question:I have a google cloud architect certification test, and I need you to help choose the right or nearest answer. I will give you situation and the options. Please give me the the right or nearest answer, and why you choose the option.

question:Though the process, please act as a Google Cloud Professional Architect.

question:Situation： EHR Healthcare Company overview EHR Healthcare is a leading provider of electronic health record software to the medical industry. EHR Healthcare provides their software as a service to multi-national medical offices, hospitals, and insurance providers. Solution concept Due to rapid changes in the healthcare and insurance industry, EHR Healthcare’s business has been growing exponentially year over year. They need to be able to scale their environment, adapt their disaster recovery plan, and roll out new continuous deployment capabilities to update their software at a fast pace. Google Cloud has been chosen to replace their current colocation facilities. Existing technical environment EHR’s software is currently hosted in multiple colocation facilities. The lease on one of the data centers is about to expire. Customer-facing applications are web-based, and many have recently been containerized to run on a group of Kubernetes clusters. Data is stored in a mixture of relational and NoSQL databases (MySQL, MS SQL Server, Redis, and MongoDB). EHR is hosting several legacy file- and API-based integrations with insurance providers on-premises. These systems are scheduled to be replaced over the next several years. There is no plan to upgrade or move these systems at the current time. Users are managed via Microsoft Active Directory. Monitoring is currently being done via various open source tools. Alerts are sent via email and are often ignored. Business requirements On-board new insurance providers as quickly as possible. Provide a minimum 99.9% availability for all customer-facing systems. Provide centralized visibility and proactive action on system performance and usage. Increase ability to provide insights into healthcare trends. Reduce latency to all customers. Maintain regulatory compliance. Decrease infrastructure administration costs. Make predictions and generate reports on industry trends based on provider data. Technical requirements Maintain legacy interfaces to insurance providers with connectivity to both on-premises systems and cloud providers. Provide a consistent way to manage customer-facing applications that are container-based. Provide a secure and high-performance connection between on-premises systems and Google Cloud. Provide consistent logging, log retention, monitoring, and alerting capabilities. Maintain and manage multiple container-based environments. Dynamically scale and provision new environments. Create interfaces to ingest and process data from new providers. Executive statement Our on-premises strategy has worked for years but has required a major investment of time and money in training our team on distinctly different systems, managing similar but separate environments, and responding to outages. Many of these outages have been a result of misconfigured systems, inadequate capacity to manage spikes in traffic, and inconsistent monitoring practices. We want to use Google Cloud to leverage a scalable, resilient platform that can span multiple environments seamlessly and provide a consistent and stable user experience that positions us for future growth.

question:Anonymous users from all over the world access a public health information website hosted in an on-premises EHR data center. The servers that host this website are older, and users are complaining about sluggish response times. There has also been a recent increase of distributed denial-of-service attacks toward the website. The attacks always come from the same IP address ranges. EHR management has identified the public health information website as an easy, low risk application to migrate to Google Cloud. You need to improve access latency and provide a security solution that will prevent the denial-of-service traffic from entering your Virtual Private Cloud (VPC) network. What should you do? A. Deploy an external HTTP(S) load balancer, configure VPC firewall rules, and move the applications onto Compute Engine virtual machines. B. Deploy an external HTTP(S) load balancer, configure Google Cloud Armor, and move the application onto Compute Engine virtual machines. C. Containerize the application and move it into Google Kubernetes Engine (GKE). Create a GKE service to expose the pods within the cluster, and set up a GKE network policy. D. Containerize the application and move it into Google Kubernetes Engine (GKE). Create an internal load balancer to expose the pods outside the cluster, and configure Identity-Aware Proxy (IAP) for access.