Free Google Professional-Cloud-Developer Exam Questions

Question 1

Azgomi is a community application that facilitates communication between people in close proximity, used for event planning and organizing sporting events, and for businesses to connect with their local communities. Azgomi's unique style of hyper-local community communication and business outreach is in demand around the world. The executive statement is to expand the number one local community app globally. The solution concept is to expand their existing service in new regions to better serve their global customers, and hire and train a new team to support these regions in their time zones. Azgomi wants to ensure the application scales smoothly and provides clear uptime data, and that they analyze and respond to any issues that occur. Their existing technical environment is a mix of on-premises hardware and infrastructure running in Google Cloud Platform.

Azgomi's investors want to expand their footprint and support the increase in demand they are seeing. They require the application to expand availability to new regions, support 10x as many concurrent users, ensure a consistent experience for users when they travel to different regions, obtain user activity metrics to better monetize their product, ensure compliance with regulations in new regions, reduce infrastructure management time and cost, and adopt Google-recommended practices for cloud computing. The technical requirements include providing secure communications between the on-premises data center and cloud-hosted applications and infrastructure, providing usage metrics and monitoring, requiring authentication and authorization for APIs, implementing faster and more accurate validation of new features, providing actionable information for logging and performance metrics, and scaling to meet user demand.

A recent security audit discovered that Azgomi's database credentials for their Compute Engine-hosted MySQL databases are stored in plain text on persistent disks. Azgomi needs to reduce the risk of these credentials being stolen.

What actions do you suggest for them?

A : Create a service account and download its key. Use it to authenticate to Cloud KMS for database credentials.

B : Create a service account and use its key to authenticate to Cloud KMS for a decryption key to access the database credentials.

C : Create a service account and give it the roles/iam.serviceAccountUser role. Authenticate using Cloud SQL Proxy while impersonating this account.

D : Grant the roles/secretmanager.secretAccessor role to the Compute Engine service account and use Secret Manager API to store and access the database credentials.

Answer: C

Question 2

The analytics system is currently facing a permission error while executing queries against a BigQuery dataset. The SQL query is executed in batch by passing the contents of a SQL file to the BigQuery CLI, which in turn redirects the output to another process. To resolve this issue, you need to identify the root cause of the permission error and take necessary steps to fix it.

What actions are recommended in this situation?

A : Create a view in BigQuery from an SQL query and SELECT* from the view in the command-line interface.

B : Grant the service account BigQuery Data Editor and BigQuery Data Viewer roles.

C : Grant the service account BigQuery Data Viewer and BigQuery Job User roles.

D : Create a new dataset in BigQuery, copy the source table to the new dataset, and query the new dataset and table from the command-line interface.

Answer: C

Question 3

To perform unit and integration tests during the Docker image build process using Cloud Build, you need to make modifications. In the event of a failure, you want the build history to clearly indicate the stage at which the build failed.

What actions do you need to take?

A : Create a Cloud Build build config file with a single build step to compile unit and integration tests.

B : Create a Cloud Build build config file that will spawn a separate cloud build pipeline for unit and integration tests.

C : Add RUN commands in the Dockerfile to execute unit and integration tests.

D : Create a Cloud Build build config file with separate cloud builder steps to compile and execute unit and integration tests.

Answer: D

Question 4

Your team detected a spike of errors in an application running on Cloud Run in your production project. The application is configured to read messages from Pub/Sub topic A, process the messages, and write the messages to topic B. You want to conduct tests to identify the cause of the errors. You can use a set of mock messages for testing. What should you do?

A : ploy the Pub/Sub and Cloud Run emulators on your local machine. Deploy the application locally, and change the logging level in the application to DEBUG or INFO. Write mock messages to topic A, and then analyze the logs.

B : the gcloud CLI to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.

C : ploy the Pub/Sub emulator on your local machine. Point the production application to your local Pub/Sub topics. Write mock messages to topic A, and then analyze the logs.

D : the Google Cloud console to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.

Answer: C

Question 5

Your application is deployed across several Google Kubernetes Engine clusters, with each cluster managed by a Deployment. The Deployment has generated several replicas of your Pod in every cluster. You intend to access the logs sent to stdout for all the replicas in your Deployment across all clusters.

What is the appropriate command to use?

A : kubectl logs [PARAM]

B : gcloud logging read [PARAM]

C : kubectl exec ""it [PARAM] journalctl

D : gcloud compute ssh [PARAM] ""-command= 'sudo journalctl'

Answer: B