Weekend Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

Professional-Cloud-Developer Google Certified Professional - Cloud Developer Questions and Answers

Questions 4

HipLocal wants to improve the resilience of their MySQL deployment, while also meeting their business and technical requirements.

Which configuration should they choose?

Options:

A.

Use the current single instance MySQL on Compute Engine and several read-only MySQL servers on

Compute Engine.

B.

Use the current single instance MySQL on Compute Engine, and replicate the data to Cloud SQL in an

external master configuration.

C.

Replace the current single instance MySQL instance with Cloud SQL, and configure high availability.

D.

Replace the current single instance MySQL instance with Cloud SQL, and Google provides redundancy

without further configuration.

Buy Now
Questions 5

HipLocal is configuring their access controls.

Which firewall configuration should they implement?

Options:

A.

Block all traffic on port 443.

B.

Allow all traffic into the network.

C.

Allow traffic on port 443 for a specific tag.

D.

Allow all traffic on port 443 into the network.

Buy Now
Questions 6

For this question refer to the HipLocal case study.

HipLocal wants to reduce the latency of their services for users in global locations. They have created read replicas of their database in locations where their users reside and configured their service to read traffic using those replicas. How should they further reduce latency for all database interactions with the least amount of effort?

Options:

A.

Migrate the database to Bigtable and use it to serve all global user traffic.

B.

Migrate the database to Cloud Spanner and use it to serve all global user traffic.

C.

Migrate the database to Firestore in Datastore mode and use it to serve all global user traffic.

D.

Migrate the services to Google Kubernetes Engine and use a load balancer service to better scale the application.

Buy Now
Questions 7

Which service should HipLocal use to enable access to internal apps?

Options:

A.

Cloud VPN

B.

Cloud Armor

C.

Virtual Private Cloud

D.

Cloud Identity-Aware Proxy

Buy Now
Questions 8

You are writing a single-page web application with a user-interface that communicates with a third-party API

for content using XMLHttpRequest. The data displayed on the UI by the API results is less critical than other

data displayed on the same web page, so it is acceptable for some requests to not have the API data

displayed in the UI. However, calls made to the API should not delay rendering of other parts of the user

interface. You want your application to perform well when the API response is an error or a timeout.

What should you do?

Options:

A.

Set the asynchronous option for your requests to the API to false and omit the widget displaying the API

results when a timeout or error is encountered.

B.

Set the asynchronous option for your request to the API to true and omit the widget displaying the API

results when a timeout or error is encountered.

C.

Catch timeout or error exceptions from the API call and keep trying with exponential backoff until the API

response is successful.

D.

Catch timeout or error exceptions from the API call and display the error response in the UI widget.

Buy Now
Questions 9

Your analytics system executes queries against a BigQuery dataset. The SQL query is executed in batch and passes the contents of a SQL file to the BigQuery CLI. Then it redirects the BigQuery CLI output to another process. However, you are getting a permission error from the BigQuery CLI when the queries are executed. You want to resolve the issue. What should you do?

Options:

A.

Grant the service account BigQuery Data Viewer and BigQuery Job User roles.

B.

Grant the service account BigQuery Data Editor and BigQuery Data Viewer roles.

C.

Create a view in BigQuery from the SQL query and SELECT* from the view in the CLI.

D.

Create a new dataset in BigQuery, and copy the source table to the new dataset Query the new dataset and table from the CLI.

Buy Now
Questions 10

You work for a web development team at a small startup. Your team is developing a Node.js application using Google Cloud services, including Cloud Storage and Cloud Build. The team uses a Git repository for version control. Your manager calls you over the weekend and instructs you to make an emergency update to one of the company’s websites, and you’re the only developer available. You need to access Google Cloud to make the update, but you don’t have your work laptop. You are not allowed to store source code locally on a non-corporate computer. How should you set up your developer environment?

Options:

A.

Use a text editor and the Git command line to send your source code updates as pull requests from a public computer.

B.

Use a text editor and the Git command line to send your source code updates as pull requests from a virtual machine running on a public computer.

C.

Use Cloud Shell and the built-in code editor for development. Send your source code updates as pull requests.

D.

Use a Cloud Storage bucket to store the source code that you need to edit. Mount the bucket to a public computer as a drive, and use a code editor to update the code. Turn on versioning for the bucket, and point it to the team’s Git repository.

