CDL

Question 1

What is Compliance Report Manager ?

Answer 1

Website where you can download PDFs of Google’s certifications (such as SOC, GDPR etc)

Question 2

What is Cloud Armor?

Answer 2

DDoS protection + WAF

Question 3

What is Security Command Center?

Answer 3

centralized security platform

Question 4

Which service allows browsing through internal enterprise solutions?

Answer 4

Service Catalogue (former Private Catalogue)

Question 5

What is the Resource Hierarchy in GCP?

Answer 5

• Organization (with domain as identifier)
• Folders
• Projects

Use Labels for further differentiation.

Question 6

AI Infrastructure services

Answer 6

• AI Infrasturcture (orchestrate compute across CPUs, GPUs, TPUs)
• Cloud GPUs
• Cloud TPUs
• DL Containers
• DL VMs
• TensorFlow Enterprise

Question 7

How to make sure Data Residency & Compliance Boundries ?

Answer 7

Use “Assured Workloads”

Question 8

What is Knative?

Answer 8

Abstraction above K8s: Focus on code instead of setting up deployments, services etc

Question 9

What is Cloud Run?

Answer 9

Fully managed environment for running containerized Apps

Question 10

What is the Shared Responsibility Model?

Answer 10

Responsibility IN the cloud: If you can configure it, you are responsible

Responsibility OF the cloud: If you cant configure it, Google is responsible

Question 11

What is CAPEX and OPEX

Answer 11

CAPEX = Capital Expenditure
OPEX = Operational Expenditure

WHen adopting Cloud you move from CAPEX (buying physical infrastructure) to OPEX

Question 12

What is Elasticity in the Cloud?

Answer 12

Scale up or down depending on demand

Question 13

What is Failover?

Answer 13

Plan to shift traffic to a redundant system if primary fails

Question 14

What are main features of App Engine?

Answer 14

• Fully managed, PaaS
• Supports common languages like Java, Go, Python
• Versioning of Services
• Traffic Splitting (across versions) for A/B testing, graduate rollout etc

Question 15

Which environments exist for App Engine?

Answer 15

Standard ( = serverless)

Flexible ( = fully managed containers)

Question 16

What is the Standard env in App Engine?

Answer 16

• Deploy & Startup in seconds
• For rapid scaling
• Can scale to 0
• No Custom Runtime, SSH or Background processes
• Pricing based on instance hours

Question 17

What is the Flexible env in App Engine?

Answer 17

• Deploy & Statup in minutes
• For consistent traffic
• Custom Runtimes (Containers)
• SSH
• Background processes
• Pricing based on CPUS, memory, disk

Question 18

What are semi-structured and unstructured data?

Answer 18

Semi-structured: JSON, Email

Unstructured: Text, Video

Question 19

What is a Data Lake?

Answer 19

Store large amounts of raw data of any type, including unstructured.

(Data Warehouses are mostly for structured data)

Question 20

What are the core Data Products in GCP?

Answer 20

• Cloud SQL
• Cloud Spanner
• Bigtable
• Firestore
• Cloud Storage
• BigQuery

Question 21

When use Firestore vs BigTable?

Answer 21

Use Firestore when you need a flexible, scalable NoSQL database that supports real-time synchronization and offline capabilities.
Ideal for mobile and web applications.

Use Bigtable when you need a high-throughput, low-latency database for large-scale analytical and operational workloads.
Good for time-series data or IoT applications.

Question 22

What is Datastream?

Answer 22

Service to stream and synch data from SQL databases into GCP databases (SQL, Spanner, BigQuery)

Question 23

What is Looker?

Answer 23

BI Tool to analyse and visualize data.
Support connections to BigQUery and dozens of other SQL databases.

Question 24

Which service can be used for ingesting stream events, e.g. from gaming or IOT?

Answer 24

PubSub

Question 25

What are 4 options to develop ML models?

Answer 25

• BigQuery ML
• Pre-trained APIs (Vision API, Natural Language API…)
• Auto ML (No code solution)
• Vertex AI (for custom training)

Question 26

Which AI solutions exists on GCP?

Answer 26

• Conversational AI
• Contact Center AI
• Document AI
• Discovery for Retail
• Cloud Talent Solution

Question 27

Which product help with Rehosting workloads to GCP?

Answer 27

VMware Engine for VMware workloads

Bare Metal solution for Oracle workloads

Question 28

Spot VMs vs preemptible VMs

Answer 28

Spot VMs are newer and have more features like running more than 24h

Question 29

Which migration services exist?

