You are the on-call Site Reliability Engineer for a microservice that is deployed to a Google Kubernetes Engine (GKE) Autopilot cluster. Your company runs an online store that publishes order messages to Pub/Sub and a microservice receives these messages and updates stock information in the warehousing system. A sales event caused an increase in orders, and the stock information is not being updated quickly enough. This is causing a large number of orders to be accepted for products that are out of stock You check the metrics for the microservice and compare them to typical levels. You need to ensure that the warehouse system accurately reflects product inventory at the time orders are placed and minimize the impact on customers What should you do?

Increase the number of Pod replicas

Decrease the acknowledgment deadline on the subscription

Add a virtual queue to the online store that allows typical traffic levels

Increase the number of Pod replicas

Increase the Pod CPU and memory limits

Your team deploys applications to three Google Kubernetes Engine (GKE) environments development staging and production You use GitHub reposrtones as your source of truth You need to ensure that the three environments are consistent You want to follow Google-recommended practices to enforce and install network policies and a logging DaemonSet on all the GKE clusters in those environments What should you do?

Use Cloud Build to render and deploy the network policies and the DaemonSet Set up Config Sync to sync the configurations for the three environments

Use Google Cloud Deploy to deploy the network policies and the DaemonSet Use Cloud Monitoring to trigger an alert if the network policies and DaemonSet drift from your source in the repository.

Use Google Cloud Deploy to deploy the DaemonSet and use Policy Controller to configure the network policies Use Cloud Monitoring to detect drifts from the source in the repository and Cloud Functions to correct the drifts

Use Cloud Build to render and deploy the network policies and the DaemonSet Set up Config Sync to sync the configurations for the three environments

Use Cloud Build to render and deploy the network policies and the DaemonSet Set up a Policy Controller to enforce the configurations for the three environments

You are using Terraform to manage infrastructure as code within a Cl/CD pipeline You notice that multiple copies of the entire infrastructure stack exist in your Google Cloud project, and a new copy is created each time a change to the existing infrastructure is made You need to optimize your cloud spend by ensuring that only a single instance of your infrastructure stack exists at a time. You want to follow Google-recommended practices What should you do?

Confirm that the pipeline is storing and retrieving the terraform. if state file from Cloud Storage with the Terraform gcs backend

Create a new pipeline to delete old infrastructure stacks when they are no longer needed

Confirm that the pipeline is storing and retrieving the terraform. if state file from Cloud Storage with the Terraform gcs backend

Verify that the pipeline is storing and retrieving the terrafom.tfstat* file from a source control

Update the pipeline to remove any existing infrastructure before you apply the latest configuration

You are creating Cloud Logging sinks to export log entries from Cloud Logging to BigQuery for future analysis Your organization has a Google Cloud folder named Dev that contains development projects and a folder named Prod that contains production projects Log entries for development projects must be exported to dev_dataset. and log entries for production projects must be exported to prod_dataset You need to minimize the number of log sinks created and you want to ensure that the log sinks apply to future projects What should you do?

Create an aggregated Iog sink in the Dev and Prod folders

Create a single aggregated log sink at the organization level.

Create a log sink in each project

Create two aggregated log sinks at the organization level, and filter by project ID

Create an aggregated Iog sink in the Dev and Prod folders

Your company runs services by using multiple globally distributed Google Kubernetes Engine (GKE) clusters Your operations team has set up workload monitoring that uses Prometheus-based tooling for metrics alerts: and generating dashboards This setup does not provide a method to view metrics globally across all clusters You need to implement a scalable solution to support global Prometheus querying and minimize management overhead What should you do?

Configure Google Cloud Managed Service for Prometheus

Configure Prometheus cross-service federation for centralized data access

Configure workload metrics within Cloud Operations for GKE

Configure Prometheus hierarchical federation for centralized data access

Configure Google Cloud Managed Service for Prometheus

You need to build a CI/CD pipeline for a containerized application in Google Cloud Your development team uses a central Git repository for trunk-based development You want to run all your tests in the pipeline for any new versions of the application to improve the quality What should you do?

