Professional-Cloud-Developer Google Certified Professional - Cloud Developer Questions and Answers

Create an API key. Use the API key to interact with Google Cloud.

Use the default compute service account to interact with Google Cloud.

Create a service account for the application. Export and deploy the private key for the application. Use the service account to interact with Google Cloud.

Create a service account for the application and for each Google Cloud API used by the application. Export and deploy the private keys used by the application. Use the service account with one Google Cloud API to interact with Google Cloud.

Use the Cloud Data Loss Prevention API for redaction of the review dataset.

Use the Cloud Data Loss Prevention API for de-identification of the review dataset.

Use the Cloud Natural Language Processing API for redaction of the review dataset.

Use the Cloud Natural Language Processing API for de-identification of the review dataset.

Include unit tests in their code, and prevent deployments to QA until all tests have a passing status.

Include performance tests in their code, and prevent deployments to QA until all tests have a passing status.

Create health checks for the QA environment, and redeploy the APIs at a later time if the environment is unhealthy.

Redeploy the APIs to App Engine using Traffic Splitting. Do not move QA traffic to the new versions if errors are found.

Create new Cloud SQL instances in Europe and North America for testing and deployment. Provide developers with local MySQL instances to conduct testing on the application changes.

Migrate data to Bigtable. Instruct the development teams to use the Cloud SDK to emulate a local Bigtable development environment.

Move from Cloud SQL to MySQL hosted on Compute Engine. Replicate hosts across regions in the Americas and Europe. Provide developers with local MySQL instances to conduct testing on the application changes.

Migrate data to Firestore in Native mode and set up instan

Use the current single instance MySQL on Compute Engine and several read-only MySQL servers on

Compute Engine.

Use the current single instance MySQL on Compute Engine, and replicate the data to Cloud SQL in an

external master configuration.

Replace the current single instance MySQL instance with Cloud SQL, and configure high availability.

Replace the current single instance MySQL instance with Cloud SQL, and Google provides redundancy

without further configuration.

Cloud Profiler

Cloud Monitoring

Cloud Trace

Cloud Logging

Use Google Kubernetes Engine (GKE) to run the application as a microservice. Run the MySQL database on a dedicated GKE node.

Use multiple Compute Engine instances to run MySQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

Use Memorystore to store session information and CloudSQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

Use a Cloud Storage bucket to serve the application as a static website, and use another Cloud Storage bucket to store user state information.

Add a cache-control header to the objects.

Request a quota increase from the GCP Console.

Retry the request with a truncated exponential backoff strategy.

Change the storage class of the Cloud Storage bucket to Multi-regional.

Navigate to the Cloud Run page in the Google Cloud console, and select the service from the services list.

Use the Metrics tab to visualize the number of errors for that revision and refresh the page daily.

Create a Cloud Function that consumes the Cloud Monitoring API Use Cloud Composer to trigger the Cloud

Function daily and alert you if the number of errors is above the defined threshold.

Create an alerting policy in Cloud Monitoring that alerts you if the number of errors is above the defined

threshold.

Create a Cloud Function that consumes the Cloud Monitoring API Use Cloud Scheduler to trigger the Cloud

Function daily and alert you if the number of errors is above the defined threshold

Trigger a Spinnaker pipeline configured as an A/B test of your new code and, if it is successful, deploy the container to production.

Trigger a Spinnaker pipeline configured as a canary test of your new code and, if it is successful, deploy the container to production.

Trigger another Cloud Build job that uses the Kubernetes CLI tools to deploy your new container to your GKE cluster, where you can perform a canary test.

Trigger another Cloud Build job that uses the Kubernetes CLI tools to deploy your new container to your GKE cluster, where you can perform a shadow test.

Use HTTP requests to query the available metadata server at the http://metadata.google.internal/ endpoint with the Metadata-Flavor: Google header.

In the Google Cloud console, navigate to the Project Dashboard and gather configuration details. Navigate to the Cloud Run “Variables & Secrets” tab, and add the desired environment variables in Key:Value format.

In the Google Cloud console, navigate to the Project Dashboard and gather configuration details. Write the application configuration information to Cloud Run's in-memory container filesystem.

Make an API call to the Cloud Asset Inventory API from the application and format the request to include instance metadata.

Include multiple rows with each request.

Perform the inserts in parallel by creating multiple threads.

Write each row to a Cloud Storage object, then load into BigQuery.

Write each row to a Cloud Storage object in parallel, then load into BigQuery.

