Designing & Planning Architecture

CASE STUDY: TechStream Gaming

Company Overview: TechStream Gaming is a global gaming company with 500 employees and $50M annual revenue.
Current Environment: On-premises data centers in US and EU. 200 servers. MySQL databases (5 TB). Peak users: 2M. Cost: $100K/mo.
Business Requirements: Reduce costs by 40%. Support 5x user growth. Launch in APAC, SA, Africa. Improve deployment to daily.
Executive Statements: CEO: 'Scale rapidly.' CFO: 'Max $100K/mo, ROI 18mo.' CTO: 'Limited cloud exp, 99.95% uptime.'
Technical Requirements: <100ms latency globally. Real-time analytics. 5x traffic spikes. EU data residency. DDoS protection. CI/CD.
Constraints: 12-month migration. Max 4-hour downtime. 20 devs (Java/MySQL), 5 ops (limited cloud). Budget $2M.

QUESTION:
Which migration strategy and compute architecture should you recommend for the game servers to meet the business and technical requirements while addressing the CTO's constraints?

CASE STUDY: TechStream Gaming

Company Overview: TechStream Gaming is a global gaming company with 500 employees and $50M annual revenue.
Current Environment: On-premises data centers in US and EU. 200 servers. MySQL databases (5 TB). Peak users: 2M. Cost: $100K/mo.
Business Requirements: Reduce costs by 40%. Support 5x user growth. Launch in APAC, SA, Africa. Improve deployment to daily.
Executive Statements: CEO: 'Scale rapidly.' CFO: 'Max $100K/mo, ROI 18mo.' CTO: 'Limited cloud exp, 99.95% uptime.'
Technical Requirements: <100ms latency globally. Real-time analytics. 5x traffic spikes. EU data residency. DDoS protection. CI/CD.
Constraints: 12-month migration. Max 4-hour downtime. 20 devs (Java/MySQL), 5 ops (limited cloud). Budget $2M.

QUESTION:
Which database solution should you recommend to replace the 5 TB MySQL databases, considering the need for global expansion, strong consistency for game state, and EU data residency?

CASE STUDY: Dress4Win

Company Overview: Dress4Win is a web-based retail company that helps users organize their wardrobes.
Current Environment: Colocated data center. Tomcat app servers, Nginx web servers, MySQL databases, Redis caching. 100TB of image data on SAN.
Business Requirements: Migrate to cloud to handle seasonal spikes (Black Friday). Reduce CapEx. Enable rapid prototyping.
Executive Statements: CEO: 'Innovate faster, stop worrying about servers.' CFO: 'Move to OpEx. Ensure PCI-DSS compliance.' CTO: 'Modernize stack but migrate quickly first.'
Technical Requirements: Secure hybrid connectivity during migration. PCI-DSS compliance. Automated scaling. CI/CD for microservices.
Constraints: Migration must be completed before Q4 holiday season (6 months). Limited budget for refactoring during initial migration.

QUESTION:
Given the CTO's statement and the 6-month constraint, which migration strategy should you recommend for the initial phase?

CASE STUDY: Dress4Win

Company Overview: Dress4Win is a web-based retail company that helps users organize their wardrobes.
Current Environment: Colocated data center. Tomcat app servers, Nginx web servers, MySQL databases, Redis caching. 100TB of image data on SAN.
Business Requirements: Migrate to cloud to handle seasonal spikes (Black Friday). Reduce CapEx. Enable rapid prototyping.
Executive Statements: CEO: 'Innovate faster, stop worrying about servers.' CFO: 'Move to OpEx. Ensure PCI-DSS compliance.' CTO: 'Modernize stack but migrate quickly first.'
Technical Requirements: Secure hybrid connectivity during migration. PCI-DSS compliance. Automated scaling. CI/CD for microservices.
Constraints: Migration must be completed before Q4 holiday season (6 months). Limited budget for refactoring during initial migration.

QUESTION:
To meet the CFO's requirement for PCI-DSS compliance, how should you secure the payment processing environment in GCP?

CASE STUDY: TerramEarth

Company Overview: TerramEarth manufactures heavy equipment. 2 million vehicles in the field.
Current Environment: Vehicles send telemetry via cellular. Processing 100,000 msgs/sec. On-prem Hadoop cluster.
Business Requirements: Predict equipment failure. Reduce warranty costs. Provide fleet dashboard.
Executive Statements: CEO: 'Monetize data.' CFO: 'Storage costs spiraling.' CTO: 'Need scalable ingestion and ML.'
Technical Requirements: Ingest 500,000 msgs/sec. Store petabytes cost-effectively. Train ML models. Real-time anomaly detection.
Constraints: Intermittent connectivity. Strict vehicle authentication.

QUESTION:
Which architecture should you design to handle the ingestion of 500,000 messages per second from vehicles with intermittent connectivity?

