New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Google Professional-Cloud-Developer Google Certified Professional - Cloud Developer Exam Practice Test

Google Certified Professional - Cloud Developer Questions and Answers

Question 1

HipLocal wants to reduce the number of on-call engineers and eliminate manual scaling.

Which two services should they choose? (Choose two.)

Options:

A.

Use Google App Engine services.

B.

Use serverless Google Cloud Functions.

C.

Use Knative to build and deploy serverless applications.

D.

Use Google Kubernetes Engine for automated deployments.

E.

Use a large Google Compute Engine cluster for deployments.

Question 2

For this question refer to the HipLocal case study.

HipLocal wants to reduce the latency of their services for users in global locations. They have created read replicas of their database in locations where their users reside and configured their service to read traffic using those replicas. How should they further reduce latency for all database interactions with the least amount of effort?

Options:

A.

Migrate the database to Bigtable and use it to serve all global user traffic.

B.

Migrate the database to Cloud Spanner and use it to serve all global user traffic.

C.

Migrate the database to Firestore in Datastore mode and use it to serve all global user traffic.

D.

Migrate the services to Google Kubernetes Engine and use a load balancer service to better scale the application.

Question 3

In order for HipLocal to store application state and meet their stated business requirements, which database service should they migrate to?

Options:

A.

Cloud Spanner

B.

Cloud Datastore

C.

Cloud Memorystore as a cache

D.

Separate Cloud SQL clusters for each region

Question 4

For this question, refer to the HipLocal case study.

How should HipLocal increase their API development speed while continuing to provide the QA team with a stable testing environment that meets feature requirements?

Options:

A.

Include unit tests in their code, and prevent deployments to QA until all tests have a passing status.

B.

Include performance tests in their code, and prevent deployments to QA until all tests have a passing status.

C.

Create health checks for the QA environment, and redeploy the APIs at a later time if the environment is unhealthy.

D.

Redeploy the APIs to App Engine using Traffic Splitting. Do not move QA traffic to the new versions if errors are found.

Question 5

In order to meet their business requirements, how should HipLocal store their application state?

Options:

A.

Use local SSDs to store state.

B.

Put a memcache layer in front of MySQL.

C.

Move the state storage to Cloud Spanner.

D.

Replace the MySQL instance with Cloud SQL.

Question 6

HipLocal is configuring their access controls.

Which firewall configuration should they implement?

Options:

A.

Block all traffic on port 443.

B.

Allow all traffic into the network.

C.

Allow traffic on port 443 for a specific tag.

D.

Allow all traffic on port 443 into the network.

Question 7

Which service should HipLocal use to enable access to internal apps?

Options:

A.

Cloud VPN

B.

Cloud Armor

C.

Virtual Private Cloud

D.

Cloud Identity-Aware Proxy

Question 8

For this question, refer to the HipLocal case study.

Which Google Cloud product addresses HipLocal’s business requirements for service level indicators and objectives?

Options:

A.

Cloud Profiler

B.

Cloud Monitoring

C.

Cloud Trace

D.

Cloud Logging

Question 9

For this question, refer to the HipLocal case study.

HipLocal's application uses Cloud Client Libraries to interact with Google Cloud. HipLocal needs to configure authentication and authorization in the Cloud Client Libraries to implement least privileged access for the application. What should they do?

Options:

A.

Create an API key. Use the API key to interact with Google Cloud.

B.

Use the default compute service account to interact with Google Cloud.

C.

Create a service account for the application. Export and deploy the private key for the application. Use the service account to interact with Google Cloud.

D.

Create a service account for the application and for each Google Cloud API used by the application. Export and deploy the private keys used by the application. Use the service account with one Google Cloud API to interact with Google Cloud.

Question 10

Which database should HipLocal use for storing user activity?

Options:

A.

BigQuery

B.

Cloud SQL

C.

Cloud Spanner

D.

Cloud Datastore

Question 11

For this question, refer to the HipLocal case study.

How should HipLocal redesign their architecture to ensure that the application scales to support a large increase in users?

Options:

A.

Use Google Kubernetes Engine (GKE) to run the application as a microservice. Run the MySQL database on a dedicated GKE node.

B.

Use multiple Compute Engine instances to run MySQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

C.

Use Memorystore to store session information and CloudSQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

D.

