Google Cloud Certified Generative AI Leader Quick Reference
Compact quick reference for Google Cloud Certified Generative AI Leader (GenAI Leader) candidates covering GenAI concepts, Vertex AI choices, RAG, security, governance, and evaluation.
Exam Lens
Use this independent Quick Reference to prepare for the Google Cloud Certified Generative AI Leader exam, code GenAI Leader. The exam is leadership-oriented: expect scenario questions about business value, risk, service selection, responsible AI, and operating generative AI on Google Cloud.
| Candidate skill | What to be ready to do |
|---|---|
| Explain GenAI concepts | Distinguish LLMs, foundation models, embeddings, grounding, RAG, agents, tuning, and evaluation. |
| Select a Google Cloud pattern | Choose between Gemini on Vertex AI, Vertex AI Agent Builder, Vertex AI Search, Model Garden, BigQuery, Looker, Cloud Run, GKE, and governance services. |
| Connect use case to value | Identify where GenAI improves productivity, customer experience, knowledge discovery, software development, analytics, or operations. |
| Manage risk | Apply privacy, security, IAM, data governance, responsible AI, human review, and auditability controls. |
| Evaluate readiness | Balance quality, groundedness, safety, latency, cost, maintainability, and business KPIs. |
Core Generative AI Concepts
| Term | Compact meaning | Exam cue |
|---|---|---|
| Generative AI | AI that creates new content such as text, code, images, audio, video, or structured outputs. | Used for drafting, summarizing, classifying, answering, translating, coding, and content generation. |
| Foundation model | Large pretrained model adaptable to many tasks. | Start here before considering custom training. |
| Large language model | Foundation model optimized for language and text-like sequences. | Good for reasoning over text, summarization, Q&A, extraction, and code. |
| Multimodal model | Model that accepts or generates more than one modality, such as text and images. | Choose when the input is documents, diagrams, screenshots, audio, or video. |
| Gemini | Google family of generative AI models available across Google products and Google Cloud. | Common choice for enterprise GenAI apps on Vertex AI. |
| Token | Unit of model input/output, often a word piece or character group. | More tokens usually means more cost, latency, and context pressure. |
| Context window | Amount of input and generated output the model can consider in one request. | Large context helps, but does not replace retrieval, governance, or evaluation. |
| Prompt | Instructions and context sent to a model. | Primary way to shape output without changing model weights. |
| System instruction | High-priority instruction defining behavior, role, tone, constraints, or safety posture. | Use for consistent app-level behavior. |
| Few-shot prompting | Supplying examples of desired inputs and outputs. | Good for format, tone, and task pattern consistency. |
| Embedding | Numeric representation of meaning. | Used for semantic search, similarity, clustering, and retrieval. |
| Vector database/search | Stores embeddings and finds nearby vectors. | Core component of RAG and semantic search. |
| RAG | Retrieval-augmented generation: retrieve relevant data, then ask the model to answer using it. | Best answer for current, proprietary, or source-grounded knowledge. |
| Grounding | Connecting model output to trusted sources or tools. | Mitigates hallucination; supports citations and auditability. |
| Chunking | Splitting documents into retrievable pieces. | Poor chunking causes missing context or noisy retrieval. |
| Hallucination | Plausible but incorrect or unsupported output. | Mitigate with grounding, constraints, evals, human review, and fallback behavior. |
| Fine-tuning / tuning | Adapting a model using examples. | Better for behavior/style/task pattern; not the first choice for fresh facts. |
| Agent | Model-driven system that can plan, use tools, retrieve data, or take actions. | Use when the solution needs multi-step reasoning or API/tool execution. |
| Function calling / tool use | Model produces structured calls to external tools or APIs. | Best for deterministic actions, data lookups, transactions, or workflow integration. |
| Guardrail | Control that constrains inputs, outputs, tools, or actions. | Needed for safety, policy, privacy, and reliability. |
| Human-in-the-loop | Human approval or review before final decision/action. | Important for high-risk, regulated, customer-impacting, or irreversible actions. |
Google Cloud Service Selection Matrix
| Scenario | Prefer | Why |
|---|---|---|
| Build a custom enterprise GenAI app using Gemini models | Vertex AI with Gemini models | Managed model access, enterprise controls, integration with Google Cloud data, security, and MLOps. |