CASE STUDY: TerramEarth

Company Overview: TerramEarth manufactures heavy equipment. 2 million vehicles in the field.
Current Environment: Vehicles send telemetry via cellular. Processing 100,000 msgs/sec. On-prem Hadoop cluster.
Business Requirements: Predict equipment failure. Reduce warranty costs. Provide fleet dashboard.
Executive Statements: CEO: 'Monetize data.' CFO: 'Storage costs spiraling.' CTO: 'Need scalable ingestion and ML.'
Technical Requirements: Ingest 500,000 msgs/sec. Store petabytes cost-effectively. Train ML models. Real-time anomaly detection.
Constraints: Intermittent connectivity. Strict vehicle authentication.

QUESTION:
How should you meet the strict vehicle authentication constraint when vehicles connect to the GCP environment?

CASE STUDY: HealthCare360

Company Overview: HealthCare360 provides EHR systems to hospitals in NA and EU.
Current Environment: Isolated on-prem deployments. Fragmented data.
Business Requirements: Centralize EHR in cloud. Enable cross-hospital research. Ensure compliance.
Executive Statements: CEO: 'Transforming to SaaS.' CFO: 'Need cost attribution per tenant.' CSO: 'Zero compromise on HIPAA/GDPR.'
Technical Requirements: Multi-region active-active deployment. Microservices on GKE. End-to-end encryption (CMEK). Strict network perimeters.
Constraints: Zero data loss (RPO=0). RTO < 15 minutes. HIPAA (US) and GDPR (EU) compliance.

QUESTION:
To meet the requirement for a multi-region active-active deployment with an RPO of 0, which TWO database architectures could you use? (Select TWO)

CASE STUDY: HealthCare360

Company Overview: HealthCare360 provides EHR systems to hospitals in NA and EU.
Current Environment: Isolated on-prem deployments. Fragmented data.
Business Requirements: Centralize EHR in cloud. Enable cross-hospital research. Ensure compliance.
Executive Statements: CEO: 'Transforming to SaaS.' CFO: 'Need cost attribution per tenant.' CSO: 'Zero compromise on HIPAA/GDPR.'
Technical Requirements: Multi-region active-active deployment. Microservices on GKE. End-to-end encryption (CMEK). Strict network perimeters.
Constraints: Zero data loss (RPO=0). RTO < 15 minutes. HIPAA (US) and GDPR (EU) compliance.

QUESTION:
To meet the CSO's requirement for strict network perimeters and HIPAA compliance, how should you protect the patient data stored in Cloud Storage and BigQuery?

A startup is building a new stateless web application using Node.js. They want to deploy it to GCP with zero infrastructure management, automatic scaling from zero to handle unpredictable traffic, and pay only when the code is executing. Which compute service should you recommend?

Your company generates 5 TB of log data daily. The data must be stored for 5 years for compliance reasons. The data is accessed frequently during the first 30 days for troubleshooting, rarely accessed between 30 and 365 days, and almost never accessed after 1 year. Which Cloud Storage lifecycle policy is the most cost-effective?

An enterprise has a central IT team and multiple independent development teams. The central IT team must control all network resources (subnets, firewalls, VPNs), while the development teams need full control over creating VMs and GKE clusters in their own projects. How should you design the GCP network architecture?

You need to migrate 50 TB of data from an on-premises NAS to Cloud Storage. Your corporate internet connection has 100 Mbps of available bandwidth. The migration must be completed within 2 weeks. Which migration tool should you use?

You are deploying an internal HR application on Compute Engine. The application uses HTTP and should only be accessible to employees connected to the corporate network via Cloud VPN. Which load balancer should you use?

You are creating a new GCP project for a production environment. You need strict control over the IP address ranges used by your subnets to prevent overlapping with your on-premises network. How should you configure the VPC network?

Your e-commerce application uses Cloud SQL for PostgreSQL. During peak shopping hours, the database CPU hits 95% due to a massive number of read queries from the product catalog, causing latency. Write operations (orders) remain low. How should you optimize the database architecture?

You are designing a multi-tenant SaaS application on GKE. Each tenant's microservices run in a dedicated Kubernetes namespace. Tenant A's microservices need access to Tenant A's Cloud Storage bucket, and Tenant B's microservices need access to Tenant B's bucket. How should you configure authentication to ensure strict isolation?

You are designing a disaster recovery plan for a critical application running on Compute Engine. The business requires an RTO (Recovery Time Objective) of 4 hours and an RPO (Recovery Point Objective) of 1 hour. Which TWO actions should you include in your DR plan? (Select TWO)

Your enterprise has a strict policy that no public IP addresses can be assigned to Compute Engine instances, and all resources must be deployed in the europe-west1 region. How can you enforce these rules organization-wide? (Select TWO)

You are designing a CI/CD pipeline using Cloud Build. You want to ensure that container images are only deployed to GKE if they have been scanned for vulnerabilities and signed by a trusted authority. Which THREE GCP services are required to implement this? (Select THREE)

Your development team spends too much time parsing through raw text logs in Cloud Logging to find application crashes and stack traces. Which TWO actions should you take to improve their troubleshooting efficiency? (Select TWO)

You are reviewing the GCP billing report for a large enterprise. You notice high costs for Compute Engine. The workloads consist of a baseline of 100 VMs that run 24/7, and an additional 50 VMs that scale up and down dynamically based on daily traffic. Which TWO cost optimization strategies should you apply? (Select TWO)