Buy Now
Questions 11

You need to redesign the ingestion of audit events from your authentication service to allow it to handle a large increase in traffic. Currently, the audit service and the authentication system run in the same Compute Engine virtual machine. You plan to use the following Google Cloud tools in the new architecture:

Multiple Compute Engine machines, each running an instance of the authentication service

Multiple Compute Engine machines, each running an instance of the audit service

Pub/Sub to send the events from the authentication services.

How should you set up the topics and subscriptions to ensure that the system can handle a large volume of messages and can scale efficiently?

Options:

A.

Create one Pub/Sub topic. Create one pull subscription to allow the audit services to share the messages.

B.

Create one Pub/Sub topic. Create one pull subscription per audit service instance to allow the services to share the messages.

C.

Create one Pub/Sub topic. Create one push subscription with the endpoint pointing to a load balancer in front of the audit services.

D.

Create one Pub/Sub topic per authentication service. Create one pull subscription per topic to be used by one audit service.

E.

Create one Pub/Sub topic per authentication service. Create one push subscription per topic, with the endpoint pointing to one audit service.

Buy Now
Questions 12

You are reviewing and updating your Cloud Build steps to adhere to Google-recommended practices. Currently, your build steps include:

1. Pull the source code from a source repository.

2. Build a container image

3. Upload the built image to Artifact Registry.

You need to add a step to perform a vulnerability scan of the built container image, and you want the results of the scan to be available to your deployment pipeline running in Google Cloud. You want to minimize changes that could disrupt other teams' processes What should you do?

Options:

A.

Enable Binary Authorization, and configure it to attest that no vulnerabilities exist in a container image.

B.

Enable the Container Scanning API in Artifact Registry, and scan the built container images for vulnerabilities.

C.

Upload the built container images to your Docker Hub instance, and scan them for vulnerabilities.

D.

Add Artifact Registry to your Aqua Security instance, and scan the built container images for vulnerabilities

Buy Now
Questions 13

You have an application deployed in Google Kubernetes Engine (GKE). You need to update the application to make authorized requests to Google Cloud managed services. You want this to be a one-time setup, and you need to follow security best practices of auto-rotating your security keys and storing them in an encrypted store. You already created a service account with appropriate access to the Google Cloud service. What should you do next?

Options:

A.

Assign the Google Cloud service account to your GKE Pod using Workload Identity.

B.

Export the Google Cloud service account, and share it with the Pod as a Kubernetes Secret.

C.

Export the Google Cloud service account, and embed it in the source code of the application.

D.

Export the Google Cloud service account, and upload it to HashiCorp Vault to generate a dynamic service account for your application.

Buy Now
Questions 14

Before promoting your new application code to production, you want to conduct testing across a variety of different users. Although this plan is risky, you want to test the new version of the application with production users and you want to control which users are forwarded to the new version of the application based on their operating system. If bugs are discovered in the new version, you want to roll back the newly deployed version of the application as quickly as possible.

What should you do?

Options:

A.

Deploy your application on Cloud Run. Use traffic splitting to direct a subset of user traffic to the new version based on the revision tag.

B.

Deploy your application on Google Kubernetes Engine with Anthos Service Mesh. Use traffic splitting to direct a subset of user traffic to the new version based on the user-agent header.

C.

Deploy your application on App Engine. Use traffic splitting to direct a subset of user traffic to the new version based on the IP address.

D.

Deploy your application on Compute Engine. Use Traffic Director to direct a subset of user traffic to the new version based on predefined weights.

Buy Now
Questions 15

You need to configure a Deployment on Google Kubernetes Engine (GKE). You want to include a check that verifies that the containers can connect to the database. If the Pod is failing to connect, you want a script on the container to run to complete a graceful shutdown. How should you configure the Deployment?

Options:

A.

Create two jobs: one that checks whether the container can connect to the database, and another that runs the shutdown script if the Pod is failing.

B.

Create the Deployment with a livenessProbe for the container that will fail if the container can't connect to the database. Configure a Prestop lifecycle handler that runs the shutdown script if the container is failing.

C.

Create the Deployment with a PostStart lifecycle handler that checks the service availability. Configure a PreStop lifecycle handler that runs the shutdown script if the container is failing.

D.

Create the Deployment with an initContainer that checks the service availability. Configure a Prestop lifecycle handler that runs the shutdown script if the Pod is failing.

