Study Guide, Glossary

Question 1

A test designed to show a client that the features of a system or application meet their business needs.

Answer 1

acceptance test

Question 2

Rules that authorize users to perform operations on objects and systems.

Answer 2

access controls

Question 3

Methods of software development that stress incremental and iterative development.

Answer 3

agile methodologies

Question 4

Automated notifications in response to events detected in time-series metric data, logs, or other monitoring data.

Answer 4

alerting

Question 5

GCP’s PaaS for building and deploying web applications in a serverless environment.

Answer 5

App Engine

Question 6

A feature of an application that accepts pro-grammatic requests or data.

Answer 6

application programming interface (API)

Question 7

A class of Cloud Storage that provides long-term storage for objects that need to be accessed less than once per year.

Answer 7

Archive storage

Question 8

Service calls that do not wait for an operation to complete before returning.

Answer 8

asynchronous calls

Question 9

The process of reviewing the structure and configuration of systems often to determine compliance with policy or regulations.

Answer 9

auditing

Question 10

An automated response to a problem with a health check.

Answer 10

autohealing

Question 11

The automated process of adding or removing instances based on workload.

Answer 11

autoscaling

Question 12

A fraction of time that services are functioning correctly and accessible to users.

Answer 12

availability

Question 13

Roles in GCP that existed prior to IAM.

Answer 13

basic roles

Question 14

A petabyte-scale data warehousing and analytics service managed by GCP that uses tables to organize data and SQL as the query language.

Answer 14

BigQuery

Question 15

A deployment strategy that uses two identically configured environments.

Answer 15

Blue/Green deployment

Question 16

The ability to use a license you have already purchased to run an application in the cloud.

Answer 16

bring-your-own-license (BYOL)

Question 17

A structure for grouping objects in Cloud Storage.

Answer 17

bucket

Question 18

The process of planning for a large-scale service disruption, such as extreme weather or long-term power outages.

Answer 18

business continuity planning

Question 19

When a small portion of a systems workload is routed to a new version of the software, allowing developers and administrators to test code under production conditions without exposing all users to new code.

Answer 19

canary deployment

Question 20

When a failure causes a falling domino effect of distributed system failures, one after the other.

Answer 20

cascading failure

Question 21

The practice of introducing random failures into a system to under-stand the consequences of those failures better and identifying unanticipated failure modes.

Answer 21

chaos engineering

Question 22

A US federal law that requires the US Federal Trade Commission to define and enforce regulations regarding children’s online privacy.

Answer 22

Children’s Online Privacy Protection Act (COPPA)

Question 23

A design pattern that uses an object that monitors the results of a function or service call.

Answer 23

Circuit Breaker pattern

Question 24

A wide-column, NoSQL database for high-volume writes and low-latency reads (less than 10 ms).

Answer 24

Cloud Bigtable

Question 25

A GCP service that provides software building services and is integrated with other GCP services, such as Cloud Source Repository.

Answer 25

Cloud Build

Question 26

A managed service for processing streaming and batch data sets using Java, SQL, and Python APIs.

Answer 26

Cloud Dataflow

Question 27

A managed service providing Apache Hadoop and Apache Spark platforms.

Answer 27

Cloud Dataproc

Question 28

A serverless, managed NoSQL document database used for storing, syn-chronizing, and querying mobile and web application data.

Answer 28

Cloud Firestore

Question 29

A serverless, event-driven computing service for executing functions in response to events within the cloud.

Answer 29

Cloud Functions

Question 30

A GCP identity-as-a-service (IdaaS) offering that allows for centralized identity management.

Answer 30

Cloud Identity

Question 31

Network connectivity between on-premises infrastructure and Google’s infrastructure.

Answer 31

Cloud Interconnect

Question 32

A managed service in GCP that enables customers to generate and store keys in GCP.

Answer 32

Cloud KMS

Question 33

A managed service providing Redis and Memcached memory caching that implements submillisecond data access.

Answer 33

Cloud Memorystore

Question 34

A set of services for monitoring, logging, tracing, and debugging infrastructure and applications in GCP and other platforms.

Answer 34

Cloud Operations

Question 35

A managed message queue for implementing stream and event processing applications, which can write messages to topics or subscribe to topics to receive messages.