Use a Cloud Storage bucket to serve the application as a static website, and use another Cloud Storage bucket to store user state information.

Question 12

HipLocal has connected their Hadoop infrastructure to GCP using Cloud Interconnect in order to query data stored on persistent disks.

Which IP strategy should they use?

Options:

A.

Create manual subnets.

B.

Create an auto mode subnet.

C.

Create multiple peered VPCs.

D.

Provision a single instance for NAT.

Question 13

For this question, refer to the HipLocal case study.

HipLocal is expanding into new locations. They must capture additional data each time the application is launched in a new European country. This is causing delays in the development process due to constant schema changes and a lack of environments for conducting testing on the application changes. How should they resolve the issue while meeting the business requirements?

Options:

A.

Create new Cloud SQL instances in Europe and North America for testing and deployment. Provide developers with local MySQL instances to conduct testing on the application changes.

B.

Migrate data to Bigtable. Instruct the development teams to use the Cloud SDK to emulate a local Bigtable development environment.

C.

Move from Cloud SQL to MySQL hosted on Compute Engine. Replicate hosts across regions in the Americas and Europe. Provide developers with local MySQL instances to conduct testing on the application changes.

D.

Migrate data to Firestore in Native mode and set up instan

Question 14

HipLocal's.net-based auth service fails under intermittent load.

What should they do?

Options:

A.

Use App Engine for autoscaling.

B.

Use Cloud Functions for autoscaling.

C.

Use a Compute Engine cluster for the service.

D.

Use a dedicated Compute Engine virtual machine instance for the service.

Question 15

HipLocal wants to improve the resilience of their MySQL deployment, while also meeting their business and technical requirements.

Which configuration should they choose?

Options:

A.

Use the current single instance MySQL on Compute Engine and several read-only MySQL servers on

Compute Engine.

B.

Use the current single instance MySQL on Compute Engine, and replicate the data to Cloud SQL in an

external master configuration.

C.

Replace the current single instance MySQL instance with Cloud SQL, and configure high availability.

D.

Replace the current single instance MySQL instance with Cloud SQL, and Google provides redundancy

without further configuration.

Question 16

For this question, refer to the HipLocal case study.

A recent security audit discovers that HipLocal’s database credentials for their Compute Engine-hosted MySQL databases are stored in plain text on persistent disks. HipLocal needs to reduce the risk of these credentials being stolen. What should they do?

Options:

A.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain the database credentials.

B.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain a key used to decrypt the database credentials.

C.

Create a service account and grant it the roles/iam.serviceAccountUser role. Impersonate as this account and authenticate using the Cloud SQL Proxy.

D.

Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account. Store and access the database credentials with the Secret Manager API.

Question 17

HipLocal’s data science team wants to analyze user reviews.

How should they prepare the data?

Options:

A.

Use the Cloud Data Loss Prevention API for redaction of the review dataset.

B.

Use the Cloud Data Loss Prevention API for de-identification of the review dataset.

C.

Use the Cloud Natural Language Processing API for redaction of the review dataset.

D.

Use the Cloud Natural Language Processing API for de-identification of the review dataset.

Question 18

Which service should HipLocal use for their public APIs?

Options:

A.

Cloud Armor

B.

Cloud Functions

C.

Cloud Endpoints

D.

Shielded Virtual Machines

Question 19

HipLocal's APIs are showing occasional failures, but they cannot find a pattern. They want to collect some

metrics to help them troubleshoot.

What should they do?

Options:

A.

Take frequent snapshots of all of the VMs.

B.

Install the Stackdriver Logging agent on the VMs.

C.

Install the Stackdriver Monitoring agent on the VMs.

D.

Use Stackdriver Trace to look for performance bottlenecks.

Question 20

You have an on-premises application that authenticates to the Cloud Storage API using a user-managed service account with a user-managed key. The application connects to Cloud Storage using Private Google Access over a Dedicated Interconnect link. You discover that requests from the application to access objects in the Cloud Storage bucket are failing with a 403 Permission Denied error code. What is the likely cause of this issue?

Options:

A.

The folder structure inside the bucket and object paths have changed.

B.

The permissions of the service account’s predefined role have changed.

C.

The service account key has been rotated but not updated on the application server.

D.

The Interconnect link from the on-premises data center to Google Cloud is experiencing a temporary outage.