Buy Now
Questions 16

You are deploying a microservices application to Google Kubernetes Engine (GKE). The application will receive daily updates. You expect to deploy a large number of distinct containers that will run on the Linux operating system (OS). You want to be alerted to any known OS vulnerabilities in the new containers. You want to follow Google-recommended best practices. What should you do?

Options:

A.

Use the gcloud CLI to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.

B.

Enable Container Analysis, and upload new container images to Artifact Registry. Review the vulnerability results before each deployment.

C.

Enable Container Analysis, and upload new container images to Artifact Registry. Review the critical vulnerability results before each deployment.

D.

Use the Container Analysis REST API to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.

Buy Now
Questions 17

You are deploying a Python application to Cloud Run using Cloud Build. The Cloud Build pipeline is shown below:

Professional-Cloud-Developer Question 17

You want to optimize deployment times and avoid unnecessary steps What should you do?

Options:

A.

Remove the step that pushes the container to Artifact Registry.

B.

Add the —cache-from argument to the Docker build step in your build config file.

C.

Store image artifacts in a Cloud Storage bucket in the same region as the Cloud Run instance.

D.

Deploy a new Docker registry in a VPC and use Cloud Build worker pools inside the VPC to run the build pipeline.

Buy Now
Questions 18

You are tasked with using C++ to build and deploy a microservice for an application hosted on Google Cloud. The code needs to be containerized and use several custom software libraries that your team has built. You do not want to maintain the underlying infrastructure of the application How should you deploy the microservice?

Options:

A.

Use Cloud Functions to deploy the microservice.

B.

Use Cloud Build to create the container, and deploy it on Cloud Run.

C.

Use Cloud Shell to containerize your microservice. and deploy it on GKE Standard.

D.

Use Cloud Shell to containerize your microservice. and deploy it on a Container-Optimized OS Compute Engine instance.

Buy Now
Questions 19

You want to upload files from an on-premises virtual machine to Google Cloud Storage as part of a data

migration. These files will be consumed by Cloud DataProc Hadoop cluster in a GCP environment.

Which command should you use?

Options:

A.

gsutil cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/

B.

gcloud cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/

C.

hadoop fs cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/

D.

gcloud dataproc cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/

Buy Now
Questions 20

You are using Cloud Build to build a Docker image. You need to modify the build to execute unit and run

integration tests. When there is a failure, you want the build history to clearly display the stage at which the

build failed.

What should you do?

Options:

A.

Add RUN commands in the Dockerfile to execute unit and integration tests.

B.

Create a Cloud Build build config file with a single build step to compile unit and integration tests.

C.

Create a Cloud Build build config file that will spawn a separate cloud build pipeline for unit and integration

tests.

D.

Create a Cloud Build build config file with separate cloud builder steps to compile and execute unit and

integration tests.

Buy Now
Questions 21

You recently migrated an on-premises monolithic application to a microservices application on Google Kubernetes Engine (GKE). The application has dependencies on backend services on-premises, including a CRM system and a MySQL database that contains personally identifiable information (PII). The backend services must remain on-premises to meet regulatory requirements.

You established a Cloud VPN connection between your on-premises data center and Google Cloud. You notice that some requests from your microservices application on GKE to the backend services are failing due to latency issues caused by fluctuating bandwidth, which is causing the application to crash. How should you address the latency issues?

Options:

A.

Use Memorystore to cache frequently accessed PII data from the on-premises MySQL database

B.

Use Istio to create a service mesh that includes the microservices on GKE and the on-premises services

C.

Increase the number of Cloud VPN tunnels for the connection between Google Cloud and the on-premises services

D.

Decrease the network layer packet size by decreasing the Maximum Transmission Unit (MTU) value from its default value on Cloud VPN

Buy Now
Questions 22

You have an application deployed in production. When a new version is deployed, you want to ensure that all production traffic is routed to the new version of your application. You also want to keep the previous version deployed so that you can revert to it if there is an issue with the new version.

Which deployment strategy should you use?

Options:

A.

Blue/green deployment

B.

Canary deployment

C.

Rolling deployment

D.

Recreate deployment

Buy Now
Questions 23

You have an application in production. It is deployed on Compute Engine virtual machine instances controlled

by a managed instance group. Traffic is routed to the instances via a HTTP(s) load balancer. Your users are

unable to access your application. You want to implement a monitoring technique to alert you when the

application is unavailable.