Answer 35

Cloud Pub/Sub

Question 36

GCP’s version control system and source code repository based on Git.

Answer 36

Cloud Source Repository

Question 37

A managed, horizontally scalable, global relational database designed for distributed applications requiring strong consistency.

Answer 37

Cloud Spanner

Question 38

A managed service providing MySQL, SQL Server, and PostgreSQL databases.

Answer 38

Cloud SQL

Question 39

An object storage service providing web access to scalable storage.

Answer 39

Cloud Storage

Question 40

An open source adapter that allows users to mount Cloud Storage buckets as simulated filesystems on Linux and macOS platforms.

Answer 40

Cloud Storage FUSE

Question 41

A GCP service that provides VPNs between GCP and on-premises networks.

Answer 41

Cloud VPN

Question 42

A class of Cloud Storage that provides long-term storage for objects that need to be accessed less than once per 90 days.

Answer 42

Coldline storage

Question 43

Software that is purchased instead of built in-house.

Answer 43

commercial off-the-shelf (COTS) product

Question 44

The infrastructure-as-a-service (IaaS) offering of GCP.

Answer 44

Compute Engine

Question 45

A package of application code, operating system, and dependencies that can run in a container runtime, such as Docker or containerd.

Answer 45

container

Question 46

A global network of servers with distributed points of presence across the globe.

Answer 46

content delivery network (CDN)

Question 47

The process of incorporating code into a baseline of software, testing it, and, if the code passes tests, releasing it for use.

Answer 47

continuous integration/continuous delivery (CI/CD)

Question 48

A role defined by GCP users and assigned a set of permissions needed to enable entities with the role to perform tasks.

Answer 48

custom roles

Question 49

A key management model where keys are generated and kept on premises and used by GCP services to encrypt the customer’s data.

Answer 49

customer-supplied keys

Question 50

A key associated with a chunk of data, used to encrypt and decrypt that chunk of data.

Answer 50

data encryption key (DEK)

Question 51

The state of accuracy and consistency of data over its entire lifecycle.

Answer 51

data integrity

Question 52

The use of multiple security measures to protect data and systems.

Answer 52

defense in depth

Question 53

Documentation designed for software engineers who will be working with code.

Answer 53

developer documentation

Question 54

The practice of combining the responsibilities of software development and IT operations.

Answer 54

DevOps

Question 55

A process of change in businesses as they adopt information technologies to develop new products, improve customer service, optimize operations, and make other major improvements enabled by technology.

Answer 55

digital transformation

Question 56

A network connection type where information does not travel over the public internet when going from on-premises systems to Google Cloud.

Answer 56

Dedicated Interconnect

Question 57

A form of network peering that allows customers to connect their networks to a Google network point of access.

Answer 57

direct peering

Question 58

The practice of recovering data and services after a large-scale outage or loss of data.

Answer 58

disaster recovery (DR)

Question 59

A measurement given as a percentage that describes the likelihood that a stored object will be retrievable in the future.

Answer 59

durability

Question 60

The process of encoding data in a way that yields a coded version of data that cannot practically be converted back to the original form without a key.

Answer 60

encryption

Question 61

Encryption of data when stored on persistent storage, such as a disk or SSD drive.

Answer 61

encryption at rest

Question 62

Encryption of data during transmission, such as over a network.

Answer 62

encryption in motion/transit

Question 63

The practice of encrypting data encryption keys with a second encryption key, known as a key encryption key.

Answer 63

envelope encryption

Question 64

Notifications provided by an alert system that do not warrant intervention.

Answer 64

false alerts

Question 65

A deployment method that allows developers to release new capabilities and features selectively to users, without having to deploy software updates.

Answer 65

feature flags

Question 66

A firewall configuration that allows or denies traffic.

Answer 66

firewall rules

Question 67

A regulation that standardizes privacy protections across the European Union (EU), grants controls to individuals over their private information, and specifies security practices required for organizations holding private information of EU citizens.

Answer 67

General Data Protection Regulation (GDPR)

Question 68

A high-capacity storage device that enables users to transfer and securely ship data to a Google upload and then the data is uploaded to Google Cloud Storage.

