ExamGecko
Search Search Login
Home Home / Google / Professional Cloud DevOps Engineer

Google Professional Cloud DevOps Engineer Practice Test - Questions Answers, Page 3

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Your applications performance in Google Cloud has degraded since the last release You suspect that downstream dependencies might be causing some requests to take longer to complete You need to investigate the issue with your application to determine the cause What should you do?
You are managing the production deployment to a set of Google Kubernetes Engine (GKE) clusters. You want to make sure only images which are successfully built by your trusted CI/CD pipeline are deployed to production. What should you do?
You are creating a CI/CD pipeline in Cloud Build to build an application container image The application code is stored in GitHub Your company requires thai production image builds are only run against the main branch and that the change control team approves all pushes to the main branch You want the image build to be as automated as possible What should you do? Choose 2 answers
You are using Terraform to manage infrastructure as code within a Cl/CD pipeline You notice that multiple copies of the entire infrastructure stack exist in your Google Cloud project, and a new copy is created each time a change to the existing infrastructure is made You need to optimize your cloud spend by ensuring that only a single instance of your infrastructure stack exists at a time. You want to follow Google-recommended practices What should you do?
You are implementing a CI'CD pipeline for your application in your company s multi-cloud environment Your application is deployed by using custom Compute Engine images and the equivalent in other cloud providers You need to implement a solution that will enable you to build and deploy the images to your current environment and is adaptable to future changes Which solution stack should you use'?
You are writing a postmortem for an incident that severely affected users. You want to prevent similar incidents in the future. Which two of the following sections should you include in the postmortem? (Choose two.)
You created a Stackdriver chart for CPU utilization in a dashboard within your workspace project. You want to share the chart with your Site Reliability Engineering (SRE) team only. You want to ensure you follow the principle of least privilege. What should you do?
You are managing an application that runs in Compute Engine The application uses a custom HTTP server to expose an API that is accessed by other applications through an internal TCP/UDP load balancer A firewall rule allows access to the API port from 0.0.0-0/0. You need to configure Cloud Logging to log each IP address that accesses the API by using the fewest number of steps What should you do Bret?
You are deploying a Cloud Build job that deploys Terraform code when a Git branch is updated. While testing, you noticed that the job fails. You see the following error in the build logs: Initializing the backend. .. Error: Failed to get existing workspaces : querying Cloud Storage failed: googleapi : Error 403 You need to resolve the issue by following Google-recommended practices. What should you do?
Your company operates in a highly regulated domain that requires you to store all organization logs for seven years You want to minimize logging infrastructure complexity by using managed services You need to avoid any future loss of log capture or stored logs due to misconfiguration or human error What should you do?

Question 21

Report
Export
Collapse

Your organization recently adopted a container-based workflow for application development. Your team develops numerous applications that are deployed continuously through an automated build pipeline to a Kubernetes cluster in the production environment. The security auditor is concerned that developers or operators could circumvent automated testing and push code changes to production without approval. What should you do to enforce approvals?

A.
Configure the build system with protected branches that require pull request approval.
A.
Configure the build system with protected branches that require pull request approval.
Answers
B.
Use an Admission Controller to verify that incoming requests originate from approved sources.
B.
Use an Admission Controller to verify that incoming requests originate from approved sources.
Answers
C.
Leverage Kubernetes Role-Based Access Control (RBAC) to restrict access to only approved users.
C.
Leverage Kubernetes Role-Based Access Control (RBAC) to restrict access to only approved users.
Answers
D.
Enable binary authorization inside the Kubernetes cluster and configure the build pipeline as an attestor.
D.
Enable binary authorization inside the Kubernetes cluster and configure the build pipeline as an attestor.
Answers
Suggested answer: D

Explanation:

The keywords here is 'developers or operators'. Option A the operators could push images to production without approval (operators could touch the cluster directly and the cluster cannot do any action against them). Rest same as francisco_guerra.

Question 22

Report
Export
Collapse

You support an application running on App Engine. The application is used globally and accessed from various device types. You want to know the number of connections. You are using Stackdriver Monitoring for App Engine. What metric should you use?