Answer 29

• Migrate to VMs
• Migrate to Containers
• Anthos / GKE Enterprise
• Database Migration Service
• BigQuery Transfer Service
• Transfer Appliances
• Cloud Storage Transfer Service

Question 30

Which ETL tools exist on GCP?

Answer 30

1. Dataproc
   Managed Apache Spark, Hadoop, Flink, Presto and more
2. Dataflow
   Fully Managed batch & Streaming pipelines based on Apache Beam
3. Cloud Data Fusion
   No-code, drag-and-drop tool for ETL pipelines

Question 31

How to configure Compute Engine if you plan to run Containers?

Answer 31

Container Optimized OS for Compute Engine

Question 32

How can seperate projects communicate with each other?

Answer 32

Use “VPC Peering” or “Shared VPC”

Question 33

SLI vs SLO vs SLA

Answer 33

SLI = Specific metric like uptime, error rate

SLO = Goal for a system = Number + SLI like 99% Uptime

SLA = Multiple SLOs plus legal terms like refunds

Question 34

Which Operations Suite services are there?

Answer 34

Cloud Monitoring

Logging
Error Reporting

Cloud Trace
Cloud Debugger
Cloud Profiler

Question 35

What APM (Application Performance Managment) services are in the Operations Suite?

Answer 35

Cloud Debugger
Cloud Trace
Cloud Profiler

Question 36

What is the core data of a project?

Answer 36

Name = You choose (can be changes)
ID -> You or Google choose
Project Number -> Google chooses

ID is unique across GCP

Question 37

Does Cloud Monitoring work for AWS as well?

Answer 37

Yes

Question 38

Can BigQuery host TensorFlow models?

Answer 38

Yes

Question 39

Which role do you need to create, modify and delete Compute Engine Instances?

Answer 39

Compute Engine Instance Admin

Question 40

Cloud Run vs AppEngine flexible?

Answer 40

Cloud Run is simpler and more cost effective.
App Engine flexible is more flexible but more expensive

Question 41

How big are inter-zone and inter-region latencies?

Answer 41

Inter-zone: double digit

Inter-region: Triple digit

Question 42

What is Cloud Composer?

Answer 42

Workflow orchestration service with fully managed Apache Airflow

Question 43

Which API Gateway options are there?

Answer 43

• Cloud Endpoints
• ApiGee

Question 44

Cloud Endpoints vs ApiGee ?

Answer 44

Cloud Endpoints is simpler and cheaper.

ApiGee is expensive but has features like:
Security
Analytics
Monetization
ApiGee Hybrid

Question 45

Cloud Storage classes and minimum storage duration

Answer 45

Standard - 0 days
Nearline - 30 days
Coldline - 90 days
Archive - 365 days

Question 46

What is Private Google Access?

Answer 46

Allow private VMs without Internet Access to access Google Services

Question 47

What is Serverless VPC Access?

Answer 47

Allow to connect to VPC from serverless services like Cloud Run, Cloud Functions etc

Question 48

What is Migrate for Compute Engine?

Answer 48

• Continuous replication of disk data from source to GCP
• Minimal downtime, source VMs can still operate during migration
• “Clone and Test” of migrated VMs

Question 49

What is Storage Transfer Service?

Answer 49

• Move data from other CSPs or on-prem to GCP
• Move data between GCS buckets (e.g. for replicating across regions)
• One-time or recurring operations

Question 50

What are Transfer Appliances?

Answer 50

Use when >10TB or when upload would take more than a week

Sizes:
Rackable: 7TB, 40TB, 300TB
Freestanding: 40TB, 300TB

Question 51

What is the Zero Trust Model?

Answer 51

Shift Access Control from Network to Identity

1. Access is NOT determined by Network
2. Access granted based on context: user, device, …
3. All access authenticated, authorized, encrypted

Question 52

What is Beyond Corp?

Answer 52

Collection of Services on GCP which help to implement the Zero Trust Model

Question 53

What is Access Context Manager?

Answer 53

Fine-grained access control for project based on attributes like user, device, IP

Question 54

What are VPC Service Controls?

Answer 54

Service to create Service Perimeters (=isolated environments)

Question 55

What charging cycles can you configure?

Answer 55

Monthly billing vs Threshold billing

Question 56

What is LDAP?

Answer 56

Lightweight Directory Access Protocol

Used for same-sign-on, most SSO uses LDAP

Question 57

How to use Active Directory on GCP?

Answer 57

Managed Service for Microsoft AD

Question 58

How to synch AD/LDAP to GCP?

Answer 58

Google Cloud Directory Synch