PROFESSIONAL-CLOUD-DEVOPS-ENGINEER Exam Details

  • Exam Code
    :PROFESSIONAL-CLOUD-DEVOPS-ENGINEER
  • Exam Name
    :Google Cloud Certified - Professional Cloud DevOps Engineer
  • Certification
    :Google Certifications
  • Vendor
    :Google
  • Total Questions
    :192 Q&As
  • Last Updated
    :Jul 11, 2026

Google PROFESSIONAL-CLOUD-DEVOPS-ENGINEER Online Questions & Answers

  • Question 41:

    Your development team has created a new version of their service's API. You need to deploy the new versions of the API with the least disruption to third-party developers and end users of third-party installed applications. What should you do?

    A. Introduce the new version of the API. Announce deprecation of the old version of the API. Deprecate the old version of the API. Contact remaining users of the old API. Provide best effort support to users of the old API. Turn down the old version of the API.
    B. Announce deprecation of the old version of the API. Introduce the new version of the API. Contact remaining users on the old API. Deprecate the old version of the API. Turn down the old version of the API. Provide best effort support to users of the old API.
    C. Announce deprecation of the old version of the API. Contact remaining users on the old API. Introduce the new version of the API. Deprecate the old version of the API. Provide best effort support to users of the old API. Turn down the old version of the API.
    D. Introduce the new version of the API. Contact remaining users of the old API. Announce deprecation of the old version of the API. Deprecate the old version of the API. Turn down the old version of the API. Provide best effort support to users of the old API.

  • Question 42:

    You are running a web application that connects to an AlloyDB cluster by using a private IP address in your default VPC. You need to run a database schema migration in your CI/CD pipeline by using Cloud Build before deploying a new version of your application. You want to follow Google-recommended security practices. What should you do?

    A. Set up a Cloud Build private pool to access the database through a static external IP address. Configure the database to only allow connections from this IP address. Execute the schema migration script in the private pool.
    B. Create a service account that has permission to access the database. Configure Cloud Build to use this service account and execute the schema migration script in a private pool.
    C. Add the database username and encrypted password to the application configuration file. Use these credentials in Cloud Build to execute the schema migration script.
    D. Add the database username and password to Secret Manager. When running the schema migration script, retrieve the username and password from Secret Manager.

  • Question 43:

    You are monitoring a service that uses n2-standard-2 Compute Engine instances that serve large files. Users have reported that downloads are slow. Your Cloud Monitoring dashboard shows that your VMs are running at peak network throughput. You want to improve the network throughput performance. What should you do?

    A. Add additional network interface controllers (NICs) to your VMs.
    B. Deploy a Cloud NAT gateway and attach the gateway to the subnet of the VMs.
    C. Change the machine type for your VMs to n2-standard-8.
    D. Deploy the Ops Agent to export additional monitoring metrics.

  • Question 44:

    Your organization is using Helm to package containerized applications. Your applications reference both public and private charts. Your security team flagged that using a public Helm repository as a dependency is a risk. You want to manage all charts uniformly, with native access control and VPC Service Controls. What should you do?

    A. Store public and private charts in OCI format by using Artifact Registry.
    B. Store public and private charts by using GitHub Enterprise with Google Workspace as the identity provider.
    C. Store public and private charts by using Git repository. Configure Cloud Build to synchronize contents of the repository into a Cloud Storage bucket. Connect Helm to the bucket by using https://[bucket].storage-googleapis.com/[helmchart] as the Helm repository.
    D. Configure a Helm chart repository server to run in Google Kubernetes Engine (GKE) with Cloud Storage bucket as the storage backend.

  • Question 45:

    Your team deploys applications to three Google Kubernetes Engine (GKE) environments: development, staging, and production. You use GitHub repositories as your source of truth. You need to ensure that the three environments are consistent. You want to follow Google-recommended practices to enforce and install network policies and a logging DaemonSet on all the GKE clusters in those environments. What should you do?

