Google PROFESSIONAL-CLOUD-DEVELOPER Online Practice
Questions and Exam Preparation
PROFESSIONAL-CLOUD-DEVELOPER Exam Details
Exam Code
:PROFESSIONAL-CLOUD-DEVELOPER
Exam Name
:Professional Cloud Developer
Certification
:Google Certifications
Vendor
:Google
Total Questions
:405 Q&As
Last Updated
:May 24, 2026
Google PROFESSIONAL-CLOUD-DEVELOPER Online Questions &
Answers
Question 221:
You are developing a container build pipeline for an application hosted on GKE. You have the following requirements:
1. Only images that are created using your build pipeline should be deployed on your GKE cluster.
2. All code and build artifacts should remain within your environment and protected from data exfiltration.
How should you build the pipeline?
A. 1. Create a build pipeline by using Cloud Build with the default worker pool. 2. Deploy container images to a private container registry in your VPC. 3. Create a VPC firewall policy in your project that denies all egress and ingress traffic to public networks. B. 1. Create a build pipeline by using Cloud Build with a private worker pool. 2. Use VPC Service Controls to place all components and services in your CI/CD pipeline inside a security perimeter. 3. Configure your GKE cluster to only allow container images signed by Binary Authorization. C. 1. Create a build pipeline by using Cloud Build with a private worker pool. 2. Configure the CI/CD pipeline to build container images and store them in Artifact Registry. 3. Configure Artifact Registry to encrypt container images by using customer-managed encryption keys (CMEK). D. 1. Create a build pipeline by using Cloud Build with the default worker pool. 2. Configure the CI/CD pipeline to build container images and store them in Artifact Registry. 3. Configure your GKE cluster to only allow container images signed by Binary Authorization.
B. 1. Create a build pipeline by using Cloud Build with a private worker pool. 2. Use VPC Service Controls to place all components and services in your CI/CD pipeline inside a security perimeter. 3. Configure your GKE cluster to only allow container images signed by Binary Authorization.
You are developing a dashboard that aggregates temperature readings from thousands of IoT devices monitoring a city's ambient temperature. You expect a large amount of viewing traffic resulting in a large amount of data egress once the dashboard is live. The dashboard temperature display data doesn't need to be real-time and can tolerate a few seconds of lag. You decide to deploy Memorystore for Redis as the storage backend. You want to ensure that the dashboard will be highly available.
How should you configure the service in Memorystore for Redis?
A. Update Memorystore for Redis to the latest version. B. Configure Memorystore to use read replicas. C. Use Private Service Access to enable low-latency network throughput. D. Set up Serverless VPC Access to avoid receiving traffic over the internet.
B. Configure Memorystore to use read replicas.
Explanation
Using read replicas in Memorystore for Redis enhances availability by providing redundancy. If the primary instance experiences downtime, read replicas can continue serving requests, ensuring that the dashboard remains accessible. Read replicas also help distribute read traffic, which can be beneficial for high-demand applications, even though Redis itself is an in-memory store with fast access.
Updating to the latest version may improve performance or security but does not directly improve availability.
Private Service Access and Serverless VPC Access are network configurations that reduce latency and secure connections but do not inherently improve availability.
Question 223:
You have an application in production. It is deployed on Compute Engine virtual machine instances controlled by a managed instance group. Traffic is routed to the instances via a HTTP(s) load balancer. Your users are unable to access your application. You want to implement a monitoring technique to alert you when the application is unavailable.
Which technique should you choose?
A. Smoke tests B. Stackdriver uptime checks C. Cloud Load Balancing - heath checks D. Managed instance group - heath checks
You are developing a public web application on Cloud Run. You expose the Cloud Run service directly with its public IP address. You are now running a load test to ensure that your application is resilient against high traffic loads. You notice that your application performs as expected when you initiate light traffic. However, when you generate high loads, your web server runs slowly and returns error messages.
How should you troubleshoot this issue?
A. Check the network traffic to Cloud Run in Cloud Monitoring to validate whether a traffic spike occurred. If necessary, enable traffic splitting on the Cloud Run instance to route some of the traffic to a previous instance revision. B. Check the min-instances value for your Cloud Run service. If necessary, increase the min- value to match the maximum number of virtual users in your load test. instances C. Check whether Cloud Armor is detecting distributed denial of service (DDoS) attacks and is blocking traffic before the traffic is routed to your Cloud Run service. If necessary, disable any Cloud Armor policies in your project. D. Check whether the Cloud Run service has scaled to a number of instances that equals the max- value. If necessary, increase the max-instances value. instances
D. Check whether the Cloud Run service has scaled to a number of instances that equals the max- value. If necessary, increase the max-instances value. instances
Explanation
https://cloud.google.com/run/docs/troubleshooting
Question 225:
You are developing an online chat application where users can upload profile pictures. Uploaded profile pictures must comply with content policies. You need to detect inappropriate images and label those images automatically when they are uploaded. In the future, this process will need to be expanded to include additional processing tasks such as watermarking and image compression.
