Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsPCADomainsDesign and plan a cloud solution architecture
PCAFree — No Signup

Design and plan a cloud solution architecture

Practice PCA Design and plan a cloud solution architecture questions with full explanations on every answer.

55questions

Start practicing

Design and plan a cloud solution architecture — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

PCA Domains

Design and plan a cloud solution architectureManage and provision cloud infrastructureDesign for security and complianceAnalyze and optimize technical and business processesManage implementation of cloud architectureEnsure solution and operations reliability

Practice Design and plan a cloud solution architecture questions

10Q20Q30Q50Q

All PCA Design and plan a cloud solution architecture questions (55)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

A company is migrating on-premises workloads to Google Cloud. They have a critical application that requires consistent low-latency access to a database, with read replicas in multiple regions for disaster recovery. The application is expected to grow by 10x over the next year. Which database service and configuration should the architect choose to meet these requirements?

2

A financial services company is designing a multi-tier application on Google Cloud. The application must meet PCI DSS compliance, with data encrypted at rest and in transit. They plan to use Cloud SQL for PostgreSQL for transactional data and Cloud Storage for archival data. Which TWO actions should the architect take to meet compliance requirements?

3

Refer to the exhibit. An architect created a VM instance using the above command. After the instance starts, the architect tries to access the nginx default page from the internet but gets a timeout. What is the most likely reason?

4

A media streaming company is deploying a new video transcoding pipeline on Google Cloud. The pipeline receives raw video files uploaded to Cloud Storage, triggers a Cloud Function that submits transcoding jobs to a Compute Engine worker pool, and stores the transcoded output in another Cloud Storage bucket. The workers are managed by a managed instance group (MIG) running a custom container image. Currently, when there is a spike in uploads, the MIG takes 5-7 minutes to scale up new workers, causing processing delays. The architect needs to reduce the time to add new workers to under 2 minutes. The workers are stateless and the container image is about 2 GB. What should the architect do?

5

A company is migrating a legacy monolithic application to Google Cloud. The application currently runs on a single on-premises server and uses a local MySQL database. The company wants to minimize changes to the application code while improving scalability and reliability. Which migration strategy should the architect recommend?

6

A global e-commerce platform is experiencing intermittent latency spikes during flash sales. The application is deployed on Google Kubernetes Engine (GKE) with a regional cluster. The architecture includes a frontend service, a product catalog service using Cloud Spanner, and an order processing service using Cloud Pub/Sub. During high load, the catalog service shows increased query latency, and some requests time out. What should the architect prioritize to address the issue?

7

A startup is developing a real-time analytics dashboard that ingests data from IoT devices. The data volume is unpredictable but can spike to millions of events per second. The dashboard must display near real-time aggregations with sub-second latency. Which Google Cloud architecture should the architect recommend?

8

A financial services company is designing a multi-region disaster recovery architecture for a critical application. The application runs on Compute Engine with a stateful backend using Cloud Spanner. The Recovery Time Objective (RTO) is 1 hour, and the Recovery Point Objective (RPO) is 15 minutes. What architecture meets these requirements cost-effectively?

9

A company wants to restrict access to a Cloud Storage bucket so that only a specific service account can read objects. The bucket contains sensitive data. Which identity and access management (IAM) approach should the architect use?

10

Drag and drop the steps to set up a VPC network peering between two projects in Google Cloud into the correct order.

11

Drag and drop the steps to recover a Cloud SQL instance from a backup into the correct order.

12

Match each Google Cloud service to its primary purpose.

13

Match each GCP security service to its function.

14

A multinational e-commerce company needs a globally distributed database that provides strong consistency and transactional support for order processing. Which Google Cloud database service should they use?

15

A data analytics company runs nightly batch jobs using Compute Engine instances. The jobs can tolerate interruptions, and the company wants to minimize costs. What should they do?

16

A financial services company is designing a multi-region application on Google Kubernetes Engine (GKE) for high availability. They need to serve user requests from the closest region and automatically failover if a region becomes unavailable. Which architecture should they use?

17

A media company wants to serve publicly available images and videos to a global audience with low latency. Which Google Cloud service should they primarily use?

18

A company is migrating an on-premises PostgreSQL database to Cloud SQL with minimal downtime. The database is 1 TB and the network link has 500 Mbps bandwidth. Which migration approach is most appropriate?