    A. Use Google Cloud Deploy to deploy the network policies and the DaemonSet. Use Cloud Monitoring to trigger an alert if the network policies and DaemonSet drift from your source in the repository.
    B. Use Google Cloud Deploy to deploy the DaemonSet and use Policy Controller to configure the network policies. Use Cloud Monitoring to detect drifts from the source in the repository and Cloud Functions to correct the drifts.
    C. Use Cloud Build to render and deploy the network policies and the DaemonSet. Set up Config Sync to sync the configurations for the three environments.
    D. Use Cloud Build to render and deploy the network policies and the DaemonSet. Set up a Policy Controller to enforce the configurations for the three environments.

  • Question 46:

    You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (PII) is leaking into certain log entry fields. You want to prevent these fields from being written in new log entries as quickly as possible. What should you do?

    A. Use the filter-record-transformer Fluentd filter plugin to remove the fields from the log entries in flight.
    B. Use the fluent-plugin-record-reformer Fluentd output plugin to remove the fields from the log entries in flight.
    C. Wait for the application developers to patch the application, and then verify that the log entries are no longer exposing PII.
    D. Stage log entries to Cloud Storage, and then trigger a Cloud Function to remove the fields and write the entries to Stackdriver via the Stackdriver Logging API.

  • Question 47:

    You work for a company that manages highly sensitive user data. You are designing the Google Kubernetes Engine (GKE) infrastructure for your company, including several applications that will be deployed in development and production environments. Your design must protect data from unauthorized access from other applications while minimizing the amount of management overhead required. What should you do?

    A. Create one cluster for the organization with separate namespaces for each application and environment combination.
    B. Create one cluster for each environment (development and production) with each application in its own namespace within each cluster.
    C. Create one cluster for the organization with separate namespaces for each application.
    D. Create one cluster for each application with separate namespaces for production and development environments.

  • Question 48:

    You work for a global organization and run a service with an availability target of 99% with limited engineering resources.

    For the current calendar month, you noticed that the service has 99.5% availability. You must ensure that your service meets the defined availability goals and can react to business changes, including the upcoming launch of new features.

    You also need to reduce technical debt while minimizing operational costs. You want to follow Google-recommended practices. What should you do?

    A. Add N+1 redundancy to your service by adding additional compute resources to the service.
    B. Identify, measure, and eliminate toil by automating repetitive tasks.
    C. Define an error budget for your service level availability and minimize the remaining error budget.
    D. Allocate available engineers to the feature backlog while you ensure that the service remains within the availability target.

  • Question 49:

    Your organization uses a change advisory board (CAB) to approve all changes to an existing service. You want to revise this process to eliminate any negative impact on the software delivery performance. What should you do? (Choose two.)

    A. Replace the CAB with a senior manager to ensure continuous oversight from development to deployment.
    B. Let developers merge their own changes, but ensure that the team's deployment platform can roll back changes if any issues are discovered.
    C. Move to a peer-review based process for individual changes that is enforced at code check-in time and supported by automated tests.
    D. Batch changes into larger but less frequent software releases.
    E. Ensure that the team's development platform enables developers to get fast feedback on the impact of their changes.

  • Question 50:

    Your organization stores all application logs from multiple Google Cloud projects in a central Cloud Logging project. Your security team wants to enforce a rule that each project team can only view their respective logs and only the operations team can view all the logs. You need to design a solution that meets the security team s requirements while minimizing costs. What should you do?

    A. Grant each project team access to the project _Default view in the central logging project. Grant togging viewer access to the operations team in the central logging project.
    B. Create Identity and Access Management (IAM) roles for each project team and restrict access to the _Default log view in their individual Google Cloud project. Grant viewer access to the operations team in the central logging project.
    C. Create log views for each project team and only show each project team their application logs. Grant the operations team access to the _AllLogs view in the central logging project.
    D. Export logs to BigQuery tables for each project team. Grant project teams access to their tables. Grant logs writer access to the operations team in the central logging project.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Google exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PROFESSIONAL-CLOUD-DEVOPS-ENGINEER exam preparations and Google certification application, do not hesitate to visit our Vcedump.com to find your solutions here.