You want to simplify orchestration and minimize operational overhead of the image scanning and labeling steps while also ensuring that additional steps can be added and removed easily later on.
What should you do?
A. Save user-uploaded images to a temporary Cloud Storage bucket. Implement code on the backend server to retrieve the image content and call the Vision API to process each new uploaded image. B. Save user-uploaded images to a Cloud Storage bucket. Configure a Cloud Run function that is triggered when a new image is uploaded and calls one or more Cloud Run services. Create additional Cloud Run services that call the Vision API to process each new uploaded image. C. Save user-uploaded images to a Cloud Storage bucket. Configure a Cloud Run function that is triggered when a new image is uploaded and publishes a message to a Pub/Sub topic. Deploy microservices in GKE that subscribe to the Pub/Sub topic and call the Vision API to process each new uploaded image. D. Save user-uploaded images to a Cloud Storage bucket. Create an Eventarc trigger that connects the bucket to the Workflows event receiver when a new image is uploaded. Create a workflow in Workflows with multiple Cloud Run functions that call the Vision API to process each new uploaded image.
D. Save user-uploaded images to a Cloud Storage bucket. Create an Eventarc trigger that connects the bucket to the Workflows event receiver when a new image is uploaded. Create a workflow in Workflows with multiple Cloud Run functions that call the Vision API to process each new uploaded image.
Explanation
Using Eventarc to trigger Workflows when a new image is uploaded provides a scalable and low-overhead solution for orchestrating multiple steps in the image processing pipeline. Workflows allows you to define a sequence of tasks (e.g., content moderation, watermarking, compression) that can be easily modified or extended as requirements evolve. Each task can be managed by Cloud Functions within the workflow, making it straightforward to add or remove steps in the future.
This approach minimizes operational overhead by using a serverless workflow for orchestration rather than managing infrastructure directly. The other options either involve more complex orchestration setups or lack the flexibility to easily expand to additional processing tasks as needed.
Question 226:
You are deploying a single website on App Engine that needs to be accessible via the URL http://www.altostrat.com/.
What should you do?
A. Verify domain ownership with Webmaster Central. Create a DNS CNAME record to point to the App Engine canonical name ghs.googlehosted.com. B. Verify domain ownership with Webmaster Central. Define an A record pointing to the single global App Engine IP address. C. Define a mapping in dispatch.yaml to point the domain www.altostrat.com to your App Engine service. Create a DNS CNAME record to point to the App Engine canonical name ghs.googlehosted.com. D. Define a mapping in dispatch.yaml to point the domain www.altostrat.com to your App Engine service. Define an A record pointing to the single global App Engine IP address.
A. Verify domain ownership with Webmaster Central. Create a DNS CNAME record to point to the App Engine canonical name ghs.googlehosted.com.
You developed a JavaScript web application that needs to access Google Drive's API and obtain permission from users to store files in their Google Drives. You need to select an authorization approach for your application.
What should you do?
A. Create an API key. B. Create a SAML token. C. Create a service account. D. Create an OAuth Client ID.
You want to capture distributed traces across microservices.
Which service should you use?
A. Cloud Logging B. Cloud Trace C. Cloud Profiler D. Cloud Monitoring
B. Cloud Trace
Explanation
Cloud Trace collects and analyzes latency data from distributed applications to help identify performance bottlenecks.
Question 229:
The development teams in your company want to manage resources from their local environments. You have been asked to enable developer access to each team's Google Cloud projects. You want to maximize efficiency while following Google-recommended best practices.
What should you do?
A. Add the users to their projects, assign the relevant roles to the users, and then provide the users with each relevant Project ID. B. Add the users to their projects, assign the relevant roles to the users, and then provide the users with each relevant Project Number. C. Create groups, add the users to their groups, assign the relevant roles to the groups, and then provide the users with each relevant Project ID. D. Create groups, add the users to their groups, assign the relevant roles to the groups, and then provide the users with each relevant Project Number.
C. Create groups, add the users to their groups, assign the relevant roles to the groups, and then provide the users with each relevant Project ID.
Explanation
Testlet 1
Mix Question 2
Question 230:
You are using Cloud Build build to promote a Docker image to Development, Test, and Production environments. You need to ensure that the same Docker image is deployed to each of these environments.
How should you identify the Docker image in your build?
A. Use the latest Docker image tag. B. Use a unique Docker image name. C. Use the digest of the Docker image. D. Use a semantic version Docker image tag.
Nowadays, the certification exams become more and more important and required by more and more
enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare
for the exam in a short time with less efforts? How to get a ideal result and how to find the
most reliable resources? Here on Vcedump.com, you will find all the answers.
Vcedump.com provide not only Google exam questions,
answers and explanations but also complete assistance on your exam preparation and certification
application. If you are confused on your PROFESSIONAL-CLOUD-DEVELOPER exam preparations
and Google certification application, do not hesitate to visit our
Vcedump.com to find your solutions here.