Exam Associate Cloud Engineer topic 1 question 101 discussion

Correct Answer is (D): Preventing Accidental VM Deletion This document describes how to protect specific VM instances from deletion by setting the deletionProtection property on an Instance resource. To learn more about VM instances, read the Instances documentation. As part of your workload, there might be certain VM instances that are critical to running your application or services, such as an instance running a SQL server, a server used as a license manager, and so on. These VM instances might need to stay running indefinitely so you need a way to protect these VMs from being deleted. By setting the deletionProtection flag, a VM instance can be protected from accidental deletion. If a user attempts to delete a VM instance for which you have set the deletionProtection flag, the request fails. Only a user that has been granted a role with compute.instances.create permission can reset the flag to allow the resource to be deleted. https://cloud.google.com/compute/docs/instances/preventing-accidental-vm-deletion

Agree with D You can enabale Termination protection

It does't say that someone can delete it and we should prevent deletion.

The correct answer is D.

C. Question says accidental downtime - this could be caused by many other reasons other than just straight deleting things. "Use a sole-tenant node" allows you to have dedicated hardware for your VM instances, providing isolation from other workloads. This isolation can help prevent other teams' actions from impacting your application's availability.

(Use a sole-tenant node) is a method to ensure that your VMs run on a physical host dedicated to your project (related to licences etc), but it doesn't specifically prevent accidental downtime caused by other teams in a shared environment.

To prevent accidental deletion of a Compute Engine instance, you can enable deletion protection on the instance. This feature prevents the instance from being deleted by any user until deletion protection is disabled. So, the correct answer is: D. Enable deletion protection on the instance.

for me, is D

ANS is D: By setting the deletionProtection flag, a VM instance can be protected from accidental deletion. If a user attempts to delete a VM instance for which you have set the deletion Protection flag, the request fails. Only a user that has been granted a role with compute.

C is incorrect as sole-tenant is project-based. The other users in the same project can still cause accidentally deletion of the VM even if using a sole-tenant node.

The correct answer is D

I will go with Enable deletion protection on the instance as it prevents accidental deletion. Shielded VMs protects from malicious attack in the software on the VM. Sole Tenant - it isolates the resources from others, but does not protect from accidental deletion. Also this needs all together a setup from scratch and cannot be just setup on fly easily.

A. Use a Shielded VM. Explanation: Shielded VMs provide additional security features to help protect against rootkits and bootkits, ensuring the integrity of the operating system and your applications. Shielded VMs can help prevent accidental or malicious modifications to the VM that could lead to downtime or security risks. Option B (Use a Preemptible VM) is not suitable for preventing accidental downtime as preemptible VMs are designed to be temporary and can be terminated at any time. Option C (Use a sole-tenant node) is a method to ensure that your VMs run on a physical host dedicated to your project, but it doesn't specifically prevent accidental downtime caused by other teams in a shared environment. Option D (Enable deletion protection on the instance) helps prevent accidental deletion of the instance, but it does not prevent other types of accidental modifications or downtime caused by other teams.

D. Enable deletion protection on the instance.

C. "Use a sole-tenant node" allows you to have dedicated hardware for your VM instances, providing isolation from other workloads. This isolation can help prevent other teams' actions from impacting your application's availability.

Answer is D

option c is correct becuase, it givrs you islotation from other projects, where option d is only prevent if from delete only