19

A company has a hub-and-spoke VPC topology with multiple on-premises locations connected via Cloud VPN to the hub VPC. They notice IP conflicts because overlapping CIDR ranges are used in different spokes. The network team wants to allow communication between spokes without re-IPing. What should they do?

20

A small startup wants to deploy a containerized web application that scales automatically and only charges for resources used. They have limited operational experience. Which compute solution should they choose?

21

An organization has multiple Google Cloud projects that need to access a shared Cloud SQL database. The database should only be accessible from authorized projects. What is the most secure way to grant access?

22

A company is building a real-time data pipeline that ingests events from IoT devices, processes them with Apache Beam, and stores results in BigQuery for analytics. The pipeline must handle spikes in traffic and guarantee exactly-once processing. Which combination of services should they use?

23

Which TWO statements are true regarding the benefits of using VPC Network Peering over Cloud VPN for connecting two VPC networks?

24

A company has set up an external HTTP(S) load balancer with a backend service pointing to a managed instance group. Some instances are failing health checks. Which TWO actions should the company take to troubleshoot the issue?

25

Which THREE practices are recommended for organizing projects in a Google Cloud organization?

26

Refer to the exhibit. What is the primary benefit of the `--preemptible` flag in this command?

27

Refer to the exhibit. A Cloud Storage bucket has this IAM policy. What security recommendation should be made?

28

Refer to the exhibit. A subnet was created with the `--enable-private-ip-google-access` flag. What does this flag enable for instances in this subnet?

29

A startup is building a web application that experiences unpredictable traffic spikes. They want a scalable solution that minimizes costs. Which Google Cloud service should they use to run their containerized application?

30

A company is migrating to Google Cloud and needs to connect their on-premises network to a VPC. They require high bandwidth and a reliable connection with a Service Level Agreement (SLA). Which solution should they choose?

31

You need to store object data that is accessed infrequently (once a quarter) but must be retained for 10 years for compliance. Which storage class is the most cost-effective?

32

A company is designing a multi-region architecture for disaster recovery. Their primary region is us-central1 and they want a warm standby in another region. The application runs on Compute Engine with a stateful backend. Which approach minimizes RTO while keeping costs reasonable?

33

A financial services company requires that all data stored in Cloud Storage be encrypted with keys they manage, rotate, and audit. They also need to enforce encryption at the bucket level. Which configuration should they use?

34

A company hosts a web application on Compute Engine behind a global HTTP(S) load balancer. They notice that some users experience high latency from certain regions. They want to improve performance without adding complexity. What should they do?

35

A company is migrating a monolithic application to Google Cloud. The application consists of a stateful service that writes to local disk and a stateless web server. They want to minimize changes to the code. Which architecture should they use?

36

A company has a Cloud SQL for PostgreSQL instance with high read traffic. They want to offload read queries without modifying the application. Which strategy should they implement?

37

A company is designing a VPC architecture for a multi-tenant SaaS platform. Each tenant has isolated workloads that must not communicate with each other. They also need centralized network security and logging. Which VPC design meets these requirements?

38

Which TWO actions reduce egress costs when transferring data from Compute Engine to the internet? (Choose 2)

39

Which THREE are best practices for designing a highly available Cloud SQL for MySQL instance? (Choose 3)

40

A company wants to deploy a stateful application with strict low-latency requirements across multiple zones in a single region. They need to minimize inter-zone latency. Which THREE actions should they take? (Choose 3)

41

The exhibit shows a command to create a Compute Engine instance. The instance is intended to run a web server that needs to access Cloud Storage buckets using its service account. However, the web server fails to read from a storage bucket. What is the most likely cause?

42

The exhibit shows a Cloud Storage bucket IAM policy. A developer (admin@example.com) wants to upload a file to the bucket but gets a permission denied error. What is the most likely reason?

43

A company is migrating a critical on-premises application to Google Cloud. The application consists of a frontend web server that handles user requests and a backend database server that stores session state and processed data. The application is stateful because session data is stored in memory on the backend server. The company wants to minimize downtime during migration and ensure that the application can scale horizontally in the future. The current on-premises architecture has the web server and database server on separate physical machines. The web server communicates with the database server via a private network. The company expects that after migration, the application will need to handle double the current traffic. They also need to ensure that the architecture is resilient to zone failures within a single region. They are considering using Compute Engine for both the web and database servers, but they are open to other Google Cloud services. They have a requirement that the database must be relational and support ACID transactions. The database currently uses Microsoft SQL Server, but they are willing to migrate to a different database engine if it reduces operational overhead and provides better scalability. The team has limited experience with Google Cloud and wants to minimize architectural changes. Which course of action should the company take?

