Google Cloud Interview Question Part 3

How does Google Cloud Certified Professional Cloud Architect training help?

It helps in designing, planning, and implementing cloud architecture
It helps in finalizing the designs for security and compliance
It helps in maintaining the authenticity of solutions and operations
It helps in analyzing and streamlining business operations
It helps in managing and preparing cloud solution infrastructures
It helps businesses in facilitating the digital transformation by offering world-class infrastructure

Why Multi soft Systems?

Multi soft Systems has become a highly preferred destination for GCP-Google Cloud Certified Professional Cloud Architect training. This course is designed by industry experts for the DevOps Engineers, Cloud Solutions Architects, and professionals having experience in using the Google Cloud Platform. We offer classroom training, self-paced training, instructor-led training, own schedule training for a wide range of technologies, including GCP.

  • Practical hands-on training
  • Delivery standard is up-to-the-mark
  • Round the year access to the recorded sessions
  • Real-life examples in instructor-led training
  • Module-wise assessments

Here you can expect extra perks like mock tests, module-wise assessments, 24/7 access to the recorded sessions, advanced analytical reports, and an industry-recognized course completion certificate. Team Leaders, Project Managers, Business Analysts, Application Consultants, Windows Server Administrators, Data Scientists, and CEOs have appreciated our training team. At Multi soft Systems, We are driven by a proven training experience in 800 plus courses and backed by a team of 600 plus trainers.

What is GCP security?

The fundamentals of Google Cloud Platform (GCP) security provide disaster recovery plans, high visibility of the environment, monitoring logs of cloud activity, utilizing identity access management (IAM) tools, using the automated services, and encrypting data at all times.

Google Cloud Interview Question

What is identity access management (IAM)?

Administrators can use Cloud Identity and Access Management (Cloud IAM) to control what actions employees can take on specific cloud resources. Cloud IAM makes it easy to manage resource permissions. When roles for individuals and groups are defined, they can be applied programmatically using a command-line tool, the REST API, or client libraries rather than manually. This assists organizations in preventing employees from inadvertently manipulating resources or viewing confidential information that they should not.

What is the significance of monitoring in the cloud environment?

Maintain High Visibility and Monitor on the Cloud Environment
Below services enable organisations to become more aware of what is going on in their cloud and what to do in the event of an incident.

The Security Command Center in Google Cloud Platform (GCP) can detect misconfigured security functions in virtual machines (VMs), networks, applications, and storage buckets. In order to identify compromised VMs, the Security Command Center monitors security logs. Administrators using the dashboard also receive recommendations.
GCP’s Cloud Monitoring service collects metrics, events, and metadata from both GCP and AWS, as well as hosted uptime probes, application instrumentation, and a variety of other application components. The data is gathered automatically. Cloud Monitoring also generates insights based on the data, alerting administrators and displaying visual representations of its findings. It also examines patterns and anomalies to identify long-term trends.

Which tool offers monitoring services in GCP?

Opsview’s Google Cloud Platform monitoring tools make it simple to monitor performance metrics for Compute Engine Instances, Cloud Storage Buckets, and Cloud SQL Database Instances.

Advance Google Cloud Interview Question

Why to Use Automation in GCP Security Measures?

Use Automation to speed up GCP Security Measures
Since cloud environments can quickly become complex, automation is essential. So if traffic and data generation increase in a short span of time, the cloud is forced to scale up in response. For example, with Cyber Monday pushing massive traffic to a retailer’s website, cloud resources must scale to keep up in order to keep the site running.
Administrators eventually have much more to monitor and protect as an organization’s cloud environment expands. Automation is critical for delegating repetitive and time-consuming tasks to software, allowing administrators to focus on the overall cloud environment and have a greater impact on cloud security.

What are the five testing types for a disaster recovery plan?

There are five ways of testing a (disaster recovery plan) DRP?

Walkthrough Testing
Simulation Testing
Checklist Testing
Full Interruption Testing
Parallel Testing

What is cloud disaster recovery plan?

Cloud disaster recovery is a service that allows remote machines to get backup and recovery on a cloud-based platform. In the event of a disaster or system restore, it provides updated recovery point objectives (RPO) and recovery time objectives (RTO). Also known as cloud disaster recovery (DR) or cloud disaster recovery planning (DRP).

