Google Google Certifications PROFESSIONAL-CLOUD-DEVELOPER Questions & Answers

• Question 161:

  You are developing a new application. You want the application to be triggered only when a given file is updated in your Cloud Storage bucket. Your trigger might change, so your process must support different types of triggers. You want the configuration to be simple so that multiple team members can update the triggers in the future. What should you do?

  A. Create an Eventarc trigger that monitors your Cloud Storage bucket for a specific filename, and set the target as Cloud Run.

  B. Configure Cloud Storage events to be sent to Pub/Sub, and use Pub/Sub events to trigger a Cloud Build job that executes your application.

  C. Configure a Firebase function that executes your application and is triggered when an object is updated in Cloud Storage.

  D. Configure a Cloud Function that executes your application and is triggered when an object is updated in Cloud Storage.

  Correct Answer: C

• Question 162:

  Your company uses Cloud Logging to manage large volumes of log data. You need to build a real-time log analysis architecture that pushes logs to a third-party application for processing. What should you do?

  A. Create a Cloud Logging log export to Pub/Sub.

  B. Create a Cloud Logging log export to BigQuery.

  C. Create a Cloud Logging log export to Cloud Storage.

  D. Create a Cloud Function to read Cloud Logging log entries and send them to the third- party application.

  Correct Answer: A

• Question 163:

  You need to migrate an internal file upload API with an enforced 500-MB file size limit to App Engine. What should you do?

  A. Use FTP to upload files.

  B. Use CPanel to upload files.

  C. Use signed URLs to upload files.

  D. Change the API to be a multipart file upload API.

  Correct Answer: C

  Reference: https://wiki.christophchamp.com/index.php?title=Google_Cloud_Platform

• Question 164:

  Your team detected a spike of errors in an application running on Cloud Run in your production project. The application is configured to read messages from Pub/Sub topic A, process the messages, and write the messages to topic B. You want to conduct tests to identify the cause of the errors. You can use a set of mock messages for testing. What should you do?

  A. Deploy the Pub/Sub and Cloud Run emulators on your local machine. Deploy the application locally, and change the logging level in the application to DEBUG or INFO. Write mock messages to topic A, and then analyze the logs.

  B. Use the gcloud CLI to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.

  C. Deploy the Pub/Sub emulator on your local machine. Point the production application to your local Pub/Sub topics. Write mock messages to topic A, and then analyze the logs.

  D. Use the Google Cloud console to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.

  Correct Answer: B

• Question 165:

  Your teammate has asked you to review the code below, which is adding a credit to an account balance in Cloud Datastore. Which improvement should you suggest your teammate make?

  

  A. Get the entity with an ancestor query.

  B. Get and put the entity in a transaction.

  C. Use a strongly consistent transactional database.

  D. Don't return the account entity from the function.

  Correct Answer: A

• Question 166:

  Your service adds text to images that it reads from Cloud Storage. During busy times of the year, requests to

  Cloud Storage fail with an HTTP 429 "Too Many Requests" status code.

  How should you handle this error?

  A. Add a cache-control header to the objects.

  B. Request a quota increase from the GCP Console.

  C. Retry the request with a truncated exponential backoff strategy.

  D. Change the storage class of the Cloud Storage bucket to Multi-regional.

  Correct Answer: C

  Reference: https://developers.google.com/gmail/api/v1/reference/quota

• Question 167:

  You have written a Cloud Function that accesses other Google Cloud resources. You want to secure the environment using the principle of least privilege. What should you do?

  A. Create a new service account that has Editor authority to access the resources. The deployer is given permission to get the access token.

  B. Create a new service account that has a custom IAM role to access the resources. The deployer is given permission to get the access token.

  C. Create a new service account that has Editor authority to access the resources. The deployer is given permission to act as the new service account.

  D. Create a new service account that has a custom IAM role to access the resources. The deployer is given permission to act as the new service account.

  Correct Answer: D

  Reference: https://cloud.google.com/blog/products/application-development/least-privilege- for-cloud-functions-using-cloud-iam

• Question 168:

  You are a developer at a large corporation You manage three Google Kubernetes Engine clusters. Your team's developers need to switch from one cluster to another regularly without losing access to their preferred development tools. You want to configure access to these clusters using the fewest number of steps while following Google-recommended best practices. What should you do?

  A. Ask the developers to use Cloud Shell and run gcloud container clusters get-credentials to switch to another cluster.

  B. Ask the developers to open three terminals on their workstation and use kubecrt1 config to configure access to each cluster.

  C. Ask the developers to install the gcloud CLI on their workstation and run gcloud container clusters get-credentials to switch to another cluster

  D. In a configuration file, define the clusters users, and contexts Email the file to the developers and ask them to use kubect1 config to add cluster, user and context details.

  Correct Answer: D

  Explanation: https://kubernetes.io/docs/tasks/access-application-cluster/configure-access- multiple-clusters/

• Question 169:

  You are deploying a Python application to Cloud Run using Cloud Build. The Cloud Build pipeline is shown below:

  

  You want to optimize deployment times and avoid unnecessary steps What should you do?

  A. Remove the step that pushes the container to Artifact Registry.

  B. Add the --cache-from argument to the Docker build step in your build config file.

  C. Store image artifacts in a Cloud Storage bucket in the same region as the Cloud Run instance.

  D. Deploy a new Docker registry in a VPC and use Cloud Build worker pools inside the VPC to run the build pipeline.

  Correct Answer: B

  Explanation: https://cloud.google.com/build/docs/optimize-builds/speeding-up- builds#using_a_cached_docker_image

• Question 170:

  The new version of your containerized application has been tested and is ready to deploy to production on Google Kubernetes Engine. You were not able to fully load-test the new version in pre-production environments, and you need to make sure that it does not have performance problems once deployed. Your deployment must be automated. What should you do?

  A. Use Cloud Load Balancing to slowly ramp up traffic between versions. Use Cloud Monitoring to look for performance issues.

  B. Deploy the application via a continuous delivery pipeline using canary deployments. Use Cloud Monitoring to look for performance issues. and ramp up traffic as the metrics support it.

  C. Deploy the application via a continuous delivery pipeline using blue/green deployments. Use Cloud Monitoring to look for performance issues, and launch fully when the metrics support it.

  D. Deploy the application using kubectl and set the spec.updateStrategv.type to RollingUpdate. Use Cloud Monitoring to look for performance issues, and run the kubectl rollback command if there are any issues.

  Correct Answer: C

  https://cloud.google.com/architecture/implementing-deployment-and-testing-strategies-on- gke#perform_a_bluegreen_deployment