New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

Professional-Cloud-DevOps-Engineer Google Cloud Certified - Professional Cloud DevOps Engineer Exam Questions and Answers

Questions 4

You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (PII) is leaking into certain log entry fields. You want to prevent these fields from being written in new log entries as quickly as possible. What should you do?

Options:

A.

Use the filter-record-transformer Fluentd filter plugin to remove the fields from the log entries in flight.

B.

Use the fluent-plugin-record-reformer Fluentd output plugin to remove the fields from the log entries in flight.

C.

Wait for the application developers to patch the application, and then verify that the log entries are no longer exposing PII.

D.

Stage log entries to Cloud Storage, and then trigger a Cloud Function to remove the fields and write the entries to Stackdriver via the Stackdriver Logging API.

Buy Now
Questions 5

You are building the Cl/CD pipeline for an application deployed to Google Kubernetes Engine (GKE) The application is deployed by using a Kubernetes Deployment, Service, and Ingress The application team asked you to deploy the application by using the blue'green deployment methodology You need to implement the rollback actions What should you do?

Options:

A.

Run the kubectl rollout undo command

B.

Delete the new container image, and delete the running Pods

C.

Update the Kubernetes Service to point to the previous Kubernetes Deployment

D.

Scale the new Kubernetes Deployment to zero

Buy Now
Questions 6

You are working with a government agency that requires you to archive application logs for seven years. You need to configure Stackdriver to export and store the logs while minimizing costs of storage. What should you do?

Options:

A.

Create a Cloud Storage bucket and develop your application to send logs directly to the bucket.

B.

Develop an App Engine application that pulls the logs from Stackdriver and saves them in BigQuery.

C.

Create an export in Stackdriver and configure Cloud Pub/Sub to store logs in permanent storage for seven years.

D.

Create a sink in Stackdriver, name it, create a bucket on Cloud Storage for storing archived logs, and then select the bucket as the log export destination.

Buy Now
Questions 7

You support a stateless web-based API that is deployed on a single Compute Engine instance in the europe-west2-a zone . The Service Level Indicator (SLI) for service availability is below the specified Service Level Objective (SLO). A postmortem has revealed that requests to the API regularly time out. The time outs are due to the API having a high number of requests and running out memory. You want to improve service availability. What should you do?

Options:

A.

Change the specified SLO to match the measured SLI.

B.

Move the service to higher-specification compute instances with more memory.

C.

Set up additional service instances in other zones and load balance the traffic between all instances.

D.

Set up additional service instances in other zones and use them as a failover in case the primary instance is unavailable.

Buy Now
Questions 8

You are designing a new Google Cloud organization for a client. Your client is concerned with the risks associated with long-lived credentials created in Google Cloud. You need to design a solution to completely eliminate the risks associated with the use of JSON service account keys while minimizing operational overhead. What should you do?

Options:

A.

Use custom versions of predefined roles to exclude all iam.serviceAccountKeys. * service account role permissions.

B.

Apply the constraints/iam.disableserviceAccountKeycreation constraint to the organization.

C.

Apply the constraints/iam.disableServiceAccountKeyUp10ad constraint to the organization.

D.

Grant the roles/ iam.serviceAccountKeyAdmin IAM role to organization administrators only.

Buy Now
Questions 9

You are using Stackdriver to monitor applications hosted on Google Cloud Platform (GCP). You recently deployed a new application, but its logs are not appearing on the Stackdriver dashboard.

You need to troubleshoot the issue. What should you do?

Options:

A.

Confirm that the Stackdriver agent has been installed in the hosting virtual machine.

B.

Confirm that your account has the proper permissions to use the Stackdriver dashboard.

C.

Confirm that port 25 has been opened in the firewall to allow messages through to Stackdriver.

D.

Confirm that the application is using the required client library and the service account key has proper permissions.

Buy Now
Questions 10

You support a high-traffic web application and want to ensure that the home page loads in a timely manner. As a first step, you decide to implement a Service Level Indicator (SLI) to represent home page request latency with an acceptable page load time set to 100 ms. What is the Google-recommended way of calculating this SLI?

Options:

A.

Buckelize Ihe request latencies into ranges, and then compute the percentile at 100 ms.

B.

Bucketize the request latencies into ranges, and then compute the median and 90th percentiles.

C.

