Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

Professional Cloud DeveloperFree trial

By google

Verified

25Q per page

Question 51

You are developing a single-player mobile game backend that has unpredictable traffic patterns as users interact with the game throughout the day and night. You want to optimize costs by ensuring that you have enough resources to handle requests, but minimize over-provisioning. You also want the system to handle traffic spikes efficiently. Which compute platform should you use?

A: Cloud Run
B: Compute Engine with managed instance groups
C: Compute Engine with unmanaged instance groups
D: Google Kubernetes Engine using cluster autoscaling

—

Question 52

The development teams in your company want to manage resources from their local environments. You have been asked to enable developer access to each team’s Google Cloud projects. You want to maximize efficiency while following Google-recommended best practices. What should you do?

A: Add the users to their projects, assign the relevant roles to the users, and then provide the users with each relevant Project ID.
B: Add the users to their projects, assign the relevant roles to the users, and then provide the users with each relevant Project Number.
C: Create groups, add the users to their groups, assign the relevant roles to the groups, and then provide the users with each relevant Project ID.
D: Create groups, add the users to their groups, assign the relevant roles to the groups, and then provide the users with each relevant Project Number.

—

Question 53

Your company’s product team has a new requirement based on customer demand to autoscale your stateless and distributed service running in a Google Kubernetes Engine (GKE) duster. You want to find a solution that minimizes changes because this feature will go live in two weeks. What should you do?

A: Deploy a Vertical Pod Autoscaler, and scale based on the CPU load.
B: Deploy a Vertical Pod Autoscaler, and scale based on a custom metric.
C: Deploy a Horizontal Pod Autoscaler, and scale based on the CPU toad.
D: Deploy a Horizontal Pod Autoscaler, and scale based on a custom metric.

—

Question 54

Your application is composed of a set of loosely coupled services orchestrated by code executed on Compute Engine. You want your application to easily bring up new Compute Engine instances that find and use a specific version of a service. How should this be configured?

A: Define your service endpoint information as metadata that is retrieved at runtime and used to connect to the desired service.
B: Define your service endpoint information as label data that is retrieved at runtime and used to connect to the desired service.
C: Define your service endpoint information to be retrieved from an environment variable at runtime and used to connect to the desired service.
D: Define your service to use a fixed hostname and port to connect to the desired service. Replace the service at the endpoint with your new version.

—

Question 55

You are developing a microservice-based application that will run on Google Kubernetes Engine (GKE). Some of the services need to access different Google Cloud APIs. How should you set up authentication of these services in the cluster following Google-recommended best practices? (Choose two.)

A: Use the service account attached to the GKE node.
B: Enable Workload Identity in the cluster via the gcloud command-line tool.
C: Access the Google service account keys from a secret management service.
D: Store the Google service account keys in a central secret management service.
E: Use gcloud to bind the Kubernetes service account and the Google service account using roles/iam.workloadIdentity.

—

Question 56

Your development team has been tasked with maintaining a .NET legacy application. The application incurs occasional changes and was recently updated. Your goal is to ensure that the application provides consistent results while moving through the CI/CD pipeline from environment to environment. You want to minimize the cost of deployment while making sure that external factors and dependencies between hosting environments are not problematic. Containers are not yet approved in your organization. What should you do?

A: Rewrite the application using .NET Core, and deploy to Cloud Run. Use revisions to separate the environments.
B: Use Cloud Build to deploy the application as a new Compute Engine image for each build. Use this image in each environment.
C: Deploy the application using MS Web Deploy, and make sure to always use the latest, patched MS Windows Server base image in Compute Engine.
D: Use Cloud Build to package the application, and deploy to a Google Kubernetes Engine cluster. Use namespaces to separate the environments.

—

Question 57

You are using Cloud Build to build and test application source code stored in Cloud Source Repositories. The build process requires a build tool not available in the Cloud Build environment.
What should you do?

A: Download the binary from the internet during the build process.
B: Build a custom cloud builder image and reference the image in your build steps.
C: Include the binary in your Cloud Source Repositories repository and reference it in your build scripts.
D: Ask to have the binary added to the Cloud Build environment by filing a feature request against the Cloud Build public Issue Tracker.

—

Question 58

The new version of your containerized application has been tested and is ready to deploy to production on Google Kubernetes Engine. You were not able to fully load-test the new version in pre-production environments, and you need to make sure that it does not have performance problems once deployed. Your deployment must be automated. What should you do?

