New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

Professional-Cloud-Developer Google Certified Professional - Cloud Developer Questions and Answers

Questions 4

You are developing a JPEG image-resizing API hosted on Google Kubernetes Engine (GKE). Callers of the service will exist within the same GKE cluster. You want clients to be able to get the IP address of the service.

What should you do?

Options:

A.

Define a GKE Service. Clients should use the name of the A record in Cloud DNS to find the service's

cluster IP address.

B.

Define a GKE Service. Clients should use the service name in the URL to connect to the service.

C.

Define a GKE Endpoint. Clients should get the endpoint name from the appropriate environment variable in

the client container.

D.

Define a GKE Endpoint. Clients should get the endpoint name from Cloud DNS.

Buy Now
Questions 5

You are creating an App Engine application that writes a file to any user's Google Drive.

How should the application authenticate to the Google Drive API?

Options:

A.

With an OAuth Client ID that uses the https://www.googleapis.com/auth/drive.file scope to

obtain an access token for each user.

B.

With an OAuth Client ID with delegated domain-wide authority.

C.

With the App Engine service account and https://www.googleapis.com/auth/drive.file scope

that generates a signed JWT.

D.

With the App Engine service account with delegated domain-wide authority.

Buy Now
Questions 6

Users are complaining that your Cloud Run-hosted website responds too slowly during traffic spikes. You want to provide a better user experience during traffic peaks. What should you do?

Options:

A.

Read application configuration and static data from the database on application startup.

B.

Package application configuration and static data into the application image during build time.

C.

Perform as much work as possible in the background after the response has been returned to the user.

D.

Ensure that timeout exceptions and errors cause the Cloud Run instance to exit quickly so a replacement instance can be started.

Buy Now
Questions 7

You manage your company's ecommerce platform's payment system, which runs on Google Cloud. Your company must retain user logs for 1 year for internal auditing purposes and for 3 years to meet compliance requirements. You need to store new user logs on Google Cloud to minimize on-premises storage usage and ensure that they are easily searchable. You want to minimize effort while ensuring that the logs are stored correctly. What should you do?

Options:

A.

Store the logs in a Cloud Storage bucket with bucket lock turned on.

B.

Store the logs in a Cloud Storage bucket with a 3-year retention period.

C.

Store the logs in Cloud Logging as custom logs with a custom retention period.

D.

Store the logs in a Cloud Storage bucket with a 1-year retention period. After 1 year, move the logs to another bucket with a 2-year retention period.

Buy Now
Questions 8

You are parsing a log file that contains three columns: a timestamp, an account number (a string), and a

transaction amount (a number). You want to calculate the sum of all transaction amounts for each unique

account number efficiently.

Which data structure should you use?

Options:

A.

A linked list

B.

A hash table

C.

A two-dimensional array

D.

A comma-delimited string

Buy Now
Questions 9

Your company’s development teams want to use various open source operating systems in their Docker builds. When images are created in published containers in your company’s environment, you need to scan them for Common Vulnerabilities and Exposures (CVEs). The scanning process must not impact software development agility. You want to use managed services where possible. What should you do?

Options:

A.

Enable the Vulnerability scanning setting in the Container Registry.

B.

Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.

C.

Disallow the use of non-commercially supported base images in your development environment.

D.

Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.

Buy Now
Questions 10

You are using Cloud Build to create a new Docker image on each source code commit to a Cloud Source Repositoties repository. Your application is built on every commit to the master branch. You want to release specific commits made to the master branch in an automated method. What should you do?

Options:

A.

Manually trigger the build for new releases.

B.

Create a build trigger on a Git tag pattern. Use a Git tag convention for new releases.

C.

Create a build trigger on a Git branch name pattern. Use a Git branch naming convention for new releases.

D.

Commit your source code to a second Cloud Source Repositories repository with a second Cloud Build trigger. Use this repository for new releases only.

Buy Now
Questions 11

The new version of your containerized application has been tested and is ready to deploy to production on Google Kubernetes Engine. You were not able to fully load-test the new version in pre-production environments, and you need to make sure that it does not have performance problems once deployed. Your deployment must be automated. What should you do?

Options:

A.

Use Cloud Load Balancing to slowly ramp up traffic between versions. Use Cloud Monitoring to look for performance issues.

