CASE STUDY: TerramEarth
Company Overview: TerramEarth manufactures heavy equipment. 2 million vehicles in the field.
Current Environment: Vehicles send telemetry via cellular. Processing 100,000 msgs/sec. On-prem Hadoop cluster.
Business Requirements: Predict equipment failure. Reduce warranty costs. Provide fleet dashboard.
Executive Statements: CEO: 'Monetize data.' CFO: 'Storage costs spiraling.' CTO: 'Need scalable ingestion and ML.'
Technical Requirements: Ingest 500,000 msgs/sec. Store petabytes cost-effectively. Train ML models. Real-time anomaly detection.
Constraints: Intermittent connectivity. Strict vehicle authentication.
QUESTION:
Which architecture should you design to handle the ingestion of 500,000 messages per second from vehicles with intermittent connectivity?
GCP PCA · Question 13 · Security Design
CASE STUDY: TerramEarth
Company Overview: TerramEarth manufactures heavy equipment. 2 million vehicles in the field.
Current Environment: Vehicles send telemetry via cellular. Processing 100,000 msgs/sec. On-prem Hadoop cluster.
Business Requirements: Predict equipment failure. Reduce warranty costs. Provide fleet dashboard.
Executive Statements: CEO: 'Monetize data.' CFO: 'Storage costs spiraling.' CTO: 'Need scalable ingestion and ML.'
Technical Requirements: Ingest 500,000 msgs/sec. Store petabytes cost-effectively. Train ML models. Real-time anomaly detection.
Constraints: Intermittent connectivity. Strict vehicle authentication.
QUESTION:
How should you meet the strict vehicle authentication constraint when vehicles connect to the GCP environment?
Answer options:
Hardcode a single GCP Service Account JSON key in all 2 million vehicles.
Require drivers to log in using Google Workspace credentials before starting the vehicle.
Use asymmetric key pairs (RSA or Elliptic Curve) stored in a secure hardware element on the vehicle to sign JWTs for authentication.
Use IP whitelisting in Cloud Armor to only allow traffic from the vehicles.
50 questions · hints · full answers · grading
Expert