Free Google Cloud Architect Actual Exam Questions - Question 4 Discussion
a private SaaS application like Salesforce. Which Vertex AI feature allows the model
to interact with external APIs securely?
D. Vertex AI Extensions is built for enabling secure interaction with external APIs, which fits the need here. Options A and B are more about data storage and pre-built models, not API security. C focuses on data loss prevention but doesn't enable the model to make API calls directly—it’s more of a protection tool. Since the question is about securely connecting the generative AI to Salesforce’s APIs, D is the only one that really matches that use case.
C/D? D definitely fits since it’s about secure API calls, but I’m wondering if Cloud Data Loss Prevention (C) plays a role in protecting sensitive info while interacting with Salesforce. Might be worth considering both.
Probably A here. If they just need multi-region coverage without the complexity of Anthos or multi-cluster management, a global load balancer with managed instance groups is straightforward and effective.
I’m going with D here. Since the question specifies multiple regions and a network ingress for the game, Anthos Ingress with GKE and a global load balancer is designed exactly for multi-cluster, multi-region setups, which seems to fit better than just GKE alone. It handles cross-region traffic more gracefully compared to C or A. Plus, Anthos is built for that kind of hybrid and multi-cloud environment, so it covers the multi-region game instances requirement well.
Not B, since kubemci is mostly for multi-cluster GKE setups and the question doesn't confirm multiple clusters. A looks solid if they're not using Kubernetes, since managed instance groups can handle multi-region traffic well.
Maybe A works too since using managed instance groups with a global load balancer can spread traffic across regions without needing Kubernetes. If they’re not locked into GKE, this might be simpler and still meet the multi-region requirement.
This one looks like C to me. Since they want regional game instances in multiple Google Cloud regions, using a global load balancer with GKE makes sense for distributing traffic efficiently without Anthos being mentioned anywhere. Anthos (D) seems overkill if the question doesn't specify it’s in use. Also, kubemci (B) is more about multi-cluster ingress but might add complexity if they just want a straightforward global load balancer setup across GKE clusters. So, C is a solid choice here.
I get why B is tempting since kubemci is meant for multi-cluster scenarios, but if the game needs true global ingress with low latency, a global load balancer directly tied to GKE clusters (so C or D) might be more straightforward. D adds Anthos, which seems like overkill unless they’re already using it. Could A work if they’re not on Kubernetes? But since it mentions multi-region game instances, the k8s-based solutions probably fit better. Anyone think the added complexity of Anthos in D is justified here?
B tbh, kubemci handles multi-cluster ingress across regions better.