B.

Deploy the application via a continuous delivery pipeline using canary deployments. Use Cloud Monitoring to look for performance issues. and ramp up traffic as the metrics support it.

C.

Deploy the application via a continuous delivery pipeline using blue/green deployments. Use Cloud Monitoring to look for performance issues, and launch fully when the metrics support it.

D.

Deploy the application using kubectl and set the spec.updateStrategv.type to RollingUpdate. Use Cloud Monitoring to look for performance issues, and run the kubectl rollback command if there are any issues.

Buy Now
Questions 12

You want to upload files from an on-premises virtual machine to Google Cloud Storage as part of a data

migration. These files will be consumed by Cloud DataProc Hadoop cluster in a GCP environment.

Which command should you use?

Options:

A.

gsutil cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/

B.

gcloud cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/

C.

hadoop fs cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/

D.

gcloud dataproc cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/

Buy Now
Questions 13

You work for an organization that manages an online ecommerce website. Your company plans to expand across the world; however, the estore currently serves one specific region. You need to select a SQL database and configure a schema that will scale as your organization grows. You want to create a table that stores all customer transactions and ensure that the customer (CustomerId) and the transaction (TransactionId) are unique. What should you do?

Options:

A.

Create a Cloud SQL table that has TransactionId and CustomerId configured as primary keys. Use an incremental number for the TransactionId.

B.

Create a Cloud SQL table that has TransactionId and CustomerId configured as primary keys. Use a random string (UUID) for the Transactionid.

C.

Create a Cloud Spanner table that has TransactionId and CustomerId configured as primary keys. Use a random string (UUID) for the TransactionId.

D.

Create a Cloud Spanner table that has TransactionId and CustomerId configured as primary keys. Use an incremental number for the TransactionId.

Buy Now
Questions 14

Your application is deployed in a Google Kubernetes Engine (GKE) cluster. When a new version of your application is released, your CI/CD tool updates the spec.template.spec.containers[0].image value to reference the Docker image of your new application version. When the Deployment object applies the change, you want to deploy at least 1 replica of the new version and maintain the previous replicas until the new replica is healthy.

Which change should you make to the GKE Deployment object shown below?

Options:

A.

Set the Deployment strategy to RollingUpdate with maxSurge set to 0, maxUnavailable set to 1.

B.

Set the Deployment strategy to RollingUpdate with maxSurge set to 1, maxUnavailable set to 0.

C.

Set the Deployment strategy to Recreate with maxSurge set to 0, maxUnavailable set to 1.

D.

Set the Deployment strategy to Recreate with maxSurge set to 1, maxUnavailable set to 0.

Buy Now
Questions 15

You need to deploy a new European version of a website hosted on Google Kubernetes Engine. The current and new websites must be accessed via the same HTTP(S) load balancer's external IP address, but have different domain names. What should you do?

Options:

A.

Define a new Ingress resource with a host rule matching the new domain

B.

Modify the existing Ingress resource with a host rule matching the new domain

C.

Create a new Service of type LoadBalancer specifying the existing IP address as the loadBalancerIP

D.

Generate a new Ingress resource and specify the existing IP address as the kubernetes.io/ingress.global-static-ip-name annotation value

Buy Now
Questions 16

You recently deployed a Go application on Google Kubernetes Engine (GKE). The operations team has noticed that the application's CPU usage is high even when there is low production traffic. The operations team has asked you to optimize your application's CPU resource consumption. You want to determine which Go functions consume the largest amount of CPU. What should you do?

Options:

A.

Deploy a Fluent Bit daemonset on the GKE cluster to log data in Cloud Logging. Analyze the logs to get insights into your application code’s performance.

B.

Create a custom dashboard in Cloud Monitoring to evaluate the CPU performance metrics of your application.

C.

Connect to your GKE nodes using SSH. Run the top command on the shell to extract the CPU utilization of your application.

D.

Modify your Go application to capture profiling data. Analyze the CPU metrics of your application in flame graphs in Profiler.

Buy Now
Questions 17

You are using the Cloud Client Library to upload an image in your application to Cloud Storage. Users of the application report that occasionally the upload does not complete and the client library reports an HTTP 504 Gateway Timeout error. You want to make the application more resilient to errors. What changes to the application should you make?

