Google Professional Cloud DevOps EngineerPractice Tests Total Questions: 846 – 14 Mock Exams
Practice Set 1
Time limit: 0
0 of 65 questions completed
Questions:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
Information
Click on Start Test
You have already completed the Test before. Hence you can not start it again.
Test is loading...
You must sign in or sign up to start the Test.
You have to finish following quiz, to start this Test:
Your results are here!! for" Google Professional Cloud DevOps Engineer Practice Test 1 "
0 of 65 questions answered correctly
Your time:
Time has elapsed
Your Final Score is : 0
You have attempted : 0
Number of Correct Questions : 0 and scored 0
Number of Incorrect Questions : 0 and Negative marks 0
Average score
Your score
Google Professional Cloud DevOps Engineer
You have attempted: 0
Number of Correct Questions: 0 and scored 0
Number of Incorrect Questions: 0 and Negative marks 0
You can review your answers by clicking on “View Answers” option.
Important Note : Open Reference Documentation Links in New Tab (Right Click and Open in New Tab).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
Answered
Review
Question 1 of 65
1. Question
You are currently reviewing your project in GCP using gcloud. You would like to confirm what the DNS related info is for a project. What is the command to do this? (Select One)
Correct
gcloud components install kubectl Explanation: Using gcloud is very important for this exam around Kubernetes since the gcloud commands are what interact with GCP resources that create and manage the clusters and then the kubectl, which is the Kubernetes command line tool is used to run commands against Kubernetes clusters on GKE.
Incorrect
gcloud components install kubectl Explanation: Using gcloud is very important for this exam around Kubernetes since the gcloud commands are what interact with GCP resources that create and manage the clusters and then the kubectl, which is the Kubernetes command line tool is used to run commands against Kubernetes clusters on GKE.
Unattempted
gcloud components install kubectl Explanation: Using gcloud is very important for this exam around Kubernetes since the gcloud commands are what interact with GCP resources that create and manage the clusters and then the kubectl, which is the Kubernetes command line tool is used to run commands against Kubernetes clusters on GKE.
Question 2 of 65
2. Question
You are currently looking at your GCP platform with gcloud and would like to list all the instances in GCP Compute Engine. What command would you use? (Select One)
Correct
gcloud compute instances list Explanation: Review the gcloud documentation site for command syntax https://cloud.google.com/sdk/gcloud/reference/compute/instances/list
Incorrect
gcloud compute instances list Explanation: Review the gcloud documentation site for command syntax https://cloud.google.com/sdk/gcloud/reference/compute/instances/list
Unattempted
gcloud compute instances list Explanation: Review the gcloud documentation site for command syntax https://cloud.google.com/sdk/gcloud/reference/compute/instances/list
Question 3 of 65
3. Question
Which of the following are the typical SRE activities according to Google? (Select One)
Correct
Software Engineering, Systems Engineering, Toil and Overhead. Explanation: According to Google every SRE needs to spend at least 50% of their time on engineering work, when averaged over a few quarters or a year. Toil tends to be spiky, so a steady 50% of time spent on engineering may not be realistic for some SRE teams, and they may dip below that target in some quarters. https://landing.google.com/sre/sre-book/chapters/eliminating-toil/
Incorrect
Software Engineering, Systems Engineering, Toil and Overhead. Explanation: According to Google every SRE needs to spend at least 50% of their time on engineering work, when averaged over a few quarters or a year. Toil tends to be spiky, so a steady 50% of time spent on engineering may not be realistic for some SRE teams, and they may dip below that target in some quarters. https://landing.google.com/sre/sre-book/chapters/eliminating-toil/
Unattempted
Software Engineering, Systems Engineering, Toil and Overhead. Explanation: According to Google every SRE needs to spend at least 50% of their time on engineering work, when averaged over a few quarters or a year. Toil tends to be spiky, so a steady 50% of time spent on engineering may not be realistic for some SRE teams, and they may dip below that target in some quarters. https://landing.google.com/sre/sre-book/chapters/eliminating-toil/
Question 4 of 65
4. Question
You have been advised by your CISO that you will need to maintain a record of all policy violations and failed deployment attempts around your GKE container deployments. What service in Google Cloud would be the best solution? (Select One)
Correct