Count the number of home page requests that load in under 100 ms, and then divide by the total number of home page requests.

D.

Count the number of home page requests that load in under 100 ms. and then divide by the total number of all web application requests.

Buy Now
Questions 11

Your organization stores all application logs from multiple Google Cloud projects in a central Cloud Logging project. Your security team wants to enforce a rule that each project team can only view their respective logs, and only the operations team can view all the logs. You need to design a solution that meets the security team's requirements, while minimizing costs. What should you do?

Options:

A.

Export logs to BigQuery tables for each project team. Grant project teams access to their tables. Grant logs writer access to the operations team in the central logging project.

B.

Create log views for each project team, and only show each project team their application logs. Grant the operations team access to the _ Al Il-jogs View in the central logging project.

C.

Grant each project team access to the project _ Default view in the central logging project. Grant logging viewer access to the operations team in the central logging project.

D.

Create Identity and Access Management (IAM) roles for each project team and restrict access to the _ Default log view in their individual Google Cloud project. Grant viewer access to the operations team in the central logging project.

Buy Now
Questions 12

You are configuring a Cl pipeline. The build step for your Cl pipeline integration testing requires access to APIs inside your private VPC network. Your security team requires that you do not expose API traffic publicly. You need to implement a solution that minimizes management overhead. What should you do?

Options:

A.

Use Cloud Build private pools to connect to the private VPC.

B.

Use Spinnaker for Google Cloud to connect to the private VPC.

C.

Use Cloud Build as a pipeline runner. Configure Internal HTTP(S) Load Balancing for API access.

D.

Use Cloud Build as a pipeline runner. Configure External HTTP(S) Load Balancing with a Google Cloud Armor policy for API access.

Buy Now
Questions 13

You use Spinnaker to deploy your application and have created a canary deployment stage in the pipeline. Your application has an in-memory cache that loads objects at start time. You want to automate the comparison of the canary version against the production version. How should you configure the canary analysis?

Options:

A.

Compare the canary with a new deployment of the current production version.

B.

Compare the canary with a new deployment of the previous production version.

C.

Compare the canary with the existing deployment of the current production version.

D.

Compare the canary with the average performance of a sliding window of previous production versions.

Buy Now
Questions 14

You encountered a major service outage that affected all users of the service for multiple hours. After several hours of incident management, the service returned to normal, and user access was restored. You need to provide an incident summary to relevant stakeholders following the Site Reliability Engineering recommended practices. What should you do first?

Options:

A.

Call individual stakeholders lo explain what happened.

B.

Develop a post-mortem to be distributed to stakeholders.

C.

Send the Incident State Document to all the stakeholders.

D.

Require the engineer responsible to write an apology email to all stakeholders.

Buy Now
Questions 15

You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (Pll) is leaking into certain log entry fields. All Pll entries begin with the text userinfo. You want to capture these log entries in a secure location for later review and prevent them from leaking to Stackdriver Logging. What should you do?

Options:

A.

Create a basic log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.

B.

Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, and then copy the entries to a Cloud Storage bucket.

C.

Create an advanced log filter matching userinfo, configure a log export in the Stackdriver console with Cloud Storage as a sink, and then configure a tog exclusion with userinfo as a filter.

D.

Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, create an advanced log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.

Buy Now
Questions 16

You support a popular mobile game application deployed on Google Kubernetes Engine (GKE) across several Google Cloud regions. Each region has multiple Kubernetes clusters. You receive a report that none of the users in a specific region can connect to the application. You want to resolve the incident while following Site Reliability Engineering practices. What should you do first?

Options:

A.

Reroute the user traffic from the affected region to other regions that don’t report issues.

B.

Use Stackdriver Monitoring to check for a spike in CPU or memory usage for the affected region.

C.

Add an extra node pool that consists of high memory and high CPU machine type instances to the cluster.

D.

Use Stackdriver Logging to filter on the clusters in the affected region, and inspect error messages in the logs.

Buy Now
Questions 17

You are reviewing your deployment pipeline in Google Cloud Deploy You must reduce toil in the pipeline and you want to minimize the amount of time it takes to complete an end-to-end deployment What should you do?

Choose 2 answers

Options:

A.

Create a trigger to notify the required team to complete the next step when manual intervention is required

B.

Divide the automation steps into smaller tasks

C.

Use a script to automate the creation of the deployment pipeline in Google Cloud Deploy

D.

