ExamGecko
Login
Home / Google / Professional Cloud Developer / List of questions
Ask Question

Google Professional Cloud Developer Practice Test - Questions Answers, Page 13

List of questions

Question 121

Report
Export
Collapse

You want to create ''fully baked'' or ''golden'' Compute Engine images for your application. You need to bootstrap your application to connect to the appropriate database according to the environment the application is running on (test, staging, production). What should you do?

Embed the appropriate database connection string in the image. Create a different image for each environment.
Embed the appropriate database connection string in the image. Create a different image for each environment.
When creating the Compute Engine instance, add a tag with the name of the database to be connected. In your application, query the Compute Engine API to pull the tags for the current instance, and use the tag to construct the appropriate database connection string.
When creating the Compute Engine instance, add a tag with the name of the database to be connected. In your application, query the Compute Engine API to pull the tags for the current instance, and use the tag to construct the appropriate database connection string.
When creating the Compute Engine instance, create a metadata item with a key of ''DATABASE'' and a value for the appropriate database connection string. In your application, read the ''DATABASE'' environment variable, and use the value to connect to the appropriate database.
When creating the Compute Engine instance, create a metadata item with a key of ''DATABASE'' and a value for the appropriate database connection string. In your application, read the ''DATABASE'' environment variable, and use the value to connect to the appropriate database.
When creating the Compute Engine instance, create a metadata item with a key of ''DATABASE'' and a value for the appropriate database connection string. In your application, query the metadata server for the ''DATABASE'' value, and use the value to connect to the appropriate database.
When creating the Compute Engine instance, create a metadata item with a key of ''DATABASE'' and a value for the appropriate database connection string. In your application, query the metadata server for the ''DATABASE'' value, and use the value to connect to the appropriate database.
Suggested answer: D
asked 18/09/2024
Bill Rustom Cruz
33 questions

Question 122

Report
Export
Collapse

You are developing a microservice-based application that will be deployed on a Google Kubernetes Engine cluster. The application needs to read and write to a Spanner database. You want to follow security best practices while minimizing code changes. How should you configure your application to retrieve Spanner credentials?

Configure the appropriate service accounts, and use Workload Identity to run the pods.
Configure the appropriate service accounts, and use Workload Identity to run the pods.
Store the application credentials as Kubernetes Secrets, and expose them as environment variables.
Store the application credentials as Kubernetes Secrets, and expose them as environment variables.
Configure the appropriate routing rules, and use a VPC-native cluster to directly connect to the database.
Configure the appropriate routing rules, and use a VPC-native cluster to directly connect to the database.
Store the application credentials using Cloud Key Management Service, and retrieve them whenever a database connection is made.
Store the application credentials using Cloud Key Management Service, and retrieve them whenever a database connection is made.
Suggested answer: A

Explanation:

https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity

asked 18/09/2024
Marc Aurele ALLOTCHENOU
36 questions

Question 123

Report
Export
Collapse

You are deploying your application on a Compute Engine instance that communicates with Cloud SQL. You will use Cloud SQL Proxy to allow your application to communicate to the database using the service account associated with the application's instance. You want to follow the Google-recommended best practice of providing minimum access for the role assigned to the service account. What should you do?

Assign the Project Editor role.
Assign the Project Editor role.
Assign the Project Owner role.
Assign the Project Owner role.
Assign the Cloud SQL Client role.
Assign the Cloud SQL Client role.
Assign the Cloud SQL Editor role.
Assign the Cloud SQL Editor role.
Suggested answer: C
asked 18/09/2024
john wick
34 questions

Question 124

Report
Export
Collapse

Your team develops stateless services that run on Google Kubernetes Engine (GKE). You need to deploy a new service that will only be accessed by other services running in the GKE cluster. The service will need to scale as quickly as possible to respond to changing load. What should you do?

Use a Vertical Pod Autoscaler to scale the containers, and expose them via a ClusterIP Service.
Use a Vertical Pod Autoscaler to scale the containers, and expose them via a ClusterIP Service.
Use a Vertical Pod Autoscaler to scale the containers, and expose them via a NodePort Service.
Use a Vertical Pod Autoscaler to scale the containers, and expose them via a NodePort Service.
Use a Horizontal Pod Autoscaler to scale the containers, and expose them via a ClusterIP Service.
Use a Horizontal Pod Autoscaler to scale the containers, and expose them via a ClusterIP Service.
Use a Horizontal Pod Autoscaler to scale the containers, and expose them via a NodePort Service.
Use a Horizontal Pod Autoscaler to scale the containers, and expose them via a NodePort Service.
Suggested answer: C

Explanation:

https://cloud.google.com/kubernetes-engine/docs/concepts/service

asked 18/09/2024
Aidan Lear
49 questions

Question 125

Report
Export
Collapse

You recently migrated a monolithic application to Google Cloud by breaking it down into microservices. One of the microservices is deployed using Cloud Functions. As you modernize the application, you make a change to the API of the service that is backward-incompatible. You need to support both existing callers who use the original API and new callers who use the new API. What should you do?

