ExamGecko
Login
Home / Google / Professional Cloud Developer / List of questions
Ask Question

Google Professional Cloud Developer Practice Test - Questions Answers, Page 18

List of questions

Question 171

Report
Export
Collapse

You are a developer working on an internal application for payroll processing. You are building a component of the application that allows an employee to submit a timesheet, which then initiates several steps:

* An email is sent to the employee and manager, notifying them that the timesheet was submitted.

* A timesheet is sent to payroll processing for the vendor's API.

* A timesheet is sent to the data warehouse for headcount planning.

These steps are not dependent on each other and can be completed in any order. New steps are being considered and will be implemented by different development teams. Each development team will implement the error handling specific to their step. What should you do?

Deploy a Cloud Function for each step that calls the corresponding downstream system to complete the required action.
Deploy a Cloud Function for each step that calls the corresponding downstream system to complete the required action.
Create a Pub/Sub topic for each step. Create a subscription for each downstream development team to subscribe to their step's topic.
Create a Pub/Sub topic for each step. Create a subscription for each downstream development team to subscribe to their step's topic.
Create a Pub/Sub topic for timesheet submissions. Create a subscription for each downstream development team to subscribe to the topic.
Create a Pub/Sub topic for timesheet submissions. Create a subscription for each downstream development team to subscribe to the topic.
Create a timesheet microservice deployed to Google Kubernetes Engine. The microservice calls each downstream step and waits for a successful response before calling the next step.
Create a timesheet microservice deployed to Google Kubernetes Engine. The microservice calls each downstream step and waits for a successful response before calling the next step.
Suggested answer: C
asked 18/09/2024
Rashid Hashim
45 questions

Question 172

Report
Export
Collapse

You are designing an application that uses a microservices architecture. You are planning to deploy the application in the cloud and on-premises. You want to make sure the application can scale up on demand and also use managed services as much as possible. What should you do?

Deploy open source Istio in a multi-cluster deployment on multiple Google Kubernetes Engine (GKE) clusters managed by Anthos.
Deploy open source Istio in a multi-cluster deployment on multiple Google Kubernetes Engine (GKE) clusters managed by Anthos.
Create a GKE cluster in each environment with Anthos, and use Cloud Run for Anthos to deploy your application to each cluster.
Create a GKE cluster in each environment with Anthos, and use Cloud Run for Anthos to deploy your application to each cluster.
Install a GKE cluster in each environment with Anthos, and use Cloud Build to create a Deployment for your application in each cluster.
Install a GKE cluster in each environment with Anthos, and use Cloud Build to create a Deployment for your application in each cluster.
Create a GKE cluster in the cloud and install open-source Kubernetes on-premises. Use an external load balancer service to distribute traffic across the two environments.
Create a GKE cluster in the cloud and install open-source Kubernetes on-premises. Use an external load balancer service to distribute traffic across the two environments.
Suggested answer: B

Explanation:

https://cloud.google.com/anthos/run

Integrated with Anthos, Cloud Run for Anthos provides a flexible serverless development platform for hybrid and multicloud environments. Cloud Run for Anthos is Google's managed and fully supported Knative offering, an open source project that enables serverless workloads on Kubernetes.

asked 18/09/2024
Narmada Balaji
30 questions

Question 173

Report
Export
Collapse

You want to migrate an on-premises container running in Knative to Google Cloud. You need to make sure that the migration doesn't affect your application's deployment strategy, and you want to use a fully managed service. Which Google Cloud service should you use to deploy your container?

Cloud Run
Cloud Run
Compute Engine
Compute Engine
Google Kubernetes Engine
Google Kubernetes Engine
App Engine flexible environment
App Engine flexible environment
Suggested answer: A

Explanation:

https://cloud.google.com/blog/products/serverless/knative-based-cloud-run-services-are-ga

asked 18/09/2024
Alex Pilallis
43 questions

Question 174

Report
Export
Collapse

This architectural diagram depicts a system that streams data from thousands of devices. You want to ingest data into a pipeline, store the data, and analyze the data using SQL statements. Which Google Cloud services should you use for steps 1, 2, 3, and 4?