Cloud Audit Logs Explanation: Cloud Operation (Stackdriver) Logging maintains a record of all policy violations and failed deployment attempts using Cloud Audit Logs. https://cloud.google.com/logging/docs/audit
Incorrect
Cloud Audit Logs Explanation: Cloud Operation (Stackdriver) Logging maintains a record of all policy violations and failed deployment attempts using Cloud Audit Logs. https://cloud.google.com/logging/docs/audit
Unattempted
Cloud Audit Logs Explanation: Cloud Operation (Stackdriver) Logging maintains a record of all policy violations and failed deployment attempts using Cloud Audit Logs. https://cloud.google.com/logging/docs/audit
Question 5 of 65
5. Question
The _______________________________resource represents the Access Control Lists (ACLs) for buckets within Google Cloud Storage. ACLs let you specify who has access to your data and to what extent. (Select One)
Correct
BucketAccessControls Explanation:Buckets contain objects which can be accessed by their own methods. In addition to the ACL property, buckets contain bucketAccessControls, for use in fine-grained manipulation of an existing bucket‘s access controls https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls
Incorrect
BucketAccessControls Explanation:Buckets contain objects which can be accessed by their own methods. In addition to the ACL property, buckets contain bucketAccessControls, for use in fine-grained manipulation of an existing bucket‘s access controls https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls
Unattempted
BucketAccessControls Explanation:Buckets contain objects which can be accessed by their own methods. In addition to the ACL property, buckets contain bucketAccessControls, for use in fine-grained manipulation of an existing bucket‘s access controls https://cloud.google.com/storage/docs/json_api/v1/bucketAccessControls
Question 6 of 65
6. Question
You are currently deploying an application on a Kubernetes cluster. Your aware that a Deployment’s rollout is triggered if and only if the Deployment’s pod template is changed, for example if the labels or container images of the template are updated. Other updates, such as scaling the Deployment, do not trigger a rollout. What is the file name that would need to be changed? (Select One)
Google states that an SRE should not spend no more than what percentage of time on operations? (Select One)
Correct
50% Explanation: Google states that SREs should not be spending more than 50% of their time on operations and considers any violation of this rule a sign of system poor health.
Incorrect
50% Explanation: Google states that SREs should not be spending more than 50% of their time on operations and considers any violation of this rule a sign of system poor health.
Unattempted
50% Explanation: Google states that SREs should not be spending more than 50% of their time on operations and considers any violation of this rule a sign of system poor health.
Question 8 of 65
8. Question
Which of the following is an API that is used to store trusted metadata about our software artifacts and is also used during the Binary Authorization process (Select One)
You‘re using Stackdriver (Cloud Operations) to set up some alerts. You want to reuse your existing REST-based notification tools that your ops team has created. You also need the setup to be as simple as possible to configure and maintain since your customer does not have programming skills. Which notification option would be the best option? (Select One)
Correct
Create a webhook to get this done. Explanation. A webhook would be the simplest and best option since the other answers won’t fit the requirements
Incorrect
Create a webhook to get this done. Explanation. A webhook would be the simplest and best option since the other answers won’t fit the requirements
Unattempted
Create a webhook to get this done. Explanation. A webhook would be the simplest and best option since the other answers won’t fit the requirements
Question 10 of 65
10. Question
Google Cloud has both types of services that are “ops and no-ops” management requirements when as referring to customizability with compute services. How would you rank the four compute services on a scale ranging from the fewest management requirements and lowest customizability to the most management requirements and highest customizability? (Select One)
You have downloaded the SDK kit from Google and now would like to manage containers on GKE with gcloud. What command would be typed to install kubectl in the CLI?
Correct
gcloud components install kubectl Explanation: Using gcloud is very important for this exam around Kubernetes since the gcloud commands are what interact with GCP resources that create and manage the clusters and then the kubectl, which is the Kubernetes command line tool is used to run commands against Kubernetes clusters on GKE.
