New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

Professional-Cloud-Developer Google Certified Professional - Cloud Developer Questions and Answers

Questions 4

For this question, refer to the HipLocal case study.

HipLocal's application uses Cloud Client Libraries to interact with Google Cloud. HipLocal needs to configure authentication and authorization in the Cloud Client Libraries to implement least privileged access for the application. What should they do?

Options:

A.

Create an API key. Use the API key to interact with Google Cloud.

B.

Use the default compute service account to interact with Google Cloud.

C.

Create a service account for the application. Export and deploy the private key for the application. Use the service account to interact with Google Cloud.

D.

Create a service account for the application and for each Google Cloud API used by the application. Export and deploy the private keys used by the application. Use the service account with one Google Cloud API to interact with Google Cloud.

Buy Now
Questions 5

HipLocal’s data science team wants to analyze user reviews.

How should they prepare the data?

Options:

A.

Use the Cloud Data Loss Prevention API for redaction of the review dataset.

B.

Use the Cloud Data Loss Prevention API for de-identification of the review dataset.

C.

Use the Cloud Natural Language Processing API for redaction of the review dataset.

D.

Use the Cloud Natural Language Processing API for de-identification of the review dataset.

Questions 6

For this question, refer to the HipLocal case study.

How should HipLocal increase their API development speed while continuing to provide the QA team with a stable testing environment that meets feature requirements?

Options:

A.

Include unit tests in their code, and prevent deployments to QA until all tests have a passing status.

B.

Include performance tests in their code, and prevent deployments to QA until all tests have a passing status.

C.

Create health checks for the QA environment, and redeploy the APIs at a later time if the environment is unhealthy.

D.

Redeploy the APIs to App Engine using Traffic Splitting. Do not move QA traffic to the new versions if errors are found.

Buy Now
Questions 7

For this question, refer to the HipLocal case study.

HipLocal is expanding into new locations. They must capture additional data each time the application is launched in a new European country. This is causing delays in the development process due to constant schema changes and a lack of environments for conducting testing on the application changes. How should they resolve the issue while meeting the business requirements?

Options:

A.

Create new Cloud SQL instances in Europe and North America for testing and deployment. Provide developers with local MySQL instances to conduct testing on the application changes.

B.

Migrate data to Bigtable. Instruct the development teams to use the Cloud SDK to emulate a local Bigtable development environment.

C.

Move from Cloud SQL to MySQL hosted on Compute Engine. Replicate hosts across regions in the Americas and Europe. Provide developers with local MySQL instances to conduct testing on the application changes.

D.

Migrate data to Firestore in Native mode and set up instan

Buy Now
Questions 8

HipLocal wants to improve the resilience of their MySQL deployment, while also meeting their business and technical requirements.

Which configuration should they choose?

Options:

A.

Use the current single instance MySQL on Compute Engine and several read-only MySQL servers on

Compute Engine.

B.

Use the current single instance MySQL on Compute Engine, and replicate the data to Cloud SQL in an

external master configuration.

C.

Replace the current single instance MySQL instance with Cloud SQL, and configure high availability.

D.

Replace the current single instance MySQL instance with Cloud SQL, and Google provides redundancy

without further configuration.

Buy Now
Questions 9

For this question, refer to the HipLocal case study.

Which Google Cloud product addresses HipLocal’s business requirements for service level indicators and objectives?

Options:

A.

Cloud Profiler

B.

Cloud Monitoring

C.

Cloud Trace

D.

Cloud Logging

Questions 10

For this question, refer to the HipLocal case study.

How should HipLocal redesign their architecture to ensure that the application scales to support a large increase in users?

Options:

A.

Use Google Kubernetes Engine (GKE) to run the application as a microservice. Run the MySQL database on a dedicated GKE node.

B.

Use multiple Compute Engine instances to run MySQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

C.

Use Memorystore to store session information and CloudSQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

D.

Use a Cloud Storage bucket to serve the application as a static website, and use another Cloud Storage bucket to store user state information.

Buy Now
Questions 11

Your service adds text to images that it reads from Cloud Storage. During busy times of the year, requests to

Cloud Storage fail with an HTTP 429 "Too Many Requests" status code.

How should you handle this error?

