Professional Cloud DevOps Engineer v1.0 (Professional Cloud DevOps Engineer)

Page:    1 / 12   
Total 166 questions

You support a web application that runs on App Engine and uses CloudSQL and Cloud Storage for data storage. After a short spike in website traffic, you notice a big increase in latency for all user requests, increase in CPU use, and the number of processes running the application. Initial troubleshooting reveals:
✑ After the initial spike in traffic, load levels returned to normal but users still experience high latency.
✑ Requests for content from the CloudSQL database and images from Cloud Storage show the same high latency.
✑ No changes were made to the website around the time the latency increased.
✑ There is no increase in the number of errors to the users.
You expect another spike in website traffic in the coming days and want to make sure users don't experience latency. What should you do?

  • A. Upgrade the GCS buckets to Multi-Regional.
  • B. Enable high availability on the CloudSQL instances.
  • C. Move the application from App Engine to Compute Engine.
  • D. Modify the App Engine configuration to have additional idle instances.


Answer : B

Your application runs on Google Cloud Platform (GCP). You need to implement Jenkins for deploying application releases to GCP. You want to streamline the release process, lower operational toil, and keep user data secure. What should you do?

  • A. Implement Jenkins on local workstations.
  • B. Implement Jenkins on Kubernetes on-premises.
  • C. Implement Jenkins on Google Cloud Functions.
  • D. Implement Jenkins on Compute Engine virtual machines.


Answer : D

References:
https://plugins.jenkins.io/google-compute-engine/

You are working with a government agency that requires you to archive application logs for seven years. You need to configure Stackdriver to export and store the logs while minimizing costs of storage. What should you do?

  • A. Create a Cloud Storage bucket and develop your application to send logs directly to the bucket.
  • B. Develop an App Engine application that pulls the logs from Stackdriver and saves them in BigQuery.
  • C. Create an export in Stackdriver and configure Cloud Pub/Sub to store logs in permanent storage for seven years.
  • D. Create a sink in Stackdriver, name it, create a bucket on Cloud Storage for storing archived logs, and then select the bucket as the log export destination.


Answer : D

References:
https://jayendrapatil.com/google-cloud-logging/

You support a trading application written in Python and hosted on App Engine flexible environment. You want to customize the error information being sent to
Stackdriver Error Reporting. What should you do?

  • A. Install the Stackdriver Error Reporting library for Python, and then run your code on a Compute Engine VM.
  • B. Install the Stackdriver Error Reporting library for Python, and then run your code on Google Kubernetes Engine.
  • C. Install the Stackdriver Error Reporting library for Python, and then run your code on App Engine flexible environment.
  • D. Use the Stackdriver Error Reporting API to write errors from your application to ReportedErrorEvent, and then generate log entries with properly formatted error messages in Stackdriver Logging.


Answer : C

References:
https://cloud.google.com/error-reporting/docs/setup/app-engine-flexible-environment

You need to define Service Level Objectives (SLOs) for a high-traffic multi-region web application. Customers expect the application to always be available and have fast response times. Customers are currently happy with the application performance and availability. Based on current measurement, you observe that the
90
percentile of latency is 120ms and the 95
percentile of latency is 275ms over a 28-day window. What latency SLO would you recommend to the team to th th publish?

  • A. 90 percentile ג€" 100ms th 95 percentile ג€" 250ms th
  • B. 90 percentile ג€" 120ms th 95 percentile ג€" 275ms th
  • C. 90 percentile ג€" 150ms th 95 percentile ג€" 300ms th
  • D. 90 percentile ג€" 250ms th 95 percentile ג€" 400ms th


Answer : B

You support a large service with a well-defined Service Level Objective (SLO). The development team deploys new releases of the service multiple times a week.
If a major incident causes the service to miss its SLO, you want the development team to shift its focus from working on features to improving service reliability.
What should you do before a major incident occurs?

  • A. Develop an appropriate error budget policy in cooperation with all service stakeholders.
  • B. Negotiate with the product team to always prioritize service reliability over releasing new features.
  • C. Negotiate with the development team to reduce the release frequency to no more than once a week.
  • D. Add a plugin to your Jenkins pipeline that prevents new releases whenever your service is out of SLO.


Answer : B

Your company is developing applications that are deployed on Google Kubernetes Engine (GKE). Each team manages a different application. You need to create the development and production environments for each team, while minimizing costs. Different teams should not be able to access other teams' environments.
What should you do?

  • A. Create one GCP Project per team. In each project, create a cluster for Development and one for Production. Grant the teams IAM access to their respective clusters.
  • B. Create one GCP Project per team. In each project, create a cluster with a Kubernetes namespace for Development and one for Production. Grant the teams IAM access to their respective clusters.
  • C. Create a Development and a Production GKE cluster in separate projects. In each cluster, create a Kubernetes namespace per team, and then configure Identity Aware Proxy so that each team can only access its own namespace.
  • D. Create a Development and a Production GKE cluster in separate projects. In each cluster, create a Kubernetes namespace per team, and then configure Kubernetes Role-based access control (RBAC) so that each team can only access its own namespace.


Answer : D

Reference:
https://kubernetes.io/docs/reference/access-authn-authz/rbac/

Some of your production services are running in Google Kubernetes Engine (GKE) in the eu-west-1 region. Your build system runs in the us-west-1 region. You want to push the container images from your build system to a scalable registry to maximize the bandwidth for transferring the images to the cluster. What should you do?