A.
flex/connections/current
A.
flex/connections/current
Answers
B.
tcp_ssl_proxy/new_connections
B.
tcp_ssl_proxy/new_connections
Answers
C.
tcp_ssl_proxy/open_connections
C.
tcp_ssl_proxy/open_connections
Answers
D.
flex/instance/connections/current
D.
flex/instance/connections/current
Answers
Suggested answer: A

Explanation:

https://cloud.google.com/monitoring/api/metrics_gcp#gcp-appengine

Question 23

Report
Export
Collapse

You support a production service that runs on a single Compute Engine instance. You regularly need to spend time on recreating the service by deleting the crashing instance and creating a new instance based on the relevant image. You want to reduce the time spent performing manual operations while following Site Reliability Engineering principles. What should you do?

A.
File a bug with the development team so they can find the root cause of the crashing instance.
A.
File a bug with the development team so they can find the root cause of the crashing instance.
Answers
B.
Create a Managed Instance Group with a single instance and use health checks to determine the system status.
B.
Create a Managed Instance Group with a single instance and use health checks to determine the system status.
Answers
C.
Add a Load Balancer in front of the Compute Engine instance and use health checks to determine the system status.
C.
Add a Load Balancer in front of the Compute Engine instance and use health checks to determine the system status.
Answers
D.
Create a Stackdriver Monitoring dashboard with SMS alerts to be able to start recreating the crashed instance promptly after it has crashed.
D.
Create a Stackdriver Monitoring dashboard with SMS alerts to be able to start recreating the crashed instance promptly after it has crashed.
Answers
Suggested answer: B

Question 24

Report
Export
Collapse

You are managing the production deployment to a set of Google Kubernetes Engine (GKE) clusters. You want to make sure only images which are successfully built by your trusted CI/CD pipeline are deployed to production. What should you do?

A.
Enable Cloud Security Scanner on the clusters.
A.
Enable Cloud Security Scanner on the clusters.
Answers
B.
Enable Vulnerability Analysis on the Container Registry.
B.
Enable Vulnerability Analysis on the Container Registry.
Answers
C.
Set up the Kubernetes Engine clusters as private clusters.
C.
Set up the Kubernetes Engine clusters as private clusters.
Answers
D.
Set up the Kubernetes Engine clusters with Binary Authorization.
D.
Set up the Kubernetes Engine clusters with Binary Authorization.
Answers
Suggested answer: D

Explanation:

https://cloud.google.com/binary-authorization/docs/overview

Question 25

Report
Export
Collapse

You support a high-traffic web application with a microservice architecture. The home page of the application displays multiple widgets containing content such as the current weather, stock prices, and news headlines. The main serving thread makes a call to a dedicated microservice for each widget and then lays out the homepage for the user. The microservices occasionally fail; when that happens, the serving thread serves the homepage with some missing content. Users of the application are unhappy if this degraded mode occurs too frequently, but they would rather have some content served instead of no content at all. You want to set a Service Level Objective (SLO) to ensure that the user experience does not degrade too much. What Service Level Indicator {SLI) should you use to measure this?

A.
A quality SLI: the ratio of non-degraded responses to total responses
A.
A quality SLI: the ratio of non-degraded responses to total responses
Answers
B.
An availability SLI: the ratio of healthy microservices to the total number of microservices
B.
An availability SLI: the ratio of healthy microservices to the total number of microservices
Answers
C.
A freshness SLI: the proportion of widgets that have been updated within the last 10 minutes
C.
A freshness SLI: the proportion of widgets that have been updated within the last 10 minutes
Answers
D.
A latency SLI: the ratio of microservice calls that complete in under 100 ms to the total number of microservice calls
D.
A latency SLI: the ratio of microservice calls that complete in under 100 ms to the total number of microservice calls
Answers
Suggested answer: B

Explanation:

https://cloud.google.com/blog/products/gcp/available-or-not-that-is-the-question-cre-life-lessons

Question 26

Report
Export
Collapse

You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (Pll) is leaking into certain log entry fields. All Pll entries begin with the text userinfo. You want to capture these log entries in a secure location for later review and prevent them from leaking to Stackdriver Logging. What should you do?

A.
Create a basic log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
A.
Create a basic log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
Answers
B.
Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, and then copy the entries to a Cloud Storage bucket.
B.
Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, and then copy the entries to a Cloud Storage bucket.
Answers
C.
Create an advanced log filter matching userinfo, configure a log export in the Stackdriver console with Cloud Storage as a sink, and then configure a tog exclusion with userinfo as a filter.
C.
Create an advanced log filter matching userinfo, configure a log export in the Stackdriver console with Cloud Storage as a sink, and then configure a tog exclusion with userinfo as a filter.
Answers
D.
Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, create an advanced log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
D.
Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, create an advanced log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
Answers
Suggested answer: B

Explanation:

https://medium.com/google-cloud/fluentd-filter-plugin-for-google-cloud-data-loss-prevention-api-42bbb1308e76

Question 27

Report
Export
Collapse

Your team uses Cloud Build for all CI/CO pipelines. You want to use the kubectl builder for Cloud Build to deploy new images to Google Kubernetes Engine (GKE). You need to authenticate to GKE while minimizing development effort. What should you do?