Leave the original Cloud Function as-is and deploy a second Cloud Function with the new API. Use a load balancer to distribute calls between the versions.
Leave the original Cloud Function as-is and deploy a second Cloud Function with the new API. Use a load balancer to distribute calls between the versions.
Leave the original Cloud Function as-is and deploy a second Cloud Function that includes only the changed API. Calls are automatically routed to the correct function.
Leave the original Cloud Function as-is and deploy a second Cloud Function that includes only the changed API. Calls are automatically routed to the correct function.
Leave the original Cloud Function as-is and deploy a second Cloud Function with the new API. Use Cloud Endpoints to provide an API gateway that exposes a versioned API.
Leave the original Cloud Function as-is and deploy a second Cloud Function with the new API. Use Cloud Endpoints to provide an API gateway that exposes a versioned API.
Re-deploy the Cloud Function after making code changes to support the new API. Requests for both versions of the API are fulfilled based on a version identifier included in the call.
Re-deploy the Cloud Function after making code changes to support the new API. Requests for both versions of the API are fulfilled based on a version identifier included in the call.
Suggested answer: D
asked 18/09/2024
Stefan Duerr
26 questions

Question 126

Report
Export
Collapse

Your company just experienced a Google Kubernetes Engine (GKE) API outage due to a zone failure. You want to deploy a highly available GKE architecture that minimizes service interruption to users in the event of a future zone failure. What should you do?

Deploy Zonal clusters
Deploy Zonal clusters
Deploy Regional clusters
Deploy Regional clusters
Deploy Multi-Zone clusters
Deploy Multi-Zone clusters
Deploy GKE on-premises clusters
Deploy GKE on-premises clusters
Suggested answer: B

Explanation:

https://cloud.google.com/kubernetes-engine/docs/concepts/types-of-clusters#regional_clusters

A regional cluster has multiple replicas of the control plane, running in multiple zones within a given region. Nodes in a regional cluster can run in multiple zones or a single zone depending on the configured node locations. By default, GKE replicates each node pool across three zones of the control plane's region. When you create a cluster or when you add a new node pool, you can change the default configuration by specifying the zone(s) in which the cluster's nodes run. All zones must be within the same region as the control plane.

asked 18/09/2024
Mário Afonso
23 questions

Question 127

Report
Export
Collapse

Your team develops services that run on Google Cloud. You want to process messages sent to a Pub/Sub topic, and then store them. Each message must be processed exactly once to avoid duplication of data and any data conflicts. You need to use the cheapest and most simple solution. What should you do?

Process the messages with a Dataproc job, and write the output to storage.
Process the messages with a Dataproc job, and write the output to storage.
Process the messages with a Dataflow streaming pipeline using Apache Beam's PubSubIO package, and write the output to storage.
Process the messages with a Dataflow streaming pipeline using Apache Beam's PubSubIO package, and write the output to storage.
Process the messages with a Cloud Function, and write the results to a BigQuery location where you can run a job to deduplicate the data.
Process the messages with a Cloud Function, and write the results to a BigQuery location where you can run a job to deduplicate the data.
Retrieve the messages with a Dataflow streaming pipeline, store them in Cloud Bigtable, and use another Dataflow streaming pipeline to deduplicate messages.
Retrieve the messages with a Dataflow streaming pipeline, store them in Cloud Bigtable, and use another Dataflow streaming pipeline to deduplicate messages.
Suggested answer: B

Explanation:

https://cloud.google.com/dataflow/docs/concepts/streaming-with-cloud-pubsub

asked 18/09/2024
Shoban Babu
41 questions

Question 128

Report
Export
Collapse

You are running a containerized application on Google Kubernetes Engine. Your container images are stored in Container Registry. Your team uses CI/CD practices. You need to prevent the deployment of containers with known critical vulnerabilities. What should you do?

* Use Web Security Scanner to automatically crawl your application * Review your application logs for scan results, and provide an attestation that the container is free of known critical vulnerabilities * Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
* Use Web Security Scanner to automatically crawl your application * Review your application logs for scan results, and provide an attestation that the container is free of known critical vulnerabilities * Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
* Use Web Security Scanner to automatically crawl your application * Review the scan results in the scan details page in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities * Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
* Use Web Security Scanner to automatically crawl your application * Review the scan results in the scan details page in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities * Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
* Enable the Container Scanning API to perform vulnerability scanning * Review vulnerability reporting in Container Registry in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities * Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
* Enable the Container Scanning API to perform vulnerability scanning * Review vulnerability reporting in Container Registry in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities * Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
* Enable the Container Scanning API to perform vulnerability scanning * Programmatically review vulnerability reporting through the Container Scanning API, and provide an attestation that the container is free of known critical vulnerabilities * Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
* Enable the Container Scanning API to perform vulnerability scanning * Programmatically review vulnerability reporting through the Container Scanning API, and provide an attestation that the container is free of known critical vulnerabilities * Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
Suggested answer: D

Explanation:

https://cloud.google.com/binary-authorization/docs/creating-attestations-kritis

https://cloud.google.com/container-analysis/docs/os-overview

asked 18/09/2024
Bashar Deeb
47 questions

Question 129

Report
Export
Collapse

You have an on-premises application that authenticates to the Cloud Storage API using a user-managed service account with a user-managed key. The application connects to Cloud Storage using Private Google Access over a Dedicated Interconnect link. You discover that requests from the application to access objects in the Cloud Storage bucket are failing with a 403 Permission Denied error code. What is the likely cause of this issue?