Options:

A.

Add a cache-control header to the objects.

B.

Request a quota increase from the GCP Console.

C.

Retry the request with a truncated exponential backoff strategy.

D.

Change the storage class of the Cloud Storage bucket to Multi-regional.

Buy Now
Questions 12

You are supporting a business-critical application in production deployed on Cloud Run. The application is reporting HTTP 500 errors that are affecting the usability of the application. You want to be alerted when the number of errors exceeds 15% of the requests within a specific time window. What should you do?

Options:

A.

Navigate to the Cloud Run page in the Google Cloud console, and select the service from the services list.

Use the Metrics tab to visualize the number of errors for that revision and refresh the page daily.

B.

Create a Cloud Function that consumes the Cloud Monitoring API Use Cloud Composer to trigger the Cloud

Function daily and alert you if the number of errors is above the defined threshold.

C.

Create an alerting policy in Cloud Monitoring that alerts you if the number of errors is above the defined

threshold.

D.

Create a Cloud Function that consumes the Cloud Monitoring API Use Cloud Scheduler to trigger the Cloud

Function daily and alert you if the number of errors is above the defined threshold

Buy Now
Questions 13

You are building a CI/CD pipeline that consists of a version control system, Cloud Build, and Container Registry. Each time a new tag is pushed to the repository, a Cloud Build job is triggered, which runs unit tests on the new code builds a new Docker container image, and pushes it into Container Registry. The last step of your pipeline should deploy the new container to your production Google Kubernetes Engine (GKE) cluster. You need to select a tool and deployment strategy that meets the following requirements:

• Zero downtime is incurred

• Testing is fully automated

• Allows for testing before being rolled out to users

• Can quickly rollback if needed

What should you do?

Options:

A.

Trigger a Spinnaker pipeline configured as an A/B test of your new code and, if it is successful, deploy the container to production.

B.

Trigger a Spinnaker pipeline configured as a canary test of your new code and, if it is successful, deploy the container to production.

C.

Trigger another Cloud Build job that uses the Kubernetes CLI tools to deploy your new container to your GKE cluster, where you can perform a canary test.

D.

Trigger another Cloud Build job that uses the Kubernetes CLI tools to deploy your new container to your GKE cluster, where you can perform a shadow test.

Buy Now
Questions 14

You are using Cloud Run to host a web application. You need to securely obtain the application project ID and region where the application is running and display this information to users. You want to use the most performant approach. What should you do?

Options:

A.

Use HTTP requests to query the available metadata server at the http://metadata.google.internal/ endpoint with the Metadata-Flavor: Google header.

B.

In the Google Cloud console, navigate to the Project Dashboard and gather configuration details. Navigate to the Cloud Run “Variables & Secrets” tab, and add the desired environment variables in Key:Value format.

C.

In the Google Cloud console, navigate to the Project Dashboard and gather configuration details. Write the application configuration information to Cloud Run's in-memory container filesystem.

D.

Make an API call to the Cloud Asset Inventory API from the application and format the request to include instance metadata.

Buy Now
Questions 15

Your teammate has asked you to review the code below. Its purpose is to efficiently add a large number of small rows to a BigQuery table.

Which improvement should you suggest your teammate make?

Options:

A.

Include multiple rows with each request.

B.

Perform the inserts in parallel by creating multiple threads.

C.

Write each row to a Cloud Storage object, then load into BigQuery.

D.

Write each row to a Cloud Storage object in parallel, then load into BigQuery.

Buy Now
Questions 16

You are building an API that will be used by Android and iOS apps The API must:

• Support HTTPs

• Minimize bandwidth cost

• Integrate easily with mobile apps

Which API architecture should you use?

Options:

A.

RESTful APIs

B.

MQTT for APIs

C.

gRPC-based APIs

D.

SOAP-based APIs

Buy Now
Questions 17

You are creating an App Engine application that writes a file to any user's Google Drive.

How should the application authenticate to the Google Drive API?

Options:

A.

With an OAuth Client ID that uses the https://www.googleapis.com/auth/drive.file scope to

obtain an access token for each user.

B.

With an OAuth Client ID with delegated domain-wide authority.

C.

