Professional-Cloud-Developer Practice Exam Questions with Answers Google Certified Professional - Cloud Developer Certification

Create a Google service account with BigQuery access. Add the JSON key to Secret Manager, and use the Go client library to access the JSON key.

Create a Google service account with BigQuery access. Add the Google service account JSON key as a Kubernetes secret, and configure the application to use this secret.

Create a Google service account with BigQuery access. Add the Google service account JSON key to Secret Manager, and use an init container to access the secret for the application to use.

Create a Google service account and a Kubernetes service account. Configure Workload Identity on the GKE cluster, and reference the Kubernetes service account on the application Deployment.

gsutil test –o output.json gs://my-bucket

gsutil perfdiag –o output.json gs://my-bucket

gcloud compute scp example-instance:~/test-data –o output.json gs://my-bucket

gcloud services test –o output.json gs://my-bucket

Create a Cloud Logging log export to Pub/Sub.

Create a Cloud Logging log export to BigQuery.

Create a Cloud Logging log export to Cloud Storage.

Create a Cloud Function to read Cloud Logging log entries and send them to the third-party application.

Create one Pub/Sub topic. Create one pull subscription to allow the audit services to share the messages.

Create one Pub/Sub topic. Create one pull subscription per audit service instance to allow the services to share the messages.

Create one Pub/Sub topic. Create one push subscription with the endpoint pointing to a load balancer in front of the audit services.

Create one Pub/Sub topic per authentication service. Create one pull subscription per topic to be used by one audit service.

Create one Pub/Sub topic per authentication service. Create one push subscription per topic, with the endpoint pointing to one audit service.

Ask the developers to use Cloud Shell and run gcloud container clusters get-credentials to switch to another cluster.

Ask the developers to open three terminals on their workstation and use kubecrt1 config to configure access to each cluster.

Ask the developers to install the gcloud CLI on their workstation and run gcloud container clusters get-credentials to switch to another cluster

In a configuration file, define the clusters users, and contexts Email the file to the developers and ask them to use kubect1 config to add cluster, user and context details.

Deployment

StatefulSet

ReplicaSet

ReplicaController

Enable the Vulnerability scanning setting in the Container Registry.

Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.

Disallow the use of non-commercially supported base images in your development environment.

Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.

Use Stackdriver Monitoring to plot slot usage.

Use Stackdriver Trace to plot API execution time.

Use Stackdriver Trace to plot query execution time.

Use Stackdriver Monitoring to plot query execution times.

Perform a rolling update with a PodDisruptionBudget of 80%.

Perform a rolling update with a HorizontalPodAutoscaler scale-down policy value of 0.

Convert the Deployment to a StatefulSet, and perform a rolling update with a PodDisruptionBudget of 80%.

Convert the Deployment to a StatefulSet, and perform a rolling update with a HorizontalPodAutoscaler scale-down policy value of 0.

Distribute your workload evenly using a multi-zonal node pool.

Distribute your workload evenly using multiple zonal node pools.

Use cluster autoscaler to resize the number of nodes in the node pool, and use a Horizontal Pod Autoscaler to scale the workload.

Create a managed instance group for Compute Engine with the cluster nodes. Configure autoscaling rules for the managed instance group.

Create alerting policies in Cloud Monitoring based on GKE CPU and memory utilization. Ask an on-duty engineer to scale the workload by executing a script when CPU and memory usage exceed predefined thresholds.

Deploy your application on Cloud Run. Use traffic splitting to direct a subset of user traffic to the new version based on the revision tag.

Deploy your application on Google Kubernetes Engine with Anthos Service Mesh. Use traffic splitting to direct a subset of user traffic to the new version based on the user-agent header.

Deploy your application on App Engine. Use traffic splitting to direct a subset of user traffic to the new version based on the IP address.

Deploy your application on Compute Engine. Use Traffic Director to direct a subset of user traffic to the new version based on predefined weights.

Blue/green deployment

Canary deployment

Rolling deployment

Recreate deployment

Implement a mocking framework.

Create a topic and subscription for each tester.

Add a filter by tester to the subscription.

Use the Pub/Sub emulator.

Enable the Error Reporting API on the project.

Grant the instance full access to all Cloud APIs.

Configure the application log file as a custom source.

Create a Stackdriver Logs Export Sink with a filter that matches the application's log entries.

Remove the step that pushes the container to Artifact Registry.

Add the —cache-from argument to the Docker build step in your build config file.

Store image artifacts in a Cloud Storage bucket in the same region as the Cloud Run instance.

Deploy a new Docker registry in a VPC and use Cloud Build worker pools inside the VPC to run the build pipeline.

Traffic Director

Service Directory

Anthos Service Mesh

Internal HTTP(S) Load Balancing

Increase the size of the instance class.

Change the Persistent Disk type to SSD.

Change /product-details to perform the requests in parallel.

Store the /sku-details information in a database, and replace the webservice call with a database query.

A Kubernetes NetworkPolicy resource is blocking HTTP traffic between the Pods.