Add more engineers to finish the manual steps.

E.

Automate promotion approvals from the development environment to the test environment

Buy Now
Questions 18

Your company is developing applications that are deployed on Google Kubernetes Engine (GKE). Each team manages a different application. You need to create the development and production environments for each team, while minimizing costs. Different teams should not be able to access other teams’ environments. What should you do?

Options:

A.

Create one GCP Project per team. In each project, create a cluster for Development and one for Production. Grant the teams IAM access to their respective clusters.

B.

Create one GCP Project per team. In each project, create a cluster with a Kubernetes namespace for Development and one for Production. Grant the teams IAM access to their respective clusters.

C.

Create a Development and a Production GKE cluster in separate projects. In each cluster, create a Kubernetes namespace per team, and then configure Identity Aware Proxy so that each team can only access its own namespace.

D.

Create a Development and a Production GKE cluster in separate projects. In each cluster, create a Kubernetes namespace per team, and then configure Kubernetes Role-based access control (RBAC) so that each team can only access its own namespace.

Buy Now
Questions 19

You currently store the virtual machine (VM) utilization logs in Stackdriver. You need to provide an easy-to-share interactive VM utilization dashboard that is updated in real time and contains information aggregated on a quarterly basis. You want to use Google Cloud Platform solutions. What should you do?

Options:

A.

1. Export VM utilization logs from Stackdriver to BigOuery.

2. Create a dashboard in Data Studio.

3. Share the dashboard with your stakeholders.

B.

1. Export VM utilization logs from Stackdriver to Cloud Pub/Sub.

2. From Cloud Pub/Sub, send the logs to a Security Information and Event Management (SIEM) system.

3. Build the dashboards in the SIEM system and share with your stakeholders.

C.

1. Export VM utilization logs (rom Stackdriver to BigQuery.

2. From BigQuery. export the logs to a CSV file.

3. Import the CSV file into Google Sheets.

4. Build a dashboard in Google Sheets and share it with your stakeholders.

D.

1. Export VM utilization logs from Stackdriver to a Cloud Storage bucket.

2. Enable the Cloud Storage API to pull the logs programmatically.

3. Build a custom data visualization application.

4. Display the pulled logs in a custom dashboard.

Buy Now
Questions 20

You manage an application that is writing logs to Stackdriver Logging. You need to give some team members the ability to export logs. What should you do?

Options:

A.

Grant the team members the IAM role of logging.configWriter on Cloud IAM.

B.

Configure Access Context Manager to allow only these members to export logs.

C.

Create and grant a custom IAM role with the permissions logging.sinks.list and logging.sink.get.

D.

Create an Organizational Policy in Cloud IAM to allow only these members to create log exports.

Buy Now
Questions 21

You use Cloud Build to build your application. You want to reduce the build time while minimizing cost and development effort. What should you do?

Options:

A.

Use Cloud Storage to cache intermediate artifacts.

B.

Run multiple Jenkins agents to parallelize the build.

C.

Use multiple smaller build steps to minimize execution time.

D.

Use larger Cloud Build virtual machines (VMs) by using the machine-type option.

Buy Now
Questions 22

You support a production service that runs on a single Compute Engine instance. You regularly need to spend time on recreating the service by deleting the crashing instance and creating a new instance based on the relevant image. You want to reduce the time spent performing manual operations while following Site Reliability Engineering principles. What should you do?

Options:

A.

File a bug with the development team so they can find the root cause of the crashing instance.

B.

Create a Managed Instance Group with a single instance and use health checks to determine the system status.

C.

Add a Load Balancer in front of the Compute Engine instance and use health checks to determine the system status.

D.

Create a Stackdriver Monitoring dashboard with SMS alerts to be able to start recreating the crashed instance promptly after it has crashed.

Buy Now
Questions 23

Your organization is using Helm to package containerized applications Your applications reference both public and private charts Your security team flagged that using a public Helm repository as a dependency is a risk You want to manage all charts uniformly, with native access control and VPC Service Controls What should you do?

Options:

A.

Store public and private charts in OCI format by using Artifact Registry

B.

Store public and private charts by using GitHub Enterprise with Google Workspace as the identity provider

C.

Store public and private charts by using Git repository Configure Cloud Build to synchronize contents of the repository into a Cloud Storage bucket Connect Helm to the bucket by using https: // [bucket] .srorage.googleapis.com/ [holnchart] as the Helm repository

D.