Options:

A.

Write an exponential backoff process around the client library call.

B.

Write a one-second wait time backoff process around the client library call.

C.

Design a retry button in the application and ask users to click if the error occurs.

D.

Create a queue for the object and inform the users that the application will try again in 10 minutes.

Buy Now
Questions 18

You need to copy directory local-scripts and all of its contents from your local workstation to a Compute

Engine virtual machine instance.

Which command should you use?

Options:

A.

gsutil cp --project “my-gcp-project” -r ~/local-scripts/ gcp-instance-name:~/

server-scripts/ --zone “us-east1-b”

B.

gsutil cp --project “my-gcp-project” -R ~/local-scripts/ gcp-instance-name:~/

server-scripts/ --zone “us-east1-b”

C.

gcloud compute scp --project “my-gcp-project” --recurse ~/local-scripts/ gcpinstance-

name:~/server-scripts/ --zone “us-east1-b”

D.

gcloud compute mv --project “my-gcp-project” --recurse ~/local-scripts/ gcpinstance-

name:~/server-scripts/ --zone “us-east1-b”

Buy Now
Questions 19

Your application stores customers' content in a Cloud Storage bucket, with each object being encrypted with the customer's encryption key. The key for each object in Cloud Storage is entered into your application by the customer. You discover that your application is receiving an HTTP 4xx error when reading the object from Cloud Storage What is a possible cause of this error?

Options:

A.

You attempted the read operation without the base64-encoded SHA256 hash of the encryption key.

B.

You entered the same encryption algorithm specified by the customer when attempting the read operation.

C.

You attempted the read operation on the object with the base64-encoded SHA256 hash of the customer's key.

D.

You attempted the read operation on the object with the customers base64-encoded key.

Buy Now
Questions 20

You are monitoring a web application that is written in Go and deployed in Google Kubernetes Engine. You notice an increase in CPU and memory utilization. You need to determine which source code is consuming the most CPU and memory resources. What should you do?

Options:

A.

Download, install, and start the Snapshot Debugger agent in your VM. Take debug snapshots of the functions that take the longest time. Review the call stack frame, and identify the local variables at that level in the stack.

B.

Import the Cloud Profiler package into your application, and initialize the Profiler agent. Review the generated flame graph in the Google Cloud console to identify time-intensive functions.

C.

Import OpenTelemetry and Trace export packages into your application, and create the trace provider.

Review the latency data for your application on the Trace overview page, and identify where bottlenecks are occurring.

D.

Create a Cloud Logging query that gathers the web application's logs. Write a Python script that calculates the difference between the timestamps from the beginning and the end of the application's longest functions to identity time-intensive functions.

Buy Now
Questions 21

You are evaluating developer tools to help drive Google Kubernetes Engine adoption and integration with your development environment, which includes VS Code and IntelliJ. What should you do?

Options:

A.

Use Cloud Code to develop applications.

B.

Use the Cloud Shell integrated Code Editor to edit code and configuration files.

C.

Use a Cloud Notebook instance to ingest and process data and deploy models.

D.

Use Cloud Shell to manage your infrastructure and applications from the command line.

Buy Now
Questions 22

You configured your Compute Engine instance group to scale automatically according to overall CPU usage. However, your application’s response latency increases sharply before the cluster has finished adding up instances. You want to provide a more consistent latency experience for your end users by changing the configuration ot the instance group autoscaler. Which two configuration changes should you make? (Choose two.)

Options:

A.

Add the label “AUTOSCALE” to the instance group template.

B.

Decrease the cool-down period for instances added to the group.

C.

Increase the target CPU usage for the instance group autoscaler.

D.

Decrease the target CPU usage for the instance group autoscaler.

E.

Remove the health-check for individual VMs in the instance group.

Buy Now
Questions 23

You are load testing your server application. During the first 30 seconds, you observe that a previously inactive

Cloud Storage bucket is now servicing 2000 write requests per second and 7500 read requests per second.

Your application is now receiving intermittent 5xx and 429 HTTP responses from the Cloud Storage JSON API

as the demand escalates. You want to decrease the failed responses from the Cloud Storage API.