Incorrect
gcloud components install kubectl Explanation: Using gcloud is very important for this exam around Kubernetes since the gcloud commands are what interact with GCP resources that create and manage the clusters and then the kubectl, which is the Kubernetes command line tool is used to run commands against Kubernetes clusters on GKE.
Unattempted
gcloud components install kubectl Explanation: Using gcloud is very important for this exam around Kubernetes since the gcloud commands are what interact with GCP resources that create and manage the clusters and then the kubectl, which is the Kubernetes command line tool is used to run commands against Kubernetes clusters on GKE.
Question 12 of 65
12. Question
A recent software update to your enterprises e-commerce website that is running on Google Cloud has caused the website to crash for several hours. Your CTO decides that all critical changes must now have a back-out/roll-back plan. The website is deployed on hundreds of virtual machines (VMs), and critical changes are frequent. Which two actions should you take to implement the back-out/roll-back plan? (Select Two)
Correct
Managed Instance Groups and Versioning.. Explanation: Use managed instance groups to provide updates and object versioning will ensure that you can get back to the previous stable version.
Incorrect
Managed Instance Groups and Versioning.. Explanation: Use managed instance groups to provide updates and object versioning will ensure that you can get back to the previous stable version.
Unattempted
Managed Instance Groups and Versioning.. Explanation: Use managed instance groups to provide updates and object versioning will ensure that you can get back to the previous stable version.
Question 13 of 65
13. Question
Which of the following is the “maximum size” of a single cached data value in MemCache? (Select One)
You are evaluating new GCP services and would like to use tools to help you evaluate the costs of using GCP. What are two tools available from GCP to help analyse costs. (Select Two)
Correct
Pricing Calculator and TCO Tool Explanation. For this exam. Expect several questions on pricing Bigtable and Storage. You can also take advantage of some tools to help you evaluate the costs of using GCP. The pricing calculator provides a quick and easy way to estimate what your GCP usage will look like. You can provide details about the services you want to use, such as the number of Compute Engine instances, persistent disks and their sizes, and so on, and then see a pricing estimate. https://cloud.google.com/products/calculator https://inthecloud.withgoogle.com/tco-assessment-19/form.html
Incorrect
Pricing Calculator and TCO Tool Explanation. For this exam. Expect several questions on pricing Bigtable and Storage. You can also take advantage of some tools to help you evaluate the costs of using GCP. The pricing calculator provides a quick and easy way to estimate what your GCP usage will look like. You can provide details about the services you want to use, such as the number of Compute Engine instances, persistent disks and their sizes, and so on, and then see a pricing estimate. https://cloud.google.com/products/calculator https://inthecloud.withgoogle.com/tco-assessment-19/form.html
Unattempted
Pricing Calculator and TCO Tool Explanation. For this exam. Expect several questions on pricing Bigtable and Storage. You can also take advantage of some tools to help you evaluate the costs of using GCP. The pricing calculator provides a quick and easy way to estimate what your GCP usage will look like. You can provide details about the services you want to use, such as the number of Compute Engine instances, persistent disks and their sizes, and so on, and then see a pricing estimate. https://cloud.google.com/products/calculator https://inthecloud.withgoogle.com/tco-assessment-19/form.html
Question 15 of 65
15. Question
Your currently an SRE for My widgets Corp. The development team has asked you to deploy a Java 9 application on GCP App Engine. You realize that you can’t use App Engine Standard because Java 8/11 is the only Java version supported at the time of your planning. What are your options for this scenario? (Select Two)
Which of the following statements are true when discussing toil in SRE? (Select Two)
Correct
Reducing toil is one of the most important tasks of an SRE, Toil is mundane, repetitive operational work providing no enduring value, which scales linearly with service growth Explanation: Toil is expected but can be reduced. Google definition of toil is as follows. “Toil is the kind of work tied to running a production service that tends to be manual, repetitive, automatable, tactical, devoid of enduring value, and that scales linearly as a service grows.” https://landing.google.com/sre/sre-book/chapters/eliminating-toil/
Incorrect
Reducing toil is one of the most important tasks of an SRE, Toil is mundane, repetitive operational work providing no enduring value, which scales linearly with service growth Explanation: Toil is expected but can be reduced. Google definition of toil is as follows. “Toil is the kind of work tied to running a production service that tends to be manual, repetitive, automatable, tactical, devoid of enduring value, and that scales linearly as a service grows.” https://landing.google.com/sre/sre-book/chapters/eliminating-toil/