RESTful APIs

MQTT for APIs

gRPC-based APIs

SOAP-based APIs

With an OAuth Client ID that uses the https://www.googleapis.com/auth/drive.file scope to

obtain an access token for each user.

With an OAuth Client ID with delegated domain-wide authority.

With the App Engine service account and https://www.googleapis.com/auth/drive.file scope

that generates a signed JWT.

With the App Engine service account with delegated domain-wide authority.

Configure the Cloud Storage bucket to trigger Cloud Pub/Sub notifications when objects are modified.

Create an App Engine application to receive the file; when it is received, publish a message to the Cloud Pub/Sub topic.

Create a Cloud Function that is triggered by the Cloud Storage bucket. In the Cloud Function, publish a message to the Cloud Pub/Sub topic.

Create an application deployed in a Google Kubernetes Engine cluster to receive the file; when it is received, publish a message to the Cloud Pub/Sub topic.

Deploy the Pub/Sub and Cloud Run emulators on your local machine. Deploy the application locally, and change the logging level in the application to DEBUG or INFO. Write mock messages to topic A, and then analyze the logs.

Use the gcloud CLI to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.

Deploy the Pub/Sub emulator on your local machine. Point the production application to your local Pub/Sub topics. Write mock messages to topic A, and then analyze the logs.

Use the Google Cloud console to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.

Deploy the website on App Engine and use traffic splitting.

Deploy the website on App Engine as three separate services.

Deploy the website on Cloud Functions and use traffic splitting.

Deploy the website on Cloud Functions as three separate functions.

BigQuery

Cloud SQL

Cloud Spanner

Cloud Datastore

Block all traffic on port 443.

Allow all traffic into the network.

Allow traffic on port 443 for a specific tag.

Allow all traffic on port 443 into the network.

Cloud Spanner

Cloud Datastore

Cloud Memorystore as a cache

Separate Cloud SQL clusters for each region

Use Google App Engine services.

Use serverless Google Cloud Functions.

Use Knative to build and deploy serverless applications.

Use Google Kubernetes Engine for automated deployments.

Use a large Google Compute Engine cluster for deployments.

A linked list

A hash table

A two-dimensional array

A comma-delimited string

Request additional GKE quota is the GCP Console.

Request additional Compute Engine quota in the GCP Console.

Open a support case to request additional GKE quotA.

Decouple services in the cluster, and rewrite new clusters to function with fewer cores.

Grant your user account the roles/storage.objectCreator role for the Cloud Storage bucket.

Grant your user account the roles/iam.serviceAccountUser role for the service-PROJECTA@gcf-adminrobot.

iam.gserviceaccount.com service account.

Grant the service-PROJECTA@gcf-admin-robot.iam.gserviceaccount.com service account the roles/

storage.objectCreator role for the Cloud Storage bucket.

Enable the Cloud Storage API in project B.

gcloud compute instances add-access-config ${NAME}-backend-instance-1

gcloud compute instances add-tags ${NAME}-backend-instance-1 --tags http-server

gcloud compute firewall-rules create allow-lb --network load-balancer --allow

tcp --source-ranges 130.211.0.0/22,35.191.0.0/16 --direction INGRESS

gcloud compute firewall-rules create allow-lb --network load-balancer --allow

tcp --destination-ranges 130.211.0.0/22,35.191.0.0/16 --direction EGRESS

Embed the appropriate database connection string in the image. Create a different image for each environment.

When creating the Compute Engine instance, add a tag with the name of the database to be connected. In your application, query the Compute Engine API to pull the tags for the current instance, and use the tag to construct the appropriate database connection string.

When creating the Compute Engine instance, create a metadata item with a key of “DATABASE” and a value for the appropriate database connection string. In your application, read the “DATABASE” environment variable, and use the value to connect to the appropriate database.

When creating the Compute Engine instance, create a metadata item with a key of “DATABASE” and a value for the appropriate database connection string. In your application, query the metadata server for the “DATABASE” value, and use the value to connect to the appropriate database.

Remove the step that pushes the container to Artifact Registry.

Add the —cache-from argument to the Docker build step in your build config file.

Store image artifacts in a Cloud Storage bucket in the same region as the Cloud Run instance.

Deploy a new Docker registry in a VPC and use Cloud Build worker pools inside the VPC to run the build pipeline.

Add a public IP address to your instance, and restrict access to the instance using firewall rules. Allow your company’s proxy as the only source IP address.

Add an HTTP(S) load balancer in front of the instance, and set up Identity-Aware Proxy (IAP). Configure the IAP settings to allow your company domain to access the website.