1. Trigger Cloud Build to run unit tests when the code is pushed If all unit tests are successful, build and push the application container to a central registry. 2. Trigger Cloud Build to deploy the container to a testing environment, and run integration tests and acceptance tests 3. If all tests are successful the pipeline deploys the application to the production environment and runs smoke tests

1. Install a Git hook to require developers to run unit tests before pushing the code to a central repository 2. Trigger Cloud Build to build the application container Deploy the application container to a testing environment, and run integration tests 3. If the integration tests are successful deploy the application container to your production environment. and run acceptance tests

1. Install a Git hook to require developers to run unit tests before pushing the code to a central repository If all tests are successful build a container 2. Trigger Cloud Build to deploy the application container to a testing environment, and run integration tests and acceptance tests 3. If all tests are successful tag the code as production ready Trigger Cloud Build to build and deploy the application container to the production environment

1. Trigger Cloud Build to build the application container and run unit tests with the container 2. If unit tests are successful, deploy the application container to a testing environment, and run integration tests 3. If the integration tests are successful the pipeline deploys the application container to the production environment After that, run acceptance tests

1. Trigger Cloud Build to run unit tests when the code is pushed If all unit tests are successful, build and push the application container to a central registry. 2. Trigger Cloud Build to deploy the container to a testing environment, and run integration tests and acceptance tests 3. If all tests are successful the pipeline deploys the application to the production environment and runs smoke tests

Your company is developing applications that are deployed on Google Kubernetes Engine (GKE) Each team manages a different application You need to create the development and production environments for each team while you minimize costs Different teams should not be able to access other teams environments You want to follow Google-recommended practices What should you do?

Create a development and a production GKE cluster in separate projects In each cluster create a Kubernetes namespace per team and then configure Kubernetes role-based access control (RBAC) so that each team can only access its own namespace

Create one Google Cloud project per team In each project create a cluster for development and one for production Grant the teams Identity and Access Management (1AM) access to their respective clusters

Create one Google Cloud project per team In each project create a cluster with a Kubernetes namespace for development and one for production Grant the teams Identity and Access Management (1AM) access to their respective clusters.

Create a development and a production GKE cluster in separate projects In each cluster create a Kubernetes namespace per team and then configure Identity-Aware Proxy so that each team can only access its own namespace

Create a development and a production GKE cluster in separate projects In each cluster create a Kubernetes namespace per team and then configure Kubernetes role-based access control (RBAC) so that each team can only access its own namespace

The new version of your containerized application has been tested and is ready to be deployed to production on Google Kubernetes Engine (GKE) You could not fully load-test the new version in your pre-production environment and you need to ensure that the application does not have performance problems after deployment Your deployment must be automated What should you do?

Deploy the application through a continuous delivery pipeline by using canary deployments Use Cloud Monitoring to look for performance issues, and ramp up traffic as supported by the metrics

Deploy the application through a continuous delivery pipeline by using blue/green deployments Migrate traffic to the new version of the application and use Cloud Monitoring to look for performance issues

Deploy the application by using kubectl and use Config Connector to slowly ramp up traffic between versions. Use Cloud Monitoring to look for performance issues

Deploy the application by using kubectl and set the spec. updatestrategy. type field to RollingUpdate Use Cloud Monitoring to look for performance issues, and run the kubectl rollback command if there are any issues.

You are managing an application that runs in Compute Engine The application uses a custom HTTP server to expose an API that is accessed by other applications through an internal TCP/UDP load balancer A firewall rule allows access to the API port from 0.0.0-0/0. You need to configure Cloud Logging to log each IP address that accesses the API by using the fewest number of steps What should you do Bret?

Enable logging on the firewall rule

Enable Packet Mirroring on the VPC

Install the Ops Agent on the Compute Engine instances.

Enable logging on the firewall rule

Enable VPC Flow Logs on the subnet

You manage an application that is writing logs to Stackdriver Logging. You need to give some team members the ability to export logs. What should you do?

