Free Google Professional-Cloud-Developer Exam Questions

Question 1

The "Master" dataset in BigQuery contains employee travel and expenses information, which is classified by department. To ensure that employees can only access information related to their respective department, a security framework needs to be implemented with minimal steps.

What actions do you need to take?

A : Create a separate dataset for each department. Create a view with a WHERE clause to select records from a specific dataset for that department. Authorize the view to access records from the Master dataset. Give employees permission to the department-specific dataset.

B : Create a separate dataset for each department. Create a data pipeline to copy relevant information from the Master dataset to the department-specific dataset. Give employees permission to the department-specific dataset.

C : Create a Master dataset. Create a separate view for each department in the Master dataset. Give employees access to their department's view.

D : Create a Master dataset. Create a separate table for each department in the Master dataset. Give employees access to their department's table.

Answer: C

Question 2

A public API must be created that can authenticate, enforce quotas, and report metrics for API callers.

What is the recommended tool to use for finishing this architecture?

A : App Engine

B : Identity-Aware Proxy

C : GKE Ingress for HTTP(S) Load Balancing

D : Cloud Endpoints

Answer: C

Question 3

You are developing a new web application using Cloud Run and committing code to Cloud Source Repositories. You want to deploy new code in the most efficient way possible. You have already created a Cloud Build YAML file that builds a container and runs the following command: gcloud run deploy. What should you do next?

A : eate a Pub/Sub topic to be notified when code is pushed to the repository. Create a Pub/Sub trigger that runs the build file when an event is published to the topic

B : eate a build trigger that runs the build file in response to a repository code being pushed to the development branch.

C : eate a build trigger that runs the build file in response to a repository code being pushed to the development branch.

D : eate a Cron job that runs the following command every 24 hours: gcloud builds submit.

Answer: B

Question 4

You work at a rapidly growing financial technology startup. You manage the payment processing application

written in Go and hosted on Cloud Run in the Singapore region (asia-southeast1). The payment processing

application processes data stored in a Cloud Storage bucket that is also located in the Singapore region.

The startup plans to expand further into the Asia Pacific region. You plan to deploy the Payment Gateway in

Jakarta, Hong Kong, and Taiwan over the next six months. Each location has data residency requirements that

require customer data to reside in the country where the transaction was made. You want to minimize the cost

of these deployments. What should you do?

A : eate a Cloud Storage bucket in each region, and create a Cloud Run service of the payment processing application in each region

B : eate a Cloud Storage bucket in each region, and create three Cloud Run services of the payment processing application in the Singapore region.

C : Create three Cloud Storage buckets in the Asia multi-region, and create three Cloud Run services of the payment processing application in the Singapore region

D : eate three Cloud Storage buckets in the Asia multi-region, and create three Cloud Run revisions of the payment processing application in the Singapore region.

Answer: A

Question 5

Azgomi is a community application that facilitates communication between people in close proximity, used for event planning and organizing sporting events, and for businesses to connect with their local communities. Azgomi's unique style of hyper-local community communication and business outreach is in demand around the world. The executive statement is to expand the number one local community app globally. The solution concept is to expand their existing service in new regions to better serve their global customers, and hire and train a new team to support these regions in their time zones. Azgomi wants to ensure the application scales smoothly and provides clear uptime data, and that they analyze and respond to any issues that occur. Their existing technical environment is a mix of on-premises hardware and infrastructure running in Google Cloud Platform.

Azgomi's investors want to expand their footprint and support the increase in demand they are seeing. They require the application to expand availability to new regions, support 10x as many concurrent users, ensure a consistent experience for users when they travel to different regions, obtain user activity metrics to better monetize their product, ensure compliance with regulations in new regions, reduce infrastructure management time and cost, and adopt Google-recommended practices for cloud computing. The technical requirements include providing secure communications between the on-premises data center and cloud-hosted applications and infrastructure, providing usage metrics and monitoring, requiring authentication and authorization for APIs, implementing faster and more accurate validation of new features, providing actionable information for logging and performance metrics, and scaling to meet user demand.

A recent security audit discovered that Azgomi's database credentials for their Compute Engine-hosted MySQL databases are stored in plain text on persistent disks. Azgomi needs to reduce the risk of these credentials being stolen.

What actions do you suggest for them?

A : Create a service account and download its key. Use it to authenticate to Cloud KMS for database credentials.

B : Create a service account and use its key to authenticate to Cloud KMS for a decryption key to access the database credentials.

C : Create a service account and give it the roles/iam.serviceAccountUser role. Authenticate using Cloud SQL Proxy while impersonating this account.

D : Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account and use Secret Manager API to store and access the database credentials.

Answer: C