Configure a Helm chart repository server to run in Google Kubernetes Engine (GKE) with Cloud Storage bucket as the storage backend

Buy Now
Questions 24

You need to define SLOs for a high-traffic web application. Customers are currently happy with the application performance and availability. Based on current measurement, the 90th percentile Of latency is 160 ms and the 95th

percentile of latency is 300 ms over a 28-day window. What latency SLO should you publish?

Options:

A.

90th percentile - 150 ms

95th percentile - 290 ms

B.

90th percentile - 160 ms

95th percentile - 300 ms

C.

90th percentile - 190 ms

95th percentile - 330 ms

D.

90th percentile - 300 ms

95th percentile - 450 ms

Buy Now
Questions 25

You are building and deploying a microservice on Cloud Run for your organization Your service is used by many applications internally You are deploying a new release, and you need to test the new version extensively in the staging and production environments You must minimize user and developer impact. What should you do?

Options:

A.

Deploy the new version of the service to the staging environment Split the traffic, and allow 1 % of traffic through to the latest version Test the latest version If the test passes gradually roll out the latest version to the staging and production environments

B.

Deploy the new version of the service to the staging environment Split the traffic, and allow 50% of traffic through to the latest version Test the latest version If the test passes, send all traffic to the latest version Repeat for the production environment

C.

Deploy the new version of the service to the staging environment with a new-release tag without serving traffic Test the new-release version If the test passes; gradually roll out this tagged version Repeat for the production environment

D.

Deploy a new environment with the green tag to use as the staging environment Deploy the new version of the service to the green environment and test the new version If the tests pass, send all traffic to the green environment and delete the existing staging environment Repeat for the production environment

Buy Now
Questions 26

Your company runs services by using multiple globally distributed Google Kubernetes Engine (GKE) clusters Your operations team has set up workload monitoring that uses Prometheus-based tooling for metrics alerts: and generating dashboards This setup does not provide a method to view metrics globally across all clusters You need to implement a scalable solution to support global Prometheus querying and minimize management overhead What should you do?

Options:

A.

Configure Prometheus cross-service federation for centralized data access

B.

Configure workload metrics within Cloud Operations for GKE

C.

Configure Prometheus hierarchical federation for centralized data access

D.

Configure Google Cloud Managed Service for Prometheus

Buy Now
Questions 27

You built a serverless application by using Cloud Run and deployed the application to your production environment You want to identify the resource utilization of the application for cost optimization What should you do?

Options:

A.

Use Cloud Trace with distributed tracing to monitor the resource utilization of the application

B.

Use Cloud Profiler with Ops Agent to monitor the CPU and memory utilization of the application

C.

Use Cloud Monitoring to monitor the container CPU and memory utilization of the application

D.

Use Cloud Ops to create logs-based metrics to monitor the resource utilization of the application

Buy Now
Questions 28

You recently migrated an ecommerce application to Google Cloud. You now need to prepare the application for the upcoming peak traffic season. You want to follow Google-recommended practices. What should you do first to prepare for the busy season?

Options:

A.

Migrate the application to Cloud Run, and use autoscaling.

B.

Load test the application to profile its performance for scaling.

C.

Create a Terraform configuration for the application's underlying infrastructure to quickly deploy to additional regions.

D.

Pre-provision the additional compute power that was used last season, and expect growth.

Buy Now
Questions 29

Your team uses Cloud Build for all CI/CO pipelines. You want to use the kubectl builder for Cloud Build to deploy new images to Google Kubernetes Engine (GKE). You need to authenticate to GKE while minimizing development effort. What should you do?

Options:

A.

Assign the Container Developer role to the Cloud Build service account.

B.

Specify the Container Developer role for Cloud Build in the cloudbuild.yaml file.

C.

Create a new service account with the Container Developer role and use it to run Cloud Build.

D.

Create a separate step in Cloud Build to retrieve service account credentials and pass these to kubectl.

Buy Now
Questions 30

A third-party application needs to have a service account key to work properly When you try to export the key from your cloud project you receive an error "The organization policy constraint larn.disableServiceAccountKeyCreation is enforcedM You need to make the third-party application work while following Google-recommended security practices What should you do?

Options:

A.

Enable the default service account key. and download the key

B.