Unattempted
Reducing toil is one of the most important tasks of an SRE, Toil is mundane, repetitive operational work providing no enduring value, which scales linearly with service growth Explanation: Toil is expected but can be reduced. Google definition of toil is as follows. “Toil is the kind of work tied to running a production service that tends to be manual, repetitive, automatable, tactical, devoid of enduring value, and that scales linearly as a service grows.” https://landing.google.com/sre/sre-book/chapters/eliminating-toil/
Question 17 of 65
17. Question
What role in an SRE organization manages the immediate, detailed, technical, and tactical work of the incident response, which is typically the largest aspect of the response? (Select One)
Correct
Operations Lead Explanation:The Ops Lead (OL) or tech lead works to respond to the incident by applying operational tools to mitigate or resolve the incident
Incorrect
Operations Lead Explanation:The Ops Lead (OL) or tech lead works to respond to the incident by applying operational tools to mitigate or resolve the incident
Unattempted
Operations Lead Explanation:The Ops Lead (OL) or tech lead works to respond to the incident by applying operational tools to mitigate or resolve the incident
Question 18 of 65
18. Question
Your considering placing your Infrastructure as code processes on Cloud Deployment Manager. What would be a risk of doing this? (Select One)
Correct
Cloud Deployment Manager APIs could be deprecated in the future. APIs of course take maintenance. Other choices would likely not be a risk
Incorrect
Cloud Deployment Manager APIs could be deprecated in the future. APIs of course take maintenance. Other choices would likely not be a risk
Unattempted
Cloud Deployment Manager APIs could be deprecated in the future. APIs of course take maintenance. Other choices would likely not be a risk
Question 19 of 65
19. Question
What is the main issue that SRE really exists for to solve? (Select One)
Correct
Remove silos in the organization and create a hybrid role Explanation: The main issue that SRE exists to solve is that of organisational silos. SRE works to break down the traditional barriers between Dev and Ops by pulling together their roles into a new hybrid role. A Site Reliability Engineer whose job is balanced between developing new features on the one hand, and ensuring that production systems run smoothly and reliably, on the other. SREs enable development teams to deploy faster, while using any failures that occur as pointers towards relentlessly improving the overall health of their system. https://landing.google.com/sre/sre-book/chapters/part2/
Incorrect
Remove silos in the organization and create a hybrid role Explanation: The main issue that SRE exists to solve is that of organisational silos. SRE works to break down the traditional barriers between Dev and Ops by pulling together their roles into a new hybrid role. A Site Reliability Engineer whose job is balanced between developing new features on the one hand, and ensuring that production systems run smoothly and reliably, on the other. SREs enable development teams to deploy faster, while using any failures that occur as pointers towards relentlessly improving the overall health of their system. https://landing.google.com/sre/sre-book/chapters/part2/
Unattempted
Remove silos in the organization and create a hybrid role Explanation: The main issue that SRE exists to solve is that of organisational silos. SRE works to break down the traditional barriers between Dev and Ops by pulling together their roles into a new hybrid role. A Site Reliability Engineer whose job is balanced between developing new features on the one hand, and ensuring that production systems run smoothly and reliably, on the other. SREs enable development teams to deploy faster, while using any failures that occur as pointers towards relentlessly improving the overall health of their system. https://landing.google.com/sre/sre-book/chapters/part2/
Question 20 of 65
20. Question
You are currently working on a pipeline that is hosted on GCP and you are getting ready to deploy your working copies with Cloud Build. The following command would do what as part of the process git checkout -b new-feature (Select One)
You are deploying an application to a Kubernetes cluster that requires a username and password to connect to another service. When you deploy the application, you want to ensure that the credentials are used securely in multiple environments with minimal code changes. What should you do? (Select One)
Correct
Store the credentials in a Kubernetes Secret and then allow the application access via environment variables at run time Explanation: This will enable secrets usage without needing to modify the code per environment, update build pipelines, or store secrets insecurely.