With the App Engine service account and https://www.googleapis.com/auth/drive.file scope

that generates a signed JWT.

D.

With the App Engine service account with delegated domain-wide authority.

Buy Now
Questions 18

Your company has created an application that uploads a report to a Cloud Storage bucket. When the report is uploaded to the bucket, you want to publish a message to a Cloud Pub/Sub topic. You want to implement a solution that will take a small amount to effort to implement. What should you do?

Options:

A.

Configure the Cloud Storage bucket to trigger Cloud Pub/Sub notifications when objects are modified.

B.

Create an App Engine application to receive the file; when it is received, publish a message to the Cloud Pub/Sub topic.

C.

Create a Cloud Function that is triggered by the Cloud Storage bucket. In the Cloud Function, publish a message to the Cloud Pub/Sub topic.

D.

Create an application deployed in a Google Kubernetes Engine cluster to receive the file; when it is received, publish a message to the Cloud Pub/Sub topic.

Questions 19

Your team detected a spike of errors in an application running on Cloud Run in your production project. The application is configured to read messages from Pub/Sub topic A, process the messages, and write the messages to topic B. You want to conduct tests to identify the cause of the errors. You can use a set of mock messages for testing. What should you do?

Options:

A.

Deploy the Pub/Sub and Cloud Run emulators on your local machine. Deploy the application locally, and change the logging level in the application to DEBUG or INFO. Write mock messages to topic A, and then analyze the logs.

B.

Use the gcloud CLI to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.

C.

Deploy the Pub/Sub emulator on your local machine. Point the production application to your local Pub/Sub topics. Write mock messages to topic A, and then analyze the logs.

D.

Use the Google Cloud console to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.

Buy Now
Questions 20

Your website is deployed on Compute Engine. Your marketing team wants to test conversion rates between 3

different website designs.

Which approach should you use?

Options:

A.

Deploy the website on App Engine and use traffic splitting.

B.

Deploy the website on App Engine as three separate services.

C.

Deploy the website on Cloud Functions and use traffic splitting.

D.

Deploy the website on Cloud Functions as three separate functions.

Buy Now
Questions 21

Which database should HipLocal use for storing user activity?

Options:

A.

BigQuery

B.

Cloud SQL

C.

Cloud Spanner

D.

Cloud Datastore

Buy Now
Questions 22

HipLocal is configuring their access controls.

Which firewall configuration should they implement?

Options:

A.

Block all traffic on port 443.

B.

Allow all traffic into the network.

C.

Allow traffic on port 443 for a specific tag.

D.

Allow all traffic on port 443 into the network.

Buy Now
Questions 23

In order for HipLocal to store application state and meet their stated business requirements, which database service should they migrate to?

Options:

A.

Cloud Spanner

B.

Cloud Datastore

C.

Cloud Memorystore as a cache

D.

Separate Cloud SQL clusters for each region

Buy Now
Questions 24

HipLocal wants to reduce the number of on-call engineers and eliminate manual scaling.

Which two services should they choose? (Choose two.)

Options:

A.

Use Google App Engine services.

B.

Use serverless Google Cloud Functions.

C.

Use Knative to build and deploy serverless applications.

D.

Use Google Kubernetes Engine for automated deployments.

E.

Use a large Google Compute Engine cluster for deployments.

Buy Now
Questions 25

You are parsing a log file that contains three columns: a timestamp, an account number (a string), and a

transaction amount (a number). You want to calculate the sum of all transaction amounts for each unique

account number efficiently.

Which data structure should you use?

Options:

A.

A linked list

B.

A hash table

C.

A two-dimensional array

D.

A comma-delimited string

Buy Now
Questions 26

You are creating a Google Kubernetes Engine (GKE) cluster and run this command:

The command fails with the error:

You want to resolve the issue. What should you do?

Options:

A.

Request additional GKE quota is the GCP Console.

B.

Request additional Compute Engine quota in the GCP Console.

C.

Open a support case to request additional GKE quotA.

D.

Decouple services in the cluster, and rewrite new clusters to function with fewer cores.

Buy Now
Questions 27

Your code is running on Cloud Functions in project A. It is supposed to write an object in a Cloud Storage

bucket owned by project B. However, the write call is failing with the error "403 Forbidden".