Answer 68

Google Transfer Appliance

Question 69

A service that allows for the transfer of data from an HTTP/S location, an AWS S3 bucket, or a Cloud Storage bucket to a Cloud Storage bucket.

Answer 69

Google Transfer Service

Question 70

A set of Google accounts and service accounts with an associated email address.

Answer 70

group

Question 71

A multithreaded command-line utility used to transfer on-premises data to Google Cloud and perform other operations on Cloud Storage.

Answer 71

gsutil

Question 72

A US federal act that extended the application of HIPAA to business associates of healthcare providers and insurers.

Answer 72

Health Information Technology for Economic and Clinical Health (HITECH)

Question 73

A federal law in the United States that protects individuals’ healthcare information.

Answer 73

Health Insurance Portability and Accountability Act (HIPAA)

Question 74

The continuous operations of a system at sufficient capacity to meet the demands of ongoing workloads.

Answer 74

high availability

Question 75

A global load balancer available in GCP.

Answer 75

HTTP/S load balancer

Question 76

A cloud is considered to have a hybrid network if it is made up of some combination of an on-premises data center and clouds such as GCP.

Answer 76

hybrid-cloud networking

Question 77

An entity that represents a person or other agent that performs actions on a GCP resource.

Answer 77

identity

Question 78

A GCP service for implementing fine-grained access controls on resources.

Answer 78

Identity and Access Management (IAM)

Question 79

A software service that manages user identities across a system.

Answer 79

identity-as-a-service (IDaaS)

Question 80

A disruption that causes a service to be degraded or unavailable due to single or multiple failures and errors.

Answer 80

incident

Question 81

A type of cloud service that provides compute, storage, and networking services.

Answer 81

infrastructure-as-a-service (IaaS)

Question 82

An object that controls external access to services running in a Kubernetes cluster.

Answer 82

Ingress

Question 83

A measurement of the read and write operations per second for a given storage device.

Answer 83

input/output operations per second (IOPS)

Question 84

Clusters of VMs that are managed as a single unit.

Answer 84

instance groups

Question 85

A file specifying the configuration of a managed instance group.

Answer 85

instance template

Question 86

The testing of a combination of units.

Answer 86

integration tests

Question 87

A TCP and UDP load balancer accessible only to internal virtual resources.

Answer 87

Internal TCP/UDP load balancer

Question 88

A set of IT service management practices for coordinating IT activities with business goals and strategies.

Answer 88

ITIL

Question 89

An open source software automation tool for running software builds.

Answer 89

Jenkins

Question 90

A JSON object that is used for security and authorization during transactions between two systems.

Answer 90

JSON Web Token (JWT)

Question 91

The encryption key that secures the data encryption key in the envelope method of encryption.

Answer 91

key encryption key (KEK)

Question 92

Metrics that provide information about how well a business or organization is achieving an important or key objective.

Answer 92

key performance indicators (KPIs)

Question 93

The primary node agent that runs on each node in Kubernetes.

Answer 93

kubelet

Question 94

An open source platform initially developed by Google that provides container orchestration services, including deployment and autoscaling functionality.

Answer 94

Kubernetes

Question 95

Organized groups of pods that create a functioning version of an application.

Answer 95

Kubernetes deployments

Question 96

A managed Kubernetes service offered by Google on GCP.

Answer 96

Kubernetes Engine

Question 97

The practice of granting only the minimal set of permissions needed to perform a duty.

Answer 97

least privilege

Question 98

Moves VMs to other physical servers when there is a problem with the servers they are running on or scheduled maintenance has to occur.

Answer 98

live migration

Question 99

The process of distributing workload across a set of servers.

Answer 99

load balancing

Question 100

A stress test that is meant to show how a particular system will perform under a defined set of conditions.

Answer 100

load testing

Question 101

The process of recording information about events that occur during processing.

Answer 101

logging

Question 102

A configuration of a Compute Engine VM that includes a number of vCPUs and memory.

Answer 102

machine type

Question 103

The process of keeping software running and up-to-date with business requirements.

Answer 103

maintenance

Question 104

A group of VM instances with the same configuration, which is defined in a managed instance group template.

