Google PROFESSIONAL-CLOUD-DEVELOPER Online Practice Questions and Exam Preparation

Google PROFESSIONAL-CLOUD-DEVELOPER Online Questions & Answers

• Question 181:

  Your Compute Engine application needs to call Google APIs but does not have a public IP address.

  What should you configure?

  A. Cloud NAT
  B. Private Google Access
  C. VPC Peering
  D. Shared VPC
  B. Private Google Access

  ---

  Explanation

  Private Google Access enables Compute Engine instances without external IP addresses to access Google APIs and services securely over Google's internal network.

  Testlet 1

  Mix Question 3

• Question 182:

  You are a developer at a financial institution. You use Cloud Shell to interact with Google Cloud services. User data is currently stored on an ephemeral disk; however, a recently passed regulation mandates that you can no longer store sensitive information on an ephemeral disk. You need to implement a new storage solution for your user data. You want to minimize code changes.

  Where should you store your user data?

  A. Store user data on a Cloud Shell home disk, and log in at least every 120 days to prevent its deletion.
  B. Store user data on a persistent disk in a Compute Engine instance.
  C. Store user data in a Cloud Storage bucket.
  D. Store user data in BigQuery tables.
  B. Store user data on a persistent disk in a Compute Engine instance.

• Question 183:

  You are monitoring a web application that is written in Go and deployed in Google Kubernetes Engine. You notice an increase in CPU and memory utilization. You need to determine which source code is consuming the most CPU and memory resources.

  What should you do?

  A. Download, install, and start the Snapshot Debugger agent in your VM. Take debug snapshots of the functions that take the longest time. Review the call stack frame, and identify the local variables at that level in the stack.
  B. Import the Cloud Profiler package into your application, and initialize the Profiler agent. Review the generated flame graph in the Google Cloud console to identify time-intensive functions.
  C. Import OpenTelemetry and Trace export packages into your application, and create the trace provider.Review the latency data for your application on the Trace overview page, and identify where bottlenecks are occurring.
  D. Create a Cloud Logging query that gathers the web application's logs. Write a Python script that calculates the difference between the timestamps from the beginning and the end of the application's longest functions to identity time-intensive functions.
  B. Import the Cloud Profiler package into your application, and initialize the Profiler agent. Review the generated flame graph in the Google Cloud console to identify time-intensive functions.

• Question 184:

  You need to load-test a set of REST API endpoints that are deployed to Cloud Run. The API responds to HTTP POST requests. Your load tests must meet the following requirements:

  1. Load is initiated from multiple parallel threads.

  2. User traffic to the API originates from multiple source IP addresses.

  3. Load can be scaled up using additional test instances.

  You want to follow Google-recommended best practices.

  How should you configure the load testing?

  A. Create an image that has curl installed, and configure curl to run a test plan. Deploy the image in a managed instance group, and run one instance of the image for each VM.
  B. Create an image that has curl installed, and configure curl to run a test plan. Deploy the image in an unmanaged instance group, and run one instance of the image for each VM.
  C. Deploy a distributed load testing framework on a private GKE cluster. Deploy additional Pods as needed to initiate more traffic and support the number of concurrent users.
  D. Download the container image of a distributed load testing framework on Cloud Shell. Sequentially start several instances of the container on Cloud Shell to increase the load on the API.
  C. Deploy a distributed load testing framework on a private GKE cluster. Deploy additional Pods as needed to initiate more traffic and support the number of concurrent users.

• Question 185:

  You are responsible for deploying a new API. That API will have three different URL paths:

  1. https://yourcompany.com/students

  2. https://yourcompany.com/teachers

  3. https://yourcompany.com/classes

  You need to configure each API URL path to invoke a different function in your code.

  What should you do?

  A. Create one Cloud Function as a backend service exposed using an HTTPS load balancer.
  B. Create three Cloud Functions exposed directly.
  C. Create one Cloud Function exposed directly.
  D. Create three Cloud Functions as three backend services exposed using an HTTPS load balancer.
  D. Create three Cloud Functions as three backend services exposed using an HTTPS load balancer.

• Question 186:

  You have written a Cloud Function that accesses other Google Cloud resources. You want to secure the environment using the principle of least privilege.

  What should you do?

