Google Professional-Cloud-DevOps-Engineer Exam Dumps

Google Professional-Cloud-DevOps-Engineer Sample Question Answers

Question # 1

The new version of your containerized application has been tested and is ready to be deployed to production on Google Kubernetes Engine (GKE) You could not fully load-test the new version in your pre-production environment and you need to ensure that the application does not have performance problems after deployment Your deployment must be automated What should you do? 

A. Deploy the application through a continuous delivery pipeline by using canary deployments Use Cloud Monitoring to look for performance issues, and ramp up traffic as supported by the metrics
B. Deploy the application through a continuous delivery pipeline by using blue/green deployments Migrate traffic to the new version of the application and use Cloud Monitoring to look for performance issues
C. Deploy the application by using kubectl and use Config Connector to slowly ramp up traffic between versions. Use Cloud Monitoring to look for performance issues
D. Deploy the application by using kubectl and set the spec. updatestrategy. type field to RollingUpdate Use Cloud Monitoring to look for performance issues, and run the kubectl rollback command if there are any issues.

Show Answer

Question # 2

Your company is developing applications that are deployed on Google Kubernetes Engine (GKE) Each team manages a different application You need to create the development and production environments for each team while you minimize costs Different teams should not be able to access other teams environments You want to follow Google-recommended practices What should you do?

A. Create one Google Cloud project per team In each project create a cluster for development and one for production Grant the teams Identity and Access Management (1AM) access to their respective clusters
B. Create one Google Cloud project per team In each project create a cluster with a Kubernetes namespace for development and one for production Grant the teams Identity and Access Management (1AM) access to their respective clusters
C. Create a development and a production GKE cluster in separate projects In each cluster create a Kubernetes namespace per team and then configure Identity-Aware Proxy so that each team can only access its own namespace
D. Create a development and a production GKE cluster in separate projects In each cluster create a Kubernetes namespace per team and then configure Kubernetes role-based access control (RBAC) so that each team can only access its own namespace

Show Answer

Question # 3

You need to build a CI/CD pipeline for a containerized application in Google Cloud Your development team uses a central Git repository for trunk-based development You want to run all your tests in the pipeline for any new versions of the application to improve the quality What should you do? 

A. 1. Install a Git hook to require developers to run unit tests before pushing the code to a central repository 2. Trigger Cloud Build to build the application container Deploy the application container to a testing environment, and run integration tests 3. If the integration tests are successful deploy the application container to your production environment. and run acceptance tests
B. 1. Install a Git hook to require developers to run unit tests before pushing the code to a central repository If all tests are successful build a container 2. Trigger Cloud Build to deploy the application container to a testing environment, and run integration tests and acceptance tests 3. If all tests are successful tag the code as production ready Trigger Cloud Build to build and deploy the application container to the production environment
C. 1. Trigger Cloud Build to build the application container and run unit tests with the container 2. If unit tests are successful, deploy the application container to a testing environment, and run integration tests 3. If the integration tests are successful the pipeline deploys the application container to the production environment After that, run acceptance tests
D. 1. Trigger Cloud Build to run unit tests when the code is pushed If all unit tests are successful, build and push the application container to a central registry. 2. Trigger Cloud Build to deploy the container to a testing environment, and run integration tests and acceptance tests 3. If all tests are successful the pipeline deploys the application to the production environment and runs smoke tests 

Show Answer

Question # 4

Your company runs services by using multiple globally distributed Google Kubernetes Engine (GKE) clusters Your operations team has set up workload monitoring that uses Prometheus-based tooling for metrics alerts: and generating dashboards This setup does not provide a method to view metrics globally across all clusters You need to implement a scalable solution to support global Prometheus querying and minimize management overhead What should you do?

A. Configure Prometheus cross-service federation for centralized data access 
B. Configure workload metrics within Cloud Operations for GKE 
C. Configure Prometheus hierarchical federation for centralized data access 
D. Configure Google Cloud Managed Service for Prometheus 

Show Answer

Question # 5

You deployed an application into a large Standard Google Kubernetes Engine (GKE) cluster. Theapplication is stateless and multiple pods run at the same time. Your application receivesinconsistent traffic. You need to ensure that the user experience remains consistent regardless ofchanges in traffic. and that the resource usage of the cluster is optimized.What should you do?