Answer 104

managed instance groups

Question 105

GCP products that do not require users of the services to perform common configuration, monitoring, and maintenance operations.

Answer 105

managed services

Question 106

An open source caching system available as a managed service in Cloud Memorystore.

Answer 106

Memcached

Question 107

A measure of some aspect of performance of a compute, storage, or network resource.

Answer 107

metrics

Question 108

A collection of lightweight software services that specialize in carrying out a small number of functions.

Answer 108

microservices

Question 109

The process of collecting metrics, events, and metadata from applications, VMs, and other GCP resources.

Answer 109

monitoring

Question 110

A cloud network composed of two or more public clouds.

Answer 110

multicloud network

Question 111

Stores replicas of objects in multiple regions, therefore mitigating the risks of regional outages.

Answer 111

multiregional storage

Question 112

A class of Cloud Storage that stores objects for archival storage that is accessed less than once a month.

Answer 112

Nearline storage

Question 113

The time required for a packet of data to be transmitted over a network from a source to a destination.

Answer 113

network latency

Question 114

A network configuration that allows for routing between networks.

Answer 114

network peering

Question 115

A type of load balancer that provides regional, non-proxied load balancing.

Answer 115

Network TCP/UDP load balancer

Question 116

A group of several types of nonrelational databases, including document databases, such as Firestore and wide-column databases, like Bigtable.

Answer 116

NoSQL

Question 117

Facilitates developing code to interface with a relational database; most often used when an app is built using object-oriented design.

Answer 117

object-relational mapping (ORM)

Question 118

A storage system that manages data as objects, such as files.

Answer 118

object storage

Question 119

Instructions used by system administrators and DevOps engineers to deploy and maintain system operations.

Answer 119

operations documentation

Question 120

A networking practice that sends information over a partner’s network, not the public internet.

Answer 120

Partner Interconnect

Question 121

The process of simulating an attack on an information system to gain insights into potential vulnerabilities.

Answer 121

penetration testing

Question 122

A grant to perform some action on a resource.

Answer 122

permission

Question 123

A durable block storage system for GCP.

Answer 123

persistent storage

Question 124

A service that provides a platform for developing and managing applications without the need to maintain the software infrastructure behind it.

Answer 124

platform-as-a-service (PaaS)

Question 125

A low-level compute abstraction that supports containers in Kubernetes.

Answer 125

pods

Question 126

A set of statements that define a combination of users and their roles.

Answer 126

policy

Question 127

Groups of projects and programs that collectively implement the strategy of a business or organization.

Answer 127

portfolios

Question 128

The analysis of a system failure and the response to it after it has happened.

Answer 128

post-mortem analysis

Question 129

A role defined in IAM that has the minimal set of permissions required to carry out the task for which the role was created.

Answer 129

predefined role

Question 130

A low-cost VM with a lifespan of less than 24 hours.

Answer 130

preemptible virtual machine

Question 131

A service offered by Google that routes account traffic on the Google network instead of routing some traffic over the public internet.

Answer 131

Premium Tier network service

Question 132

A review and analysis of a previously completed project or sprint.

Answer 132

project post-mortem

Question 133

Allows a service to request and read a message from the topic using Cloud Pub/Sub.

Answer 133

pull subscription

Question 134

Allows message data to be sent by HTTP POST request to a push endpoint URL using Cloud Pub/Sub.

Answer 134

push subscription

Question 135

A formal plan of action for restoring normal business functions after a loss of information or an outage.

Answer 135

recovery plan

Question 136

The time in which a service should be restored after a loss of information or an outage.

Answer 136

recovery time objective

Question 137

An open source caching system.

Answer 137

Redis

Question 138

The practice of deploying multiple entities, such as VMs and disks, so that loss of one does not cause a loss of service.

Answer 138

redundancy

Question 139

Stores multiple copies of an object in multiple zones in a single region.

Answer 139

regional storage

Question 140

A test designed to ensure that bugs that have been corrected in the past are not reintroduced to the system.

Answer 140

regression test

Question 141

Highly structured data stores that are designed to store data in a way that minimizes the risk of data anomalies and to support a comprehensive query language.