1) App Engine 2) Pub/Sub 3) BigQuery 4) Firestore
1) App Engine 2) Pub/Sub 3) BigQuery 4) Firestore
1) Dataflow 2) Pub/Sub 3) Firestore 4) BigQuery
1) Dataflow 2) Pub/Sub 3) Firestore 4) BigQuery
1) Pub/Sub 2) Dataflow 3) BigQuery 4) Firestore
1) Pub/Sub 2) Dataflow 3) BigQuery 4) Firestore
1) Pub/Sub 2) Dataflow 3) Firestore 4) BigQuery
1) Pub/Sub 2) Dataflow 3) Firestore 4) BigQuery
Suggested answer: D
asked 18/09/2024
Nabil BENIKHLEF
42 questions

Question 175

Report
Export
Collapse

You are developing an application that consists of several microservices running in a Google Kubernetes Engine cluster. One microservice needs to connect to a third-party database running on-premises. You need to store credentials to the database and ensure that these credentials can be rotated while following security best practices. What should you do?

Store the credentials in a sidecar container proxy, and use it to connect to the third-party database.
Store the credentials in a sidecar container proxy, and use it to connect to the third-party database.
Configure a service mesh to allow or restrict traffic from the Pods in your microservice to the database.
Configure a service mesh to allow or restrict traffic from the Pods in your microservice to the database.
Store the credentials in an encrypted volume mount, and associate a Persistent Volume Claim with the client Pod.
Store the credentials in an encrypted volume mount, and associate a Persistent Volume Claim with the client Pod.
Store the credentials as a Kubernetes Secret, and use the Cloud Key Management Service plugin to handle encryption and decryption.
Store the credentials as a Kubernetes Secret, and use the Cloud Key Management Service plugin to handle encryption and decryption.
Suggested answer: D

Explanation:

https://cloud.google.com/kubernetes-engine/docs/how-to/encrypting-secrets

By default, Google Kubernetes Engine (GKE) encrypts customer content stored at rest, including Secrets. GKE handles and manages this default encryption for you without any additional action on your part.

Application-layer secrets encryption provides an additional layer of security for sensitive data, such as Secrets, stored in etcd. Using this functionality, you can use a key managed with Cloud KMS to encrypt data at the application layer. This encryption protects against attackers who gain access to an offline copy of etcd.

asked 18/09/2024
Ben Johnson
34 questions

Question 176

Report
Export
Collapse

You are deploying a microservices application to Google Kubernetes Engine (GKE). The application will receive daily updates. You expect to deploy a large number of distinct containers that will run on the Linux operating system (OS). You want to be alerted to any known OS vulnerabilities in the new containers. You want to follow Google-recommended best practices. What should you do?

Use the gcloud CLI to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.
Use the gcloud CLI to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.
Enable Container Analysis, and upload new container images to Artifact Registry. Review the vulnerability results before each deployment.
Enable Container Analysis, and upload new container images to Artifact Registry. Review the vulnerability results before each deployment.
Enable Container Analysis, and upload new container images to Artifact Registry. Review the critical vulnerability results before each deployment.
Enable Container Analysis, and upload new container images to Artifact Registry. Review the critical vulnerability results before each deployment.
Use the Container Analysis REST API to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.
Use the Container Analysis REST API to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.
Suggested answer: D

Explanation:

https://cloud.google.com/container-analysis/docs/automated-scanning-howto

https://cloud.google.com/container-analysis/docs/os-overview says: The Container Scanning API allows you to automate OS vulnerability detection, scanning each time you push an image to Container Registry or Artifact Registry. Enabling this API also triggers language package scans for Go and Java vulnerabilities (Preview).

asked 18/09/2024
Mir Ali
42 questions

Question 177

Report
Export
Collapse

You are a developer at a large organization. You have an application written in Go running in a production Google Kubernetes Engine (GKE) cluster. You need to add a new feature that requires access to BigQuery. You want to grant BigQuery access to your GKE cluster following Google-recommended best practices. What should you do?