The Pod initiating the HTTP requests is attempting to connect to the target Pod via an incorrect TCP port.

The Authorization Policy of your cluster is blocking HTTP requests for specific paths within your application.

The cluster has mTLS configured in permissive mode, but the Pod's sidecar proxy is sending unencrypted traffic in plain text.

Assign the Google Cloud service account to your GKE Pod using Workload Identity.

Export the Google Cloud service account, and share it with the Pod as a Kubernetes Secret.

Export the Google Cloud service account, and embed it in the source code of the application.

Export the Google Cloud service account, and upload it to HashiCorp Vault to generate a dynamic service account for your application.

Create a multi-regional Cloud Spanner instance with "nam-asia-eur1" configuration.

Create a multi-regional Cloud Spanner instance with "nam3" configuration.

Create a cluster with at least 3 Spanner nodes.

Create a cluster with at least 1 Spanner node.

Create a minimum of two Cloud Spanner instances in separate regions with at least one node.

Create a Cloud Dataflow pipeline to replicate data across different databases.

Specify the resource limits and requests in the object specifications.

Create a namespace for each team, and attach resource quotas to each namespace.

Create a LimitRange to specify the default compute resource requirements for each namespace.

Create a Kubernetes service account (KSA) for each application, and assign each KSA to the namespace.

Use the Anthos Policy Controller to enforce label annotations on all namespaces. Use taints and tolerations to allow resource sharing for namespaces.

Write to Cloud Spanner using Cloud Client Libraries.

Write to Cloud Spanner using Google API Client Libraries

Write to Cloud Spanner using a custom gRPC client library.

Write to Cloud Spanner using a third-party HTTP client library.

Upload your application to Cloud Storage.

Upload your application to an App Engine environment.

Create a Compute Engine instance with Apache web server installed. Configure Apache web server to

host the application.

Containerize your application first. Deploy this container to Google Kubernetes Engine (GKE) and assign

an external IP address to the GKE pod hosting the application.

Use the JOIN operator in SQL to combine the tables.

Use nested WITH statements to combine the tables.

Use the UNION operator in SQL to combine the tables.

Use the UNION ALL operator in SQL to combine the tables.

Store the logs in a Cloud Storage bucket with bucket lock turned on.

Store the logs in a Cloud Storage bucket with a 3-year retention period.

Store the logs in Cloud Logging as custom logs with a custom retention period.

Store the logs in a Cloud Storage bucket with a 1-year retention period. After 1 year, move the logs to another bucket with a 2-year retention period.

Create a Cloud SQL table that has TransactionId and CustomerId configured as primary keys. Use an incremental number for the TransactionId.

Create a Cloud SQL table that has TransactionId and CustomerId configured as primary keys. Use a random string (UUID) for the Transactionid.

Create a Cloud Spanner table that has TransactionId and CustomerId configured as primary keys. Use a random string (UUID) for the TransactionId.

Create a Cloud Spanner table that has TransactionId and CustomerId configured as primary keys. Use an incremental number for the TransactionId.

Use Cloud Function to monitor resources and raise alerts.

Use Cloud Pub/Sub to monitor resources and raise alerts.

Use Stackdriver Error Reporting to capture errors and raise alerts.

Use Stackdriver Monitoring to monitor resources and raise alerts.

Define your service endpoint information as metadata that is retrieved at runtime and used to connect to the desired service.

Define your service endpoint information as label data that is retrieved at runtime and used to connect to the desired service.

Define your service endpoint information to be retrieved from an environment variable at runtime and used to connect to the desired service.

Define your service to use a fixed hostname and port to connect to the desired service. Replace the service at the endpoint with your new version.

Add a public IP address to the instance. Use the service account key of the instance to encrypt the traffic.

Use Cloud Scheduler to trigger Cloud Build every hour to create an export from the reports. Store the reports in a public Cloud Storage bucket.

Add an HTTP(S) load balancer in front of the monitoring dashboard. Configure Identity-Aware Proxy to secure the communication channel.

Add an HTTP(S) load balancer in front of the monitoring dashboard. Set up a Google-managed SSL certificate on the load balancer for traffic encryption.

Use the gsutil utility to copy files from within the Docker container at startup, and start the service using an ENTRYPOINT script.

Create a PersistentVolumeClaim on the GKE cluster. Access the configuration files from the volume, and start the service using an ENTRYPOINT script.

Use the COPY statement in the Dockerfile to load the configuration into the container image. Verify that the configuration is available, and start the service using an ENTRYPOINT script.

Add a startup script to the GKE instance group to mount the NFS share at node startup. Copy the configuration files into the container, and start the service using an ENTRYPOINT script.

Deploy each microservice as a Deployment. Expose the Deployment in the cluster using a Service, and use the Service DNS name to address it from other microservices within the cluster.

Deploy each microservice as a Deployment. Expose the Deployment in the cluster using an Ingress, and use the Ingress IP address to address the Deployment from other microservices within the cluster.

Deploy each microservice as a Pod. Expose the Pod in the cluster using a Service, and use the Service DNS name to address the microservice from other microservices within the cluster.