What should you do to correct the problem?

Options:

A.

Grant your user account the roles/storage.objectCreator role for the Cloud Storage bucket.

B.

Grant your user account the roles/iam.serviceAccountUser role for the service-PROJECTA@gcf-adminrobot.

iam.gserviceaccount.com service account.

C.

Grant the service-PROJECTA@gcf-admin-robot.iam.gserviceaccount.com service account the roles/

storage.objectCreator role for the Cloud Storage bucket.

D.

Enable the Cloud Storage API in project B.

Buy Now
Questions 28

You have deployed an HTTP(s) Load Balancer with the gcloud commands shown below.

Health checks to port 80 on the Compute Engine virtual machine instance are failing and no traffic is sent to your instances. You want to resolve the problem.

Which commands should you run?

Options:

A.

gcloud compute instances add-access-config ${NAME}-backend-instance-1

B.

gcloud compute instances add-tags ${NAME}-backend-instance-1 --tags http-server

C.

gcloud compute firewall-rules create allow-lb --network load-balancer --allow

tcp --source-ranges 130.211.0.0/22,35.191.0.0/16 --direction INGRESS

D.

gcloud compute firewall-rules create allow-lb --network load-balancer --allow

tcp --destination-ranges 130.211.0.0/22,35.191.0.0/16 --direction EGRESS

Buy Now
Questions 29

You want to create “fully baked” or “golden” Compute Engine images for your application. You need to bootstrap your application to connect to the appropriate database according to the environment the application is running on (test, staging, production). What should you do?

Options:

A.

Embed the appropriate database connection string in the image. Create a different image for each environment.

B.

When creating the Compute Engine instance, add a tag with the name of the database to be connected. In your application, query the Compute Engine API to pull the tags for the current instance, and use the tag to construct the appropriate database connection string.

C.

When creating the Compute Engine instance, create a metadata item with a key of “DATABASE” and a value for the appropriate database connection string. In your application, read the “DATABASE” environment variable, and use the value to connect to the appropriate database.

D.

When creating the Compute Engine instance, create a metadata item with a key of “DATABASE” and a value for the appropriate database connection string. In your application, query the metadata server for the “DATABASE” value, and use the value to connect to the appropriate database.

Buy Now
Questions 30

You are deploying a Python application to Cloud Run using Cloud Build. The Cloud Build pipeline is shown below:

You want to optimize deployment times and avoid unnecessary steps What should you do?

Options:

A.

Remove the step that pushes the container to Artifact Registry.

B.

Add the —cache-from argument to the Docker build step in your build config file.

C.

Store image artifacts in a Cloud Storage bucket in the same region as the Cloud Run instance.

D.

Deploy a new Docker registry in a VPC and use Cloud Build worker pools inside the VPC to run the build pipeline.

Buy Now
Questions 31

You are developing an internal application that will allow employees to organize community events within your company. You deployed your application on a single Compute Engine instance. Your company uses Google Workspace (formerly G Suite), and you need to ensure that the company employees can authenticate to the application from anywhere. What should you do?

Options:

A.

Add a public IP address to your instance, and restrict access to the instance using firewall rules. Allow your company’s proxy as the only source IP address.

B.

Add an HTTP(S) load balancer in front of the instance, and set up Identity-Aware Proxy (IAP). Configure the IAP settings to allow your company domain to access the website.

C.

Set up a VPN tunnel between your company network and your instance’s VPC location on Google Cloud. Configure the required firewall rules and routing information to both the on-premises and Google Cloud networks.

D.

Add a public IP address to your instance, and allow traffic from the internet. Generate a random hash, and create a subdomain that includes this hash and points to your instance. Distribute this DNS address to your company’s employees.

Buy Now
Questions 32

You are developing a flower ordering application Currently you have three microservices.

• Order Service (receives the orders).

• Order Fulfillment Service (processes the orders).

• Notification Service (notifies the customer when the order is filled).

You need to determine how the services will communicate with each other. You want incoming orders to be processed quickly and you need to collect order information for fulfillment. You also want to make sure orders are not lost between your services and are able to communicate asynchronously. How should the requests be processed?

Options:

A.

B.

C.

D.