Grant the team members the IAM role of logging.configWriter on Cloud IAM.

Configure Access Context Manager to allow only these members to export logs.

Create and grant a custom IAM role with the permissions logging.sinks.list and logging.sink.get.

Create an Organizational Policy in Cloud IAM to allow only these members to create log exports.

You support the backend of a mobile phone game that runs on a Google Kubernetes Engine (GKE) cluster. The application is serving HTTP requests from users. You need to implement a solution that will reduce the network cost. What should you do?

Configure your network services on the Standard Tier.

Configure the VPC as a Shared VPC Host project.

Configure your network services on the Standard Tier.

Configure your Kubernetes duster as a Private Cluster.

Configure a Google Cloud HTTP Load Balancer as Ingress.

Your team has recently deployed an NGINX-based application into Google Kubernetes Engine (GKE) and has exposed it to the public via an HTTP Google Cloud Load Balancer (GCLB) ingress. You want to scale the deployment of the application's frontend using an appropriate Service Level Indicator (SLI). What should you do?

Install the Stackdriver custom metrics adapter and configure a horizontal pod autoscaler to use the number of requests provided by the GCLB.

Configure the horizontal pod autoscaler to use the average response time from the Liveness and Readiness probes.

Configure the vertical pod autoscaler in GKE and enable the cluster autoscaler to scale the cluster as pods expand.

Install the Stackdriver custom metrics adapter and configure a horizontal pod autoscaler to use the number of requests provided by the GCLB.

Expose the NGINX stats endpoint and configure the horizontal pod autoscaler to use the request metrics exposed by the NGINX deployment.

Your company experiences bugs, outages, and slowness in its production systems. Developers use the production environment for new feature development and bug fixes. Configuration and experiments are done in the production environment, causing outages for users. Testers use the production environment for load testing, which often slows the production systems. You need to redesign the environment to reduce the number of bugs and outages in production and to enable testers to load test new features. What should you do?

Create a development environment for writing code and a test environment for configurations, experiments, and load testing.

Create an automated testing script in production to detect failures as soon as they occur.

Create a development environment with smaller server capacity and give access only to developers and testers.

Secure the production environment to ensure that developers can't change it and set up one controlled update per year.

Create a development environment for writing code and a test environment for configurations, experiments, and load testing.

Your company follows Site Reliability Engineering practices. You are the Incident Commander for a new. customer-impacting incident. You need to immediately assign two incident management roles to assist you in an effective incident response. What roles should you assign?Choose 2 answers

External Customer Communications Lead

Your company follows Site Reliability Engineering principles. You are writing a postmortem for an incident, triggered by a software change, that severely affected users. You want to prevent severe incidents from happening in the future. What should you do?

Ensure that test cases that catch errors of this type are run successfully before new software releases.

Identify engineers responsible for the incident and escalate to their senior management.

Ensure that test cases that catch errors of this type are run successfully before new software releases.

Follow up with the employees who reviewed the changes and prescribe practices they should follow in the future.

Design a policy that will require on-call teams to immediately call engineers and management to discuss a plan of action if an incident occurs.

Your team is designing a new application for deployment both inside and outside Google Cloud Platform (GCP). You need to collect detailed metrics such as system resource utilization. You want to use centralized GCP services while minimizing the amount of work required to set up this collection system. What should you do?

Import the Stackdriver Profiler package, and configure it to relay function timing data to Stackdriver for further analysis.

Import the Stackdriver Debugger package, and configure the application to emit debug messages with timing information.

Instrument the code using a timing library, and publish the metrics via a health check endpoint that is scraped by Stackdriver.

Install an Application Performance Monitoring (APM) tool in both locations, and configure an export to a central data storage location for analysis.

Your application images are built and pushed to Google Container Registry (GCR). You want to build an automated pipeline that deploys the application when the image is updated while minimizing the development effort. What should you do?

Use Cloud Pub/Sub to trigger a Spinnaker pipeline.

Use Cloud Build to trigger a Spinnaker pipeline.