| Prototype prompts and model behavior | Vertex AI Studio | Fast experimentation with prompts, parameters, and model outputs. |
| Discover and compare available models | Vertex AI Model Garden | Central place to evaluate Google, partner, and open models available through Vertex AI. |
| Build a low-code or no-code grounded search/chat experience | Vertex AI Agent Builder and Vertex AI Search | Speeds up enterprise search, conversational apps, and grounded experiences. |
| Add semantic retrieval at scale | Vertex AI Vector Search | Managed vector search for embedding-based retrieval. |
| Build GenAI over data warehouse assets | BigQuery, Gemini in BigQuery, BigQuery ML, BigQuery vector search | Keeps analytics and AI close to governed warehouse data. |
| Add natural-language BI exploration | Looker and Gemini in Looker | Helps users explore, summarize, and build insights in BI workflows. |
| Extract content from forms, invoices, PDFs, or scanned documents | Document AI with Vertex AI | Converts unstructured documents into structured or searchable content. |
| Add GenAI to a web/API backend | Cloud Run, GKE, or App Engine calling Vertex AI | Hosts app logic, retrieval, auth, and orchestration around model calls. |
| Orchestrate multi-step workflows | Workflows, Pub/Sub, Cloud Tasks, Cloud Run | Coordinates model calls, tools, approvals, and asynchronous processing. |
| Assist developers with code generation and review | Gemini Code Assist | Developer productivity use case rather than a custom app platform. |
| Assist cloud operators and architects | Gemini Cloud Assist | Helps with cloud operations, recommendations, and troubleshooting workflows. |
| Govern and discover enterprise data | Dataplex, BigQuery governance features, IAM | Data cataloging, policy, lineage, and access management. |
| Detect or redact sensitive data | Sensitive Data Protection | Helps identify, classify, mask, tokenize, or redact sensitive data. |
| Manage encryption keys | Cloud KMS, CMEK where supported | Use when customer-managed key control is required. |
| Protect apps from prompt and response risks | Model Armor plus application guardrails | Adds safety and security screening for GenAI applications. |
| Manage secrets for model apps and tools | Secret Manager | Avoids hard-coded API keys and credentials. |
| Audit access and operations | Cloud Audit Logs, Cloud Logging, Cloud Monitoring | Supports traceability, operations, and incident investigation. |
Build Pattern Decision Table
| Need | Choose | Avoid assuming |
|---|---|---|
| Improve answer format, tone, role, or structure | Prompt engineering and examples | That a new model or tuning is required. |
| Answer from current internal documents | RAG / grounding with enterprise data | That fine-tuning is the best way to add facts. |
| Provide citations or source traceability | RAG with source metadata and citation logic | That the model will cite correctly without retrieved sources. |
| Call an API, book an appointment, create a ticket, or update a system | Function calling / tools with least-privilege service accounts | That an LLM should directly perform unrestricted actions. |
| Complete multi-step tasks across tools | Agent with tools, state, guardrails, and approval gates | That agents are appropriate for simple deterministic workflows. |
| Match organization-specific style or repeated task pattern | Few-shot prompting, templates, or supervised tuning | That tuning guarantees factual accuracy. |
| Use proprietary, rapidly changing information | RAG, data connectors, freshness controls | That a static model contains the latest data. |
| High accuracy, low tolerance for error | Grounding, deterministic validation, human review, evals, fallback | That temperature 0 makes outputs fully reliable. |
| Need predictable business logic | Traditional code/workflows, with GenAI only where useful | That every automation should be agentic. |
| Need a domain model from scratch | Custom ML only if justified by data, expertise, and cost | That pretraining is a normal enterprise starting point. |
flowchart TD
A[GenAI use case] --> B{Needs private or current facts?}
B -- Yes --> C[RAG / grounding]
B -- No --> D{Needs strict output behavior?}
D -- Yes --> E[Prompt template + examples]
E --> F{Still inconsistent at scale?}
F -- Yes --> G[Consider tuning]
F -- No --> H[Deploy with evals]
D -- No --> I{Needs external action or tools?}
I -- Yes --> J[Function calling or agent]
I -- No --> K[Direct Gemini model call]
C --> L{Needs low-code enterprise search?}
L -- Yes --> M[Vertex AI Agent Builder / Search]
L -- No --> N[Custom app on Vertex AI + vector store]
Grounded GenAI Reference Architecture
flowchart LR
