Professional-Cloud-Developer Google Certified Professional - Cloud Developer Question and Answers

Change your application s logging library to the Cloud Logging library and configure your application to export logs to Cloud Logging

Update your application to output logs in CSV format, and add the necessary metadata to the CSV.

Install the Fluent Bit agent on each of your GKE nodes, and have the agent export all logs from /var/ log.

Update your application to output logs in JSON format, and add the necessary metadata to the JSON

gsutil test –o output.json gs://my-bucket

gsutil perfdiag –o output.json gs://my-bucket

gcloud compute scp example-instance:~/test-data –o output.json gs://my-bucket

gcloud services test –o output.json gs://my-bucket

Use Cloud SQL, and assign the roles/cloudsql.editor role to the service account.

Use Bigtable, and assign the roles/bigtable.viewer role to the service account.

Use Firestore in Native mode and assign the roles/datastore.user role to the service account.

Use Firestore in Datastore mode and assign the roles/datastore.viewer role to the service account.

Create an API key.

Create a SAML token.

Create a service account.

Create an OAuth Client ID.

Use the gsutil utility to copy files from within the Docker container at startup, and start the service using an ENTRYPOINT script.

Create a PersistentVolumeClaim on the GKE cluster. Access the configuration files from the volume, and start the service using an ENTRYPOINT script.

Use the COPY statement in the Dockerfile to load the configuration into the container image. Verify that the configuration is available, and start the service using an ENTRYPOINT script.

Add a startup script to the GKE instance group to mount the NFS share at node startup. Copy the configuration files into the container, and start the service using an ENTRYPOINT script.

Download the file using scp, change the file, and then upload the modified version

Configure and log in to the Compute Engine instance through SSH, and change the file

Configure and log in to the Compute Engine instance through the serial port, and change the file

Configure and log in to the Compute Engine instance using a remote desktop client, and change the file

Write an exponential backoff process around the client library call.

Write a one-second wait time backoff process around the client library call.

Design a retry button in the application and ask users to click if the error occurs.

Create a queue for the object and inform the users that the application will try again in 10 minutes.

Use the gcloud CLI to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.

Enable Container Analysis, and upload new container images to Artifact Registry. Review the vulnerability results before each deployment.

Enable Container Analysis, and upload new container images to Artifact Registry. Review the critical vulnerability results before each deployment.

Use the Container Analysis REST API to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.

Option A

Option B

Option C

Option D

Option E

Deploy the website on App Engine and use traffic splitting.

Deploy the website on App Engine as three separate services.

Deploy the website on Cloud Functions and use traffic splitting.

Deploy the website on Cloud Functions as three separate functions.

Specify the resource limits and requests in the object specifications.

Create a namespace for each team, and attach resource quotas to each namespace.

Create a LimitRange to specify the default compute resource requirements for each namespace.

Create a Kubernetes service account (KSA) for each application, and assign each KSA to the namespace.

Use the Anthos Policy Controller to enforce label annotations on all namespaces. Use taints and tolerations to allow resource sharing for namespaces.

Bind the user identity to the pubsub.publisher and pubsub.subscriber roles at the resource level.

Grant the user identity the pubsub.publisher and pubsub.subscriber roles at the project level.

Grant the user identity a custom role that contains the pubsub.topics.create and pubsub.subscriptions.create permissions.

Configure the application to run as a service account that has the pubsub.publisher and pubsub.subscriber roles.

Download, install, and start the Snapshot Debugger agent in your VM. Take debug snapshots of the functions that take the longest time. Review the call stack frame, and identify the local variables at that level in the stack.

Import the Cloud Profiler package into your application, and initialize the Profiler agent. Review the generated flame graph in the Google Cloud console to identify time-intensive functions.

Import OpenTelemetry and Trace export packages into your application, and create the trace provider.

Review the latency data for your application on the Trace overview page, and identify where bottlenecks are occurring.

Create a Cloud Logging query that gathers the web application's logs. Write a Python script that calculates the difference between the timestamps from the beginning and the end of the application's longest functions to identity time-intensive functions.

File a ticket with Cloud Support indicating that the application performs faster locally.

Use Stackdriver Debugger Snapshots to look at a point-in-time execution of the application.

Use Stackdriver Trace to determine which functions within the application have higher latency.

Add logging commands to the application and use Stackdriver Logging to check where the latency problem occurs.

Grant the service account BigQuery Data Viewer and BigQuery Job User roles.

Grant the service account BigQuery Data Editor and BigQuery Data Viewer roles.

Create a view in BigQuery from the SQL query and SELECT* from the view in the CLI.

Create a new dataset in BigQuery, and copy the source table to the new dataset Query the new dataset and table from the CLI.

Assign a Google service account to the GKE nodes.

Use a Google service account to run the Pod with Workload Identity.

Store the Google service account credentials as a Kubernetes Secret.

Use a Google service account with GKE role-based access control (RBAC).

Create a new project with a random name for every build. Load the required data. Delete the project after the test is run.

Create a new Cloud Spanner instance for every build. Load the required data. Delete the Cloud Spanner instance after the test is run.