A: Use Cloud Load Balancing to slowly ramp up traffic between versions. Use Cloud Monitoring to look for performance issues.
B: Deploy the application via a continuous delivery pipeline using canary deployments. Use Cloud Monitoring to look for performance issues. and ramp up traffic as the metrics support it.
C: Deploy the application via a continuous delivery pipeline using blue/green deployments. Use Cloud Monitoring to look for performance issues, and launch fully when the metrics support it.
D: Deploy the application using kubectl and set the spec.updateStrategv.type to RollingUpdate. Use Cloud Monitoring to look for performance issues, and run the kubectl rollback command if there are any issues.

—

Question 59

Users are complaining that your Cloud Run-hosted website responds too slowly during traffic spikes. You want to provide a better user experience during traffic peaks. What should you do?

A: Read application configuration and static data from the database on application startup.
B: Package application configuration and static data into the application image during build time.
C: Perform as much work as possible in the background after the response has been returned to the user.
D: Ensure that timeout exceptions and errors cause the Cloud Run instance to exit quickly so a replacement instance can be started.

—

Question 60

You are a developer working on an internal application for payroll processing. You are building a component of the application that allows an employee to submit a timesheet, which then initiates several steps:

• An email is sent to the employee and manager, notifying them that the timesheet was submitted.
• A timesheet is sent to payroll processing for the vendor's API.
• A timesheet is sent to the data warehouse for headcount planning.

These steps are not dependent on each other and can be completed in any order. New steps are being considered and will be implemented by different development teams. Each development team will implement the error handling specific to their step. What should you do?

A: Deploy a Cloud Function for each step that calls the corresponding downstream system to complete the required action.
B: Create a Pub/Sub topic for each step. Create a subscription for each downstream development team to subscribe to their step's topic.
C: Create a Pub/Sub topic for timesheet submissions. Create a subscription for each downstream development team to subscribe to the topic.
D: Create a timesheet microservice deployed to Google Kubernetes Engine. The microservice calls each downstream step and waits for a successful response before calling the next step.

—

Question 61

You are designing an application that uses a microservices architecture. You are planning to deploy the application in the cloud and on-premises. You want to make sure the application can scale up on demand and also use managed services as much as possible. What should you do?

A: Deploy open source Istio in a multi-cluster deployment on multiple Google Kubernetes Engine (GKE) clusters managed by Anthos.
B: Create a GKE cluster in each environment with Anthos, and use Cloud Run for Anthos to deploy your application to each cluster.
C: Install a GKE cluster in each environment with Anthos, and use Cloud Build to create a Deployment for your application in each cluster.
D: Create a GKE cluster in the cloud and install open-source Kubernetes on-premises. Use an external load balancer service to distribute traffic across the two environments.

—

Question 62

You want to migrate an on-premises container running in Knative to Google Cloud. You need to make sure that the migration doesn't affect your application's deployment strategy, and you want to use a fully managed service. Which Google Cloud service should you use to deploy your container?

A: Cloud Run
B: Compute Engine
C: Google Kubernetes Engine
D: App Engine flexible environment

—

Question 63

This architectural diagram depicts a system that streams data from thousands of devices. You want to ingest data into a pipeline, store the data, and analyze the data using SQL statements. Which Google Cloud services should you use for steps 1, 2, 3, and 4?

A: 1. App Engine 2. Pub/Sub 3. BigQuery 4. Firestore
B: 1. Dataflow 2. Pub/Sub 3. Firestore 4. BigQuery
C: 1. Pub/Sub 2. Dataflow 3. BigQuery 4. Firestore
D: 1. Pub/Sub 2. Dataflow 3. Firestore 4. BigQuery

—

Question 64

Your company just experienced a Google Kubernetes Engine (GKE) API outage due to a zone failure. You want to deploy a highly available GKE architecture that minimizes service interruption to users in the event of a future zone failure. What should you do?

A: Deploy Zonal clusters
B: Deploy Regional clusters
C: Deploy Multi-Zone clusters
D: Deploy GKE on-premises clusters

—

Question 65

Your team develops services that run on Google Cloud. You want to process messages sent to a Pub/Sub topic, and then store them. Each message must be processed exactly once to avoid duplication of data and any data conflicts. You need to use the cheapest and most simple solution. What should you do?