Question 21

You have two tables in an ANSI-SQL compliant database with identical columns that you need to quickly

combine into a single table, removing duplicate rows from the result set.

What should you do?

Options:

A.

Use the JOIN operator in SQL to combine the tables.

B.

Use nested WITH statements to combine the tables.

C.

Use the UNION operator in SQL to combine the tables.

D.

Use the UNION ALL operator in SQL to combine the tables.

Question 22

You are developing an online gaming platform as a microservices application on Google Kubernetes Engine (GKE). Users on social media are complaining about long loading times for certain URL requests to the application. You need to investigate performance bottlenecks in the application and identify which HTTP requests have a significantly high latency span in user requests. What should you do9

Options:

A.

Update your microservices lo log HTTP request methods and URL paths to STDOUT Use the logs router to send container logs to Cloud Logging. Create fillers in Cloud Logging to evaluate the latency of user requests across different methods and URL paths.

B.

Install tcpdiimp on your GKE nodes. Run tcpdunm-- to capture network traffic over an extended period of time to collect data. Analyze the

data files using Wireshark to determine the cause of high latency

C.

Instrument your microservices by installing the Open Telemetry tracing package. Update your application code to send traces to Trace for inspection and analysis. Create an analysis report on Trace to analyze user requests

D.

Configure GKE workload metrics using kubect1. Select all Pods to send their metrics to Cloud Monitoring. Create a custom dashboard of application metrics in Cloud Monitoring to determine performance bottlenecks of your GKE cluster.

Question 23

You need to copy directory local-scripts and all of its contents from your local workstation to a Compute

Engine virtual machine instance.

Which command should you use?

Options:

A.

gsutil cp --project “my-gcp-project” -r ~/local-scripts/ gcp-instance-name:~/

server-scripts/ --zone “us-east1-b”

B.

gsutil cp --project “my-gcp-project” -R ~/local-scripts/ gcp-instance-name:~/

server-scripts/ --zone “us-east1-b”

C.

gcloud compute scp --project “my-gcp-project” --recurse ~/local-scripts/ gcpinstance-

name:~/server-scripts/ --zone “us-east1-b”

D.

gcloud compute mv --project “my-gcp-project” --recurse ~/local-scripts/ gcpinstance-

name:~/server-scripts/ --zone “us-east1-b”

Question 24

Your operations team has asked you to create a script that lists the Cloud Bigtable, Memorystore, and Cloud SQL databases running within a project. The script should allow users to submit a filter expression to limit the results presented. How should you retrieve the data?

Options:

A.

Use the HBase API, Redis API, and MySQL connection to retrieve database lists. Combine the results, and then apply the filter to display the results

B.

Use the HBase API, Redis API, and MySQL connection to retrieve database lists. Filter the results individually, and then combine them to display the results

C.

Run gcloud bigtable instances list, gcloud redis instances list, and gcloud sql databases list. Use a filter within the application, and then display the results

D.

Run gcloud bigtable instances list, gcloud redis instances list, and gcloud sql databases list. Use --filter flag with each command, and then display the results

Question 25

You work for an organization that manages an ecommerce site. Your application is deployed behind a global HTTP(S) load balancer. You need to test a new product recommendation algorithm. You plan to use A/B testing to determine the new algorithm’s effect on sales in a randomized way. How should you test this feature?

Options:

A.

Split traffic between versions using weights.

B.

Enable the new recommendation feature flag on a single instance.

C.

Mirror traffic to the new version of your application.

D.

Use HTTP header-based routing.

Question 26

You are developing an application that will be launched on Compute Engine instances into multiple distinct projects, each corresponding to the environments in your software development process (development, QA, staging, and production). The instances in each project have the same application code but a different configuration. During deployment, each instance should receive the application’s configuration based on the environment it serves. You want to minimize the number of steps to configure this flow.

What should you do?

Options:

A.

When creating your instances, configure a startup script using the gcloud command to determine the project name that indicates the correct environment.

B.

In each project, configure a metadata key “environment” whose value is the environment it serves. Use your deployment tool to query the instance metadata and configure the application based on the “environment” value.

C.

Deploy your chosen deployment tool on an instance in each project. Use a deployment job to retrieve the appropriate configuration file from your version control system, and apply the configuration when deploying the application on each instance.

D.