Deploy each microservice as a Pod. Expose the Pod in the cluster using an Ingress, and use the Ingress IP address name to address the Pod from other microservices within the cluster.

Use Cloud Logging to check for error logs, and reduce Spanner processing units by small increments until you find the minimum capacity required.

Use Cloud Trace to monitor the requests per sec of incoming requests to Spanner, and reduce Spanner processing units by small increments until you find the minimum capacity required.

Use Cloud Monitoring to monitor the CPU utilization, and reduce Spanner processing units by small increments until you find the minimum capacity required.

Use Snapshot Debugger to check for application errors, and reduce Spanner processing units by small increments until you find the minimum capacity required.

Create manual subnets.

Create an auto mode subnet.

Create multiple peered VPCs.

Provision a single instance for NAT.

Block all traffic on port 443.

Allow all traffic into the network.

Allow traffic on port 443 for a specific tag.

Allow all traffic on port 443 into the network.

Migrate the database to Bigtable and use it to serve all global user traffic.

Migrate the database to Cloud Spanner and use it to serve all global user traffic.

Migrate the database to Firestore in Datastore mode and use it to serve all global user traffic.

Migrate the services to Google Kubernetes Engine and use a load balancer service to better scale the application.

Take frequent snapshots of all of the VMs.

Install the Stackdriver Logging agent on the VMs.

Install the Stackdriver Monitoring agent on the VMs.

Use Stackdriver Trace to look for performance bottlenecks.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain the database credentials.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain a key used to decrypt the database credentials.

Create a service account and grant it the roles/iam.serviceAccountUser role. Impersonate as this account and authenticate using the Cloud SQL Proxy.

Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account. Store and access the database credentials with the Secret Manager API.

Create new Cloud SQL instances in Europe and North America for testing and deployment. Provide developers with local MySQL instances to conduct testing on the application changes.

Migrate data to Bigtable. Instruct the development teams to use the Cloud SDK to emulate a local Bigtable development environment.

Move from Cloud SQL to MySQL hosted on Compute Engine. Replicate hosts across regions in the Americas and Europe. Provide developers with local MySQL instances to conduct testing on the application changes.

Migrate data to Firestore in Native mode and set up instan

Use Google App Engine services.

Use serverless Google Cloud Functions.

Use Knative to build and deploy serverless applications.

Use Google Kubernetes Engine for automated deployments.

Use a large Google Compute Engine cluster for deployments.

Use the current single instance MySQL on Compute Engine and several read-only MySQL servers on

Compute Engine.

Use the current single instance MySQL on Compute Engine, and replicate the data to Cloud SQL in an

external master configuration.

Replace the current single instance MySQL instance with Cloud SQL, and configure high availability.

Replace the current single instance MySQL instance with Cloud SQL, and Google provides redundancy

without further configuration.

Cloud VPN

Cloud Armor

Virtual Private Cloud

Cloud Identity-Aware Proxy

Use the Cloud Data Loss Prevention API for redaction of the review dataset.

Use the Cloud Data Loss Prevention API for de-identification of the review dataset.

Use the Cloud Natural Language Processing API for redaction of the review dataset.

Use the Cloud Natural Language Processing API for de-identification of the review dataset.

Cloud Profiler

Cloud Monitoring

Cloud Trace

Cloud Logging

Cloud Spanner

Cloud Datastore

Cloud Memorystore as a cache

Separate Cloud SQL clusters for each region

BigQuery

Cloud SQL

Cloud Spanner

Cloud Datastore

Include unit tests in their code, and prevent deployments to QA until all tests have a passing status.

Include performance tests in their code, and prevent deployments to QA until all tests have a passing status.

Create health checks for the QA environment, and redeploy the APIs at a later time if the environment is unhealthy.

Redeploy the APIs to App Engine using Traffic Splitting. Do not move QA traffic to the new versions if errors are found.

Cloud Armor

Cloud Functions

Cloud Endpoints

Shielded Virtual Machines

Use local SSDs to store state.

Put a memcache layer in front of MySQL.

Move the state storage to Cloud Spanner.

Replace the MySQL instance with Cloud SQL.

Use Google Kubernetes Engine (GKE) to run the application as a microservice. Run the MySQL database on a dedicated GKE node.

Use multiple Compute Engine instances to run MySQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

Use Memorystore to store session information and CloudSQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

Use a Cloud Storage bucket to serve the application as a static website, and use another Cloud Storage bucket to store user state information.

Create an API key. Use the API key to interact with Google Cloud.

Use the default compute service account to interact with Google Cloud.

Create a service account for the application. Export and deploy the private key for the application. Use the service account to interact with Google Cloud.

Create a service account for the application and for each Google Cloud API used by the application. Export and deploy the private keys used by the application. Use the service account with one Google Cloud API to interact with Google Cloud.

Use App Engine for autoscaling.

Use Cloud Functions for autoscaling.

Use a Compute Engine cluster for the service.

Use a dedicated Compute Engine virtual machine instance for the service.