Which technique should you choose?

Options:

A.

Smoke tests

B.

Stackdriver uptime checks

C.

Cloud Load Balancing - heath checks

D.

Managed instance group - heath checks

Buy Now
Questions 24

You have a web application that publishes messages to Pub/Sub. You plan to build new versions of the application locally and need to quickly test Pub/Sub integration tor each new build. How should you configure local testing?

Options:

A.

Run the gclcud config set api_endpoint_overrides/pubsub https: / 'pubsubemulator.googleapi3.com. coin/ command to change the Pub/Sub endpoint prior to starting the application

B.

In the Google Cloud console, navigate to the API Library and enable the Pub/Sub API When developing locally, configure your application to call pubsub.googleapis com

C.

Install Cloud Code on the integrated development environment (IDE) Navigate to Cloud APIs, and enable Pub/Sub against a valid Google Project ID. When developing locally, configure your application to call pubsub.googleapis com

D.

Install the Pub/Sub emulator using gcloud and start the emulator with a valid Google Project ID. When developing locally, configure your application to use the local emulator by exporting the fuhsub emulator Host variable

Buy Now
Questions 25

You have an application running on Google Kubernetes Engine (GKE). The application is currently using a logging library and is outputting to standard output You need to export the logs to Cloud Logging, and you need the logs to include metadata about each request. You want to use the simplest method to accomplish this. What should you do?

Options:

A.

Change your application s logging library to the Cloud Logging library and configure your application to export logs to Cloud Logging

B.

Update your application to output logs in CSV format, and add the necessary metadata to the CSV.

C.

Install the Fluent Bit agent on each of your GKE nodes, and have the agent export all logs from /var/ log.

D.

Update your application to output logs in JSON format, and add the necessary metadata to the JSON

Buy Now
Questions 26

You are developing an application hosted on Google Cloud that uses a MySQL relational database schema. The application will have a large volume of reads and writes to the database and will require backups and ongoing capacity planning. Your team does not have time to fully manage the database but can take on small administrative tasks. How should you host the database?

Options:

A.

Configure Cloud SQL to host the database, and import the schema into Cloud SQL.

B.

Deploy MySQL from the Google Cloud Marketplace to the database using a client, and import the schema.

C.

Configure Bigtable to host the database, and import the data into Bigtable.

D.

Configure Cloud Spanner to host the database, and import the schema into Cloud Spanner.

E.

Configure Firestore to host the database, and import the data into Firestore.

Buy Now
Questions 27

You recently developed an application. You need to call the Cloud Storage API from a Compute Engine instance that doesn’t have a public IP address. What should you do?

Options:

A.

Use Carrier Peering

B.

Use VPC Network Peering

C.

Use Shared VPC networks

D.

Use Private Google Access

Buy Now
Questions 28

You are deploying your application to a Compute Engine virtual machine instance. Your application is

configured to write its log files to disk. You want to view the logs in Stackdriver Logging without changing the

application code.

What should you do?

Options:

A.

Install the Stackdriver Logging Agent and configure it to send the application logs.

B.

Use a Stackdriver Logging Library to log directly from the application to Stackdriver Logging.

C.

Provide the log file folder path in the metadata of the instance to configure it to send the application logs.

D.

Change the application to log to /var/log so that its logs are automatically sent to Stackdriver Logging.

Buy Now
Questions 29

You work on an application that relies on Cloud Spanner as its main datastore. New application features have occasionally caused performance regressions. You want to prevent performance issues by running an automated performance test with Cloud Build for each commit made. If multiple commits are made at the same time, the tests might run concurrently. What should you do?

Options:

A.

Create a new project with a random name for every build. Load the required data. Delete the project after the test is run.

B.

Create a new Cloud Spanner instance for every build. Load the required data. Delete the Cloud Spanner instance after the test is run.

C.

Create a project with a Cloud Spanner instance and the required data. Adjust the Cloud Build build file to automatically restore the data to its previous state after the test is run.

D.

Start the Cloud Spanner emulator locally. Load the required data. Shut down the emulator after the test is run.

Buy Now
Questions 30

Your company has deployed a new API to App Engine Standard environment. During testing, the API is not behaving as expected. You want to monitor the application over time to diagnose the problem within the application code without redeploying the application.

Which tool should you use?

Options:

A.