S[Enterprise sources<br/>Docs, DBs, tickets, web, BI] --> I[Ingest and prepare<br/>Dataflow, Cloud Run, Document AI]
I --> C[Chunk, classify, redact<br/>Sensitive Data Protection]
C --> E[Create embeddings<br/>Vertex AI]
E --> V[Vector index<br/>Vertex AI Vector Search / BigQuery / AlloyDB / Cloud SQL]
U[User request] --> A[App layer<br/>Cloud Run / GKE / App Engine]
A --> R[Retrieve relevant chunks<br/>metadata + ACL filters]
V --> R
R --> P[Prompt assembly<br/>instructions + sources + schema]
P --> M[Gemini on Vertex AI]
M --> G[Guardrails<br/>safety settings + Model Armor + validation]
G --> O[Answer, citation, action, or escalation]
A --> L[Logging, monitoring, audit, evaluation]
| Architecture concern | Practical exam answer |
|---|---|
| Data quality | Clean, deduplicate, classify, and maintain source ownership before retrieval. |
| Access control | Enforce IAM and document-level permissions before retrieved content enters the prompt. |
| Sensitive data | Redact, tokenize, mask, or minimize data before model calls where appropriate. |
| Freshness | Re-index or retrieve directly from authoritative systems when data changes often. |
| Traceability | Store source IDs, timestamps, prompt/template versions, model version, and output metadata. |
| Safety | Use layered controls: input filtering, grounding, model safety settings, output validation, and human review. |
| Reliability | Add fallback responses when retrieval confidence is low or sources are insufficient. |
| Cost and latency | Limit context size, retrieve only relevant chunks, cache safe responses, and choose the smallest model that meets quality needs. |
Prompt Engineering Quick Reference
| Prompt element | Use it for | Example instruction style |
|---|---|---|
| Role | Set perspective or expertise level. | “You are a support analyst summarizing customer cases.” |
| Task | State the exact action. | “Summarize the incident in five bullet points.” |
| Context | Provide retrieved facts, policy, data, or examples. | “Use only the context below.” |
| Constraints | Limit scope, tone, length, or prohibited content. | “Do not invent missing information.” |
| Output format | Make results machine- or reviewer-friendly. | “Return valid JSON with these fields…” |
| Few-shot examples | Demonstrate desired pattern. | Provide 2-3 representative input/output examples. |
| Evaluation rubric | Tell the model what “good” means. | “Optimize for factuality, brevity, and cited sources.” |
| Fallback rule | Avoid unsupported answers. | “If the answer is not in the sources, say you do not know.” |
System:
You are an enterprise assistant. Follow security policy and use only approved sources.
Task:
Answer the user's question using the provided context.
Context:
{{retrieved_chunks_with_source_ids}}
Rules:
- Use only the context.
- Cite source IDs for factual claims.
- If sources conflict, explain the conflict.
- If the answer is missing, say what information is needed.
- Do not expose sensitive data beyond the user's authorization.
Output:
Short answer
Citations
Follow-up question, if needed
Model Parameter Cues
| Parameter | Higher value tends to | Lower value tends to | Exam trap |
|---|---|---|---|
| Temperature | Increase variation and creativity | Increase consistency | Low temperature does not guarantee truth. |
| Top-p | Allow broader token sampling | Restrict sampling to more likely tokens | Tuning sampling is not a substitute for grounding. |
| Top-k | Consider more candidate tokens | Consider fewer candidates | May affect style and diversity, not source correctness. |
| Max output tokens | Allow longer responses | Force brevity | Too small can truncate valid answers. |
| Stop sequences | Stop generation at defined markers | Not applicable | Useful for structured outputs, but validation is still needed. |
RAG and Grounding Design Checklist
| Design choice | Good practice | Common failure |
|---|---|---|
| Source selection | Use authoritative, governed, current sources. | Indexing stale, duplicate, or unapproved documents. |
| Chunking | Split by semantic sections, headings, or logical units. | Chunks too small lose context; chunks too large add noise. |
| Metadata | Store source, owner, timestamp, document type, permissions, and business labels. | No way to filter by user, department, freshness, or source. |
| Embeddings | Use embeddings suited to the content and language. | Mixing incompatible embedding models without re-indexing. |
| Retrieval | Combine semantic search with filters, keywords, or reranking when needed. | Returning top matches without permission checks. |
| Citations | Tie claims to retrieved source IDs. | Asking the model to “cite” without passing source metadata. |
