Google Professional-Cloud-Developer Google Certified Professional - Cloud Developer Exam Practice Test

Use Container Registry to create a registry in each development team's project. Configure the Cloud Build

build to push the Docker image to the project's registry. Grant the operations team access to each

development team's registry.

Create a separate project for the operations team that has Container Registry configured. Assign

appropriate permissions to the Cloud Build service account in each developer team's project to allow

access to the operation team's registry.

Create a separate project for the operations team that has Container Registry configured. Create a Service

Account for each development team and assign the appropriate permissions to allow it access to the

operations team's registry. Store the service account key file in the source code repository and use it to

authenticate against the operations team's registry.

Create a separate project for the operations team that has the open source Docker Registry deployed on a

Compute Engine virtual machine instance. Create a username and password for each development team.

Store the username and password in the source code repository and use it to authenticate against the

operations team's Docker registry.

gcloud compute instances add-access-config ${NAME}-backend-instance-1

gcloud compute instances add-tags ${NAME}-backend-instance-1 --tags http-server

gcloud compute firewall-rules create allow-lb --network load-balancer --allow

tcp --source-ranges 130.211.0.0/22,35.191.0.0/16 --direction INGRESS

gcloud compute firewall-rules create allow-lb --network load-balancer --allow

tcp --destination-ranges 130.211.0.0/22,35.191.0.0/16 --direction EGRESS

Retry the failures in batch after a set number of failures is logged.

Retry each failure at a set time interval up to a maximum number of times.

Retry each failure at increasing time intervals up to a maximum number of tries.

Retry each failure at decreasing time intervals up to a maximum number of tries.

1) Create a managed instance group. Replicate the static content across the virtual machines (VMs)

2) Create an external HTTP(S) load balancer.

3) Enable Cloud CDN, and send traffic to the managed instance group.

1) Create an unmanaged instance group. Replicate the static content across the VMs.

2) Create an external HTTP(S) load balancer

3) Enable Cloud CDN, and send traffic to the unmanaged instance group.

1) Create a Standard storage class, regional Cloud Storage bucket. Put the static content in the bucket

2) Reserve an external IP address, and create an external HTTP(S) load balancer

3) Enable Cloud CDN, and send traffic to your backend bucket

1) Create a Standard storage class, multi-regional Cloud Storage bucket. Put the static content in the bucket.

2) Reserve an external IP address, and create an external HTTP(S) load balancer.

3) Enable Cloud CDN, and send traffic to your backend bucket.

Create aggregated exports on application logs to BigQuery to facilitate log analytics.

Create aggregated exports on application logs to Cloud Storage to facilitate log analytics.

Write log output to standard output (stdout) as single-line JSON to be ingested into Cloud Logging as structured logs.

Mandate the use of the Logging API in the application code to write structured logs to Cloud Logging.

Mandate the use of the Pub/Sub API to write structured data to Pub/Sub and create a Dataflow streaming pipeline to normalize logs and write them to BigQuery for analytics.

Use Traffic Director with a sidecar proxy to connect the application to the service.

Use a proxyless Traffic Director configuration to connect the application to the service.

Configure the legacy service's firewall to allow health checks originating from the proxy.

Configure the legacy service's firewall to allow health checks originating from the application.

Configure the legacy service's firewall to allow health checks originating from the Traffic Director control plane.

Use the gsutil utility to copy files from within the Docker container at startup, and start the service using an ENTRYPOINT script.

Create a PersistentVolumeClaim on the GKE cluster. Access the configuration files from the volume, and start the service using an ENTRYPOINT script.

Use the COPY statement in the Dockerfile to load the configuration into the container image. Verify that the configuration is available, and start the service using an ENTRYPOINT script.

Add a startup script to the GKE instance group to mount the NFS share at node startup. Copy the configuration files into the container, and start the service using an ENTRYPOINT script.

Check the maximum number of Cloud Function instances.

Verify that your Cloud Build trigger has the correct build parameters.

Retry the tests using the truncated exponential backoff polling strategy.

Verify that the Cloud Build service account is assigned the Cloud Functions Developer role.

Deployment

StatefulSet

ReplicaSet

ReplicaController

Install the Ops Agent inside your container and configure it to gather application metrics.

Install the OpenTelemetry library for your respective language, and instrument your application.

Modify your application to read and forward the x-Cloud-Trace-context header when it calls the

downstream services

D Enable Managed Service for Prometheus on the GKE cluster to gather application metrics.