Use Cloud Pub/Sub to trigger a Spinnaker pipeline.

Use a custom builder in Cloud Build to trigger a Jenkins pipeline.

Use Cloud Pub/Sub to trigger a custom deployment service running in Google Kubernetes Engine (GKE).

You support a high-traffic web application that runs on Google Cloud Platform (GCP). You need to measure application reliability from a user perspective without making any engineering changes to it. What should you do?Choose 2 answers

Create new synthetic clients to simulate a user journey using the application.

Use current and historic Request Logs to trace customer interaction with the application.

Review current application metrics and add new ones as needed.

Modify the code to capture additional information for user interaction.

Analyze the web proxy logs only and capture response time of each request.

Create new synthetic clients to simulate a user journey using the application.

Use current and historic Request Logs to trace customer interaction with the application.

You support an application deployed on Compute Engine. The application connects to a Cloud SQL instance to store and retrieve data. After an update to the application, users report errors showing database timeout messages. The number of concurrent active users remained stable. You need to find the most probable cause of the database timeout. What should you do?

Determine whether there is an increased number of connections to the Cloud SQL instance.

Check the serial port logs of the Compute Engine instance.

Use Stackdriver Profiler to visualize the resources utilization throughout the application.

Determine whether there is an increased number of connections to the Cloud SQL instance.

Use Cloud Security Scanner to see whether your Cloud SQL is under a Distributed Denial of Service (DDoS) attack.

Your organization recently adopted a container-based workflow for application development. Your team develops numerous applications that are deployed continuously through an automated build pipeline to a Kubernetes cluster in the production environment. The security auditor is concerned that developers or operators could circumvent automated testing and push code changes to production without approval. What should you do to enforce approvals?

Enable binary authorization inside the Kubernetes cluster and configure the build pipeline as an attestor.

Configure the build system with protected branches that require pull request approval.

Use an Admission Controller to verify that incoming requests originate from approved sources.

Leverage Kubernetes Role-Based Access Control (RBAC) to restrict access to only approved users.

Enable binary authorization inside the Kubernetes cluster and configure the build pipeline as an attestor.

You support an application running on App Engine. The application is used globally and accessed from various device types. You want to know the number of connections. You are using Stackdriver Monitoring for App Engine. What metric should you use?

flex/instance/connections/current

You support a production service that runs on a single Compute Engine instance. You regularly need to spend time on recreating the service by deleting the crashing instance and creating a new instance based on the relevant image. You want to reduce the time spent performing manual operations while following Site Reliability Engineering principles. What should you do?

Create a Managed Instance Group with a single instance and use health checks to determine the system status.

File a bug with the development team so they can find the root cause of the crashing instance.

Create a Managed Instance Group with a single instance and use health checks to determine the system status.

Add a Load Balancer in front of the Compute Engine instance and use health checks to determine the system status.

Create a Stackdriver Monitoring dashboard with SMS alerts to be able to start recreating the crashed instance promptly after it has crashed.

You are managing the production deployment to a set of Google Kubernetes Engine (GKE) clusters. You want to make sure only images which are successfully built by your trusted CI/CD pipeline are deployed to production. What should you do?

Set up the Kubernetes Engine clusters with Binary Authorization.

Enable Cloud Security Scanner on the clusters.

Enable Vulnerability Analysis on the Container Registry.

Set up the Kubernetes Engine clusters as private clusters.

Set up the Kubernetes Engine clusters with Binary Authorization.

You support a high-traffic web application with a microservice architecture. The home page of the application displays multiple widgets containing content such as the current weather, stock prices, and news headlines. The main serving thread makes a call to a dedicated microservice for each widget and then lays out the homepage for the user. The microservices occasionally fail; when that happens, the serving thread serves the homepage with some missing content. Users of the application are unhappy if this degraded mode occurs too frequently, but they would rather have some content served instead of no content at all. You want to set a Service Level Objective (SLO) to ensure that the user experience does not degrade too much. What Service Level Indicator {SLI) should you use to measure this?