What should you do?

Options:

A.

Distribute the uploads across a large number of individual storage buckets.

B.

Use the XML API instead of the JSON API for interfacing with Cloud Storage.

C.

Pass the HTTP response codes back to clients that are invoking the uploads from your application.

D.

Limit the upload rate from your application clients so that the dormant bucket's peak request rate is

reached more gradually.

Buy Now
Questions 24

You are developing an application that will allow clients to download a file from your website for a specific period of time. How should you design the application to complete this task while following Google-recommended best practices?

Options:

A.

Configure the application to send the file to the client as an email attachment.

B.

Generate and assign a Cloud Storage-signed URL for the file. Make the URL available for the client to download.

C.

Create a temporary Cloud Storage bucket with time expiration specified, and give download permissions to the bucket. Copy the file, and send it to the client.

D.

Generate the HTTP cookies with time expiration specified. If the time is valid, copy the file from the Cloud Storage bucket, and make the file available for the client to download.

Buy Now
Questions 25

Your code is running on Cloud Functions in project A. It is supposed to write an object in a Cloud Storage

bucket owned by project B. However, the write call is failing with the error "403 Forbidden".

What should you do to correct the problem?

Options:

A.

Grant your user account the roles/storage.objectCreator role for the Cloud Storage bucket.

B.

Grant your user account the roles/iam.serviceAccountUser role for the service-PROJECTA@gcf-adminrobot.

iam.gserviceaccount.com service account.

C.

Grant the service-PROJECTA@gcf-admin-robot.iam.gserviceaccount.com service account the roles/

storage.objectCreator role for the Cloud Storage bucket.

D.

Enable the Cloud Storage API in project B.

Buy Now
Questions 26

Your application takes an input from a user and publishes it to the user's contacts. This input is stored in a

table in Cloud Spanner. Your application is more sensitive to latency and less sensitive to consistency.

How should you perform reads from Cloud Spanner for this application?

Options:

A.

Perform Read-Only transactions.

B.

Perform stale reads using single-read methods.

C.

Perform strong reads using single-read methods.

D.

Perform stale reads using read-write transactions.

Buy Now
Questions 27

Your team has created an application that is hosted on a Google Kubernetes Engine (GKE) cluster You need to connect the application to a legacy REST service that is deployed in two GKE clusters in two different regions. You want to connect your application to the legacy service in a way that is resilient and requires the fewest number of steps You also want to be able to run probe-based health checks on the legacy service on a separate port How should you set up the connection?

Options:

A.

Use Traffic Director with a sidecar proxy to connect the application to the service.

B.

Use a proxyless Traffic Director configuration to connect the application to the service.

C.

Configure the legacy service's firewall to allow health checks originating from the proxy.

D.

Configure the legacy service's firewall to allow health checks originating from the application.

E.

Configure the legacy service's firewall to allow health checks originating from the Traffic Director control plane.

Buy Now
Questions 28

You are writing a Compute Engine hosted application in project A that needs to securely authenticate to a Cloud Pub/Sub topic in project B.

What should you do?

Options:

A.

Configure the instances with a service account owned by project B. Add the service account as a Cloud Pub/Sub publisher to project A.

B.

Configure the instances with a service account owned by project A. Add the service account as a publisher on the topic.

C.

Configure Application Default Credentials to use the private key of a service account owned by project B. Add the service account as a Cloud Pub/Sub publisher to project A.

D.

Configure Application Default Credentials to use the private key of a service account owned by project A. Add the service account as a publisher on the topic

Buy Now
Questions 29

You recently developed an application that monitors a large number of stock prices. You need to configure Pub/Sub to receive a high volume messages and update the current stock price in a single large in-memory database The downstream service needs only the most up-to-date prices in the in-memory database to perform stock trading transactions Each message contains three pieces of information

• Stock symbol

• Stock price

• Timestamp for the update

.

How should you set up your Pub/Sub subscription?

Options:

A.

Create a pull subscription with both ordering and exactly-once delivery turned off

B.

Create a pull subscription with exactly-once delivery enabled

C.

Create a push subscription with exactly-once delivery enabled

D.

Create a push subscription with both ordering and exactly-once delivery turned off

Buy Now
Questions 30

You are deploying a single website on App Engine that needs to be accessible via the URL http://www.altostrat.com/. What should you do?