| Freshness | Re-index on data changes or retrieve from live systems. | Treating vector indexes as automatically current. |
| Access control | Apply user authorization before prompt assembly. | Relying on the prompt to hide unauthorized data. |
| Prompt assembly | Include only relevant chunks and clear instructions. | Dumping excessive context into the model. |
| Fallback | Say “not enough information” when retrieval is weak. | Forcing an answer when sources do not support it. |
RAG vs Fine-Tuning
| Question | RAG | Fine-tuning / tuning |
|---|---|---|
| Adds current proprietary facts? | Yes, if sources are indexed or retrieved. | Not ideal; facts become stale and hard to audit. |
| Improves tone/format/task behavior? | Somewhat, through prompts. | Often a better fit if examples are stable. |
| Supports citations? | Yes, with source metadata. | Not by itself. |
| Requires data governance? | Yes, for retrieved content. | Yes, for training/tuning data. |
| Fast to update knowledge? | Yes, update source/index. | Usually requires a tuning cycle. |
| Main risk | Bad retrieval or unauthorized context. | Overfitting, stale knowledge, insufficient examples. |
Evaluation and Model Selection
| Evaluation dimension | What to measure | Practical method |
|---|---|---|
| Task quality | Does the answer solve the user problem? | Human rubric, gold examples, pairwise model comparison. |
| Groundedness | Are claims supported by provided sources? | Citation review, source matching, factuality checks. |
| Retrieval quality | Did RAG retrieve the right evidence? | Recall, precision, hit rate, manual review of top results. |
| Safety | Does output violate policy or produce harmful content? | Red-team prompts, safety classifiers, Model Armor, human review. |
| Privacy | Does output leak sensitive or unauthorized data? | Access tests, prompt injection tests, DLP checks, log review. |
| Bias and fairness | Are outputs unfair across groups or contexts? | Representative test sets and human review. |
| Robustness | Does the app resist adversarial prompts and malformed input? | Prompt injection, jailbreak, and edge-case testing. |
| Latency | Is response time acceptable for the use case? | Load testing and percentile latency monitoring. |
| Cost | Is token, retrieval, storage, and compute cost sustainable? | Budgets, usage monitoring, prompt optimization. |
| Business impact | Does the workflow improve a target KPI? | A/B testing, productivity studies, containment rate, user satisfaction. |
| Retrieval metric | Plain formula | What it tells you |
|---|---|---|
| Precision | relevant retrieved / total retrieved | How much retrieved content is useful. |
| Recall | relevant retrieved / total relevant | Whether key evidence is being found. |
| F1 | harmonic mean of precision and recall | Balance between precision and recall. |
| Hit rate | queries with at least one relevant result / all queries | Whether users usually get some useful evidence. |
Responsible AI Reference
| Principle | What it means in practice | Controls to remember |
|---|---|---|
| Fairness | Avoid unfair outcomes or representation harms. | Representative data, bias testing, human review, documented limits. |
| Privacy | Protect personal, confidential, and regulated information. | Data minimization, Sensitive Data Protection, IAM, encryption, retention controls. |
| Safety | Reduce harmful, toxic, illegal, or policy-violating outputs. | Safety settings, Model Armor, red teaming, escalation paths. |
| Transparency | Make users aware of AI involvement and limitations. | Disclosures, citations, confidence/fallback messages, documentation. |
| Accountability | Define ownership for model behavior and business decisions. | Approval workflows, audit logs, model/prompt versioning. |
| Robustness | Maintain acceptable performance under variation or attack. | Testing, monitoring, prompt injection defenses, fallback behavior. |
| Human oversight | Keep people in control where risk is high. | Review queues, approval gates, appeal paths, manual override. |
Risk-Based Control Levels
| Use case risk | Example | Minimum control posture |
|---|---|---|
| Low | Drafting internal meeting summaries | User review, data handling policy, basic logging. |
| Medium | Customer support draft replies | Grounding, citations, safety review, agent assist rather than fully autonomous action. |
| High | Recommendations affecting finances, employment, health, legal, or access to critical services | Strong human oversight, documented evaluation, auditability, privacy controls, fallback, and policy review. |
| Operationally sensitive | Creating tickets, changing infrastructure, issuing refunds, updating records | Tool-level IAM, approval gates, transaction logs, rate limits, rollback plan. |
Security, Privacy, and Governance Decision Points
| Risk or requirement | Google Cloud-oriented answer |
|---|---|
| Users should only see documents they are authorized to access | Enforce IAM/source ACLs and metadata filters before retrieval; do not rely on prompts for authorization. |
| Prompts may contain PII or confidential data | Use data minimization, Sensitive Data Protection, masking/redaction, and clear logging policies. |
| Need auditable operations | Use Cloud Audit Logs, Cloud Logging, request IDs, model/prompt versions, and source IDs. |
| Need encryption control | Use Google Cloud encryption defaults and Cloud KMS/CMEK where required and supported. |
| Need to reduce data exfiltration risk | Apply IAM least privilege, VPC Service Controls where appropriate, private connectivity patterns, and egress controls. |
| App needs to call backend APIs | Use service accounts with least privilege; protect secrets in Secret Manager; validate tool inputs. |
| Prompt injection risk | Treat retrieved/user text as untrusted, isolate instructions from data, use Model Armor, validate outputs, and restrict tools. |
| Jailbreak or unsafe response risk | Use model safety controls, Model Armor, output filtering, red-team testing, and escalation. |
| Need data discovery and policy governance | Use Dataplex, BigQuery governance features, policy tags where applicable, and ownership metadata. |
| Need secure CI/CD for GenAI app | Use Artifact Registry, Cloud Build/Cloud Deploy, IaC, code review, and environment separation. |
| Need production observability | Use Cloud Monitoring, Cloud Logging, Error Reporting, Trace, custom quality metrics, and business KPI dashboards. |
High-yield distinction: safety filters reduce unsafe content risk, but they are not access control, data governance, legal approval, or a replacement for evaluation.
Data and Analytics Service Decisions
| Data workload | Prefer | Why |
|---|---|---|
| Governed analytical data | BigQuery | Central warehouse for analytics, SQL, governance, and AI-assisted analysis. |
| Natural-language data exploration | Gemini in BigQuery or Gemini in Looker | Helps analysts generate queries, summaries, and insights. |
| Unstructured documents | Cloud Storage, Document AI, Vertex AI embeddings | Good pipeline for PDFs, scanned docs, forms, and knowledge bases. |
| Relational application data | Cloud SQL, AlloyDB, or Spanner depending on app requirements | Keep transactional data in the system designed for the workload. |
| Semantic retrieval over large corpora | Vertex AI Vector Search | Managed vector retrieval for RAG and search. |
| Vector search inside warehouse workflows | BigQuery vector search | Useful when embeddings and analytical data already live in BigQuery. |
| Vector search near relational app data | AlloyDB or Cloud SQL vector capabilities where suitable | Useful when app records and embeddings should remain close together. |
| Streaming events | Pub/Sub and Dataflow | Ingest, transform, and route real-time data. |
| Business intelligence | Looker | Governed semantic layer and dashboards, with GenAI assistance where appropriate. |
| Data cataloging and governance | Dataplex | Discovery, governance, and metadata management across data assets. |
Agentic AI Reference
| Agent capability | When useful | Required controls |
|---|---|---|
| Retrieval | Agent must look up enterprise knowledge. | Source permissions, metadata filters, citations. |
| Tool use | Agent must call APIs or systems. | Function schemas, IAM, input validation, rate limits. |
| Planning | Task needs multiple steps or dynamic paths. | Step limits, trace logging, approval checkpoints. |
| Memory | User/session context improves experience. | Consent, retention policy, privacy controls. |
| Human approval | Action is high impact or irreversible. | Review queue, audit logs, clear handoff. |
| Observability | Need to debug agent behavior. | Trace tool calls, prompts, retrieved sources, decisions, and outcomes. |
| Choose an agent when | Do not choose an agent when |
|---|---|
| Steps vary by user intent and require reasoning. | The workflow is deterministic and easily coded. |
| The system must select among tools. | A simple API call or rules engine is enough. |
| The user benefits from conversational interaction. | Users need only a fixed form or report. |
| There is a safe way to constrain and audit actions. | The agent would need broad, unbounded permissions. |
Deployment and Operations
| Lifecycle area | Practical reference |
|---|---|
| Prototype | Use Vertex AI Studio, notebooks, small test sets, and clear success criteria. |
| App hosting | Use Cloud Run for simple containerized services; GKE for complex Kubernetes platforms; App Engine where it fits existing app patterns. |
| Model access | Use Vertex AI for managed Gemini and model governance integration. |
| Environment separation | Separate dev, test, and prod projects or environments; control IAM and data access. |
| CI/CD | Version prompts, code, retrieval config, schemas, and evaluation sets; automate tests before release. |
| Monitoring | Track errors, latency, token usage, retrieval hit rate, safety blocks, user feedback, and business KPIs. |
| Drift | Watch for source-data changes, user behavior changes, and declining answer quality. |
| Incident response | Log enough to investigate without storing unnecessary sensitive data. |
| Cost optimization | Reduce prompt size, optimize chunking, cache safe repeated results, choose appropriate model size, and monitor usage. |
| Change management | Re-run evals when prompts, models, data sources, safety settings, or retrieval logic change. |
Common Scenario Answer Key
| Scenario clue | Strong answer |
|---|---|
| “Need answers from internal policies with citations” | RAG with governed sources; Vertex AI Search or custom Vertex AI app. |
| “Model must know new company documents immediately” | Retrieval/grounding and refresh pipeline, not fine-tuning alone. |
| “Need no-code enterprise search chatbot” | Vertex AI Agent Builder / Vertex AI Search. |
| “Need custom app UI and backend logic around Gemini” | Cloud Run/GKE/App Engine plus Vertex AI. |
| “Need to redact PII before sending prompts” | Sensitive Data Protection plus data minimization. |
| “Need department-level data isolation” | IAM/source ACLs/metadata filters before retrieval. |
| “Need reliable JSON output” | Prompt schema, examples, constrained output handling, and server-side validation. |
| “Need to update a CRM or ticketing system” | Function calling/tool use with least-privilege service account and audit logging. |
| “Need to compare Gemini with another model” | Vertex AI Model Garden plus evaluation set and rubric. |
| “Need generate SQL and analyze warehouse data” | BigQuery with Gemini in BigQuery; validate generated SQL. |
| “Need summarize scanned invoices” | Document AI to extract content, then Vertex AI/Gemini for summarization if needed. |
| “Need prevent unsafe prompts and responses” | Model Armor, safety settings, validation, monitoring, and human escalation. |
| “Need improve support agent productivity without full automation” | Agent-assist workflow with suggested replies and human approval. |
| “Need deterministic approval workflow” | Workflows/traditional code; use GenAI only for summarization or classification if helpful. |
| “Need reduce hallucinations” | Grounding, citations, retrieval quality, evals, fallback, and human review. |
High-Yield Traps
- Fine-tuning is not the default answer for private or current knowledge. RAG usually is.
- Embeddings do not generate answers; they support similarity and retrieval.
- Grounding reduces hallucination but does not guarantee correctness.
- Temperature settings influence variation, not authorization or factuality.
- A larger model is not automatically better; consider latency, cost, task complexity, and evaluation results.
- Prompt instructions are not security controls. Use IAM, data filtering, validation, and tool permissions.
- Safety filters are not a substitute for privacy review, access control, or human oversight.
- Vector search results must respect document-level permissions.
- Citations require source metadata and retrieval design; the model cannot reliably cite sources it was not given.
- Agentic systems need stricter controls than Q&A systems because they can take actions.
- Logging prompts and responses can create sensitive-data exposure if retention and redaction are not planned.
- Production readiness requires evaluation, monitoring, rollback, and ownership, not just a successful demo.
Final Review Checklist
Before test day, be able to answer these quickly:
- Which Google Cloud service fits a custom GenAI app, low-code search app, data warehouse assistant, developer assistant, or document extraction workflow?
- When should you use prompt engineering, RAG, tuning, function calling, or an agent?
- How do embeddings, vector search, chunking, and grounding work together?
- What controls protect sensitive data in prompts, retrieved context, logs, and tool calls?
- How do you evaluate groundedness, safety, quality, retrieval performance, latency, cost, and business impact?
- What makes a GenAI use case low, medium, high, or operationally sensitive risk?
- Which answer choices are security controls, and which are only model-behavior controls?
- What should be monitored after deployment?
Next step: practice mixed scenario questions that force you to choose the best Google Cloud GenAI service, architecture pattern, and risk control under realistic business constraints.