Using Identity and Access Management (IAM), grant the Viewer IAM role on the cluster project to the other team.

Create a new GKE cluster. Using Identity and Access Management (IAM), grant the Editor role on the cluster project to the other team.

Create a new namespace in the existing cluster. Using Identity and Access Management (IAM), grant the Editor role on the cluster project to the other team.

Create a new namespace in the existing cluster. Using Kubernetes role-based access control (RBAC), grant the Admin role on the new namespace to the other team.

App Engine backed by Cloud Storage

Compute Engine backed by Persistent Disk

Transfer Appliance backed by Cloud Filestore

Cloud Content Delivery Network (CDN) backed by Cloud Storage

Deploy a Cloud Function for each step that calls the corresponding downstream system to complete the required action.

Create a Pub/Sub topic for each step. Create a subscription for each downstream development team to subscribe to their step's topic.

Create a Pub/Sub topic for timesheet submissions. Create a subscription for each downstream development team to subscribe to the topic.

Create a timesheet microservice deployed to Google Kubernetes Engine. The microservice calls each downstream step and waits for a successful response before calling the next step.

Determine whether your file system is corrupted.

Access Compute Engine as a different SSH user.

Troubleshoot firewall rules or routes on an instance.

Check whether your instance boot disk is completely full.

Check whether network traffic to or from your instance is being dropped.

Create one Pub/Sub topic. Create one pull subscription to allow the audit services to share the messages.

Create one Pub/Sub topic. Create one pull subscription per audit service instance to allow the services to share the messages.

Create one Pub/Sub topic. Create one push subscription with the endpoint pointing to a load balancer in front of the audit services.

Create one Pub/Sub topic per authentication service. Create one pull subscription per topic to be used by one audit service.

Create one Pub/Sub topic per authentication service. Create one push subscription per topic, with the endpoint pointing to one audit service.

Deploy the application to Compute Engine and turn on autoscaling.

Replace the application's features with appropriate microservices in phases.

Refactor the monolithic application with appropriate microservices in a single effort and deploy it.

Build a new application with the appropriate microservices separate from the monolith and replace it when

it is complete.

Configure a GKE Ingress resource.

Configure a GKE Service resource.

Configure a GKE Ingress resource with type: LoadBalancer.

Configure a GKE Service resource with type: LoadBalancer.

A linked list

A hash table

A two-dimensional array

A comma-delimited string

Process the messages with a Dataproc job, and write the output to storage.

Process the messages with a Dataflow streaming pipeline using Apache Beam's PubSubIO package, and write the output to storage.

Process the messages with a Cloud Function, and write the results to a BigQuery location where you can run a job to deduplicate the data.

Retrieve the messages with a Dataflow streaming pipeline, store them in Cloud Bigtable, and use another Dataflow streaming pipeline to deduplicate messages.

Package each component in a separate container. Implement readiness and liveness probes.

Package the application in a single container. Use a process management tool to manage each component.

Package each component in a separate container. Use a script to orchestrate the launch of the components.

Package the application in a single container. Use a bash script as an entrypoint to the container, and then spawn each component as a background job.

Use the gcloud CLI to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.

Enable Container Analysis, and upload new container images to Artifact Registry. Review the vulnerability results before each deployment.

Enable Container Analysis, and upload new container images to Artifact Registry. Review the critical vulnerability results before each deployment.

Use the Container Analysis REST API to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.

Ask the user to run the jobs as batch jobs.

Create a separate project for the user to run jobs.

Add the user as a job.user role in the existing project.

Allow the user to run jobs when important workloads are not running.

Compute Engine

Google Kubernetes Engine cluster in Standard mode

Cloud Functions

Cloud Run

Deploy your code on Cloud Functions. Use a Pub/Sub trigger to invoke the Cloud Function. Use the Pub/Sub API to create a pull subscription to the Pub/Sub topic and read messages from it.

Deploy your code on Cloud Functions. Use a Pub/Sub trigger to handle new messages in the topic.

Deploy the application on Google Kubernetes Engine. Use the Pub/Sub API to create a pull subscription to the Pub/Sub topic and read messages from it

Deploy the application on Compute Engine. Use a Pub/Sub push subscription to process new messages in the topic.

Replace your monitoring platform with Cloud Monitoring.

Install the Cloud Monitoring agent on your Compute Engine instances.

Migrate some traffic back to your old platform. Perform A/B testing on the two platforms concurrently.

Use Cloud Logging and Cloud Monitoring to capture logs, monitor, and send alerts. Send them to your existing platform.