Remove the iam.disableServiceAccountKeyCreation policy at the organization level, and create a key.

C.

Disable the service account key creation policy at the project's folder, and download the default key

D.

Add a rule to set the iam.disableServiceAccountKeyCreation policy to off in your project and create a key.

Buy Now
Questions 31

You support a service that recently had an outage. The outage was caused by a new release that exhausted the service memory resources. You rolled back the release successfully to mitigate the impact on users. You are now in charge of the post-mortem for the outage. You want to follow Site Reliability Engineering practices when developing the post-mortem. What should you do?

Options:

A.

Focus on developing new features rather than avoiding the outages from recurring.

B.

Focus on identifying the contributing causes of the incident rather than the individual responsible for the cause.

C.

Plan individual meetings with all the engineers involved. Determine who approved and pushed the new release to production.

D.

Use the Git history to find the related code commit. Prevent the engineer who made that commit from working on production services.

Buy Now
Questions 32

You are deploying a Cloud Build job that deploys Terraform code when a Git branch is updated. While testing, you noticed that the job fails. You see the following error in the build logs:

Initializing the backend. ..

Error: Failed to get existing workspaces : querying Cloud Storage failed: googleapi : Error

403

You need to resolve the issue by following Google-recommended practices. What should you do?

Options:

A.

Change the Terraform code to use local state.

B.

Create a storage bucket with the name specified in the Terraform configuration.

C.

Grant the roles/ owner Identity and Access Management (IAM) role to the Cloud Build service account on the project.

D.

Grant the roles/ storage. objectAdmin Identity and Access Management (IAM) role to the Cloud Build service account on the state file bucket.

Buy Now
Questions 33

You support a web application that is hosted on Compute Engine. The application provides a booking service for thousands of users. Shortly after the release of a new feature, your monitoring dashboard shows that all users are experiencing latency at login. You want to mitigate the impact of the incident on the users of your service. What should you do first?

Options:

A.

Roll back the recent release.

B.

Review the Stackdriver monitoring.

C.

Upsize the virtual machines running the login services.

D.

Deploy a new release to see whether it fixes the problem.

Buy Now
Questions 34

You are running a real-time gaming application on Compute Engine that has a production and testing environment. Each environment has their own Virtual Private Cloud (VPC) network. The application frontend and backend servers are located on different subnets in the environment's VPC. You suspect there is a malicious process communicating intermittently in your production frontend servers. You want to ensure that network traffic is captured for analysis. What should you do?

Options:

A.

Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 0.5.

B.

Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 1.0.

C.

Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 0.5. Apply changes in

testing before production.

D.

Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 1.0. Apply changes in testing before production.

Buy Now
Questions 35

You are developing reusable infrastructure as code modules. Each module contains integration tests that launch the module in a test project. You are using GitHub for source control. You need to Continuously test your feature branch and ensure that all code is tested before changes are accepted. You need to implement a solution to automate the integration tests. What should you do?

Options:

A.

Use a Jenkins server for Cl/CD pipelines. Periodically run all tests in the feature branch.

B.

Use Cloud Build to run the tests. Trigger all tests to run after a pull request is merged.

C.

Ask the pull request reviewers to run the integration tests before approving the code.

D.

Use Cloud Build to run tests in a specific folder. Trigger Cloud Build for every GitHub pull request.

Buy Now
Questions 36

Your product is currently deployed in three Google Cloud Platform (GCP) zones with your users divided between the zones. You can fail over from one zone to another, but it causes a 10-minute service disruption for the affected users. You typically experience a database failure once per quarter and can detect it within five minutes. You are cataloging the reliability risks of a new real-time chat feature for your product. You catalog the following information for each risk:

• Mean Time to Detect (MUD} in minutes

• Mean Time to Repair (MTTR) in minutes

• Mean Time Between Failure (MTBF) in days

• User Impact Percentage

The chat feature requires a new database system that takes twice as long to successfully fail over between zones. You want to account for the risk of the new database failing in one zone. What would be the values for the risk of database failover with the new system?

Options:

A.

MTTD: 5

MTTR: 10

MTBF: 90

Impact: 33%

B.

MTTD:5

MTTR: 20

MTBF: 90

Impact: 33%

C.

MTTD:5

MTTR: 10

MTBF: 90

Impact 50%

D.