An availability SLI: the ratio of healthy microservices to the total number of microservices

A quality SLI: the ratio of non-degraded responses to total responses

An availability SLI: the ratio of healthy microservices to the total number of microservices

A freshness SLI: the proportion of widgets that have been updated within the last 10 minutes

A latency SLI: the ratio of microservice calls that complete in under 100 ms to the total number of microservice calls

You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (Pll) is leaking into certain log entry fields. All Pll entries begin with the text userinfo. You want to capture these log entries in a secure location for later review and prevent them from leaking to Stackdriver Logging. What should you do?

Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, and then copy the entries to a Cloud Storage bucket.

Create a basic log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.

Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, and then copy the entries to a Cloud Storage bucket.

Create an advanced log filter matching userinfo, configure a log export in the Stackdriver console with Cloud Storage as a sink, and then configure a tog exclusion with userinfo as a filter.

Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, create an advanced log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.

Your team uses Cloud Build for all CI/CO pipelines. You want to use the kubectl builder for Cloud Build to deploy new images to Google Kubernetes Engine (GKE). You need to authenticate to GKE while minimizing development effort. What should you do?

Assign the Container Developer role to the Cloud Build service account.

Specify the Container Developer role for Cloud Build in the cloudbuild.yaml file.

Create a new service account with the Container Developer role and use it to run Cloud Build.

Create a separate step in Cloud Build to retrieve service account credentials and pass these to kubectl.

You need to reduce the cost of virtual machines (VM| for your organization. After reviewing different options, you decide to leverage preemptible VM instances. Which application is suitable for preemptible VMs?

A GPU-accelerated video rendering platform that retrieves and stores videos in a storage bucket

A scalable in-memory caching system

The organization's public-facing website

A distributed, eventually consistent NoSQL database cluster with sufficient quorum

A GPU-accelerated video rendering platform that retrieves and stores videos in a storage bucket

You need to deploy a new service to production. The service needs to automatically scale using a Managed Instance Group (MIG) and should be deployed over multiple regions. The service needs a large number of resources for each instance and you need to plan for capacity. What should you do?

Validate that the resource requirements are within the available quota limits of each region.

Use the n2-highcpu-96 machine type in the configuration of the MIG.

Monitor results of Stackdriver Trace to determine the required amount of resources.

Validate that the resource requirements are within the available quota limits of each region.

Deploy the service in one region and use a global load balancer to route traffic to this region.

You support an e-commerce application that runs on a large Google Kubernetes Engine (GKE) cluster deployed on-premises and on Google Cloud Platform. The application consists of microservices that run in containers. You want to identify containers that are using the most CPU and memory. What should you do?

Use Stackdriver Kubernetes Engine Monitoring.

Use Prometheus to collect and aggregate logs per container, and then analyze the results in Grafana.

Use the Stackdriver Monitoring API to create custom metrics, and then organize your containers using groups.

Use Stackdriver Logging to export application logs to BigOuery. aggregate logs per container, and then analyze CPU and memory consumption.

You are on-call for an infrastructure service that has a large number of dependent systems. You receive an alert indicating that the service is failing to serve most of its requests and all of its dependent systems with hundreds of thousands of users are affected. As part of your Site Reliability Engineering (SRE) incident management protocol, you declare yourself Incident Commander (IC) and pull in two experienced people from your team as Operations Lead (OLJ and Communications Lead (CL). What should you do next?

Look for ways to mitigate user impact and deploy the mitigations to production.

Contact the affected service owners and update them on the status of the incident.

Establish a communication channel where incident responders and leads can communicate with each other.

Start a postmortem, add incident information, circulate the draft internally, and ask internal stakeholders for input.