Incorrect
Store the credentials in a Kubernetes Secret and then allow the application access via environment variables at run time Explanation: This will enable secrets usage without needing to modify the code per environment, update build pipelines, or store secrets insecurely.
Unattempted
Store the credentials in a Kubernetes Secret and then allow the application access via environment variables at run time Explanation: This will enable secrets usage without needing to modify the code per environment, update build pipelines, or store secrets insecurely.
Question 22 of 65
22. Question
The Monitoring agent, ________________, is based on the original collectd system statistics collection daemon? (Select One)
Correct
Stackdriver-agent Explanation: The Stackdriver Monitoring agent is a collectd-based daemon that gathers system and application metrics from virtual machine instances and sends them to Stackdriver Monitoring. cloud.google.com/monitoring/agent/
Incorrect
Stackdriver-agent Explanation: The Stackdriver Monitoring agent is a collectd-based daemon that gathers system and application metrics from virtual machine instances and sends them to Stackdriver Monitoring. cloud.google.com/monitoring/agent/
Unattempted
Stackdriver-agent Explanation: The Stackdriver Monitoring agent is a collectd-based daemon that gathers system and application metrics from virtual machine instances and sends them to Stackdriver Monitoring. cloud.google.com/monitoring/agent/
Question 23 of 65
23. Question
By default you can create up to _______ networks per project. (Select One)
Correct
5 Explanation. By default ,the limit is 5 per project. You can contact support to have this adjusted as needed. The exam has a few trivia around projects and quotas. https://cloud.google.com/vpc/docs/using-vpc
Incorrect
5 Explanation. By default ,the limit is 5 per project. You can contact support to have this adjusted as needed. The exam has a few trivia around projects and quotas. https://cloud.google.com/vpc/docs/using-vpc
Unattempted
5 Explanation. By default ,the limit is 5 per project. You can contact support to have this adjusted as needed. The exam has a few trivia around projects and quotas. https://cloud.google.com/vpc/docs/using-vpc
Question 24 of 65
24. Question
You have been contacted by the enterprise support team which has told you there have reports of significant latency at specific times for an application running on GCP. They would like you to review the issue and provide them insight into why the application is latent at specific times? What Google Cloud service could you use to inspect latency data that has been collected in near real time? (Select One)
Correct
Stackdriver Trace (Cloud Trace) Explanation: Cloud Trace formerly Stackdriver Trace is a distributed tracing system that collects latency data from your applications and displays it in the Google Cloud Console. You can track how requests propagate through your application and receive detailed near real-time performance insights. Cloud Trace automatically analyses all your application‘s traces to generate in-depth latency reports to surface performance degradation, and can capture traces from all your VMs, containers, or App Engine projects.
Incorrect
Stackdriver Trace (Cloud Trace) Explanation: Cloud Trace formerly Stackdriver Trace is a distributed tracing system that collects latency data from your applications and displays it in the Google Cloud Console. You can track how requests propagate through your application and receive detailed near real-time performance insights. Cloud Trace automatically analyses all your application‘s traces to generate in-depth latency reports to surface performance degradation, and can capture traces from all your VMs, containers, or App Engine projects.
Unattempted
Stackdriver Trace (Cloud Trace) Explanation: Cloud Trace formerly Stackdriver Trace is a distributed tracing system that collects latency data from your applications and displays it in the Google Cloud Console. You can track how requests propagate through your application and receive detailed near real-time performance insights. Cloud Trace automatically analyses all your application‘s traces to generate in-depth latency reports to surface performance degradation, and can capture traces from all your VMs, containers, or App Engine projects.