Create a project with a Cloud Spanner instance and the required data. Adjust the Cloud Build build file to automatically restore the data to its previous state after the test is run.

Start the Cloud Spanner emulator locally. Load the required data. Shut down the emulator after the test is run.

A Kubernetes NetworkPolicy resource is blocking HTTP traffic between the Pods.

The Pod initiating the HTTP requests is attempting to connect to the target Pod via an incorrect TCP port.

The Authorization Policy of your cluster is blocking HTTP requests for specific paths within your application.

The cluster has mTLS configured in permissive mode, but the Pod's sidecar proxy is sending unencrypted traffic in plain text.

Use Google Kubernetes Engine (GKE) to run the application as a microservice. Run the MySQL database on a dedicated GKE node.

Use multiple Compute Engine instances to run MySQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

Use Memorystore to store session information and CloudSQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.

Use a Cloud Storage bucket to serve the application as a static website, and use another Cloud Storage bucket to store user state information.

Cloud Spanner

Cloud Datastore

Cloud Memorystore as a cache

Separate Cloud SQL clusters for each region

Use the current single instance MySQL on Compute Engine and several read-only MySQL servers on

Compute Engine.

Use the current single instance MySQL on Compute Engine, and replicate the data to Cloud SQL in an

external master configuration.

Replace the current single instance MySQL instance with Cloud SQL, and configure high availability.

Replace the current single instance MySQL instance with Cloud SQL, and Google provides redundancy

without further configuration.

Cloud Profiler

Cloud Monitoring

Cloud Trace

Cloud Logging

Cloud Armor

Cloud Functions

Cloud Endpoints

Shielded Virtual Machines

BigQuery

Cloud SQL

Cloud Spanner

Cloud Datastore

Use local SSDs to store state.

Put a memcache layer in front of MySQL.

Move the state storage to Cloud Spanner.

Replace the MySQL instance with Cloud SQL.

Block all traffic on port 443.

Allow all traffic into the network.

Allow traffic on port 443 for a specific tag.

Allow all traffic on port 443 into the network.

Use App Engine for autoscaling.

Use Cloud Functions for autoscaling.

Use a Compute Engine cluster for the service.

Use a dedicated Compute Engine virtual machine instance for the service.

Migrate the database to Bigtable and use it to serve all global user traffic.

Migrate the database to Cloud Spanner and use it to serve all global user traffic.

Migrate the database to Firestore in Datastore mode and use it to serve all global user traffic.

Migrate the services to Google Kubernetes Engine and use a load balancer service to better scale the application.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain the database credentials.

Create a service account and download its key. Use the key to authenticate to Cloud Key Management Service (KMS) to obtain a key used to decrypt the database credentials.

Create a service account and grant it the roles/iam.serviceAccountUser role. Impersonate as this account and authenticate using the Cloud SQL Proxy.

Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account. Store and access the database credentials with the Secret Manager API.

Create an API key. Use the API key to interact with Google Cloud.

Use the default compute service account to interact with Google Cloud.

Create a service account for the application. Export and deploy the private key for the application. Use the service account to interact with Google Cloud.

Create a service account for the application and for each Google Cloud API used by the application. Export and deploy the private keys used by the application. Use the service account with one Google Cloud API to interact with Google Cloud.

Use Google App Engine services.

Use serverless Google Cloud Functions.

Use Knative to build and deploy serverless applications.

Use Google Kubernetes Engine for automated deployments.

Use a large Google Compute Engine cluster for deployments.

Take frequent snapshots of all of the VMs.

Install the Stackdriver Logging agent on the VMs.

Install the Stackdriver Monitoring agent on the VMs.

Use Stackdriver Trace to look for performance bottlenecks.

Include unit tests in their code, and prevent deployments to QA until all tests have a passing status.

Include performance tests in their code, and prevent deployments to QA until all tests have a passing status.

Create health checks for the QA environment, and redeploy the APIs at a later time if the environment is unhealthy.

Redeploy the APIs to App Engine using Traffic Splitting. Do not move QA traffic to the new versions if errors are found.

Cloud VPN

Cloud Armor

Virtual Private Cloud

Cloud Identity-Aware Proxy

Create manual subnets.

Create an auto mode subnet.

Create multiple peered VPCs.

Provision a single instance for NAT.

Use the Cloud Data Loss Prevention API for redaction of the review dataset.

Use the Cloud Data Loss Prevention API for de-identification of the review dataset.

Use the Cloud Natural Language Processing API for redaction of the review dataset.

Use the Cloud Natural Language Processing API for de-identification of the review dataset.

Create new Cloud SQL instances in Europe and North America for testing and deployment. Provide developers with local MySQL instances to conduct testing on the application changes.

Migrate data to Bigtable. Instruct the development teams to use the Cloud SDK to emulate a local Bigtable development environment.

Move from Cloud SQL to MySQL hosted on Compute Engine. Replicate hosts across regions in the Americas and Europe. Provide developers with local MySQL instances to conduct testing on the application changes.

Migrate data to Firestore in Native mode and set up instan