Your product is currently deployed in three Google Cloud Platform (GCP) zones with your users divided between the zones. You can fail over from one zone to another, but it causes a 10-minute service disruption for the affected users. You typically experience a database failure once per quarter and can detect it within five minutes. You are cataloging the reliability risks of a new real-time chat feature for your product. You catalog the following information for each risk:* Mean Time to Detect (MUD} in minutes* Mean Time to Repair (MTTR) in minutes* Mean Time Between Failure (MTBF) in days* User Impact PercentageThe chat feature requires a new database system that takes twice as long to successfully fail over between zones. You want to account for the risk of the new database failing in one zone. What would be the values for the risk of database failover with the new system?

MTTD:5 MTTR: 20 MTBF: 90 Impact: 33%

MTTD: 5 MTTR: 10 MTBF: 90 Impact: 33%

MTTD:5 MTTR: 20 MTBF: 90 Impact: 33%

MTTD:5 MTTR: 10 MTBF: 90 Impact 50%

MTTD:5 MTTR: 20 MTBF: 90 Impact: 50%

You are developing a strategy for monitoring your Google Cloud Platform (GCP) projects in production using Stackdriver Workspaces. One of the requirements is to be able to quickly identify and react to production environment issues without false alerts from development and staging projects. You want to ensure that you adhere to the principle of least privilege when providing relevant team members with access to Stackdriver Workspaces. What should you do?

Create a new GCP monitoring project, and create a Stackdriver Workspace inside it. Attach the production projects to this workspace. Grant relevant team members read access to the Stackdriver Workspace.

Grant relevant team members read access to all GCP production projects. Create Stackdriver workspaces inside each project.

Grant relevant team members the Project Viewer IAM role on all GCP production projects. Create Slackdriver workspaces inside each project.

Choose an existing GCP production project to host the monitoring workspace. Attach the production projects to this workspace. Grant relevant team members read access to the Stackdriver Workspace.

Create a new GCP monitoring project, and create a Stackdriver Workspace inside it. Attach the production projects to this workspace. Grant relevant team members read access to the Stackdriver Workspace.

You support an application running on GCP and want to configure SMS notifications to your team for the most critical alerts in Stackdriver Monitoring. You have already identified the alerting policies you want to configure this for. What should you do?

Ensure that your team members set their SMS/phone numbers in their Stackdriver Profile. Select the SMS notification option for each alerting policy and then select the appropriate SMS/phone numbers from the list.

Download and configure a third-party integration between Stackdriver Monitoring and an SMS gateway. Ensure that your team members add their SMS/phone numbers to the external tool.

Select the Webhook notifications option for each alerting policy, and configure it to use a third-party integration tool. Ensure that your team members add their SMS/phone numbers to the external tool.

Ensure that your team members set their SMS/phone numbers in their Stackdriver Profile. Select the SMS notification option for each alerting policy and then select the appropriate SMS/phone numbers from the list.

Configure a Slack notification for each alerting policy. Set up a Slack-to-SMS integration to send SMS messages when Slack messages are received. Ensure that your team members add their SMS/phone numbers to the external integration.

Your application artifacts are being built and deployed via a CI/CD pipeline. You want the CI/CD pipeline to securely access application secrets. You also want to more easily rotate secrets in case of a security breach. What should you do?

Store secrets in Cloud Storage encrypted with a key from Cloud KMS. Provide the CI/CD pipeline with access to Cloud KMS via IAM.

Prompt developers for secrets at build time. Instruct developers to not store secrets at rest.

Store secrets in a separate configuration file on Git. Provide select developers with access to the configuration file.

Store secrets in Cloud Storage encrypted with a key from Cloud KMS. Provide the CI/CD pipeline with access to Cloud KMS via IAM.

Encrypt the secrets and store them in the source code repository. Store a decryption key in a separate repository and grant your pipeline access to it

You have a CI/CD pipeline that uses Cloud Build to build new Docker images and push them to Docker Hub. You use Git for code versioning. After making a change in the Cloud Build YAML configuration, you notice that no new artifacts are being built by the pipeline. You need to resolve the issue following Site Reliability Engineering practices. What should you do?

Run a Git compare between the previous and current Cloud Build Configuration files to find and fix the bug.

Disable the CI pipeline and revert to manually building and pushing the artifacts.