Question 25 of 65
25. Question
The__________ Tier delivers traffic over Google’s well-provisioned, low latency, highly reliable global network. (Select One)
Correct
Premium Explanation: The Premium Tier delivers traffic over Google’s well-provisioned, low latency, highly reliable global network. https://cloud.google.com/network-tiers/
Incorrect
Premium Explanation: The Premium Tier delivers traffic over Google’s well-provisioned, low latency, highly reliable global network. https://cloud.google.com/network-tiers/
Unattempted
Premium Explanation: The Premium Tier delivers traffic over Google’s well-provisioned, low latency, highly reliable global network. https://cloud.google.com/network-tiers/
Question 26 of 65
26. Question
You have just created a cluster called “devops” in GKE and now you need to get authentication credentials to interact with the cluster. What is the proper CLI syntax to accomplish this task? (Select One)
Correct
gcloud container clusters get-credentials devops Explanation: After creating your cluster, you need to get authentication credentials to interact with the cluster. This is done by a gcloud command, not a kubectl command. gcloud container clusters get-credentials “cluster-name” will configure configures kubectl to use the cluster you created.
Incorrect
gcloud container clusters get-credentials devops Explanation: After creating your cluster, you need to get authentication credentials to interact with the cluster. This is done by a gcloud command, not a kubectl command. gcloud container clusters get-credentials “cluster-name” will configure configures kubectl to use the cluster you created.
Unattempted
gcloud container clusters get-credentials devops Explanation: After creating your cluster, you need to get authentication credentials to interact with the cluster. This is done by a gcloud command, not a kubectl command. gcloud container clusters get-credentials “cluster-name” will configure configures kubectl to use the cluster you created.
Question 27 of 65
27. Question
Who in an SRE organization coordinates efforts of the response team to address an active incident? (Select One)
Correct
Incident Commander (IC) Explanation: Incident Commander is the person who declares the incident typically steps into the IC role and directs the high-level state of the incident.
Incorrect
Incident Commander (IC) Explanation: Incident Commander is the person who declares the incident typically steps into the IC role and directs the high-level state of the incident.
Unattempted
Incident Commander (IC) Explanation: Incident Commander is the person who declares the incident typically steps into the IC role and directs the high-level state of the incident.
Question 28 of 65
28. Question
You are currently planning a Kubernetes deployment on premises but also extending Kubernetes to GCP as well. Your team would like to understand how management, routing could work as well as how users could extend services in a cluster. What would you specify to deal with these concerns? (Select Two)
Correct
Explanation: Kubernetes ingress is a collection of routing rules that govern how external users access services running in a Kubernetes cluster. The edge proxy is commonly called an ingress controller because it is commonly configured using ingress resources in Kubernetes, however the edge proxy can also be configured
Incorrect
Explanation: Kubernetes ingress is a collection of routing rules that govern how external users access services running in a Kubernetes cluster. The edge proxy is commonly called an ingress controller because it is commonly configured using ingress resources in Kubernetes, however the edge proxy can also be configured
Unattempted
Explanation: Kubernetes ingress is a collection of routing rules that govern how external users access services running in a Kubernetes cluster. The edge proxy is commonly called an ingress controller because it is commonly configured using ingress resources in Kubernetes, however the edge proxy can also be configured
Question 29 of 65
29. Question
When we speak of Best Practices around IAM and specifically the “Principle of least privilege” . What would be a best practices as related to least privilege? (Select One)
Correct
Always apply the minimal access level required Explanation: This is the principle of least privilege. Always apply the minimal access level required Use groups as a best practice as well. Control who can change policies and group memberships. Enforce audit policy changes and always enable audit logs to record project-level permission changes
Incorrect
Always apply the minimal access level required Explanation: This is the principle of least privilege. Always apply the minimal access level required Use groups as a best practice as well. Control who can change policies and group memberships. Enforce audit policy changes and always enable audit logs to record project-level permission changes
Unattempted
Always apply the minimal access level required Explanation: This is the principle of least privilege. Always apply the minimal access level required Use groups as a best practice as well. Control who can change policies and group memberships. Enforce audit policy changes and always enable audit logs to record project-level permission changes
Question 30 of 65
30. Question
What is the flag for estimating costs for bytes read in Bigquery with the bq command? (Select One)