Create a Google service account with BigQuery access. Add the JSON key to Secret Manager, and use the Go client library to access the JSON key.
Create a Google service account with BigQuery access. Add the JSON key to Secret Manager, and use the Go client library to access the JSON key.
Create a Google service account with BigQuery access. Add the Google service account JSON key as a Kubernetes secret, and configure the application to use this secret.
Create a Google service account with BigQuery access. Add the Google service account JSON key as a Kubernetes secret, and configure the application to use this secret.
Create a Google service account with BigQuery access. Add the Google service account JSON key to Secret Manager, and use an init container to access the secret for the application to use.
Create a Google service account with BigQuery access. Add the Google service account JSON key to Secret Manager, and use an init container to access the secret for the application to use.
Create a Google service account and a Kubernetes service account. Configure Workload Identity on the GKE cluster, and reference the Kubernetes service account on the application Deployment.
Create a Google service account and a Kubernetes service account. Configure Workload Identity on the GKE cluster, and reference the Kubernetes service account on the application Deployment.
Suggested answer: D

Explanation:

https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity#what_is

Applications running on GKE might need access to Google Cloud APIs such as Compute Engine API, BigQuery Storage API, or Machine Learning APIs.

Workload Identity allows a Kubernetes service account in your GKE cluster to act as an IAM service account. Pods that use the configured Kubernetes service account automatically authenticate as the IAM service account when accessing Google Cloud APIs. Using Workload Identity allows you to assign distinct, fine-grained identities and authorization for each application in your cluster.

asked 18/09/2024
Anna Fagulova
31 questions

Question 178

Report
Export
Collapse

You have an application written in Python running in production on Cloud Run. Your application needs to read/write data stored in a Cloud Storage bucket in the same project. You want to grant access to your application following the principle of least privilege. What should you do?

Create a user-managed service account with a custom Identity and Access Management (IAM) role.
Create a user-managed service account with a custom Identity and Access Management (IAM) role.
Create a user-managed service account with the Storage Admin Identity and Access Management (IAM) role.
Create a user-managed service account with the Storage Admin Identity and Access Management (IAM) role.
Create a user-managed service account with the Project Editor Identity and Access Management (IAM) role.
Create a user-managed service account with the Project Editor Identity and Access Management (IAM) role.
Use the default service account linked to the Cloud Run revision in production.
Use the default service account linked to the Cloud Run revision in production.
Suggested answer: A

Explanation:

https://cloud.google.com/iam/docs/understanding-roles#storage.admin

asked 18/09/2024
chengbin lin
44 questions

Question 179

Report
Export
Collapse

Your team is developing unit tests for Cloud Function code. The code is stored in a Cloud Source Repositories repository. You are responsible for implementing the tests. Only a specific service account has the necessary permissions to deploy the code to Cloud Functions. You want to ensure that the code cannot be deployed without first passing the tests. How should you configure the unit testing process?

Configure Cloud Build to deploy the Cloud Function. If the code passes the tests, a deployment approval is sent to you.
Configure Cloud Build to deploy the Cloud Function. If the code passes the tests, a deployment approval is sent to you.
Configure Cloud Build to deploy the Cloud Function, using the specific service account as the build agent. Run the unit tests after successful deployment.
Configure Cloud Build to deploy the Cloud Function, using the specific service account as the build agent. Run the unit tests after successful deployment.
Configure Cloud Build to run the unit tests. If the code passes the tests, the developer deploys the Cloud Function.
Configure Cloud Build to run the unit tests. If the code passes the tests, the developer deploys the Cloud Function.
Configure Cloud Build to run the unit tests, using the specific service account as the build agent. If the code passes the tests, Cloud Build deploys the Cloud Function.
Configure Cloud Build to run the unit tests, using the specific service account as the build agent. If the code passes the tests, Cloud Build deploys the Cloud Function.
Suggested answer: D
asked 18/09/2024
David Romano
30 questions

Question 180

Report
Export
Collapse

Your team detected a spike of errors in an application running on Cloud Run in your production project. The application is configured to read messages from Pub/Sub topic A, process the messages, and write the messages to topic B. You want to conduct tests to identify the cause of the errors. You can use a set of mock messages for testing. What should you do?