Options:

A.

Verify domain ownership with Webmaster Central. Create a DNS CNAME record to point to the App Engine canonical name ghs.googlehosted.com.

B.

Verify domain ownership with Webmaster Central. Define an A record pointing to the single global App Engine IP address.

C.

Define a mapping in dispatch.yaml to point the domain www.altostrat.com to your App Engine service. Create a DNS CNAME record to point to the App Engine canonical name ghs.googlehosted.com.

D.

Define a mapping in dispatch.yaml to point the domain www.altostrat.com to your App Engine service. Define an A record pointing to the single global App Engine IP address.

Buy Now
Questions 31

You are a developer at a large organization. You have an application written in Go running in a production Google Kubernetes Engine (GKE) cluster. You need to add a new feature that requires access to BigQuery. You want to grant BigQuery access to your GKE cluster following Google-recommended best practices. What should you do?

Options:

A.

Create a Google service account with BigQuery access. Add the JSON key to Secret Manager, and use the Go client library to access the JSON key.

B.

Create a Google service account with BigQuery access. Add the Google service account JSON key as a Kubernetes secret, and configure the application to use this secret.

C.

Create a Google service account with BigQuery access. Add the Google service account JSON key to Secret Manager, and use an init container to access the secret for the application to use.

D.

Create a Google service account and a Kubernetes service account. Configure Workload Identity on the GKE cluster, and reference the Kubernetes service account on the application Deployment.

Buy Now
Questions 32

You need to deploy an internet-facing microservices application to Google Kubernetes Engine (GKE). You want to validate new features using the A/B testing method. You have the following requirements for deploying new container image releases

• There is no downtime when new container images are deployed.

• New production releases are tested and verified using a subset of production users.

What should you do?

Options:

A.

1 Configure your Cl/CD pipeline to update the Deployment manifest file by replacing the container version with the latest version.

2 Recreate the Pods in your cluster by applying the Deployment manifest file.

3 Validate the application's performance by comparing its functionality with the previous release version and roll back if an issue arises.

B.

1 install the Anthos Service Mesh on your GKE cluster.

2 Create two Deployments on the GKE cluster and label them with different version names.

3 Create a VirtualService with a routing rule to send a small percentage of traffic to the Deployment that references the new version of the application.

C.

1 Create a second namespace on GKE for the new release version.

2 Create a Deployment configuration for the second namespace with the desired number of Pods.

3 Deploy new container versions in the second namespace.

4 Update the ingress configuration to route traffic to the namespace with the new container versions.

D.

1. Implement a rolling update pattern by replacing the Pods gradually with the new release versify.

2 Validate the application's performance for the new subset of users during the rollout and roll back if an issue arises.

Buy Now
Questions 33

One of your deployed applications in Google Kubernetes Engine (GKE) is having intermittent performance issues. Your team uses a third-party logging solution. You want to install this solution on each node in your GKE cluster so you can view the logs. What should you do?

Options:

A.

Deploy the third-party solution as a DaemonSet

B.

Modify your container image to include the monitoring software

C.

Use SSH to connect to the GKE node, and install the software manually

D.

Deploy the third-party solution using Terraform and deploy the logging Pod as a Kubernetes Deployment

Buy Now
Questions 34

You are deploying your applications on Compute Engine. One of your Compute Engine instances failed to launch. What should you do? (Choose two.)

Options:

A.

Determine whether your file system is corrupted.

B.

Access Compute Engine as a different SSH user.

C.

Troubleshoot firewall rules or routes on an instance.

D.

Check whether your instance boot disk is completely full.

E.

Check whether network traffic to or from your instance is being dropped.

Buy Now
Questions 35

Your organization has recently begun an initiative to replatform their legacy applications onto Google Kubernetes Engine. You need to decompose a monolithic application into microservices. Multiple instances have read and write access to a configuration file, which is stored on a shared file system. You want to minimize the effort required to manage this transition, and you want to avoid rewriting the application code. What should you do?

Options:

A.

Create a new Cloud Storage bucket, and mount it via FUSE in the container.

B.

Create a new persistent disk, and mount the volume as a shared PersistentVolume.

