Google PROFESSIONAL-CLOUD-DEVELOPER Online Practice
Questions and Exam Preparation
PROFESSIONAL-CLOUD-DEVELOPER Exam Details
Exam Code
:PROFESSIONAL-CLOUD-DEVELOPER
Exam Name
:Professional Cloud Developer
Certification
:Google Certifications
Vendor
:Google
Total Questions
:405 Q&As
Last Updated
:May 24, 2026
Google PROFESSIONAL-CLOUD-DEVELOPER Online Questions &
Answers
Question 151:
You are porting an existing Apache/MySQL/PHP application stack from a single machine to Google Kubernetes Engine. You need to determine how to containerize the application. Your approach should follow Google-recommended best practices for availability.
What should you do?
A. Package each component in a separate container. Implement readiness and liveness probes. B. Package the application in a single container. Use a process management tool to manage each component. C. Package each component in a separate container. Use a script to orchestrate the launch of the components. D. Package the application in a single container. Use a bash script as an entrypoint to the container, and then spawn each component as a background job.
A. Package each component in a separate container. Implement readiness and liveness probes.
Question 152:
You are developing a web application that contains private images and videos stored in a Cloud Storage bucket. Your users are anonymous and do not have Google Accounts. You want to use your application- specific logic to control access to the images and videos.
How should you configure access?
A. Cache each web application user's IP address to create a named IP table using Google Cloud Armor. Create a Google Cloud Armor security policy that allows users to access the backend bucket. B. Grant the Storage Object Viewer IAM role to allUsers. Allow users to access the bucket after authenticating through your web application. C. Configure Identity-Aware Proxy (IAP) to authenticate users into the web application. Allow users to access the bucket after authenticating through IAP. D. Generate a signed URL that grants read access to the bucket. Allow users to access the URL after authenticating through your web application.
D. Generate a signed URL that grants read access to the bucket. Allow users to access the URL after authenticating through your web application.
Question 153:
Your team develops services that run on Google Cloud. You need to build a data processing service and will use Cloud Functions. The data to be processed by the function is sensitive. You need to ensure that invocations can only happen from authorized services and follow Google-recommended best practices for securing functions.
What should you do?
A. Enable Identity-Aware Proxy in your project. Secure function access using its permissions. B. Create a service account with the Cloud Functions Viewer role. Use that service account to invoke the function. C. Create a service account with the Cloud Functions Invoker role. Use that service account to invoke the function. D. Create an OAuth 2.0 client ID for your calling service in the same project as the function you want to secure. Use those credentials to invoke the function.
C. Create a service account with the Cloud Functions Invoker role. Use that service account to invoke the function.
Your application in production has recently been experiencing reliability issues, and you are unsure how the application will behave in the event of an unexpected failure. You want to assess the application's resilience.
What should you do?
A. Write end-to-end tests to determine how different microservices interact. Validate that all tests pass. B. Perform chaos engineering by intentionally introducing failures into the system. Observe how the application behaves, and ensure that it is able to recover from a failure. C. Test individual units of code for a critical portion of the application's code. Ensure that unit tests are part of the Cloud Build pipeline. D. Perform load testing of the application, and use JMeter for the critical endpoints of the application.Ensure that the application performs as expected under a heavy load.
B. Perform chaos engineering by intentionally introducing failures into the system. Observe how the application behaves, and ensure that it is able to recover from a failure.
Explanation
Chaos engineering is the practice of intentionally introducing failures into a system to test its resilience and observe how it behaves under unexpected conditions. This approach allows you to uncover potential weaknesses and ensure that the application can recover from failures. By testing with chaos engineering, you gain insights into how the system behaves in production-like failure scenarios, which is essential for assessing and improving resilience.
Other options, like end-to-end testing, unit testing, and load testing, are useful for verifying functionality and performance but do not directly assess how the application behaves during unexpected failures.
Question 155:
You have an application running on Google Kubernetes Engine (GKE). The application is currently using a logging library and is outputting to standard output. You need to export the logs to Cloud Logging, and you need the logs to include metadata about each request. You want to use the simplest method to accomplish this.
What should you do?
A. Change your application's logging library to the Cloud Logging library, and configure your application to export logs to Cloud Logging. B. Update your application to output logs in JSON format, and add the necessary metadata to the JSON. C. Update your application to output logs in CSV format, and add the necessary metadata to the CSV. D. Install the Fluent Bit agent on each of your GKE nodes, and have the agent export all logs from /var/.log
A. Change your application's logging library to the Cloud Logging library, and configure your application to export logs to Cloud Logging.