  • A. Push the images to Google Container Registry (GCR) using the gcr.io hostname.
  • B. Push the images to Google Container Registry (GCR) using the us.gcr.io hostname.
  • C. Push the images to Google Container Registry (GCR) using the eu.gcr.io hostname.
  • D. Push the images to a private image registry running on a Compute Engine instance in the eu-west-1 region.


Answer : B

Reference:
https://cloud.google.com/container-registry/docs/pushing-and-pulling

You manage several production systems that run on Compute Engine in the same Google Cloud Platform (GCP) project. Each system has its own set of dedicated Compute Engine instances. You want to know how must it costs to run each of the systems. What should you do?

  • A. In the Google Cloud Platform Console, use the Cost Breakdown section to visualize the costs per system.
  • B. Assign all instances a label specific to the system they run. Configure BigQuery billing export and query costs per label.
  • C. Enrich all instances with metadata specific to the system they run. Configure Stackdriver Logging to export to BigQuery, and query costs based on the metadata.
  • D. Name each virtual machine (VM) after the system it runs. Set up a usage report export to a Cloud Storage bucket. Configure the bucket as a source in BigQuery to query costs based on VM name.


Answer : D

Reference:
https://cloud.google.com/compute/docs/logging/usage-export

You use Cloud Build to build and deploy your application. You want to securely incorporate database credentials and other application secrets into the build pipeline. You also want to minimize the development effort. What should you do?

  • A. Create a Cloud Storage bucket and use the built-in encryption at rest. Store the secrets in the bucket and grant Cloud Build access to the bucket.
  • B. Encrypt the secrets and store them in the application repository. Store a decryption key in a separate repository and grant Cloud Build access to the repository.
  • C. Use client-side encryption to encrypt the secrets and store them in a Cloud Storage bucket. Store a decryption key in the bucket and grant Cloud Build access to the bucket.
  • D. Use Cloud Key Management Service (Cloud KMS) to encrypt the secrets and include them in your Cloud Build deployment configuration. Grant Cloud Build access to the KeyRing.


Answer : D

Reference:
https://cloud.google.com/build/docs/securing-builds/use-encrypted-credentials

You support a popular mobile game application deployed on Google Kubernetes Engine (GKE) across several Google Cloud regions. Each region has multiple
Kubernetes clusters. You receive a report that none of the users in a specific region can connect to the application. You want to resolve the incident while following Site Reliability Engineering practices. What should you do first?

  • A. Reroute the user traffic from the affected region to other regions that donג€™t report issues.
  • B. Use Stackdriver Monitoring to check for a spike in CPU or memory usage for the affected region.
  • C. Add an extra node pool that consists of high memory and high CPU machine type instances to the cluster.
  • D. Use Stackdriver Logging to filter on the clusters in the affected region, and inspect error messages in the logs.


Answer : D

Reference:
https://cloud.google.com/error-reporting/docs/viewing-errors

You are writing a postmortem for an incident that severely affected users. You want to prevent similar incidents in the future. Which two of the following sections should you include in the postmortem? (Choose two.)

  • A. An explanation of the root cause of the incident.
  • B. A list of employees responsible for causing the incident
  • C. A list of action items to prevent a recurrence of the incident
  • D. Your opinion of the incidentג€™s severity compared to past incidents
  • E. Copies of the design documents for all the services impacted by the incident


Answer : AB

Reference:
https://cloud.google.com/blog/products/gcp/fearless-shared-postmortems-cre-life-lessons

You are ready to deploy a new feature of a web-based application to production. You want to use Google Kubernetes Engine (GKE) to perform a phased rollout to half of the web server pods.
What should you do?

  • A. Use a partitioned rolling update.
  • B. Use Node taints with NoExecute.
  • C. Use a replica set in the deployment specification.
  • D. Use a stateful set with parallel pod management policy.


Answer : A

Reference:
https://cloud.google.com/kubernetes-engine/docs/how-to/updating-apps

You are responsible for the reliability of a high-volume enterprise application. A large number of users report that an important subset of the application's functionality `" a data intensive reporting feature `" is consistently failing with an HTTP 500 error. When you investigate your application's dashboards, you notice a strong correlation between the failures and a metric that represents the size of an internal queue used for generating reports. You trace the failures to a reporting backend that is experiencing high I/O wait times. You quickly fix the issue by resizing the backend's persistent disk (PD). How you need to create an availability
Service Level Indicator (SLI) for the report generation feature. How would you define it?

  • A. As the I/O wait times aggregated across all report generation backends
  • B. As the proportion of report generation requests that result in a successful response
  • C. As the applicationג€™s report generation queue size compared to a known-good threshold
  • D. As the reporting backend PD throughout capacity compared to a known-good threshold


Answer : C

You have an application running in Google Kubernetes Engine. The application invokes multiple services per request but responds too slowly. You need to identify which downstream service or services are causing the delay. What should you do?

  • A. Analyze VPC flow logs along the path of the request.
  • B. Investigate the Liveness and Readiness probes for each service.
  • C. Create a Dataflow pipeline to analyze service metrics in real time.
  • D. Use a distributed tracing framework such as OpenTelemetry or Stackdriver Trace.


Answer : C

Reference:
https://medium.com/google-cloud/monitoring-your-dataflow-pipelines-80b9a2849f7a

Page:    1 / 12   
Total 166 questions