Buy Now
Questions 33

Your application performs well when tested locally, but it runs significantly slower when you deploy it to App Engine standard environment. You want to diagnose the problem. What should you do?

Options:

A.

File a ticket with Cloud Support indicating that the application performs faster locally.

B.

Use Stackdriver Debugger Snapshots to look at a point-in-time execution of the application.

C.

Use Stackdriver Trace to determine which functions within the application have higher latency.

D.

Add logging commands to the application and use Stackdriver Logging to check where the latency problem occurs.

Buy Now
Questions 34

Your company has a BigQuery dataset named "Master" that keeps information about employee travel and

expenses. This information is organized by employee department. That means employees should only be able

to view information for their department. You want to apply a security framework to enforce this requirement

with the minimum number of steps.

What should you do?

Options:

A.

Create a separate dataset for each department. Create a view with an appropriate WHERE clause to

select records from a particular dataset for the specific department. Authorize this view to access records

from your Master dataset. Give employees the permission to this department-specific dataset.

B.

Create a separate dataset for each department. Create a data pipeline for each department to copy

appropriate information from the Master dataset to the specific dataset for the department. Give employees

the permission to this department-specific dataset.

C.

Create a dataset named Master dataset. Create a separate view for each department in the Master

dataset. Give employees access to the specific view for their department.

D.

Create a dataset named Master dataset. Create a separate table for each department in the Master

dataset. Give employees access to the specific table for their department.

Buy Now
Questions 35

You are a developer working with the CI/CD team to troubleshoot a new feature that your team introduced. The CI/CD team used HashiCorp Packer to create a new Compute Engine image from your development branch. The image was successfully built, but is not booting up. You need to investigate the issue with the CI/CD team. What should you do?

Options:

A.

Create a new feature branch, and ask the build team to rebuild the image.

B.

Shut down the deployed virtual machine, export the disk, and then mount the disk locally to access the boot logs.

C.

Install Packer locally, build the Compute Engine image locally, and then run it in your personal Google Cloud project.

D.

Check Compute Engine OS logs using the serial port, and check the Cloud Logging logs to confirm access to the serial port.

Questions 36

You are designing an application that consists of several microservices. Each microservice has its own RESTful API and will be deployed as a separate Kubernetes Service. You want to ensure that the consumers of these APIs aren't impacted when there is a change to your API, and also ensure that third-party systems aren't interrupted when new versions of the API are released. How should you configure the connection to the application following Google-recommended best practices?

Options:

A.

Use an Ingress that uses the API's URL to route requests to the appropriate backend.

B.

Leverage a Service Discovery system, and connect to the backend specified by the request.

C.

Use multiple clusters, and use DNS entries to route requests to separate versioned backends.

D.

Combine multiple versions in the same service, and then specify the API version in the POST request.

Buy Now
Questions 37

You deployed a new application to Google Kubernetes Engine and are experiencing some performance degradation. Your logs are being written to Cloud Logging, and you are using a Prometheus sidecar model for capturing metrics. You need to correlate the metrics and data from the logs to troubleshoot the performance issue and send real-time alerts while minimizing costs. What should you do?

Options:

A.

Create custom metrics from the Cloud Logging logs, and use Prometheus to import the results using the Cloud Monitoring REST API.

B.

Export the Cloud Logging logs and the Prometheus metrics to Cloud Bigtable. Run a query to join the results, and analyze in Google Data Studio.

C.

Export the Cloud Logging logs and stream the Prometheus metrics to BigQuery. Run a recurring query to join the results, and send notifications using Cloud Tasks.

D.

Export the Prometheus metrics and use Cloud Monitoring to view them as external metrics. Configure Cloud Monitoring to create log-based metrics from the logs, and correlate them with the Prometheus data.

Buy Now
Questions 38

You are designing an application that will subscribe to and receive messages from a single Pub/Sub topic and insert corresponding rows into a database. Your application runs on Linux and leverages preemptible virtual machines to reduce costs. You need to create a shutdown script that will initiate a graceful shutdown. What should you do?

Options:

A.

Write a shutdown script that uses inter-process signals to notify the application process to disconnect from the database.

B.

Write a shutdown script that broadcasts a message to all signed-in users that the Compute Engine instance is going down and instructs them to save current work and sign out.

