Practice Free Professional Cloud DevOps Engineer Exam Online Questions
You work for a global organization and are running a monolithic application on Compute Engine You need to select the machine type for the application to use that optimizes CPU utilization by using the fewest number of steps You want to use historical system metncs to identify the machine type for the application to use You want to follow Google-recommended practices.
What should you do?
- A . Use the Recommender API and apply the suggested recommendations
- B . Create an Agent Policy to automatically install Ops Agent in all VMs
- C . Install the Ops Agent in a fleet of VMs by using the gcloud CLI
- D . Review the Cloud Monitoring dashboard for the VM and choose the machine type with the lowest CPU utilization
Your organization wants to increase the availability target of an application from 99 9% to 99 99% for an investment of $2 000 The application’s current revenue is S1,000,000 You need to determine whether the increase in availability is worth the investment for a single year of usage.
What should you do?
- A . Calculate the value of improved availability to be $900, and determine that the increase in availability is not worth the investment
- B . Calculate the value of improved availability to be $1 000 and determine that the increase in availability is not worth the investment
- C . Calculate the value of improved availability to be $1 000 and determine that the increase in availability is worth the investment
- D . Calculate the value of improved availability to be $9,000. and determine that the increase in availability is worth the investment
You are deploying an application to Cloud Run. The application requires a password to start. Your organization requires that all passwords are rotated every 24 hours, and your application must have the latest password. You need to deploy the application with no downtime.
What should you do?
- A . Store the password in Secret Manager and send the secret to the application by using environment variables.
- B . Store the password in Secret Manager and mount the secret as a volume within the application.
- C . Use Cloud Build to add your password into the application container at build time. Ensure that
Artifact Registry is secured from public access. - D . Store the password directly in the code. Use Cloud Build to rebuild and deploy the application each time the password changes.
You need to create a Cloud Monitoring SLO for a service that will be published soon. You want to verify that requests to the service will be addressed in fewer than 300 ms at least 90% Of the time per calendar month. You need to identify the metric and evaluation method to use.
What should you do?
- A . Select a latency metric for a request-based method of evaluation.
- B . Select a latency metric for a window-based method of evaluation.
- C . Select an availability metric for a request-based method of evaluation.
- D . Select an availability metric for a window-based method Of evaluation.
You use a multiple step Cloud Build pipeline to build and deploy your application to Google Kubernetes Engine (GKE). You want to integrate with a third-party monitoring platform by performing a HTTP POST of the build information to a webhook. You want to minimize the development effort.
What should you do?
- A . Add logic to each Cloud Build step to HTTP POST the build information to a webhook.
- B . Add a new step at the end of the pipeline in Cloud Build to HTTP POST the build information to a webhook.
- C . Use Stackdriver Logging to create a logs-based metric from the Cloud Buitd logs. Create an Alert with a Webhook notification type.
- D . Create a Cloud Pub/Sub push subscription to the Cloud Build cloud-builds PubSub topic to HTTP POST the build information to a webhook.
You have a set of applications running on a Google Kubernetes Engine (GKE) cluster, and you are using Stackdriver Kubernetes Engine Monitoring. You are bringing a new containerized application required by your company into production. This application is written by a third party and cannot be modified or reconfigured. The application writes its log information to /var/log/app_messages.log, and you want to send these log entries to Stackdriver Logging.
What should you do?
- A . Use the default Stackdriver Kubernetes Engine Monitoring agent configuration.
- B . Deploy a Fluentd daemonset to GKE. Then create a customized input and output configuration to tail the log file in the application’s pods and write to Slackdriver Logging.
- C . Install Kubernetes on Google Compute Engine (GCE> and redeploy your applications. Then customize the built-in Stackdriver Logging configuration to tail the log file in the application’s pods and write to Stackdriver Logging.
- D . Write a script to tail the log file within the pod and write entries to standard output. Run the script as a sidecar container with the application’s pod. Configure a shared volume between the containers to allow the script to have read access to /var/log in the application container.
You need to introduce postmortems into your organization during the holiday shopping season. You are expecting your web application to receive a large volume of traffic in a short period. You need to prepare your application for potential failures during the event.
What should you do? Choose 2 answers
- A . Monitor latency of your services for average percentile latency.
- B . Review your increased capacity requirements and plan for the required quota management.
- C . Create alerts in Cloud Monitoring for all common failures that your application experiences.
- D . Ensure that relevant system metrics are being captured with Cloud Monitoring and create alerts at levels of interest.
- E . Configure Anthos Service Mesh on the application to identify issues on the topology map.
Your company operates in a highly regulated domain. Your security team requires that only trusted container images can be deployed to Google Kubernetes Engine (GKE). You need to implement a solution that meets the requirements of the security team, while minimizing management overhead.
What should you do?
- A . Grant the roles/artifactregistry. writer role to the Cloud Build service account. Confirm that no employee has Artifact Registry write permission.
- B . Use Cloud Run to write and deploy a custom validator Enable an Eventarc trigger to perform validations when new images are uploaded.
- C . Configure Kritis to run in your GKE clusters to enforce deploy-time security policies.
- D . Configure Binary Authorization in your GKE clusters to enforce deploy-time security policies
You are building an application that runs on Cloud Run The application needs to access a third-party API by using an API key You need to determine a secure way to store and use the API key in your application by following Google-recommended practices.
What should you do?
- A . Save the API key in Secret Manager as a secret Reference the secret as an environment variable in the Cloud Run application
- B . Save the API key in Secret Manager as a secret key Mount the secret key under the /sys/api_key directory and decrypt the key in the Cloud Run application
- C . Save the API key in Cloud Key Management Service (Cloud KMS) as a key Reference the key as an environment variable in the Cloud Run application
- D . Encrypt the API key by using Cloud Key Management Service (Cloud KMS) and pass the key to Cloud Run as an environment variable Decrypt and use the key in Cloud Run
You are building an application that runs on Cloud Run The application needs to access a third-party API by using an API key You need to determine a secure way to store and use the API key in your application by following Google-recommended practices.
What should you do?
- A . Save the API key in Secret Manager as a secret Reference the secret as an environment variable in the Cloud Run application
- B . Save the API key in Secret Manager as a secret key Mount the secret key under the /sys/api_key directory and decrypt the key in the Cloud Run application
- C . Save the API key in Cloud Key Management Service (Cloud KMS) as a key Reference the key as an environment variable in the Cloud Run application
- D . Encrypt the API key by using Cloud Key Management Service (Cloud KMS) and pass the key to Cloud Run as an environment variable Decrypt and use the key in Cloud Run