Stackdriver Trace

B.

Stackdriver Monitoring

C.

Stackdriver Debug Snapshots

D.

Stackdriver Debug Logpoints

Buy Now
Questions 31

You are a lead developer working on a new retail system that runs on Cloud Run and Firestore. A web UI requirement is for the user to be able to browse through alt products. A few months after go-live, you notice that Cloud Run instances are terminated with HTTP 500: Container instances are exceeding memory limits errors during busy times

This error coincides with spikes in the number of Firestore queries

You need to prevent Cloud Run from crashing and decrease the number of Firestore queries. You want to use a solution that optimizes system performance What should you do?

Options:

A.

Create a custom jndex over the products

B.

Modify the query that returns the product list using cursors with limits

C.

Modify the Cloud Run configuration to increase the memory limits

D.

Modify the query that returns the product list using integer offsets

Buy Now
Questions 32

You are using Cloud Build to create a new Docker image on each source code commit to a Cloud Source Repositoties repository. Your application is built on every commit to the master branch. You want to release specific commits made to the master branch in an automated method. What should you do?

Options:

A.

Manually trigger the build for new releases.

B.

Create a build trigger on a Git tag pattern. Use a Git tag convention for new releases.

C.

Create a build trigger on a Git branch name pattern. Use a Git branch naming convention for new releases.

D.

Commit your source code to a second Cloud Source Repositories repository with a second Cloud Build trigger. Use this repository for new releases only.

Buy Now
Questions 33

You migrated your applications to Google Cloud Platform and kept your existing monitoring platform. You now

find that your notification system is too slow for time critical problems.

What should you do?

Options:

A.

Replace your entire monitoring platform with Stackdriver.

B.

Install the Stackdriver agents on your Compute Engine instances.

C.

Use Stackdriver to capture and alert on logs, then ship them to your existing platform.

D.

Migrate some traffic back to your old platform and perform AB testing on the two platforms concurrently.

Buy Now
Questions 34

You are developing an internal application that will allow employees to organize community events within your company. You deployed your application on a single Compute Engine instance. Your company uses Google Workspace (formerly G Suite), and you need to ensure that the company employees can authenticate to the application from anywhere. What should you do?

Options:

A.

Add a public IP address to your instance, and restrict access to the instance using firewall rules. Allow your company’s proxy as the only source IP address.

B.

Add an HTTP(S) load balancer in front of the instance, and set up Identity-Aware Proxy (IAP). Configure the IAP settings to allow your company domain to access the website.

C.

Set up a VPN tunnel between your company network and your instance’s VPC location on Google Cloud. Configure the required firewall rules and routing information to both the on-premises and Google Cloud networks.

D.

Add a public IP address to your instance, and allow traffic from the internet. Generate a random hash, and create a subdomain that includes this hash and points to your instance. Distribute this DNS address to your company’s employees.

Buy Now
Questions 35

You are developing an application that will handle requests from end users. You need to secure a Cloud Function called by the application to allow authorized end users to authenticate to the function via the application while restricting access to unauthorized users. You will integrate Google Sign-In as part of the solution and want to follow Google-recommended best practices. What should you do?

Options:

A.

Deploy from a source code repository and grant users the roles/cloudfunctions.viewer role.

B.

Deploy from a source code repository and grant users the roles/cloudfunctions.invoker role

C.

Deploy from your local machine using gcloud and grant users the roles/cloudfunctions.admin role

D.

Deploy from your local machine using gcloud and grant users the roles/cloudfunctions.developer role

Buy Now
Questions 36

You recently migrated a monolithic application to Google Cloud by breaking it down into microservices. One of the microservices is deployed using Cloud Functions. As you modernize the application, you make a change to the API of the service that is backward-incompatible. You need to support both existing callers who use the original API and new callers who use the new API. What should you do?

Options:

A.

Leave the original Cloud Function as-is and deploy a second Cloud Function with the new API. Use a load balancer to distribute calls between the versions.

B.

Leave the original Cloud Function as-is and deploy a second Cloud Function that includes only the changed API. Calls are automatically routed to the correct function.

C.

Leave the original Cloud Function as-is and deploy a second Cloud Function with the new API. Use Cloud Endpoints to provide an API gateway that exposes a versioned API.

D.

Re-deploy the Cloud Function after making code changes to support the new API. Requests for both versions of the API are fulfilled based on a version identifier included in the call.