  A. Create a new service account that has Editor authority to access the resources. The deployer is given permission to get the access token.
  B. Create a new service account that has a custom IAM role to access the resources. The deployer is given permission to get the access token.
  C. Create a new service account that has Editor authority to access the resources. The deployer is given permission to act as the new service account.
  D. Create a new service account that has a custom IAM role to access the resources. The deployer is given permission to act as the new service account.
  D. Create a new service account that has a custom IAM role to access the resources. The deployer is given permission to act as the new service account.

  ---

  Explanation

  https://cloud.google.com/blog/products/application-development/least-privilege-for-cloud-functions-using-cloud-iam

• Question 187:

  You are developing a new API that creates requests on an asynchronous message service. Requests will be consumed by different services. You need to expose the API by using a gRPC interface while minimizing infrastructure management overhead.

  How should you deploy the API?

  A. Deploy your API to App Engine. Create a Pub/Sub topic, and configure your API to push messages to the topic.
  B. Deploy your API as a Cloud Run service. Create a Pub/Sub topic, and configure your API to push messages to the topic.
  C. Deploy your API to a GKE cluster. Create a Kafka cluster, and configure your API to write messages to the cluster.
  D. Deploy your API on a Compute Engine instance. Create a Kafka cluster, and configure your API to write messages to the cluster.
  B. Deploy your API as a Cloud Run service. Create a Pub/Sub topic, and configure your API to push messages to the topic.

  ---

  Explanation

  https://techcommunity.microsoft.com/t5/azure-integration-services-blog/introducing-grpc-api-support-in-azure-api-management-self-hosted/ba-p/3975087

• Question 188:

  For this question, refer to the HipLocal case study.

  Which Google Cloud product addresses HipLocal's business requirements for service level indicators and objectives?

  A. Cloud Profiler
  B. Cloud Monitoring
  C. Cloud Trace
  D. Cloud Logging
  B. Cloud Monitoring

  ---

  Explanation

  https://cloud.google.com/stackdriver/docs/solutions/slo-monitoring#defn-sli

• Question 189:

  You are developing an application using different microservices that must remain internal to the cluster. You want the ability to configure each microservice with a specific number of replicas. You also want the ability to address a specific microservice from any other microservice in a uniform way, regardless of the number of replicas the microservice scales to. You plan to implement this solution on Google Kubernetes Engine.

  What should you do?

  A. Deploy each microservice as a Deployment. Expose the Deployment in the cluster using a Service, and use the Service DNS name to address it from other microservices within the cluster.
  B. Deploy each microservice as a Deployment. Expose the Deployment in the cluster using an Ingress, and use the Ingress IP address to address the Deployment from other microservices within the cluster.
  C. Deploy each microservice as a Pod. Expose the Pod in the cluster using a Service, and use the Service DNS name to address the microservice from other microservices within the cluster.
  D. Deploy each microservice as a Pod. Expose the Pod in the cluster using an Ingress, and use the Ingress IP address to address the Pod from other microservices within the cluster.
  A. Deploy each microservice as a Deployment. Expose the Deployment in the cluster using a Service, and use the Service DNS name to address it from other microservices within the cluster.

• Question 190:

  You are about to deploy an application hosted on a Compute Engine instance with Windows OS and Cloud SQL. You plan to use the Cloud SQL Auth Proxy for connectivity to the Cloud SQL instance. You plan to follow Google-recommended practices and the principle of least privilege. You have already created a custom service account.

  What should you do next?

  A. Create and assign a custom role with the cloudsql.instances.connect permission to the custom service account. Adjust the Cloud SQL Auth Proxy start command to specify your instance connection name.
  B. Grant the custom service account the roles/cloudsql.client role. Adjust the Cloud SQL Auth Proxy start command to use the --unix-socket CLI option.
  C. Grant the custom service account the roles/cloudsql.editor role.
  D. Grant the custom service account the roles/cloudsql.viewer role. Adjust the Cloud SQL Auth Proxy start command to specify your instance connection name.
  B. Grant the custom service account the roles/cloudsql.client role. Adjust the Cloud SQL Auth Proxy start command to use the --unix-socket CLI option.

  ---

  Explanation

  https://cloud.google.com/sql/docs/mysql/connect-auth-proxy