The folder structure inside the bucket and object paths have changed.
The folder structure inside the bucket and object paths have changed.
The permissions of the service account's predefined role have changed.
The permissions of the service account's predefined role have changed.
The service account key has been rotated but not updated on the application server.
The service account key has been rotated but not updated on the application server.
The Interconnect link from the on-premises data center to Google Cloud is experiencing a temporary outage.
The Interconnect link from the on-premises data center to Google Cloud is experiencing a temporary outage.
Suggested answer: C
asked 18/09/2024
Piroon Dechates
35 questions

Question 130

Report
Export
Collapse

You are using the Cloud Client Library to upload an image in your application to Cloud Storage. Users of the application report that occasionally the upload does not complete and the client library reports an HTTP 504 Gateway Timeout error. You want to make the application more resilient to errors. What changes to the application should you make?

Write an exponential backoff process around the client library call.
Write an exponential backoff process around the client library call.
Write a one-second wait time backoff process around the client library call.
Write a one-second wait time backoff process around the client library call.
Design a retry button in the application and ask users to click if the error occurs.
Design a retry button in the application and ask users to click if the error occurs.
Create a queue for the object and inform the users that the application will try again in 10 minutes.
Create a queue for the object and inform the users that the application will try again in 10 minutes.
Suggested answer: A
asked 18/09/2024
Friedrich Spies
29 questions
Total 265 questions
Go to page: of 27
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You work at a rapidly growing financial technology startup. You manage the payment processing application written in Go and hosted on Cloud Run in the Singapore region (asia-southeast1). The payment processing application processes data stored in a Cloud Storage bucket that is also located in the Singapore region. The startup plans to expand further into the Asia Pacific region. You plan to deploy the Payment Gateway in Jakarta, Hong Kong, and Taiwan over the next six months. Each location has data residency requirements that require customer data to reside in the country where the transaction was made. You want to minimize the cost of these deployments. What should you do?
HipLocal wants to reduce the number of on-call engineers and eliminate manual scaling. Which two services should they choose? (Choose two.)
You need to migrate a standalone Java application running in an on-premises Linux virtual machine (VM) to Google Cloud in a cost-effective manner. You decide not to take the lift-and-shift approach, and instead you plan to modernize the application by converting it to a container. How should you accomplish this task?
You need to redesign the ingestion of audit events from your authentication service to allow it to handle a large increase in traffic. Currently, the audit service and the authentication system run in the same Compute Engine virtual machine. You plan to use the following Google Cloud tools in the new architecture: Multiple Compute Engine machines, each running an instance of the authentication service Multiple Compute Engine machines, each running an instance of the audit service Pub/Sub to send the events from the authentication services. How should you set up the topics and subscriptions to ensure that the system can handle a large volume of messages and can scale efficiently?
You are deploying a microservices application to Google Kubernetes Engine (GKE). The application will receive daily updates. You expect to deploy a large number of distinct containers that will run on the Linux operating system (OS). You want to be alerted to any known OS vulnerabilities in the new containers. You want to follow Google-recommended best practices. What should you do?
Your team detected a spike of errors in an application running on Cloud Run in your production project. The application is configured to read messages from Pub/Sub topic A, process the messages, and write the messages to topic B. You want to conduct tests to identify the cause of the errors. You can use a set of mock messages for testing. What should you do?
You manage a microservice-based ecommerce platform on Google Cloud that sends confirmation emails to a third-party email service provider using a Cloud Function. Your company just launched a marketing campaign, and some customers are reporting that they have not received order confirmation emails. You discover that the services triggering the Cloud Function are receiving HTTP 500 errors. You need to change the way emails are handled to minimize email loss. What should you do?
You have an application running in a production Google Kubernetes Engine (GKE) cluster. You use Cloud Deploy to automatically deploy your application to your production GKE cluster. As part of your development process: you are planning to make frequent changes to the applications source code and need to select the tools to test the changes before pushing them to your remote source code repository. Your toolset must meet the following requirements: * Test frequent local changes automatically. * Local deployment emulates production deployment. Which tools should you use to test building and running a container on your laptop using minimal resources'?
You are building a highly available and globally accessible application that will serve static content to users. You need to configure the storage and serving components. You want to minimize management overhead and latency while maximizing reliability for users. What should you do?
You are building a mobile application that will store hierarchical data structures in a database. The application will enable users working offline to sync changes when they are back online. A backend service will enrich the data in the database using a service account. The application is expected to be very popular and needs to scale seamlessly and securely. Which database and IAM role should you use?