Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

Google Professional-Cloud-DevOps-Engineer Google Cloud Certified - Professional Cloud DevOps Engineer Exam Exam Practice Test

Google Cloud Certified - Professional Cloud DevOps Engineer Exam Questions and Answers

Question 1

Your development team has created a new version of their service’s API. You need to deploy the new versions of the API with the least disruption to third-party developers and end users of third-party installed applications. What should you do?

Options:

A.

Introduce the new version of the API.

Announce deprecation of the old version of the API.

Deprecate the old version of the API.

Contact remaining users of the old API.

Provide best effort support to users of the old API.

Turn down the old version of the API.

B.

Announce deprecation of the old version of the API.

Introduce the new version of the API.

Contact remaining users on the old API.

Deprecate the old version of the API.

Turn down the old version of the API.

Provide best effort support to users of the old API.

C.

Announce deprecation of the old version of the API.

Contact remaining users on the old API.

Introduce the new version of the API.

Deprecate the old version of the API.

Provide best effort support to users of the old API.

Turn down the old version of the API.

D.

Introduce the new version of the API.

Contact remaining users of the old API.

Announce deprecation of the old version of the API.

Deprecate the old version of the API.

Turn down the old version of the API.

Provide best effort support to users of the old API.

Question 2

You are part of an organization that follows SRE practices and principles. You are taking over the management of a new service from the Development Team, and you conduct a Production Readiness Review (PRR). After the PRR analysis phase, you determine that the service cannot currently meet its Service Level Objectives (SLOs). You want to ensure that the service can meet its SLOs in production. What should you do next?

Options:

A.

Adjust the SLO targets to be achievable by the service so you can bring it into production.

B.

Notify the development team that they will have to provide production support for the service.

C.

Identify recommended reliability improvements to the service to be completed before handover.

D.

Bring the service into production with no SLOs and build them when you have collected operational data.

Question 3

You use a multiple step Cloud Build pipeline to build and deploy your application to Google Kubernetes Engine (GKE). You want to integrate with a third-party monitoring platform by performing a HTTP POST of the build information to a webhook. You want to minimize the development effort. What should you do?

Options:

A.

Add logic to each Cloud Build step to HTTP POST the build information to a webhook.

B.

Add a new step at the end of the pipeline in Cloud Build to HTTP POST the build information to a webhook.

C.

Use Stackdriver Logging to create a logs-based metric from the Cloud Buitd logs. Create an Alert with a Webhook notification type.

D.

Create a Cloud Pub/Sub push subscription to the Cloud Build cloud-builds PubSub topic to HTTP POST the build information to a webhook.

Question 4

Your application artifacts are being built and deployed via a CI/CD pipeline. You want the CI/CD pipeline to securely access application secrets. You also want to more easily rotate secrets in case of a security breach. What should you do?

Options:

A.

Prompt developers for secrets at build time. Instruct developers to not store secrets at rest.

B.

Store secrets in a separate configuration file on Git. Provide select developers with access to the configuration file.

C.

Store secrets in Cloud Storage encrypted with a key from Cloud KMS. Provide the CI/CD pipeline with access to Cloud KMS via IAM.

D.

Encrypt the secrets and store them in the source code repository. Store a decryption key in a separate repository and grant your pipeline access to it

Question 5

Your application images are built and pushed to Google Container Registry (GCR). You want to build an automated pipeline that deploys the application when the image is updated while minimizing the development effort. What should you do?

Options:

A.

Use Cloud Build to trigger a Spinnaker pipeline.

B.

Use Cloud Pub/Sub to trigger a Spinnaker pipeline.

C.

Use a custom builder in Cloud Build to trigger a Jenkins pipeline.

D.

Use Cloud Pub/Sub to trigger a custom deployment service running in Google Kubernetes Engine (GKE).

Question 6

You have a set of applications running on a Google Kubernetes Engine (GKE) cluster, and you are using Stackdriver Kubernetes Engine Monitoring. You are bringing a new containerized application required by your company into production. This application is written by a third party and cannot be modified or reconfigured. The application writes its log information to /var/log/app_messages.log, and you want to send these log entries to Stackdriver Logging. What should you do?

Options:

A.

Use the default Stackdriver Kubernetes Engine Monitoring agent configuration.

B.

Deploy a Fluentd daemonset to GKE. Then create a customized input and output configuration to tail the log file in the application's pods and write to Slackdriver Logging.

C.

Install Kubernetes on Google Compute Engine (GCE> and redeploy your applications. Then customize the built-in Stackdriver Logging configuration to tail the log file in the application's pods and write to Stackdriver Logging.

