Practice Free Professional Cloud Developer Exam Online Questions
You are planning to deploy hundreds of microservices in your Google Kubernetes Engine (GKE) cluster.
How should you secure communication between the microservices on GKE using a managed service?
- A . Use global HTTP(S) Load Balancing with managed SSL certificates to protect your services
- B . Deploy open source Istio in your GKE cluster, and enable mTLS in your Service Mesh
- C . Install cert-manager on GKE to automatically renew the SSL certificates.
- D . Install Anthos Service Mesh, and enable mTLS in your Service Mesh.
D
Explanation:
https://cloud.google.com/service-mesh/docs/overview#security_benefits
– Ensures encryption in transit. Using mTLS for authentication also ensures that all TCP communications are encrypted in transit.
Validate the application’s performance for the new subset of users during the rollout and roll back if an issue arises.
Your application is running on Compute Engine and is showing sustained failures for a small number of requests. You have narrowed the cause down to a single Compute Engine instance, but the instance is unresponsive to SSH.
What should you do next?
- A . Reboot the machine.
- B . Enable and check the serial port output.
- C . Delete the machine and create a new one.
- D . Take a snapshot of the disk and attach it to a new machine.
You are developing an online gaming platform as a microservices application on Google Kubernetes Engine (GKE). Users on social media are complaining about long loading times for certain URL requests to the application. You need to investigate performance bottlenecks in the application and identify which HTTP requests have a significantly high latency span in user requests.
What should you do?
- A . Update your microservices lo log HTTP request methods and URL paths to STDOUT Use the logs router to send container logs to Cloud Logging. Create fillers in Cloud Logging to evaluate the latency of user requests across different methods and URL paths.
- B . Install tcpdiimp on your GKE nodes. Run tcpdunm– to capture network traffic over an extended period of time to collect data. Analyze the data files using Wireshark to determine the cause of high latency
- C . Instrument your microservices by installing the Open Telemetry tracing package. Update your application code to send traces to Trace for inspection and analysis. Create an analysis report on Trace to analyze user requests
- D . Configure GKE workload metrics using kubect1. Select all Pods to send their metrics to Cloud Monitoring. Create a custom dashboard of application metrics in Cloud Monitoring to determine performance bottlenecks of your GKE cluster.
You are a developer working with the CI/CD team to troubleshoot a new feature that your team introduced. The CI/CD team used HashiCorp Packer to create a new Compute Engine image from your development branch. The image was successfully built, but is not booting up. You need to investigate the issue with the CI/CD team.
What should you do?
- A . Create a new feature branch, and ask the build team to rebuild the image.
- B . Shut down the deployed virtual machine, export the disk, and then mount the disk locally to access the boot logs.
- C . Install Packer locally, build the Compute Engine image locally, and then run it in your personal Google Cloud project.
- D . Check Compute Engine OS logs using the serial port, and check the Cloud Logging logs to confirm access to the serial port.
D
Explanation:
https://cloud.google.com/compute/docs/troubleshooting/troubleshooting-using-serial-console
HipLocal has connected their Hadoop infrastructure to GCP using Cloud Interconnect in order to query data stored on persistent disks.
Which IP strategy should they use?
- A . Create manual subnets.
- B . Create an auto mode subnet.
- C . Create multiple peered VPCs.
- D . Provision a single instance for NAT.
HipLocal wants to reduce the number of on-call engineers and eliminate manual scaling.
Which two services should they choose? (Choose two.)
- A . Use Google App Engine services.
- B . Use serverless Google Cloud Functions.
- C . Use Knative to build and deploy serverless applications.
- D . Use Google Kubernetes Engine for automated deployments.
- E . Use a large Google Compute Engine cluster for deployments.
You are using Cloud Run to host a web application. You need to securely obtain the application project ID and region where the application is running and display this information to users. You want to use the most performant approach.
What should you do?
- A . Use HTTP requests to query the available metadata server at the http://metadata.google.internal/ endpoint with the Metadata-Flavor: Google header.
- B . In the Google Cloud console, navigate to the Project Dashboard and gather configuration details. Navigate to the Cloud Run “Variables & Secrets” tab, and add the desired environment variables in Key:Value format.
- C . In the Google Cloud console, navigate to the Project Dashboard and gather configuration details.
Write the application configuration information to Cloud Run’s in-memory container filesystem. - D . Make an API call to the Cloud Asset Inventory API from the application and format the request to include instance metadata.
You are deploying a Python application to Cloud Run using Cloud Build.
The Cloud Build pipeline is shown below:
You want to optimize deployment times and avoid unnecessary steps What should you do?
- A . Remove the step that pushes the container to Artifact Registry.
- B . Add the ―cache-from argument to the Docker build step in your build config file.
- C . Store image artifacts in a Cloud Storage bucket in the same region as the Cloud Run instance.
- D . Deploy a new Docker registry in a VPC and use Cloud Build worker pools inside the VPC to run the build pipeline.
B
Explanation:
https://cloud.google.com/build/docs/optimize-builds/speeding-up-builds#using_a_cached_docker_image
You developed a JavaScript web application that needs to access Google Drive’s API and obtain permission from users to store files in their Google Drives. You need to select an authorization approach for your application.
What should you do?
- A . Create an API key.
- B . Create a SAML token.
- C . Create a service account.
- D . Create an OAuth Client ID.
D
Explanation:
Reference: https://developers.google.com/drive/api/v3/about-auth