Google Cloud Interview Question

What is difference between RTO and RPO?

RPO refers to the variable amount of data which will be lost or must be re-entered during network outages. RTO denotes the amount of “real time” that can elapse before the disruption seriously and unacceptably disrupts the flow of normal business operations.

What Google product do you use the most? How can you fix it?

This is a question to assess how much you know about Google’s offerings. The answer you give doesn’t matter, as long as you talk about the company with excitement and say how it’s changed your life somehow.

I use YouTube to find new ideas, gain skills and explore new subjects, while others use it to promote their work. To provide more customization to the users, I would implement an option to say how the video recommendations are affected by each video. The overload problem may be solved depending on the feedback that the YouTube community wants.

What is Cloud formation’s function?

Cloud Formation helps in creating and maintaining an AWS infrastructure and stacks. Stacks are a collection of AWS services. And Cloud Formation enables users in creating stacks quickly with minor overhead. One could ideally configure the AWS infrastructure through a text or JSON file in Cloud Formation.

Advance Google Cloud Interview Question

How does AWS provide defense from Distributed Denial of Service (DDoS) attacks?

Amazon AWS provides Shields for security against attacks. AWS Shields uses two tiers of security- Standard and Advanced.

Standard AWS Shield, which comes by default with AWS, can be used as a first-measure security gate. It protects network and transport layers.

Subsequently, one can also subscribe to Shield Advanced for another layer of added security. The AWS Advanced Shield provides integration with AWS Web Application Firewall (WAF). AWS WAF provides custom rules to filter out traffic with threat signatures.

Web Application Firewall provides three main actions: allow all requests for a rule, block all requests, and count all requests for a new policy.

What is a cloud VPN?

Cloud VPN helps companies transition their VPN services to the cloud. There are two types of VPN services that are available – Remote Access and Site to Site connection.

A VPN appliance is installed on-site in the company network in a Site-to-Site connection. This appliance connects to a virtual VPN endpoint in the cloud. The VPN results in a tunnel between the cloud and the enterprise. This connection doesn’t need the public IP address and acts similar to a physical connection.

Remote Access enables users to connect to machines located elsewhere globally. For example – VPNaaS.

What are the prerequisites for moving to a cloud platform?

  • Compliance issues
  • Data storage types
  • Reduction of downtime
  • Business continuity
  • Ensure availability and access
  • Maintaining data integrity
  • Fail-safe for loss of data

Google Cloud Interview Question

Give architectural details for VPC – Virtual Private Cloud?

VPC manages storage and compute resources for organisations by providing a layer of isolation and abstraction. 

The architecture for VPC with public and private subnets is as follows : –

Creating a new VPC instance

A VPC comes by default with these components :

  • Route table
  • Network ACL
  • Security Groups

How is Data protection in S3 achieved?

Data can be encrypted in S3 using SSE-S3, SSE-C, SSE-KMS.

SSE-S3 provides the solution S3 oversees Key management and protection using multiple layers of security.

SSE-C lets S3 perform encryption and decryption of data and control the key used for encryption. Key management and storage are implementation-dependent and not provided by AWS.

SSE-KMS uses the Amazon Key Management service to store the keys used in encryption. KMS also provides an additional layer of security by keeping master keys. Special permission is needed to be able to use the master key.

What are the differences between ELB, NLB, and ALB?

Application Load Balancer (ALB) – ALB allows routing based on port numbers. It can also route requests to Lambda, and it can direct requests to many ports on the target. Application Load Balancer supports only layer 7 – HTTP/2 and Web Sockets. It can return primary responses on its own so the server can be set free of replying to redundant requests. ALB find use in Microservices and application

Network Load Balancer (NLB) – Network Load Balancer supports Layer 4 that is TCP and UDP. It is faster and high-performance since it is lower in the OSI model. It uses static IPs and can also be assigned elastic IPs. An example would be real-time data streaming or video streaming.

Classic Load Balancer (CLB) or Elastic Load Balancer (ELB version1) – ELB is the oldest Load balancer and the only one which offers application-specific sticky session cookies. It works both on Layer 7 and Layer 4. ELB also supports EC2-Classic.

Advance Google Cloud Interview Question

Explain the types of EC2 instances?