C.

Write a shutdown script that writes a file in a location that is being polled by the application once every five minutes. After the file is read, the application disconnects from the database.

D.

Write a shutdown script that publishes a message to the Pub/Sub topic announcing that a shutdown is in progress. After the application reads the message, it disconnects from the database.

Buy Now
Questions 39

You are designing a chat room application that will host multiple rooms and retain the message history for each room. You have selected Firestore as your database. How should you represent the data in Firestore?

Options:

A.

 Create a collection for the rooms. For each room, create a document that lists the contents of the messages

B.

 Create a collection for the rooms. For each room, create a collection that contains a document for each message

C.

 Create a collection for the rooms. For each room, create a document that contains a collection for documents, each of which contains a message.

D.

 Create a collection for the rooms, and create a document for each room. Create a separate collection for messages, with one document per message. Each room’s document contains a list of references to the messages.

Questions 40

Your company stores their source code in a Cloud Source Repositories repository. Your company wants to build and test their code on each source code commit to the repository and requires a solution that is managed and has minimal operations overhead.

Which method should they use?

Options:

A.

Use Cloud Build with a trigger configured for each source code commit.

B.

Use Jenkins deployed via the Google Cloud Platform Marketplace, configured to watch for source code commits.

C.

Use a Compute Engine virtual machine instance with an open source continuous integration tool, configured to watch for source code commits.

D.

Use a source code commit trigger to push a message to a Cloud Pub/Sub topic that triggers an App Engine service to build the source code.

Buy Now
Questions 41

You plan to deploy a new application revision with a Deployment resource to Google Kubernetes Engine (GKE) in production. The container might not work correctly. You want to minimize risk in case there are issues after deploying the revision. You want to follow Google-recommended best practices. What should you do?

Options:

A.

Perform a rolling update with a PodDisruptionBudget of 80%.

B.

Perform a rolling update with a HorizontalPodAutoscaler scale-down policy value of 0.

C.

Convert the Deployment to a StatefulSet, and perform a rolling update with a PodDisruptionBudget of 80%.

D.

Convert the Deployment to a StatefulSet, and perform a rolling update with a HorizontalPodAutoscaler scale-down policy value of 0.

Buy Now
Questions 42

You have been tasked with planning the migration of your company’s application from on-premises to Google Cloud. Your company’s monolithic application is an ecommerce website. The application will be migrated to microservices deployed on Google Cloud in stages. The majority of your company’s revenue is generated through online sales, so it is important to minimize risk during the migration. You need to prioritize features and select the first functionality to migrate. What should you do?

Options:

A.

Migrate the Product catalog, which has integrations to the frontend and product database.

B.

Migrate Payment processing, which has integrations to the frontend, order database, and third-party payment vendor.

C.

Migrate Order fulfillment, which has integrations to the order database, inventory system, and third-party shipping vendor.

D.

Migrate the Shopping cart, which has integrations to the frontend, cart database, inventory system, and payment processing system.

Buy Now
Questions 43

You have two tables in an ANSI-SQL compliant database with identical columns that you need to quickly

combine into a single table, removing duplicate rows from the result set.

What should you do?

Options:

A.

Use the JOIN operator in SQL to combine the tables.

B.

Use nested WITH statements to combine the tables.

C.

Use the UNION operator in SQL to combine the tables.

D.

Use the UNION ALL operator in SQL to combine the tables.

Buy Now
Questions 44

You work for a web development team at a small startup. Your team is developing a Node.js application using Google Cloud services, including Cloud Storage and Cloud Build. The team uses a Git repository for version control. Your manager calls you over the weekend and instructs you to make an emergency update to one of the company’s websites, and you’re the only developer available. You need to access Google Cloud to make the update, but you don’t have your work laptop. You are not allowed to store source code locally on a non-corporate computer. How should you set up your developer environment?

Options:

A.

Use a text editor and the Git command line to send your source code updates as pull requests from a public computer.

B.

Use a text editor and the Git command line to send your source code updates as pull requests from a virtual machine running on a public computer.

C.

Use Cloud Shell and the built-in code editor for development. Send your source code updates as pull requests.

D.