Buy Now
Questions 37

Your application is running on Compute Engine and is showing sustained failures for a small number of requests. You have narrowed the cause down to a single Compute Engine instance, but the instance is unresponsive to SSH. What should you do next?

Options:

A.

Reboot the machine.

B.

Enable and check the serial port output.

C.

Delete the machine and create a new one.

D.

Take a snapshot of the disk and attach it to a new machine.

Buy Now
Questions 38

You are designing a chat room application that will host multiple rooms and retain the message history for each room. You have selected Firestore as your database. How should you represent the data in Firestore?

Options:

A.

 Create a collection for the rooms. For each room, create a document that lists the contents of the messages

Professional-Cloud-Developer Question 38 Option 1

B.

 Create a collection for the rooms. For each room, create a collection that contains a document for each message

38

C.

 Create a collection for the rooms. For each room, create a document that contains a collection for documents, each of which contains a message.

38

D.

 Create a collection for the rooms, and create a document for each room. Create a separate collection for messages, with one document per message. Each room’s document contains a list of references to the messages.

38

Buy Now
Questions 39

Your operations team has asked you to create a script that lists the Cloud Bigtable, Memorystore, and Cloud SQL databases running within a project. The script should allow users to submit a filter expression to limit the results presented. How should you retrieve the data?

Options:

A.

Use the HBase API, Redis API, and MySQL connection to retrieve database lists. Combine the results, and then apply the filter to display the results

B.

Use the HBase API, Redis API, and MySQL connection to retrieve database lists. Filter the results individually, and then combine them to display the results

C.

Run gcloud bigtable instances list, gcloud redis instances list, and gcloud sql databases list. Use a filter within the application, and then display the results

D.

Run gcloud bigtable instances list, gcloud redis instances list, and gcloud sql databases list. Use --filter flag with each command, and then display the results

Buy Now
Questions 40

You are developing an ecommerce web application that uses App Engine standard environment and Memorystore for Redis. When a user logs into the app, the application caches the user’s information (e.g., session, name, address, preferences), which is stored for quick retrieval during checkout.

While testing your application in a browser, you get a 502 Bad Gateway error. You have determined that the application is not connecting to Memorystore. What is the reason for this error?

Options:

A.

Your Memorystore for Redis instance was deployed without a public IP address.

B.

You configured your Serverless VPC Access connector in a different region than your App Engine instance.

C.

The firewall rule allowing a connection between App Engine and Memorystore was removed during an infrastructure update by the DevOps team.

D.

You configured your application to use a Serverless VPC Access connector on a different subnet in a different availability zone than your App Engine instance.

Buy Now
Questions 41

You have an application deployed in Google Kubernetes Engine (GKE) that reads and processes Pub/Sub messages. Each Pod handles a fixed number of messages per minute. The rate at which messages are published to the Pub/Sub topic varies considerably throughout the day and week, including occasional large batches of messages published at a single moment.

You want to scale your GKE Deployment to be able to process messages in a timely manner. What GKE feature should you use to automatically adapt your workload?

Options:

A.

Vertical Pod Autoscaler in Auto mode

B.

Vertical Pod Autoscaler in Recommendation mode

C.

Horizontal Pod Autoscaler based on an external metric

D.

Horizontal Pod Autoscaler based on resources utilization

Buy Now
Questions 42

Your team has created an application that is hosted on a Google Kubernetes Engine (GKE) cluster You need to connect the application to a legacy REST service that is deployed in two GKE clusters in two different regions. You want to connect your application to the legacy service in a way that is resilient and requires the fewest number of steps You also want to be able to run probe-based health checks on the legacy service on a separate port How should you set up the connection?

Options:

A.

Use Traffic Director with a sidecar proxy to connect the application to the service.

B.

Use a proxyless Traffic Director configuration to connect the application to the service.

C.

Configure the legacy service's firewall to allow health checks originating from the proxy.

D.

Configure the legacy service's firewall to allow health checks originating from the application.

E.

Configure the legacy service's firewall to allow health checks originating from the Traffic Director control plane.

Buy Now
Questions 43

You are developing an application that needs to store files belonging to users in Cloud Storage. You want each user to have their own subdirectory in Cloud Storage. When a new user is created, the corresponding empty subdirectory should also be created. What should you do?

Options:

A.