Change the CI pipeline to push the artifacts to Container Registry instead of Docker Hub.

Upload the configuration YAML file to Cloud Storage and use Error Reporting to identify and fix the issue.

Run a Git compare between the previous and current Cloud Build Configuration files to find and fix the bug.

You support an application that stores product information in cached memory. For every cache miss, an entry is logged in Stackdriver Logging. You want to visualize how often a cache miss happens over time. What should you do?

Create a logs-based metric in Stackdriver Logging and a dashboard for that metric in Stackdriver Monitoring.

Link Stackdriver Logging as a source in Google Data Studio. Filler (he logs on the cache misses.

Configure Stackdriver Profiler to identify and visualize when the cache misses occur based on the logs.

Create a logs-based metric in Stackdriver Logging and a dashboard for that metric in Stackdriver Monitoring.

Configure BigOuery as a sink for Stackdriver Logging. Create a scheduled query to filter the cache miss logs and write them to a separate table

You are part of an organization that follows SRE practices and principles. You are taking over the management of a new service from the Development Team, and you conduct a Production Readiness Review (PRR). After the PRR analysis phase, you determine that the service cannot currently meet its Service Level Objectives (SLOs). You want to ensure that the service can meet its SLOs in production. What should you do next?

Identify recommended reliability improvements to the service to be completed before handover.

Adjust the SLO targets to be achievable by the service so you can bring it into production.

Notify the development team that they will have to provide production support for the service.

Identify recommended reliability improvements to the service to be completed before handover.

Bring the service into production with no SLOs and build them when you have collected operational data.

You support a multi-region web service running on Google Kubernetes Engine (GKE) behind a Global HTTP'S Cloud Load Balancer (CLB). For legacy reasons, user requests first go through a third-party Content Delivery Network (CDN). which then routes traffic to the CLB. You have already implemented an availability Service Level Indicator (SLI) at the CLB level. However, you want to increase coverage in case of a potential load balancer misconfiguration. CDN failure, or other global networking catastrophe. Where should you measure this new SLI?Choose 2 answers

Instrumentation coded directly in the client

A synthetic client that periodically sends simulated user requests

Instrumentation coded directly in the client

Metrics exported from the application servers

GKE health checks for your application servers

A synthetic client that periodically sends simulated user requests

Your application images are built using Cloud Build and pushed to Google Container Registry (GCR). You want to be able to specify a particular version of your application for deployment based on the release version tagged in source control. What should you do when you push the image?

Supply the source control tag as a parameter within the image name.

Reference the image digest in the source control tag.

Supply the source control tag as a parameter within the image name.

Use Cloud Build to include the release version tag in the application image.

Use GCR digest versioning to match the image to the tag in source control.