C.

Create a new Filestore instance, and mount the volume as an NFS PersistentVolume.

D.

Create a new ConfigMap and volumeMount to store the contents of the configuration file.

Buy Now
Questions 36

You are developing a web application that contains private images and videos stored in a Cloud Storage bucket. Your users are anonymous and do not have Google Accounts. You want to use your application-specific logic to control access to the images and videos. How should you configure access?

Options:

A.

Cache each web application user's IP address to create a named IP table using Google Cloud Armor. Create a Google Cloud Armor security policy that allows users to access the backend bucket.

B.

Grant the Storage Object Viewer IAM role to allUsers. Allow users to access the bucket after authenticating through your web application.

C.

Configure Identity-Aware Proxy (IAP) to authenticate users into the web application. Allow users to access the bucket after authenticating through IAP.

D.

Generate a signed URL that grants read access to the bucket. Allow users to access the URL after authenticating through your web application.

Buy Now
Questions 37

You recently developed a new service on Cloud Run. The new service authenticates using a custom service and then writes transactional information to a Cloud Spanner database. You need to verify that your application can support up to 5,000 read and 1,000 write transactions per second while identifying any bottlenecks that occur. Your test infrastructure must be able to autoscale. What should you do?

Options:

A.

Build a test harness to generate requests and deploy it to Cloud Run. Analyze the VPC Flow Logs using Cloud Logging.

B.

Create a Google Kubernetes Engine cluster running the Locust or JMeter images to dynamically generate load tests. Analyze the results using Cloud Trace.

C.

Create a Cloud Task to generate a test load. Use Cloud Scheduler to run 60,000 Cloud Task transactions per minute for 10 minutes. Analyze the results using Cloud Monitoring.

D.

Create a Compute Engine instance that uses a LAMP stack image from the Marketplace, and use Apache Bench to generate load tests against the service. Analyze the results using Cloud Trace.

Buy Now
Questions 38

Your company is planning to migrate their on-premises Hadoop environment to the cloud. Increasing storage cost and maintenance of data stored in HDFS is a major concern for your company. You also want to make minimal changes to existing data analytics jobs and existing architecture. How should you proceed with the migration?

Options:

A.

Migrate your data stored in Hadoop to BigQuery. Change your jobs to source their information from BigQuery instead of the on-premises Hadoop environment.

B.

Create Compute Engine instances with HDD instead of SSD to save costs. Then perform a full migration of your existing environment into the new one in Compute Engine instances.

C.

Create a Cloud Dataproc cluster on Google Cloud Platform, and then migrate your Hadoop environment to the new Cloud Dataproc cluster. Move your HDFS data into larger HDD disks to save on storage costs.

D.

Create a Cloud Dataproc cluster on Google Cloud Platform, and then migrate your Hadoop code objects to the new cluster. Move your data to Cloud Storage and leverage the Cloud Dataproc connector to run jobs on that data.

Buy Now
Questions 39

Your application is deployed in a Google Kubernetes Engine (GKE) cluster. You want to expose this application publicly behind a Cloud Load Balancing HTTP(S) load balancer. What should you do?

Options:

A.

Configure a GKE Ingress resource.

B.

Configure a GKE Service resource.

C.

Configure a GKE Ingress resource with type: LoadBalancer.

D.

Configure a GKE Service resource with type: LoadBalancer.

Buy Now
Questions 40

You are deploying a microservices application to Google Kubernetes Engine (GKE). The application will receive daily updates. You expect to deploy a large number of distinct containers that will run on the Linux operating system (OS). You want to be alerted to any known OS vulnerabilities in the new containers. You want to follow Google-recommended best practices. What should you do?

Options:

A.

Use the gcloud CLI to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.

B.

Enable Container Analysis, and upload new container images to Artifact Registry. Review the vulnerability results before each deployment.

C.

Enable Container Analysis, and upload new container images to Artifact Registry. Review the critical vulnerability results before each deployment.

D.

Use the Container Analysis REST API to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.

Buy Now
Questions 41

For this question, refer to the HipLocal case study.

HipLocal is expanding into new locations. They must capture additional data each time the application is launched in a new European country. This is causing delays in the development process due to constant schema changes and a lack of environments for conducting testing on the application changes. How should they resolve the issue while meeting the business requirements?