A.
Assign the Container Developer role to the Cloud Build service account.
A.
Assign the Container Developer role to the Cloud Build service account.
Answers
B.
Specify the Container Developer role for Cloud Build in the cloudbuild.yaml file.
B.
Specify the Container Developer role for Cloud Build in the cloudbuild.yaml file.
Answers
C.
Create a new service account with the Container Developer role and use it to run Cloud Build.
C.
Create a new service account with the Container Developer role and use it to run Cloud Build.
Answers
D.
Create a separate step in Cloud Build to retrieve service account credentials and pass these to kubectl.
D.
Create a separate step in Cloud Build to retrieve service account credentials and pass these to kubectl.
Answers
Suggested answer: A

Explanation:

https://cloud.google.com/build/docs/deploying-builds/deploy-gke

https://cloud.google.com/build/docs/securing-builds/configure-user-specified-service-accounts

Question 28

Report
Export
Collapse

You need to reduce the cost of virtual machines (VM| for your organization. After reviewing different options, you decide to leverage preemptible VM instances. Which application is suitable for preemptible VMs?

A.
A scalable in-memory caching system
A.
A scalable in-memory caching system
Answers
B.
The organization's public-facing website
B.
The organization's public-facing website
Answers
C.
A distributed, eventually consistent NoSQL database cluster with sufficient quorum
C.
A distributed, eventually consistent NoSQL database cluster with sufficient quorum
Answers
D.
A GPU-accelerated video rendering platform that retrieves and stores videos in a storage bucket
D.
A GPU-accelerated video rendering platform that retrieves and stores videos in a storage bucket
Answers
Suggested answer: D

Explanation:

https://cloud.google.com/compute/docs/instances/preemptible

Question 29

Report
Export
Collapse

You need to deploy a new service to production. The service needs to automatically scale using a Managed Instance Group (MIG) and should be deployed over multiple regions. The service needs a large number of resources for each instance and you need to plan for capacity. What should you do?

A.
Use the n2-highcpu-96 machine type in the configuration of the MIG.
A.
Use the n2-highcpu-96 machine type in the configuration of the MIG.
Answers
B.
Monitor results of Stackdriver Trace to determine the required amount of resources.
B.
Monitor results of Stackdriver Trace to determine the required amount of resources.
Answers
C.
Validate that the resource requirements are within the available quota limits of each region.
C.
Validate that the resource requirements are within the available quota limits of each region.
Answers
D.
Deploy the service in one region and use a global load balancer to route traffic to this region.
D.
Deploy the service in one region and use a global load balancer to route traffic to this region.
Answers
Suggested answer: C

Explanation:

https://cloud.google.com/compute/quotas#understanding_quotas

https://cloud.google.com/compute/quotas

Question 30

Report
Export
Collapse

You support an e-commerce application that runs on a large Google Kubernetes Engine (GKE) cluster deployed on-premises and on Google Cloud Platform. The application consists of microservices that run in containers. You want to identify containers that are using the most CPU and memory. What should you do?

A.
Use Stackdriver Kubernetes Engine Monitoring.
A.
Use Stackdriver Kubernetes Engine Monitoring.
Answers
B.
Use Prometheus to collect and aggregate logs per container, and then analyze the results in Grafana.
B.
Use Prometheus to collect and aggregate logs per container, and then analyze the results in Grafana.
Answers
C.
Use the Stackdriver Monitoring API to create custom metrics, and then organize your containers using groups.
C.
Use the Stackdriver Monitoring API to create custom metrics, and then organize your containers using groups.
Answers
D.
Use Stackdriver Logging to export application logs to BigOuery. aggregate logs per container, and then analyze CPU and memory consumption.
D.
Use Stackdriver Logging to export application logs to BigOuery. aggregate logs per container, and then analyze CPU and memory consumption.
Answers
Suggested answer: A

Explanation:

https://cloud.google.com/anthos/clusters/docs/on-prem/1.7/concepts/logging-and-monitoring

Total 166 questions
Go to page: of 17
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms