cost-
management

50. The National Institute for Science and Technology (NIST)

provides five essential characteristics of cloud computing. Which
of the following has the correct characteristics? (Select One)

58
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 E. Broad Network Access, Resource Pooling, Rapid
Elasticity, Measured Service and Replication
F. On Demand Self Service , Broad Network Access,
Resource Pooling, Rapid Elasticity, Measured Service
G. On Demand Self Service , Private Network Access,
Resource Pooling, Rapid Elasticity, Measured Service
H. Broad Network Access, Resource Pooling, Rapid
Elasticity, Measured Service and Performance

Correct Answer(s): B: Broad Network Access, Resource Pooling,

Rapid Elasticity, Measured Service and Replication
Explanation: The Five Essential Characteristics are.
On-demand self-service
A consumer can unilaterally provision computing capabilities,
such as server time and network storage, as needed
automatically without requiring human interaction with each
service provider.
Broad network access.
Capabilities are available over the network and accessed through
standard mechanisms that promote use on any device.
Resource pooling.
The provider’s computing resources are pooled to serve multiple
consumers using a multi-tenant model, with different physical
and virtual resources dynamically assigned and reassigned
according to consumer demand.

Rapid elasticity
Capabilities can be elastically provisioned and released, in some
cases automatically, to scale rapidly outward and inward
commensurate with demand.

Measured service
59
Google Cloud Digital Leader Crash Course - 50 Practice Questions
 Cloud systems automatically control and optimize resource use
by leveraging a metering capability at some level of abstraction
appropriate to the type of service. Resource usage can be
monitored, controlled, and reported, providing transparency for
both the provider and consumer of the utilized service.

https://www.nist.gov/news-events/news/2011/10/final-version-
nist-cloud-computing-definition-published

End of Free Practice Exam One

Additional Resources

Additional Practice Questions are available on

www.TechCommanders.com

Full Google Cloud Professional Security Engineer Course @

www.TechCommanders.com

Overview of the GCP Digital Cloud Leader Exam

https://youtu.be/L3-w7m1v6PU

Free YouTube GCP Digital Leader Mini Course

https://youtu.be/gddt4n_JEkk

60
Google Cloud Digital Leader Crash Course - 50 Practice Questions
Google Cloud focused blog for all exams! http://thegcpgurus.com/

Save up to 30% on TechCommanders Membership with

SAVENOW30 at check out.

Join TechCommanders! We have both Free and Paid Tiers.

We are TechCommanders...
experts in Next Generation Technology Training.
TechCommanders is an online training platform for both aspiring
and veteran IT professionals interested in next generation IT Skills.
TechCommanders is led by Joseph Holbrook, a highly sought-after
technology industry veteran.

61
Google Cloud Digital Leader Crash Course - 50 Practice Questions
TechCommanders offers blended learning which allows the
students to learn on demand but with live training.

Courses offered are used to prepare students to take certification

exams in Cloud, DevOps, IT Security and Blockchain.

TechCommanders was established in Jacksonville, Florida in 2020

by Joseph Holbrook, both a US Navy Veteran and a technology
industry veteran. TechCommanders, Advancing your NextGen
Technology Skills.

62
Google Cloud Digital Leader Crash Course - 50 Practice Questions