Google Professional Cloud DevOps Engineer Practice Test 1

Categories
- Adobe
  - Populare exams
  - AD0-E116
  - AD0-E103
  - AD0-E307
  - AD0-E908
  - AD0-E134
  - AD0-E452
  - AD0-E717
  - AD0-E903
  - AD0-E716
  - AD0-E104
  - AD0-E711
  - AD0-E106
  - See more...
- Checkpoint
  - Populare exams
  - 156-315.81
  - 156-215.81
  - 156-585
  - 156-586
  - 156-836
  - 156-560
  - 156-536
  - 156-582
  - 156-587
  - See more...
- Cisco
  - Populare exams
  - 350-401
  - 200-301
  - 350-701
  - 350-601
  - 300-410
  - 350-801
  - 200-901
  - 350-901
  - 350-501
  - 300-415
  - 300-710
  - 400-007
  - See more...
- CompTIA
  - Populare exams
  - N10-008
  - 220-1101
  - 220-1102
  - SY0-601
  - SY0-701
  - CAS-004
  - TK0-201
  - SK0-005
  - FC0-U61
  - PT0-002
  - XK0-005
  - CS0-003
  - See more...
- DELL
  - Populare exams
  - D-ISM-FN-23
  - D-PSC-MN-01
  - D-OME-OE-A-24
  - D-PDD-DY-23
  - D-RP-DY-A-24
  - D-PST-MN-A-24
  - D-XTR-DS-A-24
  - D-XTR-MN-A-24
  - D-XTR-DY-A-24
  - D-VXR-OE-23
  - D-GAI-F-01
  - D-SNC-DY-00
  - See more...
- ECCouncil
  - Populare exams
  - 312-49v10
  - 312-50v12
  - 312-38
  - 712-50
  - 212-81
  - 312-40
  - 212-82
  - ECSS
  - ICS-SCADA Cyber Security
  - 112-51
  - 312-96
  - 312-82
  - See more...
- Fortinet
  - Populare exams
  - NSE4_FGT-7.2
  - FCP_FAZ_AD-7.4
  - NSE5_FAZ-7.2
  - FCP_FGT_AD-7.4
  - NSE5_FMG-7.2
  - NSE7_SDW-7.2
  - NSE7_PBC-7.2
  - NSE7_OTS-7.2
  - FCP_FAZ_AN-7.4
  - FCP_FCT_AD-7.2
  - NSE7_EFW-7.2
  - NSE6_FWB-6.4
  - See more...
- ISC
  - Populare exams
  - CISSP
  - CCSP
  - CAP
  - HCISPP
  - CISSP-ISSAP
  - CISSP-ISSMP
  - CISSP-ISSEP
  - See more...
- PMI
  - Populare exams
  - PMP
  - CAPM
  - PgMP
  - PMI-RMP
  - PMI-ACP
  - DASSM
  - PMO-CP
  - DASM
  - See more...
- Scrum
  - Populare exams
  - PSM I
  - PSPO-I
  - PSD
  - PSM II
  - PSPO-II
  - SPS
  - PSK-I
  - See more...
- VMware
  - Populare exams
  - 5V0-22.21
  - 5V0-35.21
  - 5V0-23.20
  - 5V0-31.22
  - 2V0-41.23
  - 2V0-33.22
  - 2V0-21.23
  - 5V0-21.21
  - 2V0-21.20
  - 2V0-41.20
  - 1V0-21.20
  - 2V0-31.21
  - See more...
- Microsoft
  - Populare exams
  - AZ-104
  - AZ-400
  - AZ-500
  - DP-100
  - MS-102
  - AZ-900
  - PL-300
  - AZ-204
  - DP-203
  - MB-330
  - AI-102
  - MS-900
  - See more...
- Amazon
  - Populare exams
  - SAA-C03
  - CLF-C02
  - SAP-C01
  - CLF-C01
  - DOP-C01
  - SCS-C01
  - DVA-C01
  - SAP-C02
  - SOA-C02
  - SCS-C02
  - ANS-C00
  - DVA-C02
  - See more...
- View All
How to
- Open VPLUS files
- Convert VPLUS to PDF
Contact us

Forgot password ?

Do not have an account ? Register

You are creating a CI/CD pipeline to perform Terraform deployments of Google Cloud resources Your CI/CD tooling is running in Google Kubernetes Engine (GKE) and uses an ephemeral Pod for each pipeline run You must ensure that the pipelines that run in the Pods have the appropriate Identity and Access Management (1AM) permissions to perform the Terraform deployments You want to follow Google-recommended practices for identity management What should you do?

Choose 2 answers

Create a new Kubernetes service account, and assign the service account to the Pods Use Workload Identity to authenticate as the Google service account

Create a new JSON service account key for the Google service account store the key as a Kubernetes secret, inject the key into the Pods, and set the boogle_application_credentials environment variable

Create a new Google service account, and assign the appropriate 1AM permissions

Create a new JSON service account key for the Google service account store the key in the secret management store for the CI/CD tool and configure Terraform to use this key for authentication

Assign the appropriate 1AM permissions to the Google service account associated with the Compute Engine VM instances that run the Pods

Comment (0)

Google Professional Cloud DevOps Engineer Practice Test 1

Question

Google Professional Cloud DevOps Engineer Practice Tests

Practice Tests