Deploy the Pub/Sub and Cloud Run emulators on your local machine. Deploy the application locally, and change the logging level in the application to DEBUG or INFO. Write mock messages to topic A, and then analyze the logs.
Deploy the Pub/Sub and Cloud Run emulators on your local machine. Deploy the application locally, and change the logging level in the application to DEBUG or INFO. Write mock messages to topic A, and then analyze the logs.
Use the gcloud CLI to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.
Use the gcloud CLI to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.
Deploy the Pub/Sub emulator on your local machine. Point the production application to your local Pub/Sub topics. Write mock messages to topic A, and then analyze the logs.
Deploy the Pub/Sub emulator on your local machine. Point the production application to your local Pub/Sub topics. Write mock messages to topic A, and then analyze the logs.
Use the Google Cloud console to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.
Use the Google Cloud console to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.
Suggested answer: B
asked 18/09/2024
Wessel Beulink
37 questions
Total 265 questions
Go to page: of 27
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

You work at a rapidly growing financial technology startup. You manage the payment processing application written in Go and hosted on Cloud Run in the Singapore region (asia-southeast1). The payment processing application processes data stored in a Cloud Storage bucket that is also located in the Singapore region. The startup plans to expand further into the Asia Pacific region. You plan to deploy the Payment Gateway in Jakarta, Hong Kong, and Taiwan over the next six months. Each location has data residency requirements that require customer data to reside in the country where the transaction was made. You want to minimize the cost of these deployments. What should you do?
HipLocal wants to reduce the number of on-call engineers and eliminate manual scaling. Which two services should they choose? (Choose two.)
You need to migrate a standalone Java application running in an on-premises Linux virtual machine (VM) to Google Cloud in a cost-effective manner. You decide not to take the lift-and-shift approach, and instead you plan to modernize the application by converting it to a container. How should you accomplish this task?
You need to redesign the ingestion of audit events from your authentication service to allow it to handle a large increase in traffic. Currently, the audit service and the authentication system run in the same Compute Engine virtual machine. You plan to use the following Google Cloud tools in the new architecture: Multiple Compute Engine machines, each running an instance of the authentication service Multiple Compute Engine machines, each running an instance of the audit service Pub/Sub to send the events from the authentication services. How should you set up the topics and subscriptions to ensure that the system can handle a large volume of messages and can scale efficiently?
You are deploying a microservices application to Google Kubernetes Engine (GKE). The application will receive daily updates. You expect to deploy a large number of distinct containers that will run on the Linux operating system (OS). You want to be alerted to any known OS vulnerabilities in the new containers. You want to follow Google-recommended best practices. What should you do?
Your team detected a spike of errors in an application running on Cloud Run in your production project. The application is configured to read messages from Pub/Sub topic A, process the messages, and write the messages to topic B. You want to conduct tests to identify the cause of the errors. You can use a set of mock messages for testing. What should you do?
You manage a microservice-based ecommerce platform on Google Cloud that sends confirmation emails to a third-party email service provider using a Cloud Function. Your company just launched a marketing campaign, and some customers are reporting that they have not received order confirmation emails. You discover that the services triggering the Cloud Function are receiving HTTP 500 errors. You need to change the way emails are handled to minimize email loss. What should you do?
You have an application running in a production Google Kubernetes Engine (GKE) cluster. You use Cloud Deploy to automatically deploy your application to your production GKE cluster. As part of your development process: you are planning to make frequent changes to the applications source code and need to select the tools to test the changes before pushing them to your remote source code repository. Your toolset must meet the following requirements: * Test frequent local changes automatically. * Local deployment emulates production deployment. Which tools should you use to test building and running a container on your laptop using minimal resources'?
You are building a highly available and globally accessible application that will serve static content to users. You need to configure the storage and serving components. You want to minimize management overhead and latency while maximizing reliability for users. What should you do?
You are building a mobile application that will store hierarchical data structures in a database. The application will enable users working offline to sync changes when they are back online. A backend service will enrich the data in the database using a service account. The application is expected to be very popular and needs to scale seamlessly and securely. Which database and IAM role should you use?