Write a shutdown script that uses inter-process signals to notify the application process to disconnect from the database.

Write a shutdown script that broadcasts a message to all signed-in users that the Compute Engine instance is going down and instructs them to save current work and sign out.

Write a shutdown script that writes a file in a location that is being polled by the application once every five minutes. After the file is read, the application disconnects from the database.

Write a shutdown script that publishes a message to the Pub/Sub topic announcing that a shutdown is in progress. After the application reads the message, it disconnects from the database.

Specify the resource limits and requests in the object specifications.

Create a namespace for each team, and attach resource quotas to each namespace.

Create a LimitRange to specify the default compute resource requirements for each namespace.

Create a Kubernetes service account (KSA) for each application, and assign each KSA to the namespace.

Use the Anthos Policy Controller to enforce label annotations on all namespaces. Use taints and tolerations to allow resource sharing for namespaces.

Your Memorystore for Redis instance was deployed without a public IP address.

You configured your Serverless VPC Access connector in a different region than your App Engine instance.

The firewall rule allowing a connection between App Engine and Memorystore was removed during an infrastructure update by the DevOps team.

You configured your application to use a Serverless VPC Access connector on a different subnet in a different availability zone than your App Engine instance.

Create an API key.

Create a SAML token.

Create a service account.

Create an OAuth Client ID.

Create a Pub/Sub topic to be notified when code is pushed to the repository. Create a Pub/Sub trigger that runs the build file when an event is published to the topic.

Create a build trigger that runs the build file in response to a repository code being pushed to the development branch.

Create a webhook build trigger that runs the build file in response to HTTP POST calls to the webhook URL.

Create a Cron job that runs the following command every 24 hours: gcloud builds submit.

Assign the Google Cloud service account to your GKE Pod using Workload Identity.

Export the Google Cloud service account, and share it with the Pod as a Kubernetes Secret.

Export the Google Cloud service account, and embed it in the source code of the application.

Export the Google Cloud service account, and upload it to HashiCorp Vault to generate a dynamic service account for your application.

Create a new service account that has Editor authority to access the resources. The deployer is given permission to get the access token.

Create a new service account that has a custom IAM role to access the resources. The deployer is given permission to get the access token.

Create a new service account that has Editor authority to access the resources. The deployer is given permission to act as the new service account.

Create a new service account that has a custom IAM role to access the resources. The deployer is given permission to act as the new service account.

Configure the appropriate service accounts, and use Workload Identity to run the pods.

Store the application credentials as Kubernetes Secrets, and expose them as environment variables.

Configure the appropriate routing rules, and use a VPC-native cluster to directly connect to the database.

Store the application credentials using Cloud Key Management Service, and retrieve them whenever a database connection is made.

Use Cloud Logging to check for error logs, and reduce Spanner processing units by small increments until you find the minimum capacity required.

Use Cloud Trace to monitor the requests per sec of incoming requests to Spanner, and reduce Spanner processing units by small increments until you find the minimum capacity required.

Use Cloud Monitoring to monitor the CPU utilization, and reduce Spanner processing units by small increments until you find the minimum capacity required.

Use Snapshot Debugger to check for application errors, and reduce Spanner processing units by small increments until you find the minimum capacity required.

Use Cloud Build with a trigger configured for each source code commit.

Use Jenkins deployed via the Google Cloud Platform Marketplace, configured to watch for source code commits.

Use a Compute Engine virtual machine instance with an open source continuous integration tool, configured to watch for source code commits.

Use a source code commit trigger to push a message to a Cloud Pub/Sub topic that triggers an App Engine service to build the source code.

Use Migrate for Anthos to migrate the VM to your Google Kubernetes Engine (GKE) cluster as a container.

Export the VM as a raw disk and import it as an image. Create a Compute Engine instance from the Imported image.

Use Migrate for Compute Engine to migrate the VM to a Compute Engine instance, and use Cloud Build to convert it to a container.

Use Jib to build a Docker image from your source code, and upload it to Artifact Registry. Deploy the application in a GKE cluster, and test the application.

Trigger a Spinnaker pipeline configured as an A/B test of your new code and, if it is successful, deploy the container to production.

Trigger a Spinnaker pipeline configured as a canary test of your new code and, if it is successful, deploy the container to production.

Trigger another Cloud Build job that uses the Kubernetes CLI tools to deploy your new container to your GKE cluster, where you can perform a canary test.

Trigger another Cloud Build job that uses the Kubernetes CLI tools to deploy your new container to your GKE cluster, where you can perform a shadow test.