During each instance launch, configure an instance custom-metadata key named “environment” whose value is the environment the instance serves. Use your deployment tool to query the instance metadata, and configure the application based on the “environment” value.

Question 27

Your application requires service accounts to be authenticated to GCP products via credentials stored on its host Compute Engine virtual machine instances. You want to distribute these credentials to the host instances as securely as possible. What should you do?

Options:

A.

Use HTTP signed URLs to securely provide access to the required resources.

B.

Use the instance’s service account Application Default Credentials to authenticate to the required resources.

C.

Generate a P12 file from the GCP Console after the instance is deployed, and copy the credentials to the host instance before starting the application.

D.

Commit the credential JSON file into your application’s source repository, and have your CI/CD process package it with the software that is deployed to the instance.

Question 28

You want to migrate an on-premises container running in Knative to Google Cloud. You need to make sure that the migration doesn't affect your application's deployment strategy, and you want to use a fully managed service. Which Google Cloud service should you use to deploy your container?

Options:

A.

Cloud Run

B.

Compute Engine

C.

Google Kubernetes Engine

D.

App Engine flexible environment

Question 29

You are designing a schema for a Cloud Spanner customer database. You want to store a phone number array field in a customer table. You also want to allow users to search customers by phone number. How should you design this schema?

Options:

A.

Create a table named Customers. Add an Array field in a table that will hold phone numbers for the customer.

B.

Create a table named Customers. Create a table named Phones. Add a CustomerId field in the Phones table to find the CustomerId from a phone number.

C.

Create a table named Customers. Add an Array field in a table that will hold phone numbers for the customer. Create a secondary index on the Array field.

D.

Create a table named Customers as a parent table. Create a table named Phones, and interleave this table into the Customer table. Create an index on the phone number field in the Phones table.

Question 30

You work for a web development team at a small startup. Your team is developing a Node.js application using Google Cloud services, including Cloud Storage and Cloud Build. The team uses a Git repository for version control. Your manager calls you over the weekend and instructs you to make an emergency update to one of the company’s websites, and you’re the only developer available. You need to access Google Cloud to make the update, but you don’t have your work laptop. You are not allowed to store source code locally on a non-corporate computer. How should you set up your developer environment?

Options:

A.

Use a text editor and the Git command line to send your source code updates as pull requests from a public computer.

B.

Use a text editor and the Git command line to send your source code updates as pull requests from a virtual machine running on a public computer.

C.

Use Cloud Shell and the built-in code editor for development. Send your source code updates as pull requests.

D.

Use a Cloud Storage bucket to store the source code that you need to edit. Mount the bucket to a public computer as a drive, and use a code editor to update the code. Turn on versioning for the bucket, and point it to the team’s Git repository.

Question 31

You have a container deployed on Google Kubernetes Engine. The container can sometimes be slow to launch, so you have implemented a liveness probe. You notice that the liveness probe occasionally fails on launch. What should you do?

Options:

A.

Add a startup probe.

B.

Increase the initial delay for the liveness probe.

C.

Increase the CPU limit for the container.

D.

Add a readiness probe.

Question 32

Your team is developing a Cloud Function triggered by Cloud Storage Events. You want to accelerate testing and development of your Cloud Function while following Google-recommended best practices. What should you do?

Options:

A.

Install the Functions Frameworks library, and configure the Cloud Function on localhost. Make a copy of the function, and make edits to the new version Test the new version using cur1.

B.

Make a copy of the Cloud Function, and rewrite the code to be HTTP-triggered Edit and test the new version

by triggering the HTTP endpoint. Send mock requests to the new function to evaluate the functionality.

C.

Make a copy of the Cloud Function in the Google Cloud Console Use the Cloud console's in-line editor to

make source code changes to the new function Modify your web application to call the new function and test the new version in production.

D.

Create a new Cloud Function that is triggered when Cloud Audit Logs detects the

cloudfunctions. functions. sourceCodeSet operation in the original Cloud Function Send mock

requests to the new function to evaluate the functionality.

Question 33

Your company’s development teams want to use various open source operating systems in their Docker builds. When images are created in published containers in your company’s environment, you need to scan them for Common Vulnerabilities and Exposures (CVEs). The scanning process must not impact software development agility. You want to use managed services where possible. What should you do?

Options:

A.

Enable the Vulnerability scanning setting in the Container Registry.

B.

Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.

C.