Options:

A.

Create new Cloud SQL instances in Europe and North America for testing and deployment. Provide developers with local MySQL instances to conduct testing on the application changes.

B.

Migrate data to Bigtable. Instruct the development teams to use the Cloud SDK to emulate a local Bigtable development environment.

C.

Move from Cloud SQL to MySQL hosted on Compute Engine. Replicate hosts across regions in the Americas and Europe. Provide developers with local MySQL instances to conduct testing on the application changes.

D.

Migrate data to Firestore in Native mode and set up instan

Buy Now
Questions 42

Which database should HipLocal use for storing user activity?

Options:

A.

BigQuery

B.

Cloud SQL

C.

Cloud Spanner

D.

Cloud Datastore

Buy Now
Questions 43

HipLocal’s data science team wants to analyze user reviews.

How should they prepare the data?

Options:

A.

Use the Cloud Data Loss Prevention API for redaction of the review dataset.

B.

Use the Cloud Data Loss Prevention API for de-identification of the review dataset.

C.

Use the Cloud Natural Language Processing API for redaction of the review dataset.

D.

Use the Cloud Natural Language Processing API for de-identification of the review dataset.

Buy Now
Questions 44

In order to meet their business requirements, how should HipLocal store their application state?

Options:

A.

Use local SSDs to store state.

B.

Put a memcache layer in front of MySQL.

C.

Move the state storage to Cloud Spanner.

D.

Replace the MySQL instance with Cloud SQL.

Buy Now
Questions 45

In order for HipLocal to store application state and meet their stated business requirements, which database service should they migrate to?

Options:

A.

Cloud Spanner

B.

Cloud Datastore

C.

Cloud Memorystore as a cache

D.

Separate Cloud SQL clusters for each region

Buy Now
Questions 46

For this question, refer to the HipLocal case study.

A recent security audit discovers that HipLocal’s database credentials for their Compute Engine-hosted MySQL databases are stored in plain text on persistent disks. HipLocal needs to reduce the risk of these credentials being stolen. What should they do?

Options:

A.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain the database credentials.

B.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain a key used to decrypt the database credentials.

C.

Create a service account and grant it the roles/iam.serviceAccountUser role. Impersonate as this account and authenticate using the Cloud SQL Proxy.

D.

Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account. Store and access the database credentials with the Secret Manager API.

Buy Now
Questions 47

HipLocal has connected their Hadoop infrastructure to GCP using Cloud Interconnect in order to query data stored on persistent disks.

Which IP strategy should they use?

Options:

A.

Create manual subnets.

B.

Create an auto mode subnet.

C.

Create multiple peered VPCs.

D.

Provision a single instance for NAT.

Buy Now
Questions 48

For this question, refer to the HipLocal case study.

Which Google Cloud product addresses HipLocal’s business requirements for service level indicators and objectives?

Options:

A.

Cloud Profiler

B.

Cloud Monitoring

C.

Cloud Trace

D.

Cloud Logging

Buy Now
Questions 49

HipLocal wants to reduce the number of on-call engineers and eliminate manual scaling.

Which two services should they choose? (Choose two.)

Options:

A.

Use Google App Engine services.

B.

Use serverless Google Cloud Functions.

C.

Use Knative to build and deploy serverless applications.

D.

Use Google Kubernetes Engine for automated deployments.

E.

Use a large Google Compute Engine cluster for deployments.

Buy Now
Questions 50

For this question, refer to the HipLocal case study.

HipLocal's application uses Cloud Client Libraries to interact with Google Cloud. HipLocal needs to configure authentication and authorization in the Cloud Client Libraries to implement least privileged access for the application. What should they do?

Options:

A.

Create an API key. Use the API key to interact with Google Cloud.

B.

Use the default compute service account to interact with Google Cloud.

C.

Create a service account for the application. Export and deploy the private key for the application. Use the service account to interact with Google Cloud.

D.

Create a service account for the application and for each Google Cloud API used by the application. Export and deploy the private keys used by the application. Use the service account with one Google Cloud API to interact with Google Cloud.

Buy Now
Questions 51

For this question refer to the HipLocal case study.