Set up a VPN tunnel between your company network and your instance’s VPC location on Google Cloud. Configure the required firewall rules and routing information to both the on-premises and Google Cloud networks.

Add a public IP address to your instance, and allow traffic from the internet. Generate a random hash, and create a subdomain that includes this hash and points to your instance. Distribute this DNS address to your company’s employees.

File a ticket with Cloud Support indicating that the application performs faster locally.

Use Stackdriver Debugger Snapshots to look at a point-in-time execution of the application.

Use Stackdriver Trace to determine which functions within the application have higher latency.

Add logging commands to the application and use Stackdriver Logging to check where the latency problem occurs.

Create a separate dataset for each department. Create a view with an appropriate WHERE clause to

select records from a particular dataset for the specific department. Authorize this view to access records

from your Master dataset. Give employees the permission to this department-specific dataset.

Create a separate dataset for each department. Create a data pipeline for each department to copy

appropriate information from the Master dataset to the specific dataset for the department. Give employees

the permission to this department-specific dataset.

Create a dataset named Master dataset. Create a separate view for each department in the Master

dataset. Give employees access to the specific view for their department.

Create a dataset named Master dataset. Create a separate table for each department in the Master

dataset. Give employees access to the specific table for their department.

Create a new feature branch, and ask the build team to rebuild the image.

Shut down the deployed virtual machine, export the disk, and then mount the disk locally to access the boot logs.

Install Packer locally, build the Compute Engine image locally, and then run it in your personal Google Cloud project.

Check Compute Engine OS logs using the serial port, and check the Cloud Logging logs to confirm access to the serial port.

Use an Ingress that uses the API's URL to route requests to the appropriate backend.

Leverage a Service Discovery system, and connect to the backend specified by the request.

Use multiple clusters, and use DNS entries to route requests to separate versioned backends.

Combine multiple versions in the same service, and then specify the API version in the POST request.

Create custom metrics from the Cloud Logging logs, and use Prometheus to import the results using the Cloud Monitoring REST API.

Export the Cloud Logging logs and the Prometheus metrics to Cloud Bigtable. Run a query to join the results, and analyze in Google Data Studio.

Export the Cloud Logging logs and stream the Prometheus metrics to BigQuery. Run a recurring query to join the results, and send notifications using Cloud Tasks.

Export the Prometheus metrics and use Cloud Monitoring to view them as external metrics. Configure Cloud Monitoring to create log-based metrics from the logs, and correlate them with the Prometheus data.

Write a shutdown script that uses inter-process signals to notify the application process to disconnect from the database.

Write a shutdown script that broadcasts a message to all signed-in users that the Compute Engine instance is going down and instructs them to save current work and sign out.

Write a shutdown script that writes a file in a location that is being polled by the application once every five minutes. After the file is read, the application disconnects from the database.

Write a shutdown script that publishes a message to the Pub/Sub topic announcing that a shutdown is in progress. After the application reads the message, it disconnects from the database.

 Create a collection for the rooms. For each room, create a document that lists the contents of the messages

 Create a collection for the rooms. For each room, create a collection that contains a document for each message

 Create a collection for the rooms. For each room, create a document that contains a collection for documents, each of which contains a message.

 Create a collection for the rooms, and create a document for each room. Create a separate collection for messages, with one document per message. Each room’s document contains a list of references to the messages.

Use Cloud Build with a trigger configured for each source code commit.

Use Jenkins deployed via the Google Cloud Platform Marketplace, configured to watch for source code commits.

Use a Compute Engine virtual machine instance with an open source continuous integration tool, configured to watch for source code commits.

Use a source code commit trigger to push a message to a Cloud Pub/Sub topic that triggers an App Engine service to build the source code.

Perform a rolling update with a PodDisruptionBudget of 80%.

Perform a rolling update with a HorizontalPodAutoscaler scale-down policy value of 0.

Convert the Deployment to a StatefulSet, and perform a rolling update with a PodDisruptionBudget of 80%.

Convert the Deployment to a StatefulSet, and perform a rolling update with a HorizontalPodAutoscaler scale-down policy value of 0.

Migrate the Product catalog, which has integrations to the frontend and product database.

Migrate Payment processing, which has integrations to the frontend, order database, and third-party payment vendor.

Migrate Order fulfillment, which has integrations to the order database, inventory system, and third-party shipping vendor.

Migrate the Shopping cart, which has integrations to the frontend, cart database, inventory system, and payment processing system.

Use the JOIN operator in SQL to combine the tables.

Use nested WITH statements to combine the tables.

Use the UNION operator in SQL to combine the tables.