44

A company is designing a microservices architecture on Google Kubernetes Engine (GKE) for a global user base. They require high availability across multiple zones, automatic scaling, and rolling updates without downtime. Which Kubernetes workload resource should they use for each service?

45

A company is planning a hybrid cloud architecture using Anthos to manage workloads across on-premises data centers and Google Cloud. They need to select two key components that enable consistent configuration, policy, and security across environments. Which two should they choose?

46

Your company has migrated its legacy web application from a single Compute Engine instance to a managed instance group (MIG) behind an HTTP(S) load balancer. The application was updated to a new version as part of the migration. After the migration, users report intermittent 502 Bad Gateway errors. The application logs show no errors, and the load balancer backend health checks are reported as healthy. On investigation, the developers discover that the new version requires a specific environment variable for authentication to a downstream service. This variable was set manually on the original instance but is missing from the MIG's instance template. The health check endpoint does not depend on this variable and always returns a 200 status even when the variable is absent. As a result, instances created from the template are considered healthy by the load balancer, but when they receive requests that require authentication, they fail and return a 502 error to the client. What is the most likely cause of the 502 errors?

47

A company runs a multi-tier web application on Google Kubernetes Engine (GKE) with a frontend service, a backend service, and a Cloud SQL for PostgreSQL database. During peak hours, the frontend pod CPU usage is high (consistently above 80%), while the backend service shows moderate CPU usage (around 50%). Response times for user requests increase significantly, often exceeding the 200ms p99 latency target. Cloud SQL metrics show low query latency and no contention. The team wants to improve performance in a cost-effective manner. Which initial step should they take?

48

Refer to the exhibit. A user alice@example.com is unable to list objects in bucket 'bucket-b'. What is the most likely reason?

49

A company is migrating a legacy on-premises application to Google Cloud. The application has strict low-latency requirements between its components and requires stateful TCP sessions. Which TWO design decisions should the architect recommend?

50

A company runs a web application on Compute Engine instances behind a global HTTP(S) Load Balancer. The application uses Cloud SQL for MySQL for user data. Users report that during peak hours, the page load times increase significantly. The development team notices that the number of database connections exceeds the maximum allowed, causing some requests to fail. The application is designed to use connection pooling with a maximum pool size of 100 connections per instance. There are currently 10 instances. The Cloud SQL instance is configured with 4 vCPUs and 15 GB memory, and the maximum connections is set to 400. The application team wants to minimize cost while resolving the issue. What should the architect recommend?

51

Refer to the exhibit. A user creates a snapshot of a persistent disk. Later, they want to create a new VM from this snapshot in the same project but in a different region (europe-west1). Which step is missing or incorrect?

52

Refer to the exhibit. A security team wants to ensure that the service account 'sa-compute' can only be used by the instance admin role. Currently, any user with 'iam.serviceAccountUser' on the project can impersonate it. Which change should be made to the policy?

53

Refer to the exhibit. An engineer deploys this Terraform configuration. After deployment, they can SSH into the VM using its public IP. However, they want to restrict SSH access to only a specific IP range (203.0.113.0/24). What change is required?

54

Refer to the exhibit. All five nginx pods are scheduled on the same node (default-pool-1). What is the most likely reason?

55

Refer to the exhibit. A user creates a Cloud SQL for PostgreSQL instance and a Compute Engine VM. The VM cannot connect to the database. What is the most likely cause?

Practice all 55 Design and plan a cloud solution architecture questions

Other PCA exam domains

Manage and provision cloud infrastructureDesign for security and complianceAnalyze and optimize technical and business processesManage implementation of cloud architectureEnsure solution and operations reliability

Frequently asked questions

What does the Design and plan a cloud solution architecture domain cover on the PCA exam?

The Design and plan a cloud solution architecture domain covers the key concepts tested in this area of the PCA exam blueprint published by Google Cloud. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all PCA domains — no account required.

How many Design and plan a cloud solution architecture questions are in the PCA question bank?

The Courseiva PCA question bank contains 55 questions in the Design and plan a cloud solution architecture domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Design and plan a cloud solution architecture for PCA?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Design and plan a cloud solution architecture questions for PCA?

Yes — the session launcher on this page draws questions exclusively from the Design and plan a cloud solution architecture domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your PCA domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide

Related Exams

ACEPCSESAP-C02