Use a Cloud Storage bucket to store the source code that you need to edit. Mount the bucket to a public computer as a drive, and use a code editor to update the code. Turn on versioning for the bucket, and point it to the team’s Git repository.

Buy Now
Questions 45

Your team develops services that run on Google Cloud. You need to build a data processing service and will use Cloud Functions. The data to be processed by the function is sensitive. You need to ensure that invocations can only happen from authorized services and follow Google-recommended best practices for securing functions. What should you do?

Options:

A.

Enable Identity-Aware Proxy in your project. Secure function access using its permissions.

B.

Create a service account with the Cloud Functions Viewer role. Use that service account to invoke the function.

C.

Create a service account with the Cloud Functions Invoker role. Use that service account to invoke the function.

D.

Create an OAuth 2.0 client ID for your calling service in the same project as the function you want to secure. Use those credentials to invoke the function.

Buy Now
Questions 46

Your company’s development teams want to use various open source operating systems in their Docker builds. When images are created in published containers in your company’s environment, you need to scan them for Common Vulnerabilities and Exposures (CVEs). The scanning process must not impact software development agility. You want to use managed services where possible. What should you do?

Options:

A.

Enable the Vulnerability scanning setting in the Container Registry.

B.

Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.

C.

Disallow the use of non-commercially supported base images in your development environment.

D.

Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.

Questions 47

You are a developer at a large organization Your team uses Git for source code management (SCM). You want to ensure that your team follows Google-recommended best practices to manage code to drive higher rates of software delivery. Which SCM process should your team use?

Options:

A.

Each developer commits their code to the main branch before each product release, conducts testing, and rolls back if integration issues are detected.

B.

Each group of developers copies the repository, commits their changes to their repository, and merges their code into the main repository before each product release.

C.

Each developer creates a branch for their own work, commits their changes to their branch, and merges their code into the main branch daily.

D.

Each group of developers creates a feature branch from the main branch for their work, commits their changes to their branch, and merges their code into the main branch after the change advisory board approves it.

Buy Now
Questions 48

You are developing an application that consists of several microservices running in a Google Kubernetes Engine cluster. One microservice needs to connect to a third-party database running on-premises. You need to store credentials to the database and ensure that these credentials can be rotated while following security best practices. What should you do?

Options:

A.

Store the credentials in a sidecar container proxy, and use it to connect to the third-party database.

B.

Configure a service mesh to allow or restrict traffic from the Pods in your microservice to the database.

C.

Store the credentials in an encrypted volume mount, and associate a Persistent Volume Claim with the client Pod.

D.

Store the credentials as a Kubernetes Secret, and use the Cloud Key Management Service plugin to handle encryption and decryption.

Buy Now
Questions 49

Your organization has recently begun an initiative to replatform their legacy applications onto Google Kubernetes Engine. You need to decompose a monolithic application into microservices. Multiple instances have read and write access to a configuration file, which is stored on a shared file system. You want to minimize the effort required to manage this transition, and you want to avoid rewriting the application code. What should you do?

Options:

A.

Create a new Cloud Storage bucket, and mount it via FUSE in the container.

B.

Create a new persistent disk, and mount the volume as a shared PersistentVolume.

C.

Create a new Filestore instance, and mount the volume as an NFS PersistentVolume.

D.

Create a new ConfigMap and volumeMount to store the contents of the configuration file.

Buy Now
Questions 50

You are developing an application hosted on Google Cloud that uses a MySQL relational database schema. The application will have a large volume of reads and writes to the database and will require backups and ongoing capacity planning. Your team does not have time to fully manage the database but can take on small administrative tasks. How should you host the database?

Options:

A.

Configure Cloud SQL to host the database, and import the schema into Cloud SQL.

B.

Deploy MySQL from the Google Cloud Marketplace to the database using a client, and import the schema.

C.

Configure Bigtable to host the database, and import the data into Bigtable.

D.

Configure Cloud Spanner to host the database, and import the schema into Cloud Spanner.

E.

Configure Firestore to host the database, and import the data into Firestore.

Buy Now
Questions 51

You want to re-architect a monolithic application so that it follows a microservices model. You want to

accomplish this efficiently while minimizing the impact of this change to the business.

Which approach should you take?

Options:

A.