Your SRE team has defined an SLO of 99.9% availability for a critical service. Over the past month, the service has experienced multiple outages, and the error budget has been completely exhausted. According to Google SRE best practices, which THREE actions should the team take? (Select THREE)

CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak users. $100K/mo cost. Req: Cut cost 40%, 5x growth, 3 new regions, daily deploys. CEO: Scale fast. CFO: <$100K/mo, 18mo ROI. CTO: Low cloud skills, 99.95% uptime. Tech: <100ms latency, real-time analytics, 5x spikes, EU data residency, DDoS protection, CI/CD. Constraints: 12mo migration, 4hr downtime, 20 devs (Java/MySQL), 5 ops (no cloud), $2M budget.

Which migration strategy should you recommend for the legacy monolithic application to meet the 12-month timeline and team skill constraints?

CASE STUDY: TechStream Gaming. 500 emp, $100M rev. On-prem US/EU, 200 servers, MySQL 5TB. 2M peak users. $100K/mo cost. Req: Cut cost 40%, 5x growth, 3 new regions, daily deploys. CEO: Scale fast. CFO: <$100K/mo, 18mo ROI. CTO: Low cloud skills, 99.95% uptime. Tech: <100ms latency, real-time analytics, 5x spikes, EU data residency, DDoS protection, CI/CD. Constraints: 12mo migration, 4hr downtime, 20 devs (Java/MySQL), 5 ops (no cloud), $2M budget.

Which database migration strategy meets the 4-hour downtime constraint and EU data residency requirement?

CASE STUDY: ShopGlobal. Global e-commerce. Monolithic Java on VMware. Oracle RAC (20TB). 10x Black Friday traffic. Req: Microservices, 100% uptime during holidays, personalized recommendations. CEO: Flawless omnichannel. CFO: Predictable spend. CTO: No vendor lock-in, open-source. Tech: Containerize, Global LB, PCI-DSS, async orders, real-time inventory. Constraints: Keep Oracle on-prem for 2 yrs (licensing), low K8s skills, strict security reviews.

How should you design the hybrid connectivity between GCP microservices and the on-premises Oracle database to ensure high throughput and low latency?

CASE STUDY: ShopGlobal. Global e-commerce. Monolithic Java on VMware. Oracle RAC (20TB). 10x Black Friday traffic. Req: Microservices, 100% uptime during holidays, personalized recommendations. CEO: Flawless omnichannel. CFO: Predictable spend. CTO: No vendor lock-in, open-source. Tech: Containerize, Global LB, PCI-DSS, async orders, real-time inventory. Constraints: Keep Oracle on-prem for 2 yrs (licensing), low K8s skills, strict security reviews.

To meet PCI-DSS compliance and prevent data exfiltration from the payment processing microservices, what should you configure?

CASE STUDY: AutoMakers Inc. 1M connected cars, 100GB/day telemetry. Req: Predictive maintenance, real-time driver dashboard, monetize data. CEO: Data is new engine. CFO: Cut 3rd-party IoT costs. CTO: Highly scalable ingest. Tech: MQTT ingest, stream processing, ML models, 7-yr cold storage, handle intermittent connectivity. Constraints: Anonymize data, low vehicle compute, strict analytics budget.

How should you architect the highly scalable ingestion layer for MQTT telemetry data from 1 million cars?

CASE STUDY: AutoMakers Inc. 1M connected cars, 100GB/day telemetry. Req: Predictive maintenance, real-time driver dashboard, monetize data. CEO: Data is new engine. CFO: Cut 3rd-party IoT costs. CTO: Highly scalable ingest. Tech: MQTT ingest, stream processing, ML models, 7-yr cold storage, handle intermittent connectivity. Constraints: Anonymize data, low vehicle compute, strict analytics budget.

Which service should you integrate into the streaming pipeline to automatically anonymize Vehicle Identification Numbers (VINs) before data scientists access it?

CASE STUDY: HealthSecure. 50M patient records. Legacy mainframe, on-prem SAN (100TB), .NET portal. Req: Modernize portal, secure hospital sharing, fast audits. CEO: Modern UX. CFO: Automate audits. CISO: Zero breaches. Tech: HIPAA, CMEK, audit logging, API gateway, DR (1h RPO/4h RTO). Constraints: No public DB IPs, Dev/Ops separation, US data only, mainframe stays on-prem via VPN.

To meet the 1-hour RPO and 4-hour RTO for the modernized portal database, which architecture should you implement?

CASE STUDY: HealthSecure. 50M patient records. Legacy mainframe, on-prem SAN (100TB), .NET portal. Req: Modernize portal, secure hospital sharing, fast audits. CEO: Modern UX. CFO: Automate audits. CISO: Zero breaches. Tech: HIPAA, CMEK, audit logging, API gateway, DR (1h RPO/4h RTO). Constraints: No public DB IPs, Dev/Ops separation, US data only, mainframe stays on-prem via VPN.

How should you implement Customer-Managed Encryption Keys (CMEK) while enforcing the strict separation of duties between Dev and Ops?