Your team is setting up a build pipeline for an application that will run in Google Kubernetes Engine (GKE). For security reasons, you only want images produced by the pipeline to be deployed to your GKE cluster. Which combination of Google Cloud services should you use?
A. Google Cloud Deploy. Artifact Registry, and Google Cloud Armor
B. Google Cloud Deploy, Cloud Storage and Google Cloud Armor
C. Cloud Build, Cloud Storage, and Binary Authorization
D. Cloud Build. Artifact Registry and Binary Authorization
You need to load-test a set of REST API endpoints that are deployed to Cloud Run. The API responds to HTTP POST requests Your load tests must meet the following requirements:
?Load is initiated from multiple parallel threads
?User traffic to the API originates from multiple source IP addresses.
?Load can be scaled up using additional test instances
You want to follow Google-recommended best practices How should you configure the load testing'?
A. Create an image that has cURL installed and configure cURLto run a test plan Deploy the image in a managed instance group, and run one instance of the image for each VM.
B. Create an image that has cURL installed and configure cURL to run a test plan Deploy the image in an unmanaged instance group, and run one instance of the image for each VM.
C. Deploy a distributed load testing framework on a private Google Kubernetes Engine Cluster Deploy additional Pods as needed to initiate more traffic and support the number of concurrent users.
D. Download the container image of a distributed load testing framework on Cloud Shell Sequentially start several instances of the container on Cloud Shell to increase the load on the API.
You are planning to deploy your application in a Google Kubernetes Engine (GKE) cluster. Your application
can scale horizontally, and each instance of your application needs to have a stable network identity and its
own persistent disk.
Which GKE object should you use?
A. Deployment
B. StatefulSet
C. ReplicaSet
D. ReplicaController
Your company's development teams want to use various open source operating systems in their Docker builds. When images are created in published containers in your company's environment, you need to scan them for Common Vulnerabilities and Exposures (CVEs). The scanning process must not impact software development agility. You want to use managed services where possible. What should you do?
A. Enable the Vulnerability scanning setting in the Container Registry.
B. Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.
C. Disallow the use of non-commercially supported base images in your development environment.
D. Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.
For this question, refer to the HipLocal case study.
A recent security audit discovers that HipLocal's database credentials for their Compute Engine-hosted MySQL databases are stored in plain text on persistent disks. HipLocal needs to reduce the risk of these credentials being stolen. What should they do?
A. Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain the database credentials.
B. Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain a key used to decrypt the database credentials.
C. Create a service account and grant it the roles/iam.serviceAccountUser role. Impersonate as this account and authenticate using the Cloud SQL Proxy.
D. Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account. Store and access the database credentials with the Secret Manager API.
Your company wants to expand their users outside the United States for their popular application. The
company wants to ensure 99.999% availability of the database for their application and also wants to minimize the read latency for their users across the globe.
Which two actions should they take? (Choose two.)
A. Create a multi-regional Cloud Spanner instance with "nam-asia-eur1" configuration.
B. Create a multi-regional Cloud Spanner instance with "nam3" configuration.
C. Create a cluster with at least 3 Spanner nodes.
D. Create a cluster with at least 1 Spanner node.
E. Create a minimum of two Cloud Spanner instances in separate regions with at least one node.
F. Create a Cloud Dataflow pipeline to replicate data across different databases.
HipLocal wants to reduce the number of on-call engineers and eliminate manual scaling. Which two services should they choose? (Choose two.)
A. Use Google App Engine services.
B. Use serverless Google Cloud Functions.
C. Use Knative to build and deploy serverless applications.
D. Use Google Kubernetes Engine for automated deployments.
E. Use a large Google Compute Engine cluster for deployments.
For this question, refer to the HipLocal case study.
How should HipLocal increase their API development speed while continuing to provide the QA team with a stable testing environment that meets feature requirements?
A. Include unit tests in their code, and prevent deployments to QA until all tests have a passing status.
B. Include performance tests in their code, and prevent deployments to QA until all tests have a passing status.
C. Create health checks for the QA environment, and redeploy the APIs at a later time if the environment is unhealthy.
D. Redeploy the APIs to App Engine using Traffic Splitting. Do not move QA traffic to the new versions if errors are found.
For this question, refer to the HipLocal case study.
HipLocal's application uses Cloud Client Libraries to interact with Google Cloud. HipLocal needs to configure authentication and authorization in the Cloud Client Libraries to implement least privileged access for the application. What should they do?
A. Create an API key. Use the API key to interact with Google Cloud.
B. Use the default compute service account to interact with Google Cloud.
C. Create a service account for the application. Export and deploy the private key for the application. Use the service account to interact with Google Cloud.
D. Create a service account for the application and for each Google Cloud API used by the application. Export and deploy the private keys used by the application. Use the service account with one Google Cloud API to interact with Google Cloud.
HipLocal wants to improve the resilience of their MySQL deployment, while also meeting their business and technical requirements.
Which configuration should they choose?
A. Use the current single instance MySQL on Compute Engine and several read-only MySQL servers on Compute Engine.
B. Use the current single instance MySQL on Compute Engine, and replicate the data to Cloud SQL in an external master configuration.
C. Replace the current single instance MySQL instance with Cloud SQL, and configure high availability.
D. Replace the current single instance MySQL instance with Cloud SQL, and Google provides redundancy without further configuration.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Google exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PROFESSIONAL-CLOUD-DEVELOPER exam preparations and Google certification application, do not hesitate to visit our Vcedump.com to find your solutions here.