A: Process the messages with a Dataproc job, and write the output to storage.
B: Process the messages with a Dataflow streaming pipeline using Apache Beam's PubSubIO package, and write the output to storage.
C: Process the messages with a Cloud Function, and write the results to a BigQuery location where you can run a job to deduplicate the data.
D: Retrieve the messages with a Dataflow streaming pipeline, store them in Cloud Bigtable, and use another Dataflow streaming pipeline to deduplicate messages.

—

Question 66

You are running a containerized application on Google Kubernetes Engine. Your container images are stored in Container Registry. Your team uses CI/CD practices. You need to prevent the deployment of containers with known critical vulnerabilities. What should you do?

A: • Use Web Security Scanner to automatically crawl your application • Review your application logs for scan results, and provide an attestation that the container is free of known critical vulnerabilities • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
B: • Use Web Security Scanner to automatically crawl your application • Review the scan results in the scan details page in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
C: • Enable the Container Scanning API to perform vulnerability scanning • Review vulnerability reporting in Container Registry in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed
D: • Enable the Container Scanning API to perform vulnerability scanning • Programmatically review vulnerability reporting through the Container Scanning API, and provide an attestation that the container is free of known critical vulnerabilities • Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed

—

Question 67

You have an on-premises application that authenticates to the Cloud Storage API using a user-managed service account with a user-managed key. The application connects to Cloud Storage using Private Google Access over a Dedicated Interconnect link. You discover that requests from the application to access objects in the Cloud Storage bucket are failing with a 403 Permission Denied error code. What is the likely cause of this issue?

A: The folder structure inside the bucket and object paths have changed.
B: The permissions of the service account’s predefined role have changed.
C: The service account key has been rotated but not updated on the application server.
D: The Interconnect link from the on-premises data center to Google Cloud is experiencing a temporary outage.

—

Question 68

You are deploying your application to a Compute Engine virtual machine instance. Your application is configured to write its log files to disk. You want to view the logs in Stackdriver Logging without changing the application code.
What should you do?

A: Install the Stackdriver Logging Agent and configure it to send the application logs.
B: Use a Stackdriver Logging Library to log directly from the application to Stackdriver Logging.
C: Provide the log file folder path in the metadata of the instance to configure it to send the application logs.
D: Change the application to log to /var/log so that its logs are automatically sent to Stackdriver Logging.

—

Question 69

You are using the Cloud Client Library to upload an image in your application to Cloud Storage. Users of the application report that occasionally the upload does not complete and the client library reports an HTTP 504 Gateway Timeout error. You want to make the application more resilient to errors. What changes to the application should you make?

A: Write an exponential backoff process around the client library call.
B: Write a one-second wait time backoff process around the client library call.
C: Design a retry button in the application and ask users to click if the error occurs.
D: Create a queue for the object and inform the users that the application will try again in 10 minutes.

—

Question 70

You are building a mobile application that will store hierarchical data structures in a database. The application will enable users working offline to sync changes when they are back online. A backend service will enrich the data in the database using a service account. The application is expected to be very popular and needs to scale seamlessly and securely. Which database and IAM role should you use?

A: Use Cloud SQL, and assign the roles/cloudsql.editor role to the service account.
B: Use Bigtable, and assign the roles/bigtable.viewer role to the service account.
C: Use Firestore in Native mode and assign the roles/datastore.user role to the service account.
D: Use Firestore in Datastore mode and assign the roles/datastore.viewer role to the service account.

—

Question 71

Your application is deployed on hundreds of Compute Engine instances in a managed instance group (MIG) in multiple zones. You need to deploy a new instance template to fix a critical vulnerability immediately but must avoid impact to your service. What setting should be made to the MIG after updating the instance template?

A: Set the Max Surge to 100%.
B: Set the Update mode to Opportunistic.
C: Set the Maximum Unavailable to 100%.
D: Set the Minimum Wait time to 0 seconds.

—

Question 72

You made a typo in a low-level Linux configuration file that prevents your Compute Engine instance from booting to a normal run level. You just created the Compute Engine instance today and have done no other maintenance on it, other than tweaking files. How should you correct this error?

A: Download the file using scp, change the file, and then upload the modified version
B: Configure and log in to the Compute Engine instance through SSH, and change the file
C: Configure and log in to the Compute Engine instance through the serial port, and change the file
D: Configure and log in to the Compute Engine instance using a remote desktop client, and change the file

—

That’s the end of your free questions

You’ve reached the preview limit for Professional Cloud Developer

Consider upgrading to gain full access!

Page 3 of 15 • Questions 51-75 of 359

←

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!