Answer 141

relational databases

Question 142

The practice of deploying code and configuration changes to environments, such as production, test, staging, and development environments.

Answer 142

release management

Question 143

A measure of the probability that a service will continue to function under some load for a period of time.

Answer 143

reliability

Question 144

The set of organization, folders, and projects that are used to group and structure GCP resources.

Answer 144

resource hierarchy

Question 145

Entities that exist in the Google Cloud platform and can be accessed by users.

Answer 145

resources

Question 146

Resource-oriented APIs that use HTTP requests.

Answer 146

REST APIs

Question 147

A retention policy uses the Bucket Lock feature of Cloud Storage buckets to enforce object retention.

Answer 147

retention policies

Question 148

Measures the value, or return, of making an investment.

Answer 148

return on investment (ROI)

Question 149

A set of permissions that allows users and service accounts with that role to perform the specified actions.

Answer 149

role

Question 150

An incremental updating of a group of servers.

Answer 150

rolling deployment

Question 151

Documentation that provides instructions on how to set up and run a service or application.

Answer 151

runbook

Question 152

A US federal law designed to protect the public from fraudulent accounting practices in publicly traded companies.

Answer 152

Sarbanes-Oxley Act (SOX)

Question 153

The ability of a service to adapt its infrastructure to the load of the system.

Answer 153

scalability

Question 154

Software that plays an integral part in protecting information in a system.

Answer 154

safety-critical software

Question 155

The practice of limiting the responsibilities of a single individual to prevent the person from successfully acting alone in a way detrimental to the organization.

Answer 155

separation of duties

Question 156

A type of identity that is associated with applications and instances for the purpose of assigning roles.

Answer 156

service account

Question 157

An agreement between a provider of a service and a customer using the service.

Answer 157

service-level agreement (SLA)

Question 158

A metric that reflects how well a service-level objective is being met.

Answer 158

service-level indicators (SLIs)

Question 159

An agreed-upon target for a measurable attribute of a service that is specified in a service-level agreement.

Answer 159

service-level objectives (SLOs)

Question 160

VPCs within a single organization that can share resources.

Answer 160

Shared VPCs

Question 161

VM instances with enhanced security controls, such as secure boot.

Answer 161

Shielded VMs

Question 162

A series of steps that software engineers follow to create, deploy, and maintain complicated software systems.

Answer 162

software development lifecycle (SDLC)

Question 163

Ensures that VMs run on physical servers with other VMs from the same project.

Answer 163

sole tenancy

Question 164

A load balancer that terminates SSL (TLS) connections and then routes traffic to VMs in the load-balanced cluster.

Answer 164

SSL Proxy load balancer

Question 165

A service offered by Google that routes account traffic on the public internet instead of routing it on Google’s internal network.

Answer 165

Standard Tier

Question 166

Service calls that wait for the operation to complete before returning, such as most credit card purchases.

Answer 166

synchronous calls

Question 167

An open source tool supporting infrastructure-as-code.

Answer 167

Terraform

Question 168

A kind of development process that incorporates testing early in the development process.

Answer 168

test-driven development

Question 169

The combination of all expenses related to maintaining a service or component.

Answer 169

total cost of ownership (TCO)

Question 170

The time remaining before an object is deleted.

Answer 170

time to live (TTL)

Question 171

A set of metrics recorded with a time stamp.

Answer 171

time series

Question 172

A database designed to handle time-series data, such as streaming metrics created by a monitoring system.

Answer 172

time-series database

Question 173

The process of testing the smallest unit of testable code for bugs.

Answer 173

unit test

Question 174

A set of VMs that may not be identical and are not created from an instance template.

Answer 174

unmanaged instance groups

Question 175

Documents that explain how to use an application.

Answer 175

user documentation

Question 176

The ability of a system to increase its available resources by moving to hardware with more computational power, such as greater CPU power or more memory.

Answer 176

vertical scalability

Question 177

A software implementation of an emulated physical server.

Answer 177

virtual machine (VM)

Question 178

A logical organization of cloud resources isolated from other resources on the same cloud.

Answer 178

virtual private cloud (VPC)

Question 179

A virtual module for storing encryption keys and other secure information.

Answer 179

Virtual Trusted Platform Module (vTPM)