Use the UNION ALL operator in SQL to combine the tables.

Use a text editor and the Git command line to send your source code updates as pull requests from a public computer.

Use a text editor and the Git command line to send your source code updates as pull requests from a virtual machine running on a public computer.

Use Cloud Shell and the built-in code editor for development. Send your source code updates as pull requests.

Use a Cloud Storage bucket to store the source code that you need to edit. Mount the bucket to a public computer as a drive, and use a code editor to update the code. Turn on versioning for the bucket, and point it to the team’s Git repository.

Enable Identity-Aware Proxy in your project. Secure function access using its permissions.

Create a service account with the Cloud Functions Viewer role. Use that service account to invoke the function.

Create a service account with the Cloud Functions Invoker role. Use that service account to invoke the function.

Create an OAuth 2.0 client ID for your calling service in the same project as the function you want to secure. Use those credentials to invoke the function.

Enable the Vulnerability scanning setting in the Container Registry.

Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.

Disallow the use of non-commercially supported base images in your development environment.

Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.

Each developer commits their code to the main branch before each product release, conducts testing, and rolls back if integration issues are detected.

Each group of developers copies the repository, commits their changes to their repository, and merges their code into the main repository before each product release.

Each developer creates a branch for their own work, commits their changes to their branch, and merges their code into the main branch daily.

Each group of developers creates a feature branch from the main branch for their work, commits their changes to their branch, and merges their code into the main branch after the change advisory board approves it.

Store the credentials in a sidecar container proxy, and use it to connect to the third-party database.

Configure a service mesh to allow or restrict traffic from the Pods in your microservice to the database.

Store the credentials in an encrypted volume mount, and associate a Persistent Volume Claim with the client Pod.

Store the credentials as a Kubernetes Secret, and use the Cloud Key Management Service plugin to handle encryption and decryption.

Create a new Cloud Storage bucket, and mount it via FUSE in the container.

Create a new persistent disk, and mount the volume as a shared PersistentVolume.

Create a new Filestore instance, and mount the volume as an NFS PersistentVolume.

Create a new ConfigMap and volumeMount to store the contents of the configuration file.

Configure Cloud SQL to host the database, and import the schema into Cloud SQL.

Deploy MySQL from the Google Cloud Marketplace to the database using a client, and import the schema.

Configure Bigtable to host the database, and import the data into Bigtable.

Configure Cloud Spanner to host the database, and import the schema into Cloud Spanner.

Configure Firestore to host the database, and import the data into Firestore.

Deploy the application to Compute Engine and turn on autoscaling.

Replace the application's features with appropriate microservices in phases.

Refactor the monolithic application with appropriate microservices in a single effort and deploy it.

Build a new application with the appropriate microservices separate from the monolith and replace it when

it is complete.

Perform a rolling deployment, and test your new application after the deployment is complete.

Perform A/B testing, and test your application periodically after the new tests are implemented.

Perform a blue/green deployment, and test your new application after the deployment is. complete.

Perform a canary deployment, and test your new application periodically after the new version is deployed.

Use Stackdriver Monitoring to plot slot usage.

Use Stackdriver Trace to plot API execution time.

Use Stackdriver Trace to plot query execution time.

Use Stackdriver Monitoring to plot query execution times.

Google Cloud Deploy. Artifact Registry, and Google Cloud Armor

Google Cloud Deploy, Cloud Storage and Google Cloud Armor

Cloud Build, Cloud Storage, and Binary Authorization

Cloud Build. Artifact Registry and Binary Authorization

Use App Engine for autoscaling.

Use Cloud Functions for autoscaling.

Use a Compute Engine cluster for the service.

Use a dedicated Compute Engine virtual machine instance for the service.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain the database credentials.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain a key used to decrypt the database credentials.

Create a service account and grant it the roles/iam.serviceAccountUser role. Impersonate as this account and authenticate using the Cloud SQL Proxy.

Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account. Store and access the database credentials with the Secret Manager API.

Use local SSDs to store state.

Put a memcache layer in front of MySQL.

Move the state storage to Cloud Spanner.

Replace the MySQL instance with Cloud SQL.

Create manual subnets.

Create an auto mode subnet.

Create multiple peered VPCs.

Provision a single instance for NAT.

Migrate the database to Bigtable and use it to serve all global user traffic.

Migrate the database to Cloud Spanner and use it to serve all global user traffic.

Migrate the database to Firestore in Datastore mode and use it to serve all global user traffic.

Migrate the services to Google Kubernetes Engine and use a load balancer service to better scale the application.