D.

Write a script to tail the log file within the pod and write entries to standard output. Run the script as a sidecar container with the application's pod. Configure a shared volume between the containers to allow the script to have read access to /var/log in the application container.

Question 7

Your team uses Cloud Build for all CI/CO pipelines. You want to use the kubectl builder for Cloud Build to deploy new images to Google Kubernetes Engine (GKE). You need to authenticate to GKE while minimizing development effort. What should you do?

Options:

A.

Assign the Container Developer role to the Cloud Build service account.

B.

Specify the Container Developer role for Cloud Build in the cloudbuild.yaml file.

C.

Create a new service account with the Container Developer role and use it to run Cloud Build.

D.

Create a separate step in Cloud Build to retrieve service account credentials and pass these to kubectl.

Question 8

Your team is designing a new application for deployment both inside and outside Google Cloud Platform (GCP). You need to collect detailed metrics such as system resource utilization. You want to use centralized GCP services while minimizing the amount of work required to set up this collection system. What should you do?

Options:

A.

Import the Stackdriver Profiler package, and configure it to relay function timing data to Stackdriver for further analysis.

B.

Import the Stackdriver Debugger package, and configure the application to emit debug messages with timing information.

C.

Instrument the code using a timing library, and publish the metrics via a health check endpoint that is scraped by Stackdriver.

D.

Install an Application Performance Monitoring (APM) tool in both locations, and configure an export to a central data storage location for analysis.

Question 9

You support an application running on GCP and want to configure SMS notifications to your team for the most critical alerts in Stackdriver Monitoring. You have already identified the alerting policies you want to configure this for. What should you do?

Options:

A.

Download and configure a third-party integration between Stackdriver Monitoring and an SMS gateway. Ensure that your team members add their SMS/phone numbers to the external tool.

B.

Select the Webhook notifications option for each alerting policy, and configure it to use a third-party integration tool. Ensure that your team members add their SMS/phone numbers to the external tool.

C.

Ensure that your team members set their SMS/phone numbers in their Stackdriver Profile. Select the SMS notification option for each alerting policy and then select the appropriate SMS/phone numbers from the list.

D.

Configure a Slack notification for each alerting policy. Set up a Slack-to-SMS integration to send SMS messages when Slack messages are received. Ensure that your team members add their SMS/phone numbers to the external integration.

Question 10

Your company is developing applications that are deployed on Google Kubernetes Engine (GKE). Each team manages a different application. You need to create the development and production environments for each team, while minimizing costs. Different teams should not be able to access other teams’ environments. What should you do?

Options:

A.

Create one GCP Project per team. In each project, create a cluster for Development and one for Production. Grant the teams IAM access to their respective clusters.

B.

Create one GCP Project per team. In each project, create a cluster with a Kubernetes namespace for Development and one for Production. Grant the teams IAM access to their respective clusters.

C.

Create a Development and a Production GKE cluster in separate projects. In each cluster, create a Kubernetes namespace per team, and then configure Identity Aware Proxy so that each team can only access its own namespace.

D.

Create a Development and a Production GKE cluster in separate projects. In each cluster, create a Kubernetes namespace per team, and then configure Kubernetes Role-based access control (RBAC) so that each team can only access its own namespace.

Question 11

You are on-call for an infrastructure service that has a large number of dependent systems. You receive an alert indicating that the service is failing to serve most of its requests and all of its dependent systems with hundreds of thousands of users are affected. As part of your Site Reliability Engineering (SRE) incident management protocol, you declare yourself Incident Commander (IC) and pull in two experienced people from your team as Operations Lead (OLJ and Communications Lead (CL). What should you do next?

Options:

A.

Look for ways to mitigate user impact and deploy the mitigations to production.

B.

Contact the affected service owners and update them on the status of the incident.

C.

Establish a communication channel where incident responders and leads can communicate with each other.

D.

Start a postmortem, add incident information, circulate the draft internally, and ask internal stakeholders for input.

Question 12

You are running an application in a virtual machine (VM) using a custom Debian image. The image has the Stackdriver Logging agent installed. The VM has the cloud-platform scope. The application is logging information via syslog. You want to use Stackdriver Logging in the Google Cloud Platform Console to visualize the logs. You notice that syslog is not showing up in the "All logs" dropdown list of the Logs Viewer. What is the first thing you should do?

Options:

A.

Look for the agent's test log entry in the Logs Viewer.

B.

Install the most recent version of the Stackdriver agent.

C.

Verify the VM service account access scope includes the monitoring.write scope.

D.

SSH to the VM and execute the following commands on your VM: ps ax I grep fluentd