You have been asked to set up the billing configuration for a new Google Cloud customer. Your customer wants to group resources that share common IAM policies. What should you do?

1. A. Use labels to group resources that share common IAM policies
2. B. Use folders to group resources that share common IAM policies
3. C. Set up a proper billing account structure to group IAM policies
4. D. Set up a proper project naming structure to group IAM policies

Correct Answer: B
Folders are nodes in the Cloud Platform Resource Hierarchy. A folder can contain projects, other folders, or a combination of both. Organizations can use folders to group projects under the organization node in a hierarchy. For example, your organization might contain multiple departments, each with its own set of Google Cloud resources. Folders allow you to group these resources on a per-department basis. Folders are used to group resources that share common IAM policies. While a folder can contain multiple folders or resources, a given folder or resource can have exactly one parent.
https://cloud.google.com/resource-manager/docs/creating-managing-folders

You need to set up a policy so that videos stored in a specific Cloud Storage Regional bucket are moved to Coldline after 90 days, and then deleted after one year from their creation. How should you set up the policy?

1. A. Use Cloud Storage Object Lifecycle Management using Age conditions with SetStorageClass and Delete action
2. B. Set the SetStorageClass action to 90 days and the Delete action to 275 days (365 – 90)
3. C. Use Cloud Storage Object Lifecycle Management using Age conditions with SetStorageClass and Delete action
4. D. Set the SetStorageClass action to 90 days and the Delete action to 365 days.
5. E. Use gsutil rewrite and set the Delete action to 275 days (365-90).
6. F. Use gsutil rewrite and set the Delete action to 365 days.

Correct Answer: A
https://cloud.google.com/storage/docs/lifecycle#setstorageclass-cost
# The object's time spent set at the original storage class counts towards any minimum storage duration that applies for the new storage class.

Your company implemented BigQuery as an enterprise data warehouse. Users from multiple business units run queries on this data warehouse. However, you notice that query costs for BigQuery are very high, and you need to control costs. Which two methods should you use? (Choose two.)

1. A. Split the users from business units to multiple projects.
2. B. Apply a user- or project-level custom query quota for BigQuery data warehouse.
3. C. Create separate copies of your BigQuery data warehouse for each business unit.
4. D. Split your BigQuery data warehouse into multiple data warehouses for each business unit.
5. E. Change your BigQuery query model from on-demand to flat rat
6. F. Apply the appropriate number of slots to each Project.

Correct Answer: BE
https://cloud.google.com/bigquery/docs/custom-quotas https://cloud.google.com/bigquery/pricing#flat_rate_pricing

You want to find out when users were added to Cloud Spanner Identity Access Management (IAM) roles on your Google Cloud Platform (GCP) project. What should you do in the GCP Console?

1. A. Open the Cloud Spanner console to review configurations.
2. B. Open the IAM & admin console to review IAM policies for Cloud Spanner roles.
3. C. Go to the Stackdriver Monitoring console and review information for Cloud Spanner.
4. D. Go to the Stackdriver Logging console, review admin activity logs, and filter them for Cloud Spanner IAM roles.

Correct Answer: D
https://cloud.google.com/monitoring/audit-logging

You have sensitive data stored in three Cloud Storage buckets and have enabled data access logging. You want to verify activities for a particular user for these buckets, using the fewest possible steps. You need to verify
the addition of metadata labels and which files have been viewed from those buckets. What should you do?

1. A. Using the GCP Console, filter the Activity log to view the information.
2. B. Using the GCP Console, filter the Stackdriver log to view the information.
3. C. View the bucket in the Storage section of the GCP Console.
4. D. Create a trace in Stackdriver to view the information.

Correct Answer: A
https://cloud.google.com/storage/docs/audit-logs https://cloud.google.com/compute/docs/logging/audit-logging#audited_operations