MTTD:5

MTTR: 20

MTBF: 90

Impact: 50%

Buy Now
Questions 37

You have an application running in Google Kubernetes Engine. The application invokes multiple services per request but responds too slowly. You need to identify which downstream service or services are causing the delay. What should you do?

Options:

A.

Analyze VPC flow logs along the path of the request.

B.

Investigate the Liveness and Readiness probes for each service.

C.

Create a Dataflow pipeline to analyze service metrics in real time.

D.

Use a distributed tracing framework such as OpenTelemetry or Stackdriver Trace.

Buy Now
Questions 38

Your Cloud Run application writes unstructured logs as text strings to Cloud Logging. You want to convert the unstructured logs to JSON-based structured logs. What should you do?

Options:

A.

A Install a Fluent Bit sidecar container, and use a JSON parser.

B.

Install the log agent in the Cloud Run container image, and use the log agent to forward logs to Cloud Logging.

C.

Configure the log agent to convert log text payload to JSON payload.

D.

Modify the application to use Cloud Logging software development kit (SDK), and send log entries with a jsonPay10ad field.

Buy Now
Questions 39

Your team is running microservices in Google Kubernetes Engine (GKE) You want to detect consumption of an error budget to protect customers and define release policies What should you do?

Options:

A.

Create SLIs from metrics Enable Alert Policies if the services do not pass

B.

Use the metrics from Anthos Service Mesh to measure the health of the microservices

C.

Create a SLO Create an Alert Policy on select_slo_bum_rate

D.

Create a SLO and configure uptime checks for your services Enable Alert Policies if the services do not pass

Buy Now
Questions 40

Your company experiences bugs, outages, and slowness in its production systems. Developers use the production environment for new feature development and bug fixes. Configuration and experiments are done in the production environment, causing outages for users. Testers use the production environment for load testing, which often slows the production systems. You need to redesign the environment to reduce the number of bugs and outages in production and to enable testers to load test new features. What should you do?

Options:

A.

Create an automated testing script in production to detect failures as soon as they occur.

B.

Create a development environment with smaller server capacity and give access only to developers and testers.

C.

Secure the production environment to ensure that developers can't change it and set up one controlled update per year.

D.

Create a development environment for writing code and a test environment for configurations, experiments, and load testing.

Buy Now
Questions 41

Your application services run in Google Kubernetes Engine (GKE). You want to make sure that only images from your centrally-managed Google Container Registry (GCR) image registry in the altostrat-images project can be deployed to the cluster while minimizing development time. What should you do?

Options:

A.

Create a custom builder for Cloud Build that will only push images to gcr.io/altostrat-images.

B.

Use a Binary Authorization policy that includes the whitelist name pattern gcr.io/attostrat-images/.

C.

Add logic to the deployment pipeline to check that all manifests contain only images from gcr.io/altostrat-images.

D.

Add a tag to each image in gcr.io/altostrat-images and check that this tag is present when the image is deployed.

Buy Now
Questions 42

You are the Operations Lead for an ongoing incident with one of your services. The service usually runs at around 70% capacity. You notice that one node is returning 5xx errors for all requests. There has also been a noticeable increase in support cases from customers. You need to remove the offending node from the load balancer pool so that you can isolate and investigate the node. You want to follow Google-recommended practices to manage the incident and reduce the impact on users. What should you do?

Options:

A.

1. Communicate your intent to the incident team.

2. Perform a load analysis to determine if the remaining nodes can handle the increase in traffic offloaded from the removed node, and scale appropriately.

3. When any new nodes report healthy, drain traffic from the unhealthy node, and remove the unhealthy node from service.

B.

1. Communicate your intent to the incident team.

2. Add a new node to the pool, and wait for the new node to report as healthy.

3. When traffic is being served on the new node, drain traffic from the unhealthy node, and remove the old node from service.

C.

1 . Drain traffic from the unhealthy node and remove the node from service.

2. Monitor traffic to ensure that the error is resolved and that the other nodes in the pool are handling the traffic appropriately.

3. Scale the pool as necessary to handle the new load.

4. Communicate your actions to the incident team.

D.

1 . Drain traffic from the unhealthy node and remove the old node from service.

