PCA · topic practice

Design and plan a cloud solution architecture practice questions

Practise Google Professional Cloud Architect Design and plan a cloud solution architecture practice questions — original exam-style scenarios with answer choices, explanations, and analysis of common mistakes.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Design and plan a cloud solution architecture

What the exam tests

What to know about Design and plan a cloud solution architecture

Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.

IaaS, PaaS and SaaS responsibilities and examples.

Public, private, hybrid and community cloud deployment models.

On-premises vs cloud trade-offs: cost, control, scalability.

How cloud connectivity options (VPN, Direct Connect, ExpressRoute) work.

Watch out for

Common Design and plan a cloud solution architecture exam traps

  • IaaS gives you infrastructure control; SaaS gives you only the application.
  • Hybrid cloud combines on-premises and public cloud — not two public clouds.
  • Cloud does not automatically mean cheaper or more secure.
  • Management responsibility shifts with each service model (IaaSPaaSSaaS).

Practice set

Design and plan a cloud solution architecture questions

20 questions · select your answer, then reveal the explanation

A company is migrating on-premises workloads to Google Cloud. They have a critical application that requires consistent low-latency access to a database, with read replicas in multiple regions for disaster recovery. The application is expected to grow by 10x over the next year. Which database service and configuration should the architect choose to meet these requirements?

A financial services company is designing a multi-tier application on Google Cloud. The application must meet PCI DSS compliance, with data encrypted at rest and in transit. They plan to use Cloud SQL for PostgreSQL for transactional data and Cloud Storage for archival data. Which TWO actions should the architect take to meet compliance requirements?

Refer to the exhibit. An architect created a VM instance using the above command. After the instance starts, the architect tries to access the nginx default page from the internet but gets a timeout. What is the most likely reason?

Exhibit

Refer to the exhibit.

gcloud compute instances create my-instance \
  --zone=us-central1-a \
  --machine-type=e2-micro \
  --image-family=debian-11 \
  --image-project=debian-cloud \
  --boot-disk-size=20GB \
  --boot-disk-type=pd-standard \
  --network-interface=subnet=default,no-address \
  --metadata=startup-script='#! /bin/bash
    sudo apt-get update
    sudo apt-get install -y nginx
    sudo systemctl enable nginx
    sudo systemctl start nginx'

A media streaming company is deploying a new video transcoding pipeline on Google Cloud. The pipeline receives raw video files uploaded to Cloud Storage, triggers a Cloud Function that submits transcoding jobs to a Compute Engine worker pool, and stores the transcoded output in another Cloud Storage bucket. The workers are managed by a managed instance group (MIG) running a custom container image. Currently, when there is a spike in uploads, the MIG takes 5-7 minutes to scale up new workers, causing processing delays. The architect needs to reduce the time to add new workers to under 2 minutes. The workers are stateless and the container image is about 2 GB. What should the architect do?

A company is migrating a legacy monolithic application to Google Cloud. The application currently runs on a single on-premises server and uses a local MySQL database. The company wants to minimize changes to the application code while improving scalability and reliability. Which migration strategy should the architect recommend?

A global e-commerce platform is experiencing intermittent latency spikes during flash sales. The application is deployed on Google Kubernetes Engine (GKE) with a regional cluster. The architecture includes a frontend service, a product catalog service using Cloud Spanner, and an order processing service using Cloud Pub/Sub. During high load, the catalog service shows increased query latency, and some requests time out. What should the architect prioritize to address the issue?

A startup is developing a real-time analytics dashboard that ingests data from IoT devices. The data volume is unpredictable but can spike to millions of events per second. The dashboard must display near real-time aggregations with sub-second latency. Which Google Cloud architecture should the architect recommend?

A financial services company is designing a multi-region disaster recovery architecture for a critical application. The application runs on Compute Engine with a stateful backend using Cloud Spanner. The Recovery Time Objective (RTO) is 1 hour, and the Recovery Point Objective (RPO) is 15 minutes. What architecture meets these requirements cost-effectively?

A company wants to restrict access to a Cloud Storage bucket so that only a specific service account can read objects. The bucket contains sensitive data. Which identity and access management (IAM) approach should the architect use?

Drag and drop the steps to set up a VPC network peering between two projects in Google Cloud into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

Drag and drop the steps to recover a Cloud SQL instance from a backup into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4
5Step 5

Match each Google Cloud service to its primary purpose.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Distribute traffic across instances

Cache content at edge locations

Protect against DDoS and web attacks

Enable outbound internet for private instances

Dedicated connection between on-prem and GCP

Match each GCP security service to its function.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Manage encryption keys

Hardware security module for key protection

Store API keys, passwords, certificates

Manage access control

Centralized security and risk management

Question 14easymultiple choice
Read the full NAT/PAT explanation →

A multinational e-commerce company needs a globally distributed database that provides strong consistency and transactional support for order processing. Which Google Cloud database service should they use?

A data analytics company runs nightly batch jobs using Compute Engine instances. The jobs can tolerate interruptions, and the company wants to minimize costs. What should they do?

A financial services company is designing a multi-region application on Google Kubernetes Engine (GKE) for high availability. They need to serve user requests from the closest region and automatically failover if a region becomes unavailable. Which architecture should they use?

A media company wants to serve publicly available images and videos to a global audience with low latency. Which Google Cloud service should they primarily use?

A company is migrating an on-premises PostgreSQL database to Cloud SQL with minimal downtime. The database is 1 TB and the network link has 500 Mbps bandwidth. Which migration approach is most appropriate?

Question 19hardmultiple choice
Read the full VPN explanation →

A company has a hub-and-spoke VPC topology with multiple on-premises locations connected via Cloud VPN to the hub VPC. They notice IP conflicts because overlapping CIDR ranges are used in different spokes. The network team wants to allow communication between spokes without re-IPing. What should they do?

A small startup wants to deploy a containerized web application that scales automatically and only charges for resources used. They have limited operational experience. Which compute solution should they choose?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Design and plan a cloud solution architecture sessions

Start a Design and plan a cloud solution architecture only practice session

Every question in these sessions is drawn from the Design and plan a cloud solution architecture domain — nothing else.

Related practice questions

Related PCA topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the PCA exam test about Design and plan a cloud solution architecture?
Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Design and plan a cloud solution architecture questions in a focused session?
Yes — the session launcher on this page draws every question from the Design and plan a cloud solution architecture domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other PCA topics?
Use the topic links above to move to related areas, or go back to the PCA question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the PCA exam covers. They are not copied from any real exam or dump site.