Practice Free Professional Cloud Developer Exam Online Questions
You are designing an application that consists of several microservices. Each microservice has its own RESTful API and will be deployed as a separate Kubernetes Service. You want to ensure that the consumers of these APIs aren’t impacted when there is a change to your API, and also ensure that third-party systems aren’t interrupted when new versions of the API are released.
How should you configure the connection to the application following Google-recommended best practices?
- A . Use an Ingress that uses the API’s URL to route requests to the appropriate backend.
- B . Leverage a Service Discovery system, and connect to the backend specified by the request.
- C . Use multiple clusters, and use DNS entries to route requests to separate versioned backends.
- D . Combine multiple versions in the same service, and then specify the API version in the POST request.
You developed a JavaScript web application that needs to access Google Drive’s API and obtain permission from users to store files in their Google Drives. You need to select an authorization approach for your application.
What should you do?
- A . Create an API key.
- B . Create a SAML token.
- C . Create a service account.
- D . Create an OAuth Client ID.
D
Explanation:
Reference: https://developers.google.com/drive/api/v3/about-auth
You are deploying your application to a Compute Engine virtual machine instance with the Stackdriver Monitoring Agent installed. Your application is a unix process on the instance. You want to be alerted if the unix process has not run for at least 5 minutes. You are not able to change the application to generate metrics or logs.
Which alert condition should you configure?
- A . Uptime check
- B . Process health
- C . Metric absence
- D . Metric threshold
B
Explanation:
Reference: https://cloud.google.com/monitoring/alerts/concepts-indepth
You want to notify on-call engineers about a service degradation in production while minimizing Development time.
What should you do?
- A . Use Cloud Function to monitor resources and raise alerts.
- B . Use Cloud Pub/Sub to monitor resources and raise alerts.
- C . Use Stackdriver Error Reporting to capture errors and raise alerts.
- D . Use Stackdriver Monitoring to monitor resources and raise alerts.
You have an application running in App Engine. Your application is instrumented with Stackdriver Trace. The /product-details request reports details about four known unique products at /sku-details as shown below. You want to reduce the time it takes for the request to complete.
What should you do?
- A . Increase the size of the instance class.
- B . Change the Persistent Disk type to SSD.
- C . Change /product-details to perform the requests in parallel.
- D . Store the /sku-details information in a database, and replace the webservice call with a database query.
You are writing a Compute Engine hosted application in project A that needs to securely authenticate
to a Cloud Pub/Sub topic in project B.
What should you do?
- A . Configure the instances with a service account owned by project B. Add the service account as a Cloud Pub/Sub publisher to project A.
- B . Configure the instances with a service account owned by project A. Add the service account as a publisher on the topic.
- C . Configure Application Default Credentials to use the private key of a service account owned by project B. Add the service account as a Cloud Pub/Sub publisher to project A.
- D . Configure Application Default Credentials to use the private key of a service account owned by project A. Add the service account as a publisher on the topic
B
Explanation:
https://cloud.google.com/pubsub/docs/access-control
"For example, suppose a service account in Cloud Project A wants to publish messages to a topic in Cloud Project B. You could accomplish this by granting the service account Edit permission in Cloud Project B"
Your team has created an application that is hosted on a Google Kubernetes Engine (GKE) cluster You need to connect the application to a legacy REST service that is deployed in two GKE clusters in two different regions. You want to connect your application to the legacy service in a way that is resilient and requires the fewest number of steps You also want to be able to run probe-based health checks on the legacy service on a separate port.
How should you set up the connection?
- A . Use Traffic Director with a sidecar proxy to connect the application to the service.
- B . Use a proxyless Traffic Director configuration to connect the application to the service.
- C . Configure the legacy service’s firewall to allow health checks originating from the proxy.
- D . Configure the legacy service’s firewall to allow health checks originating from the application.
- E . Configure the legacy service’s firewall to allow health checks originating from the Traffic Director control plane.
A, C
Explanation:
https://cloud.google.com/traffic-director/docs/advanced-setup#routing-rule-maps
https://cloud.google.com/traffic-director/docs/advanced-setup
A) Using Traffic Director with a sidecar proxy can provide resilience for your application by allowing for failover to the secondary region in the event of an outage. The sidecar proxy can route traffic to the legacy service in either of the two GKE clusters, ensuring high availability.
C. Configuring the legacy service’s firewall to allow health checks originating from the proxy allows the proxy to periodically check the health of the legacy service and ensure that it is functioning properly. This helps to ensure that traffic is only routed to healthy instances of the legacy service, further improving the resilience of the setup.
You are developing an application that reads credit card data from a Pub/Sub subscription. You have written code and completed unit testing. You need to test the Pub/Sub integration before deploying to Google Cloud.
What should you do?
- A . Create a service to publish messages, and deploy the Pub/Sub emulator. Generate random content in the publishing service, and publish to the emulator.
- B . Create a service to publish messages to your application. Collect the messages from Pub/Sub in production, and replay them through the publishing service.
- C . Create a service to publish messages, and deploy the Pub/Sub emulator. Collect the messages from Pub/Sub in production, and publish them to the emulator.
- D . Create a service to publish messages, and deploy the Pub/Sub emulator. Publish a standard set of testing messages from the publishing service to the emulator.
Your company’s development teams want to use various open source operating systems in their Docker builds. When images are created in published containers in your company’s environment, you need to scan them for Common Vulnerabilities and Exposures (CVEs). The scanning process must not impact software development agility. You want to use managed services where possible.
What should you do?
- A . Enable the Vulnerability scanning setting in the Container Registry.
- B . Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.
- C . Disallow the use of non-commercially supported base images in your development environment.
- D . Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.
A
Explanation:
https://cloud.google.com/container-analysis/docs/os-overview
You have decided to migrate your Compute Engine application to Google Kubernetes Engine. You need to build a container image and push it to Artifact Registry using Cloud Build.
What should you do? (Choose two.)
A) Run gcloud builds submit in the directory that contains the application source code.
B) Run gcloud run deploy app-name –image gcr.io/$PROJECT_ID/app-name in the directory that
contains the application source code.
C) Run gcloud container images add-tag gcr.io/$PROJECT_ID/app-name gcr.io/$PROJECT_ID/app-name:latest in the directory that contains the application source code.
D) In the application source directory, create a file named cloudbuild.yaml that contains the following contents:
E) In the application source directory, create a file named cloudbuild.yaml that contains the following contents:
- A . Option A
- B . Option B
- C . Option C
- D . Option D
- E . Option E
A, D
Explanation:
https://cloud.google.com/sdk/gcloud/reference/builds/submit
https://cloud.google.com/artifact-registry/docs/configure-cloud-build