Disallow the use of non-commercially supported base images in your development environment.

D.

Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.

Question 34

You have an application deployed in production. When a new version is deployed, you want to ensure that all production traffic is routed to the new version of your application. You also want to keep the previous version deployed so that you can revert to it if there is an issue with the new version.

Which deployment strategy should you use?

Options:

A.

Blue/green deployment

B.

Canary deployment

C.

Rolling deployment

D.

Recreate deployment

Question 35

You are working on a new application that is deployed on Cloud Run and uses Cloud Functions Each time new features are added, new Cloud Functions and Cloud Run services are deployed You use ENV variables to keep track of the services and enable interservice communication but the maintenance of the ENV variables has become difficult. You want to implement dynamic discovery in a scalable way. What should you do?

Options:

A.

Create a Service Directory Namespace Use API calls to register the services during deployment, and query during runtime.

B.

Configure your microservices to use the Cloud Run Admin and Cloud Functions APIs to query for deployed Cloud Run services and Cloud Functions in the Google Cloud project.

C.

Deploy Hashicorp Consul on a single Compute Engine Instance Register the services with Consul during deployment and query during runtime

D.

Rename the Cloud Functions and Cloud Run services endpoints using a well-documented naming

convention

Question 36

You are using Cloud Build build to promote a Docker image to Development, Test, and Production environments. You need to ensure that the same Docker image is deployed to each of these environments. How should you identify the Docker image in your build?

Options:

A.

Use the latest Docker image tag.

B.

Use a unique Docker image name.

C.

Use the digest of the Docker image.

D.

Use a semantic version Docker image tag.

Question 37

One of your deployed applications in Google Kubernetes Engine (GKE) is having intermittent performance issues. Your team uses a third-party logging solution. You want to install this solution on each node in your GKE cluster so you can view the logs. What should you do?

Options:

A.

Deploy the third-party solution as a DaemonSet

B.

Modify your container image to include the monitoring software

C.

Use SSH to connect to the GKE node, and install the software manually

D.

Deploy the third-party solution using Terraform and deploy the logging Pod as a Kubernetes Deployment

Question 38

You are developing a marquee stateless web application that will run on Google Cloud. The rate of the incoming user traffic is expected to be unpredictable, with no traffic on some days and large spikes on other days. You need the application to automatically scale up and down, and you need to minimize the cost associated with running the application. What should you do?

Options:

A.

Build the application in Python with Firestore as the database. Deploy the application to Cloud Run.

B.

Build the application in C# with Firestore as the database. Deploy the application to App Engine flexible environment.

C.

Build the application in Python with CloudSQL as the database. Deploy the application to App Engine standard environment.

D.

Build the application in Python with Firestore as the database. Deploy the application to a Compute Engine managed instance group with autoscaling.

Question 39

You are monitoring a web application that is written in Go and deployed in Google Kubemetes Engine. You notice an increase in CPU and memory utilization. You need to determine which function is consuming the most CPU and memory resources. What should you do?

Options:

A.

Import the Cloud Profiler package into your application, and initialize the Profiler agent. Review the generated flame graph in the Google Cloud console to identify time-intensive functions.

B.

Create a Cloud Logging query that gathers the web application's logs. Write a Python script that calculates the difference between the

timestamps from the beginning and the end of the application's longest functions to identity time-intensive functions.

C.

Import OpenTelemetry and Trace export packages into your application, and create the trace provider. Review the latency data for your

application on the Trace overview page, and identify which functions cause the most latercy.

D.

Add print commands to the application source code to log when each function is called, and redeploy the application.

Question 40

Your company has created an application that uploads a report to a Cloud Storage bucket. When the report is uploaded to the bucket, you want to publish a message to a Cloud Pub/Sub topic. You want to implement a solution that will take a small amount to effort to implement. What should you do?

Options:

A.

Configure the Cloud Storage bucket to trigger Cloud Pub/Sub notifications when objects are modified.

B.

Create an App Engine application to receive the file; when it is received, publish a message to the Cloud Pub/Sub topic.

C.

Create a Cloud Function that is triggered by the Cloud Storage bucket. In the Cloud Function, publish a message to the Cloud Pub/Sub topic.

D.

Create an application deployed in a Google Kubernetes Engine cluster to receive the file; when it is received, publish a message to the Cloud Pub/Sub topic.