Deploy the application to Compute Engine and turn on autoscaling.

B.

Replace the application's features with appropriate microservices in phases.

C.

Refactor the monolithic application with appropriate microservices in a single effort and deploy it.

D.

Build a new application with the appropriate microservices separate from the monolith and replace it when

it is complete.

Buy Now
Questions 52

You recently deployed your application in Google Kubernetes Engine, and now need to release a new version of your application. You need the ability to instantly roll back to the previous version in case there are issues with the new version. Which deployment model should you use?

Options:

A.

Perform a rolling deployment, and test your new application after the deployment is complete.

B.

Perform A/B testing, and test your application periodically after the new tests are implemented.

C.

Perform a blue/green deployment, and test your new application after the deployment is. complete.

D.

Perform a canary deployment, and test your new application periodically after the new version is deployed.

Buy Now
Questions 53

You have an analytics application that runs hundreds of queries on BigQuery every few minutes using BigQuery API. You want to find out how much time these queries take to execute. What should you do?

Options:

A.

Use Stackdriver Monitoring to plot slot usage.

B.

Use Stackdriver Trace to plot API execution time.

C.

Use Stackdriver Trace to plot query execution time.

D.

Use Stackdriver Monitoring to plot query execution times.

Buy Now
Questions 54

Your team is setting up a build pipeline for an application that will run in Google Kubernetes Engine (GKE). For security reasons, you only want images produced by the pipeline to be deployed to your GKE cluster. Which combination of Google Cloud services should you use?

Options:

A.

Google Cloud Deploy. Artifact Registry, and Google Cloud Armor

B.

Google Cloud Deploy, Cloud Storage and Google Cloud Armor

C.

Cloud Build, Cloud Storage, and Binary Authorization

D.

Cloud Build. Artifact Registry and Binary Authorization

Buy Now
Questions 55

HipLocal's.net-based auth service fails under intermittent load.

What should they do?

Options:

A.

Use App Engine for autoscaling.

B.

Use Cloud Functions for autoscaling.

C.

Use a Compute Engine cluster for the service.

D.

Use a dedicated Compute Engine virtual machine instance for the service.

Buy Now
Questions 56

For this question, refer to the HipLocal case study.

A recent security audit discovers that HipLocal’s database credentials for their Compute Engine-hosted MySQL databases are stored in plain text on persistent disks. HipLocal needs to reduce the risk of these credentials being stolen. What should they do?

Options:

A.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain the database credentials.

B.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain a key used to decrypt the database credentials.

C.

Create a service account and grant it the roles/iam.serviceAccountUser role. Impersonate as this account and authenticate using the Cloud SQL Proxy.

D.

Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account. Store and access the database credentials with the Secret Manager API.

Questions 57

In order to meet their business requirements, how should HipLocal store their application state?

Options:

A.

Use local SSDs to store state.

B.

Put a memcache layer in front of MySQL.

C.

Move the state storage to Cloud Spanner.

D.

Replace the MySQL instance with Cloud SQL.

Buy Now
Questions 58

HipLocal has connected their Hadoop infrastructure to GCP using Cloud Interconnect in order to query data stored on persistent disks.

Which IP strategy should they use?

Options:

A.

Create manual subnets.

B.

Create an auto mode subnet.

C.

Create multiple peered VPCs.

D.

Provision a single instance for NAT.

Buy Now
Questions 59

For this question refer to the HipLocal case study.

HipLocal wants to reduce the latency of their services for users in global locations. They have created read replicas of their database in locations where their users reside and configured their service to read traffic using those replicas. How should they further reduce latency for all database interactions with the least amount of effort?

Options:

A.

Migrate the database to Bigtable and use it to serve all global user traffic.

B.

Migrate the database to Cloud Spanner and use it to serve all global user traffic.

C.

Migrate the database to Firestore in Datastore mode and use it to serve all global user traffic.

D.

Migrate the services to Google Kubernetes Engine and use a load balancer service to better scale the application.

Buy Now
Exam Name: Google Certified Professional - Cloud Developer
Last Update: Dec 22, 2024
Questions: 265

PDF + Testing Engine

$134.99

Testing Engine

$99.99

PDF (Q&A)

$84.99