2. Add a new node to the pool, wait for the new node to report as healthy, and then serve traffic to the new node.

3. Monitor traffic to ensure that the pool is healthy and is handling traffic appropriately.

4. Communicate your actions to the incident team.

Buy Now
Questions 43

You support an application deployed on Compute Engine. The application connects to a Cloud SQL instance to store and retrieve data. After an update to the application, users report errors showing database timeout messages. The number of concurrent active users remained stable. You need to find the most probable cause of the database timeout. What should you do?

Options:

A.

Check the serial port logs of the Compute Engine instance.

B.

Use Stackdriver Profiler to visualize the resources utilization throughout the application.

C.

Determine whether there is an increased number of connections to the Cloud SQL instance.

D.

Use Cloud Security Scanner to see whether your Cloud SQL is under a Distributed Denial of Service (DDoS) attack.

Buy Now
Questions 44

You deploy a new release of an internal application during a weekend maintenance window when there is minimal user traffic. After the window ends, you learn that one of the new features isn't working as expected in the production environment. After an extended outage, you roll back the new release and deploy a fix. You want to modify your release process to reduce the mean time to recovery so you can avoid extended outages in the future. What should you do?

Choose 2 answers

Options:

A.

Before merging new code, require 2 different peers to review the code changes.

B.

Adopt the blue/green deployment strategy when releasing new code via a CD server.

C.

Integrate a code linting tool to validate coding standards before any code is accepted into the repository.

D.

Require developers to run automated integration tests on their local development environments before release.

E.

Configure a CI server. Add a suite of unit tests to your code and have your CI server run them on commit and verify any changes.

Buy Now
Questions 45

You recently noticed that one Of your services has exceeded the error budget for the current rolling window period. Your company's product team is about to launch a new feature. You want to follow Site Reliability Engineering (SRE) practices.

What should you do?

Options:

A.

Notify the team that their error budget is used up. Negotiate with the team for a launch freeze or tolerate a slightly worse user experience.

B.

Look through other metrics related to the product and find SLOs with remaining error budget. Reallocate the error budgets and allow the feature launch.

C.

Escalate the situation and request additional error budget.

D.

Notify the team about the lack of error budget and ensure that all their tests are successful so the launch will not further risk the error budget.

Buy Now
Questions 46

You have a set of applications running on a Google Kubernetes Engine (GKE) cluster, and you are using Stackdriver Kubernetes Engine Monitoring. You are bringing a new containerized application required by your company into production. This application is written by a third party and cannot be modified or reconfigured. The application writes its log information to /var/log/app_messages.log, and you want to send these log entries to Stackdriver Logging. What should you do?

Options:

A.

Use the default Stackdriver Kubernetes Engine Monitoring agent configuration.

B.

Deploy a Fluentd daemonset to GKE. Then create a customized input and output configuration to tail the log file in the application's pods and write to Slackdriver Logging.

C.

Install Kubernetes on Google Compute Engine (GCE> and redeploy your applications. Then customize the built-in Stackdriver Logging configuration to tail the log file in the application's pods and write to Stackdriver Logging.

D.

Write a script to tail the log file within the pod and write entries to standard output. Run the script as a sidecar container with the application's pod. Configure a shared volume between the containers to allow the script to have read access to /var/log in the application container.

Buy Now
Questions 47

You support a service with a well-defined Service Level Objective (SLO). Over the previous 6 months, your service has consistently met its SLO and customer satisfaction has been consistently high. Most of your service’s operations tasks are automated and few repetitive tasks occur frequently. You want to optimize the balance between reliability and deployment velocity while following site reliability engineering best practices. What should you do? (Choose two.)

Options:

A.

Make the service’s SLO more strict.

B.

Increase the service’s deployment velocity and/or risk.

C.

Shift engineering time to other services that need more reliability.

D.

Get the product team to prioritize reliability work over new features.

E.

Change the implementation of your Service Level Indicators (SLIs) to increase coverage.

Buy Now
Exam Name: Google Cloud Certified - Professional Cloud DevOps Engineer Exam
Last Update: Dec 27, 2024
Questions: 162
Professional-Cloud-DevOps-Engineer pdf

Professional-Cloud-DevOps-Engineer PDF

$25.5  $84.99
Professional-Cloud-DevOps-Engineer Engine

Professional-Cloud-DevOps-Engineer Testing Engine

$30  $99.99
Professional-Cloud-DevOps-Engineer PDF + Engine

Professional-Cloud-DevOps-Engineer PDF + Testing Engine

$40.5  $134.99