Create an object with the name of the subdirectory ending with a trailing slash ('/') that is zero bytes in length.

B.

Create an object with the name of the subdirectory, and then immediately delete the object within that subdirectory.

C.

Create an object with the name of the subdirectory that is zero bytes in length and has WRITER access control list permission.

D.

Create an object with the name of the subdirectory that is zero bytes in length. Set the Content-Type metadata to CLOUDSTORAGE_FOLDER.

Buy Now
Questions 44

You have decided to migrate your Compute Engine application to Google Kubernetes Engine. You need to build a container image and push it to Artifact Registry using Cloud Build. What should you do? (Choose two.)

A)

Run gcloud builds submit in the directory that contains the application source code.

B)

Run gcloud run deploy app-name --image gcr.io/$PROJECT_ID/app-name in the directory that contains the application source code.

C)

Run gcloud container images add-tag gcr.io/$PROJECT_ID/app-name gcr.io/$PROJECT_ID/app-name:latest in the directory that contains the application source code.

D)

In the application source directory, create a file named cloudbuild.yaml that contains the following contents:

Professional-Cloud-Developer Question 44

E)

In the application source directory, create a file named cloudbuild.yaml that contains the following contents:

Professional-Cloud-Developer Question 44

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Buy Now
Questions 45

Your team develops services that run on Google Cloud. You need to build a data processing service and will use Cloud Functions. The data to be processed by the function is sensitive. You need to ensure that invocations can only happen from authorized services and follow Google-recommended best practices for securing functions. What should you do?

Options:

A.

Enable Identity-Aware Proxy in your project. Secure function access using its permissions.

B.

Create a service account with the Cloud Functions Viewer role. Use that service account to invoke the function.

C.

Create a service account with the Cloud Functions Invoker role. Use that service account to invoke the function.

D.

Create an OAuth 2.0 client ID for your calling service in the same project as the function you want to secure. Use those credentials to invoke the function.

Buy Now
Questions 46

You are planning to deploy your application in a Google Kubernetes Engine (GKE) cluster The application

exposes an HTTP-based health check at /healthz. You want to use this health check endpoint to determine whether traffic should be routed to the pod by the load balancer.

Which code snippet should you include in your Pod configuration?

Professional-Cloud-Developer Question 46

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Buy Now
Questions 47

You are developing an application using different microservices that should remain internal to the cluster. You want to be able to configure each microservice with a specific number of replicas. You also want to be able to address a specific microservice from any other microservice in a uniform way, regardless of the number of replicas the microservice scales to. You need to implement this solution on Google Kubernetes Engine. What should you do?

Options:

A.

Deploy each microservice as a Deployment. Expose the Deployment in the cluster using a Service, and use the Service DNS name to address it from other microservices within the cluster.

B.

Deploy each microservice as a Deployment. Expose the Deployment in the cluster using an Ingress, and use the Ingress IP address to address the Deployment from other microservices within the cluster.

C.

Deploy each microservice as a Pod. Expose the Pod in the cluster using a Service, and use the Service DNS name to address the microservice from other microservices within the cluster.

D.

Deploy each microservice as a Pod. Expose the Pod in the cluster using an Ingress, and use the Ingress IP address name to address the Pod from other microservices within the cluster.

Buy Now
Questions 48

HipLocal's APIs are showing occasional failures, but they cannot find a pattern. They want to collect some

metrics to help them troubleshoot.

What should they do?

Options:

A.

Take frequent snapshots of all of the VMs.

B.

Install the Stackdriver Logging agent on the VMs.

C.

Install the Stackdriver Monitoring agent on the VMs.

D.

Use Stackdriver Trace to look for performance bottlenecks.

Buy Now
Questions 49

For this question, refer to the HipLocal case study.

HipLocal's application uses Cloud Client Libraries to interact with Google Cloud. HipLocal needs to configure authentication and authorization in the Cloud Client Libraries to implement least privileged access for the application. What should they do?

Options:

A.

Create an API key. Use the API key to interact with Google Cloud.

B.

Use the default compute service account to interact with Google Cloud.

C.

Create a service account for the application. Export and deploy the private key for the application. Use the service account to interact with Google Cloud.

D.

Create a service account for the application and for each Google Cloud API used by the application. Export and deploy the private keys used by the application. Use the service account with one Google Cloud API to interact with Google Cloud.