HipLocal wants to reduce the latency of their services for users in global locations. They have created read replicas of their database in locations where their users reside and configured their service to read traffic using those replicas. How should they further reduce latency for all database interactions with the least amount of effort?

Options:

A.

Migrate the database to Bigtable and use it to serve all global user traffic.

B.

Migrate the database to Cloud Spanner and use it to serve all global user traffic.

C.

Migrate the database to Firestore in Datastore mode and use it to serve all global user traffic.

D.

Migrate the services to Google Kubernetes Engine and use a load balancer service to better scale the application.

Buy Now
Questions 52

HipLocal is configuring their access controls.

Which firewall configuration should they implement?

Options:

A.

Block all traffic on port 443.

B.

Allow all traffic into the network.

C.

Allow traffic on port 443 for a specific tag.

D.

Allow all traffic on port 443 into the network.

Buy Now
Questions 53

Which service should HipLocal use for their public APIs?

Options:

A.

Cloud Armor

B.

Cloud Functions

C.

Cloud Endpoints

D.

Shielded Virtual Machines

Buy Now
Questions 54

HipLocal's.net-based auth service fails under intermittent load.

What should they do?

Options:

A.

Use App Engine for autoscaling.

B.

Use Cloud Functions for autoscaling.

C.

Use a Compute Engine cluster for the service.

D.

Use a dedicated Compute Engine virtual machine instance for the service.

Buy Now
Questions 55

Which service should HipLocal use to enable access to internal apps?

Options:

A.

Cloud VPN

B.

Cloud Armor

C.

Virtual Private Cloud

D.

Cloud Identity-Aware Proxy

Buy Now
Questions 56

For this question, refer to the HipLocal case study.

How should HipLocal redesign their architecture to ensure that the application scales to support a large increase in users?

Options:

A.

Use Google Kubernetes Engine (GKE) to run the application as a microservice. Run the MySQL database on a dedicated GKE node.

B.

Use multiple Compute Engine instances to run MySQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

C.

Use Memorystore to store session information and CloudSQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

D.

Use a Cloud Storage bucket to serve the application as a static website, and use another Cloud Storage bucket to store user state information.

Buy Now
Questions 57

For this question, refer to the HipLocal case study.

How should HipLocal increase their API development speed while continuing to provide the QA team with a stable testing environment that meets feature requirements?

Options:

A.

Include unit tests in their code, and prevent deployments to QA until all tests have a passing status.

B.

Include performance tests in their code, and prevent deployments to QA until all tests have a passing status.

C.

Create health checks for the QA environment, and redeploy the APIs at a later time if the environment is unhealthy.

D.

Redeploy the APIs to App Engine using Traffic Splitting. Do not move QA traffic to the new versions if errors are found.

Buy Now
Questions 58

HipLocal's APIs are showing occasional failures, but they cannot find a pattern. They want to collect some

metrics to help them troubleshoot.

What should they do?

Options:

A.

Take frequent snapshots of all of the VMs.

B.

Install the Stackdriver Logging agent on the VMs.

C.

Install the Stackdriver Monitoring agent on the VMs.

D.

Use Stackdriver Trace to look for performance bottlenecks.

Buy Now
Questions 59

HipLocal wants to improve the resilience of their MySQL deployment, while also meeting their business and technical requirements.

Which configuration should they choose?

Options:

A.

Use the current single instance MySQL on Compute Engine and several read-only MySQL servers on

Compute Engine.

B.

Use the current single instance MySQL on Compute Engine, and replicate the data to Cloud SQL in an

external master configuration.

C.

Replace the current single instance MySQL instance with Cloud SQL, and configure high availability.

D.

Replace the current single instance MySQL instance with Cloud SQL, and Google provides redundancy

without further configuration.

Buy Now
Exam Name: Google Certified Professional - Cloud Developer
Last Update: Dec 27, 2024
Questions: 265
Professional-Cloud-Developer pdf

Professional-Cloud-Developer PDF

$25.5  $84.99
Professional-Cloud-Developer Engine

Professional-Cloud-Developer Testing Engine

$30  $99.99
Professional-Cloud-Developer PDF + Engine

Professional-Cloud-Developer PDF + Testing Engine

$40.5  $134.99