Free Google Professional-Cloud-Developer Exam Questions

Question 1

Your web application is deployed to the corporate intranet. You need to migrate the web application to Google Cloud. The web application must be available only to company employees and accessible to employees as they travel. You need to ensure the security and accessibility of the web application while minimizing application changes. What should you do?

A : nfigure the application to check authentication credentials for each HTTP(S) request to the application.

B : nfigure Identity-Aware Proxy to allow employees to access the application through its public IP address.

C : nfigure a Compute Engine instance that requests users to log in to their corporate account. Change the web application DNS to point to the proxy Compute Engine instance. After authenticating, the Compute Engine instance forwards requests to and from the web application.

D : nfigure a Compute Engine instance that requests users to log in to their corporate account. Change the web application DNS to point to the proxy Compute Engine instance. After authenticating, the Compute Engine issues an HTTP redirect to a public IP address hosting the web application.

Answer: B

Question 2

What is a possible security measure to limit access to resources in App Engine?

A : Configuration of ingress traffic

B : Analysis of exposed URLs

C : Use of default domains

D : Use of App Engine firewall

Answer: D

Question 3

Azgomi is a community application that facilitates communication between people in close proximity, used for event planning and organizing sporting events, and for businesses to connect with their local communities. Azgomi's unique style of hyper-local community communication and business outreach is in demand around the world. The executive statement is to expand the number one local community app globally. The solution concept is to expand their existing service in new regions to better serve their global customers, and hire and train a new team to support these regions in their time zones. Azgomi wants to ensure the application scales smoothly and provides clear uptime data, and that they analyze and respond to any issues that occur. Their existing technical environment is a mix of on-premises hardware and infrastructure running in Google Cloud Platform.

Azgomi's investors want to expand their footprint and support the increase in demand they are seeing. They require the application to expand availability to new regions, support 10x as many concurrent users, ensure a consistent experience for users when they travel to different regions, obtain user activity metrics to better monetize their product, ensure compliance with regulations in new regions, reduce infrastructure management time and cost, and adopt Google-recommended practices for cloud computing. The technical requirements include providing secure communications between the on-premises data center and cloud-hosted applications and infrastructure, providing usage metrics and monitoring, requiring authentication and authorization for APIs, implementing faster and more accurate validation of new features, providing actionable information for logging and performance metrics, and scaling to meet user demand.

A recent security audit discovered that Azgomi's database credentials for their Compute Engine-hosted MySQL databases are stored in plain text on persistent disks. Azgomi needs to reduce the risk of these credentials being stolen.

What actions do you suggest for them?

A : Create a service account and download its key. Use it to authenticate to Cloud KMS for database credentials.

B : Create a service account and use its key to authenticate to Cloud KMS for a decryption key to access the database credentials.

C : Create a service account and give it the roles/iam.serviceAccountUser role. Authenticate using Cloud SQL Proxy while impersonating this account.

D : Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account and use Secret Manager API to store and access the database credentials.

Answer: C

Question 4

What is the best way to monitor the performance of each integration in a microservice-oriented architecture using Cloud Trace?

A : By implementing Cloud Trace in every single integration

B : By monitoring only the most critical tasks of the app

C : By creating a general performance diagnosis for the entire application

D : By implementing Cloud Trace in each of the services

Answer: D

Question 5

What is the condition that is met when an object is created prior to the specified date in Cloud Storage?

A : CreatedBefore

B : CustomTimeBefore

C : DaysSinceCustomTime

D : MatchesStorageClass

Answer: A