Question 156:
You are designing an application that shares PDF files containing time-sensitive information with users. The PDF files are saved in Cloud Storage. You need to provide secure access to the files.
You have the following requirements:
1. Users should only have access to files that they are allowed to view.
2. Users should be able to request to read, write, or delete the PDF files for 24 hours.
Not all users of the application have a Google account.
How should you provide access to data objects?
A. Configure the application to generate signed URLs with an expiration time of 24 hours. Share the signed URLs with users. Attach the signed URL to the PDF files that users require access to. B. Provide users with the Service Account Token Creator IAM role to impersonate the application's service account. Assign the Cloud Storage User IAM role to the application's service account to access the Cloud Storage bucket. Rotate the application's service account key every 24 hours. C. Generate a service account that grants access to the POF files. Configure the application to provide users with a download link to the service account's key file. Set an expiration time of 24 hours to the service account Keys. Instruct users to authenticate by using the service account key file. D. Assign the Storage Object User IAM role to users that request access to the PDF files. Set an IAM condition on the role to expire after 24 hours.
A. Configure the application to generate signed URLs with an expiration time of 24 hours. Share the signed URLs with users. Attach the signed URL to the PDF files that users require access to.
Explanation
Signed URLs are an effective way to provide secure, time-limited access to files stored in Cloud Storage, especially for users without Google accounts. With signed URLs, the application can grant users access to specific files with a specified expiration time (in this case, 24 hours). The signed URL approach meets the requirement for fine-grained, temporary access control without needing users to authenticate via Google accounts or service account keys, which simplifies the process and improves security.
Question 157:
In order for HipLocal to store application state and meet their stated business requirements, which database service should they migrate to?
A. Cloud Spanner B. Cloud Datastore C. Cloud Memorystore as a cache D. Separate Cloud SQL clusters for each region
A. Cloud Spanner
Question 158:
You are customizing a VM instance for development and need to choose either SSD or Standard Persistent Disks for your VM. Your team's cloud architect is not currently available for you to consult. You need to quickly determine the advantages and disadvantages of using SSD or Standard storage.
What should you do?
A. Use Gemini Cloud Assist, and prompt "What is the difference between SSD and Standard Persistent Disks?" B. Request help on internet forums such as Reddit or Stack Overflow. C. Review the Google Cloud documentation on Persistent Disks. D. Review reference architectures that match your application in the Cloud Architecture Center.
C. Review the Google Cloud documentation on Persistent Disks.
Explanation
Reviewing the Google Cloud documentation on Persistent Disks provides authoritative, up-to-date, and comprehensive details on the advantages and disadvantages of SSD versus Standard storage, enabling you to make an informed decision quickly.
Question 159:
You are deploying your application to a Compute Engine virtual machine instance. Your application is configured to write its log files to disk. You want to view the logs in Stackdriver Logging without changing the application code.
What should you do?
A. Install the Stackdriver Logging Agent and configure it to send the application logs. B. Use a Stackdriver Logging Library to log directly from the application to Stackdriver Logging. C. Provide the log file folder path in the metadata of the instance to configure it to send the application logs. D. Change the application to log to /var/log so that its logs are automatically sent to Stackdriver Logging.
A. Install the Stackdriver Logging Agent and configure it to send the application logs.
Question 160:
You are developing a mobile application that allows users to create and manage to-do lists. Your application has the following requirements:
1. Store and synchronize data between different mobile devices.
2. Support offline access.
3. Provide real-time updates on each user's device.
You need to implement a database solution while minimizing operational effort.
Which approach should you use?
A. Create a Cloud SQL for MySQL instance. Implement a data model to store to-do list information. Create indexes for the most heavily and frequently used queries. B. Create a Bigtable instance. Design a database schema to avoid hotspots when writing data. Use a Bigtable change stream to capture data changes. C. Use Firestore as the database. Configure Firestore offline persistence to cache a copy of the Firestore data. Listen to document changes to update applications whenever there are document changes. D. Implement a SQLite database on each user's device. Use a scheduled job to synchronize each device database with a copy stored in Cloud Storage.
C. Use Firestore as the database. Configure Firestore offline persistence to cache a copy of the Firestore data. Listen to document changes to update applications whenever there are document changes.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Google exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your PROFESSIONAL-CLOUD-DEVELOPER exam preparations
and Google certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.