Memory-Optimized Instances – They provide fast performance for applications that process Bigdata in memory. Memory Optimised instance includes support for enhanced networking, up to 25gbps of Network Bandwidth. They come packaged with EBS installed and optimised.

Use cases are in-memory caches and open-source databases.

Compute Optimised Instances – Compute Optimised instances provide high-performance computing resources and fast batch-processing. They are used ideally for media transcoding, gaming servers, ad-server engines. Compute Optimised Instances use the AWS Nitro system, which combines dedicated hardware and lightweight hypervisors. Just like Memory-optimized, Compute Optimised Instances come with optimised EBS as well.

Accelerated Computing Instances – These Instances use co-processors and hardware accelerators to improve upon the performance. They get used in graphics processing, floating-point calculations, data pattern matching. Accelerated Computing Instances use extra hardware power to combat software limitations and latency. These also support the Elastic Fabric Adapter (EFA)

Storage Optimised Instances – Storage Optimised instances are ideal for workloads that need high sequential read and write. These instances use their local storage to store data.

Storage optimised instances provide low latency and high-speed random I/O operations. They get used in NoSQL databases like Redis, MongoDB, data warehousing.

General Purpose instances provide a mixture of computing, memory, and networking resources. General Purpose Instance find their use in applications that consume multiple resources in equal proportions, for example, web servers, code repositories.

How can DDos attack be prevented and minimised?

Shield ( Standard and Advanced )
WAF ( web application firewall )
Route 53 ( DNS )
ELB ( Elastic Load Balancing)
VPC ( Virtual Private Cloud)
Cloud Front

What are the limitations of ELB?

  • ELB isn’t compatible with EKS containers running on Fargate.
  • It can route traffic on more than one port in an instance
  • ELB doesn’t support forwarding data to IP addresses. It can only forward it to the EKS/ECS container or EC2 instance.
  • It also doesn’t support web sockets.
  • In ELB, there is no concept of target groups in routing.

Google Cloud Interview Question

How are target groups used to provide an additional level of redirection in Load Balancing?

Target groups are another layer of abstraction and redirection created in load balancers. They are tagged into three types while creating target groups – instances (marked by instance ID), IP address, and Lambda functions. Dedicated listeners listen to the traffic coming in the load balancer and route traffic to the appropriate target group. The target group then routes the data to specific IPs, instances, and containers. The Target group checks the health of its targets and figures how to split the oncoming traffic.

What are the component layers found in Cloud architecture?

Cloud Controller (CLC) – CLC sits at the topmost layer and controls virtual resources like servers, networks, and storage.

Walrus – It acts as a storage controller for users and deals with virtual machine images and user data.

Cluster Controller – It controls the execution of all the virtual machines stored on the nodes.

Storage Controller – Storage controller handles storage in block form that is dynamically attached to virtual machines

The Node Controller – It controls the functionality of the hypervisor that controls VM activities. The hypervisor is a hardware-supported emulation technique that allows multiple OS to run on the same host OS. also called virtual machine manager.

What are some popular use cases for cloud computing?

  • Cloud storage – Storage over the internet through a web interface turned out to be a boon. With the advent of cloud storage, customers could only pay for the storage they used. From Google Drive to more privately operated proprietary applications, cloud storage is everywhere. 
  • Big data analytics – Big data and Cloud technologies go hand in hand and essentially make systems faster, scalable, failsafe, high-performance, and cheaper.
  • Test and Development – Cloud provides ready-to-use, customised, and fully set up resources. It offers the infrastructure for the testing and development of applications and services without the downside of installing and maintaining the on-premise resources, servers, and environment. 
  • Disaster Recovery – Data recovery is cheaper and faster in Cloud Computing technology. Since a cloud ideally stores the data on many different servers in different locations, the probability of complete data loss reduces. 
  • Data Backup – Data backup is more effortless and comes with security and availability of resources. Older backup strategies had loopholes with the physical disc getting corrupted or running out of stock.

Advance Google Cloud Interview Question

What are the platforms that use Cloud Computing?