A. Configure a cron job to scale the deployment on a schedule.
B. Configure a Horizontal Pod Autoscaler.
C. Configure a Vertical Pod Autoscaler.
D. Configure cluster autoscaling on the node pool.

Show Answer

Question # 6

You are analyzing Java applications in production. All applications have Cloud Profiler and CloudTrace installed and configured by default. You want to determine which applications needperformance tuning. What should you do?Choose 2 answers

A. Examine the wall-clock time and the CPU time Of the application. If the difference is substantial,increase the CPU resource allocation.
B. Examine the wall-clock time and the CPU time of the application. If the difference is substantial,increase the memory resource allocation.
C. 17 Examine the wall-clock time and the CPU time of the application. If the difference is substantial,increase the local disk storage allocation.
D. O Examine the latency time, the wall-clock time, and the CPU time of the application. If thelatency time is slowly burning down the error budget, and the difference between wall-clock timeand CPU time is minimal, mark the application for optimization.
E. Examine the heap usage Of the application. If the usage is low, mark the application foroptimization.

Show Answer

Question # 7

You are creating Cloud Logging sinks to export log entries from Cloud Logging to BigQuery for future analysis Your organization has a Google Cloud folder named Dev that contains development projects and a folder named Prod that contains production projects Log entries for development projects must be exported to dev_dataset. and log entries for production projects must be exported to prod_dataset You need to minimize the number of log sinks created and you want to ensure that the log sinks apply to future projects What should you do?

A. Create a single aggregated log sink at the organization level. 
B. Create a log sink in each project 
C. Create two aggregated log sinks at the organization level, and filter by project ID 
D. Create an aggregated Iog sink in the Dev and Prod folders 

Show Answer

Question # 8

You are using Terraform to manage infrastructure as code within a Cl/CD pipeline You notice that multiple copies of the entire infrastructure stack exist in your Google Cloud project, and a new copy is created each time a change to the existing infrastructure is made You need to optimize your cloud spend by ensuring that only a single instance of your infrastructure stack exists at a time. You want to follow Google-recommended practices What should you do?

A. Create a new pipeline to delete old infrastructure stacks when they are no longer needed 
B. Confirm that the pipeline is storing and retrieving the terraform. if state file from Cloud Storage with the Terraform gcs backend
C. Verify that the pipeline is storing and retrieving the terrafom.tfstat* file from a source control 
D. Update the pipeline to remove any existing infrastructure before you apply the latest configuration 

Show Answer

Question # 9

Your uses Jenkins running on Google Cloud VM instances for CI/CD. You need to extend thefunctionality to use infrastructure as code automation by using Terraform. You must ensure that theTerraform Jenkins instance is authorized to create Google Cloud resources. You want to followGoogle-recommended practices- What should you do?

A. Add the auth application-default command as a step in Jenkins before running the Terraformcommands.
B. Create a dedicated service account for the Terraform instance. Download and copy the secret keyvalue to the GOOGLE environment variable on the Jenkins server
C. Confirm that the Jenkins VM instance has an attached service account with the appropriateIdentity and Access Management (IAM) permissions
D. use the Terraform module so that Secret Manager can retrieve credentials.

Show Answer

Question # 10

Your CTO has asked you to implement a postmortem policy on every incident for internal use. Youwant to define what a good postmortem is to ensure that the policy is successful at your company.What should you do?Choose 2 answers

A. Ensure that all postmortems include what caused the incident, identify the person or teamresponsible for causing the incident. and how to prevent a future occurrence of the incident.
B. Ensure that all postmortems include what caused the incident, how the incident could have beenworse, and how to prevent a future occurrence of the incident.
C. Ensure that all postmortems include the severity of the incident, how to prevent a futureoccurrence of the incident. and what caused the incident without naming internal systemcomponents.
D. Ensure that all postmortems include how the incident was resolved and what caused the incidentwithout naming customer information.
E. Ensure that all postmortems include all incident participants in postmortem authoring and sharepostmortems as widely as possible,