RESTful APIs

MQTT for APIs

gRPC-based APIs

SOAP-based APIs

Use local SSDs to store state.

Put a memcache layer in front of MySQL.

Move the state storage to Cloud Spanner.

Replace the MySQL instance with Cloud SQL.

Block all traffic on port 443.

Allow all traffic into the network.

Allow traffic on port 443 for a specific tag.

Allow all traffic on port 443 into the network.

Use App Engine for autoscaling.

Use Cloud Functions for autoscaling.

Use a Compute Engine cluster for the service.

Use a dedicated Compute Engine virtual machine instance for the service.

Take frequent snapshots of all of the VMs.

Install the Stackdriver Logging agent on the VMs.

Install the Stackdriver Monitoring agent on the VMs.

Use Stackdriver Trace to look for performance bottlenecks.

Create manual subnets.

Create an auto mode subnet.

Create multiple peered VPCs.

Provision a single instance for NAT.

Cloud Profiler

Cloud Monitoring

Cloud Trace

Cloud Logging

Migrate the database to Bigtable and use it to serve all global user traffic.

Migrate the database to Cloud Spanner and use it to serve all global user traffic.

Migrate the database to Firestore in Datastore mode and use it to serve all global user traffic.

Migrate the services to Google Kubernetes Engine and use a load balancer service to better scale the application.

Create an API key. Use the API key to interact with Google Cloud.

Use the default compute service account to interact with Google Cloud.

Create a service account for the application. Export and deploy the private key for the application. Use the service account to interact with Google Cloud.

Create a service account for the application and for each Google Cloud API used by the application. Export and deploy the private keys used by the application. Use the service account with one Google Cloud API to interact with Google Cloud.

Use Google Kubernetes Engine (GKE) to run the application as a microservice. Run the MySQL database on a dedicated GKE node.

Use multiple Compute Engine instances to run MySQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

Use Memorystore to store session information and CloudSQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

Use a Cloud Storage bucket to serve the application as a static website, and use another Cloud Storage bucket to store user state information.

Use Google App Engine services.

Use serverless Google Cloud Functions.

Use Knative to build and deploy serverless applications.

Use Google Kubernetes Engine for automated deployments.

Use a large Google Compute Engine cluster for deployments.

Cloud Spanner

Cloud Datastore

Cloud Memorystore as a cache

Separate Cloud SQL clusters for each region

Use the current single instance MySQL on Compute Engine and several read-only MySQL servers on

Compute Engine.

Use the current single instance MySQL on Compute Engine, and replicate the data to Cloud SQL in an

external master configuration.

Replace the current single instance MySQL instance with Cloud SQL, and configure high availability.

Replace the current single instance MySQL instance with Cloud SQL, and Google provides redundancy

without further configuration.

Use the Cloud Data Loss Prevention API for redaction of the review dataset.

Use the Cloud Data Loss Prevention API for de-identification of the review dataset.

Use the Cloud Natural Language Processing API for redaction of the review dataset.

Use the Cloud Natural Language Processing API for de-identification of the review dataset.

Cloud Armor

Cloud Functions

Cloud Endpoints

Shielded Virtual Machines

Create new Cloud SQL instances in Europe and North America for testing and deployment. Provide developers with local MySQL instances to conduct testing on the application changes.

Migrate data to Bigtable. Instruct the development teams to use the Cloud SDK to emulate a local Bigtable development environment.

Move from Cloud SQL to MySQL hosted on Compute Engine. Replicate hosts across regions in the Americas and Europe. Provide developers with local MySQL instances to conduct testing on the application changes.

Migrate data to Firestore in Native mode and set up instan

Cloud VPN

Cloud Armor

Virtual Private Cloud

Cloud Identity-Aware Proxy

BigQuery

Cloud SQL

Cloud Spanner

Cloud Datastore

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain the database credentials.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain a key used to decrypt the database credentials.

Create a service account and grant it the roles/iam.serviceAccountUser role. Impersonate as this account and authenticate using the Cloud SQL Proxy.

Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account. Store and access the database credentials with the Secret Manager API.

Include unit tests in their code, and prevent deployments to QA until all tests have a passing status.

Include performance tests in their code, and prevent deployments to QA until all tests have a passing status.

Create health checks for the QA environment, and redeploy the APIs at a later time if the environment is unhealthy.

Redeploy the APIs to App Engine using Traffic Splitting. Do not move QA traffic to the new versions if errors are found.