Buy Now
Questions 50

Which database should HipLocal use for storing user activity?

Options:

A.

BigQuery

B.

Cloud SQL

C.

Cloud Spanner

D.

Cloud Datastore

Buy Now
Questions 51

For this question, refer to the HipLocal case study.

A recent security audit discovers that HipLocal’s database credentials for their Compute Engine-hosted MySQL databases are stored in plain text on persistent disks. HipLocal needs to reduce the risk of these credentials being stolen. What should they do?

Options:

A.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain the database credentials.

B.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain a key used to decrypt the database credentials.

C.

Create a service account and grant it the roles/iam.serviceAccountUser role. Impersonate as this account and authenticate using the Cloud SQL Proxy.

D.

Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account. Store and access the database credentials with the Secret Manager API.

Buy Now
Questions 52

In order for HipLocal to store application state and meet their stated business requirements, which database service should they migrate to?

Options:

A.

Cloud Spanner

B.

Cloud Datastore

C.

Cloud Memorystore as a cache

D.

Separate Cloud SQL clusters for each region

Buy Now
Questions 53

In order to meet their business requirements, how should HipLocal store their application state?

Options:

A.

Use local SSDs to store state.

B.

Put a memcache layer in front of MySQL.

C.

Move the state storage to Cloud Spanner.

D.

Replace the MySQL instance with Cloud SQL.

Buy Now
Questions 54

HipLocal wants to reduce the number of on-call engineers and eliminate manual scaling.

Which two services should they choose? (Choose two.)

Options:

A.

Use Google App Engine services.

B.

Use serverless Google Cloud Functions.

C.

Use Knative to build and deploy serverless applications.

D.

Use Google Kubernetes Engine for automated deployments.

E.

Use a large Google Compute Engine cluster for deployments.

Buy Now
Questions 55

For this question, refer to the HipLocal case study.

HipLocal is expanding into new locations. They must capture additional data each time the application is launched in a new European country. This is causing delays in the development process due to constant schema changes and a lack of environments for conducting testing on the application changes. How should they resolve the issue while meeting the business requirements?

Options:

A.

Create new Cloud SQL instances in Europe and North America for testing and deployment. Provide developers with local MySQL instances to conduct testing on the application changes.

B.

Migrate data to Bigtable. Instruct the development teams to use the Cloud SDK to emulate a local Bigtable development environment.

C.

Move from Cloud SQL to MySQL hosted on Compute Engine. Replicate hosts across regions in the Americas and Europe. Provide developers with local MySQL instances to conduct testing on the application changes.

D.

Migrate data to Firestore in Native mode and set up instan

Buy Now
Questions 56

HipLocal has connected their Hadoop infrastructure to GCP using Cloud Interconnect in order to query data stored on persistent disks.

Which IP strategy should they use?

Options:

A.

Create manual subnets.

B.

Create an auto mode subnet.

C.

Create multiple peered VPCs.

D.

Provision a single instance for NAT.

Buy Now
Questions 57

Which service should HipLocal use for their public APIs?

Options:

A.

Cloud Armor

B.

Cloud Functions

C.

Cloud Endpoints

D.

Shielded Virtual Machines

Buy Now
Questions 58

For this question, refer to the HipLocal case study.

How should HipLocal redesign their architecture to ensure that the application scales to support a large increase in users?

Options:

A.

Use Google Kubernetes Engine (GKE) to run the application as a microservice. Run the MySQL database on a dedicated GKE node.

B.

Use multiple Compute Engine instances to run MySQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

C.

Use Memorystore to store session information and CloudSQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

D.

Use a Cloud Storage bucket to serve the application as a static website, and use another Cloud Storage bucket to store user state information.

Buy Now
Questions 59

HipLocal's.net-based auth service fails under intermittent load.

What should they do?

Options:

A.

Use App Engine for autoscaling.

B.

Use Cloud Functions for autoscaling.

C.

Use a Compute Engine cluster for the service.

D.

Use a dedicated Compute Engine virtual machine instance for the service.

Buy Now
Exam Name: Google Certified Professional - Cloud Developer
Last Update: Dec 8, 2024
Questions: 265

PDF + Testing Engine

$57.75  $164.99

Testing Engine

$43.75  $124.99
buy now Professional-Cloud-Developer testing engine

PDF (Q&A)

$36.75  $104.99
buy now Professional-Cloud-Developer pdf