Show Answer

Question # 11

You have an application that runs on Cloud Run. You want to use live production traffic to test a newversion of the application while you let the quality assurance team perform manual testing. You wantto limit the potential impact of any issues while testing the new version, and you must be able to rollback to a previous version of the application if needed. How should you deploy the new version?Choose 2 answers

A. Deploy the application as a new Cloud Run service.
B. Deploy a new Cloud Run revision with a tag and use the ”no-traffic option.
C. Deploy a new Cloud Run revision without a tag and use the ”no-traffic option.
D. Deploy the new application version and use the ”no-traffic option Route production traffic to therevision's URL
E. Deploy the new application version and split traffic to the new version.

Show Answer

Question # 12

You need to introduce postmortems into your organization. You want to ensure that the postmortemprocess is well received. What should you do?Choose 2 answers

A. Create a designated team that is responsible for conducting all postmortems.
B. Encourage new employees to conduct postmortems to learn through practice.
C. Ensure that writing effective postmortems is a rewarded and celebrated practice.
D. Encourage your senior leadership to acknowledge and participate in postmortems.
E. Provide your organization with a forum to critique previous postmortems.

Show Answer

Question # 13

You need to introduce postmortems into your organization during the holiday shopping season. Youare expecting your web application to receive a large volume of traffic in a short period. You need toprepare your application for potential failures during the event What should you do?Choose 2 answers

A. Monitor latency of your services for average percentile latency.
B. Review your increased capacity requirements and plan for the required quota management.
C. Create alerts in Cloud Monitoring for all common failures that your application experiences.
D. Ensure that relevant system metrics are being captured with Cloud Monitoring and create alerts atlevels of interest
E. Configure Anthos Service Mesh on the application to identify issues on the topology map.

Show Answer

Question # 14

Your company operates in a highly regulated domain. Your security team requires that only trustedcontainer images can be deployed to Google Kubernetes Engine (GKE). You need to implement asolution that meets the requirements of the security team, while minimizing management overhead.What should you do?

A. Grant the roles/artifactregistry. writer role to the Cloud Build service account. Confirm that noemployee has Artifact Registry write permission.
B. Use Cloud Run to write and deploy a custom validator Enable an Eventarc trigger to performvalidations when new images are uploaded.
C. Configure Kritis to run in your GKE clusters to enforce deploy-time security policies.
D. Configure Binary Authorization in your GKE clusters to enforce deploy-time security policies

Show Answer

Question # 15

Your organization stores all application logs from multiple Google Cloud projects in a central CloudLogging project. Your security team wants to enforce a rule that each project team can only viewtheir respective logs, and only the operations team can view all the logs. You need to design asolution that meets the security team's requirements, while minimizing costs. What should you do?

A. Export logs to BigQuery tables for each project team. Grant project teams access to their tables.Grant logs writer access to the operations team in the central logging project.
B. Create log views for each project team, and only show each project team their application logs.Grant the operations team access to the _ Al Il-jogs View in the central logging project.
C. Grant each project team access to the project _ Default view in the central logging project. Grantlogging viewer access to the operations team in the central logging project.
D. Create Identity and Access Management (IAM) roles for each project team and restrict access tothe _ Default log view in their individual Google Cloud project. Grant viewer access to the operationsteam in the central logging project.

Show Answer

Question # 16

You are configuring a Cl pipeline. The build step for your Cl pipeline integration testing requiresaccess to APIs inside your private VPC network. Your security team requires that you do not exposeAPI traffic publicly. You need to implement a solution that minimizes management overhead. Whatshould you do?

A. Use Cloud Build private pools to connect to the private VPC.
B. Use Spinnaker for Google Cloud to connect to the private VPC.
C. Use Cloud Build as a pipeline runner. Configure Internal HTTP(S) Load Balancing for API access.
D. Use Cloud Build as a pipeline runner. Configure External HTTP(S) Load Balancing with a GoogleCloud Armor policy for API access.

Show Answer