  • Map-reduce – Map-reduce enables users to use resizable Hadoop clusters within Amazon infrastructure. Amazon’s counterpart of this is called Amazon EMR ( Elastic Map-Reduce)
  • Hadoop – Hadoop allows clustering of hardware to analyse large sets of data in parallel. 
  • Apache Spark – Apache Spark is an open-source analytics engine that computes and processes large datasets. The processing happens in memory for the sake of high performance. It provides parallel processing and fault tolerance by cluster management. Apache Spark forms the complete big data solution along with HDFS, Yarn, Map-Reduce.

How is Cloud computing different from mobile computing?

Mobile Computing, as the name suggests, is related to Mobile devices and tablets. It is responsible for accessing the internet and performing searches and application tasks for mobile systems. Compared to Cloud computing, Mobile computing is more customer-centric. In contrast, customer-oriented cloud computing aims at the enterprise level and deals with organisations and their services.

What is cloud-native?

Cloud-Native are technologies and services built to leverage cloud architecture.

Google Cloud Interview Question

What are some examples of popularly used Cloud Computing services?

Windows Azure, Amazon Web services, and iCloud are the very popular ones. Oracle Cloud and IBM cloud are present as market competitors as well.

What is Edge computing?

Edge Computing is done at a centralized place with resources present locally. A direct benefit is low latency and less dependency on outside resources

What do you know about the Multi-cloud strategy?

The strategy dictates to not rely completely on a single cloud service provider and distribute the traffic among multiple cloud service providers. Different functionalities can be leveraged from different cloud providers, thus reducing work from one particular provider. This helps in increasing independence and lowers the risk of failure in the case the provider faults or there occurs a traffic overload. Multi-cloud comes in use as a design to govern from a singular access point ( portal )over the multiple cloud architecture. It can be as simple as a portal to overlook all the clouds and their functionality.

Advance Google Cloud Interview Question

What are the basic types of Data Centers?

  • Containerized or High-Density data Centers – These are faster but take more power and generate heating issues. Also, it is cheaper for the customer.
  • Low-Density Data Centre – Servers are placed some distance apart in a low-density data center. That is why the name low-density. Due to the more spaces between two servers, heating is never an issue. 

What are some large cloud providers and databases?

Following are the mostly used large cloud providers and databases:

  • Google bigtable
  • Amazon simpleDB
  • Cloud based SQL

How would you secure data for transport in cloud?

This is the most obvious question accurued in mind that if the cloud data is secure; To ensure that, check that there is no data leak with the encryption key implemented with the data you sending while the data moves from point A to point B in cloud.

Google Cloud Interview Question

We source cloud computing platform databases?

Following are the open source cloud computing platform databases:


Which services are provided by Window azure operating system?

There are three core services provided by Window azure operating system:

  • Compute
  • Storage
  • Management

What are the most essential things that must be followed before going for cloud computing platform?

  • Compliance
  • Loss of data
  • Data storage
  • Business continuity
  • Uptime
  • Data integrity in cloud computing

Advance Google Cloud Interview Question

What do you mean by CaaS?

CaaS is a terminology used in telecom industry as Communication As a Service. CaaS offers the enterprise user features such as desktop call control, unified messaging and desktop faxing.

What are the different datacenters in cloud computing?

  1. Containerized datacenter
  2. Low density datacenter

What are the advantages of cloud services?

Following are the main advantages of cloud services:

Cost saving: It helps in the utilization of investment in the corporate sector. So, it is cost saving.
Scalable and Robust: It helps in the developing scalable and robust applications. Previously, the scaling took months, but now, scaling takes less time.
Time saving: It helps in saving time in terms of deployment and maintenance.

Google Cloud Interview Question

Which are the different layers that define cloud architecture?

Following are the different layers that are used by cloud architecture:

  • CLC or Cloud Controller
  • Walrus
  • Cluster Controller
  • SC or Storage Controller
  • NC or Node Controller

What is the usage of utility computing?

Utility computing is a plug-in managed by an organization which decides what type of services has to be deployed from the cloud. It facilitates users to pay only for what they use.

What are the different data types used in cloud computing?

There are different data types in cloud computing like emails, contracts, images , blogs etc. As we know that data is increasing day by day so it is needed to new data types to store these new data. For an example, if you want to store video then you need a new data type.

Advance Google Cloud Interview Question

Google Cloud Part 1Google Cloud Part 2
Back to top