Your organization would like to obtain significant discounts on your VM instance deployments on Google Cloud. These VM instances only need to be used for a few hours a month. What pricing model would you want to consider? (Select One)
Correct
Preemptable Instances Explanation: There is terminology that is also AWS terminology such as Spot and Reserved. Googles form of “ Spot” instances are “Preemptable” . A preemptible VM is an instance that you can create and run at a much lower price than normal instances. However, Compute Engine might terminate at GCP will these instances if it requires access to those resources for other tasks. https://cloud.google.com/compute/docs/instances/preemptible
Incorrect
Preemptable Instances Explanation: There is terminology that is also AWS terminology such as Spot and Reserved. Googles form of “ Spot” instances are “Preemptable” . A preemptible VM is an instance that you can create and run at a much lower price than normal instances. However, Compute Engine might terminate at GCP will these instances if it requires access to those resources for other tasks. https://cloud.google.com/compute/docs/instances/preemptible
Unattempted
Preemptable Instances Explanation: There is terminology that is also AWS terminology such as Spot and Reserved. Googles form of “ Spot” instances are “Preemptable” . A preemptible VM is an instance that you can create and run at a much lower price than normal instances. However, Compute Engine might terminate at GCP will these instances if it requires access to those resources for other tasks. https://cloud.google.com/compute/docs/instances/preemptible
Question 32 of 65
32. Question
Your customer is currently developing on App Engine with Python. They would like to implement standard images for their VM configurations. What deployment do they need to subscribe to so to enable the use of a standard image off their own VM’s? (Select One)
Correct
App Engine Standard Explanation: App Engine Standard is all they need if there is no specific development language specified like Node.js App Engine Standard runs a sandbox. App Engine Flexible deploys via containers. The question did not specify a specific version of Python.
Incorrect
App Engine Standard Explanation: App Engine Standard is all they need if there is no specific development language specified like Node.js App Engine Standard runs a sandbox. App Engine Flexible deploys via containers. The question did not specify a specific version of Python.
Unattempted
App Engine Standard Explanation: App Engine Standard is all they need if there is no specific development language specified like Node.js App Engine Standard runs a sandbox. App Engine Flexible deploys via containers. The question did not specify a specific version of Python.
Question 33 of 65
33. Question
You are designing a CD Pipeline and would like to have your source code hosted on GKE, Build Automation and Artifact Management with GCP Services. Your currently using Spinnaker for your code deployment.
Refer to the diagram and place in the proper sequence for A, B, C to design your initial CD Pipeline.
You’re currently considering moving your on-premises CI pipeline from on premises to Google Cloud Platform. You would like to have code maintained in a private Git repository which is hosted on the Google Cloud Platform. What service would you choose? (Select One)
You have created several preemptible Linux virtual machine instances using Google Compute Engine. You want to properly shut down your application before the virtual machines are pre-empted. (Select Two)
Correct
Create a shutdown script and use it as the value for a new metadata entry with the key shutdown-script in the Cloud Platform Console when you create the new virtual machine instance and Use the CLI, Console or API to pass the contents directly Explanation: Create a shutdown script and use it as the value for a new metadata entry with the key shutdown-script in the Cloud Platform Console when you create the new virtual machine instance https://cloud.google.com/compute/docs/shutdownscript
Incorrect
Create a shutdown script and use it as the value for a new metadata entry with the key shutdown-script in the Cloud Platform Console when you create the new virtual machine instance and Use the CLI, Console or API to pass the contents directly Explanation: Create a shutdown script and use it as the value for a new metadata entry with the key shutdown-script in the Cloud Platform Console when you create the new virtual machine instance https://cloud.google.com/compute/docs/shutdownscript
Unattempted
Create a shutdown script and use it as the value for a new metadata entry with the key shutdown-script in the Cloud Platform Console when you create the new virtual machine instance and Use the CLI, Console or API to pass the contents directly Explanation: Create a shutdown script and use it as the value for a new metadata entry with the key shutdown-script in the Cloud Platform Console when you create the new virtual machine instance https://cloud.google.com/compute/docs/shutdownscript
Question 36 of 65
36. Question
Your currently ready to deploy some Cloud Deployment Manager templates and you will need to ensure specific requirements (“explicit”) exists before the templates deploy. What would be the option you would add to your templates or configuration files? (Select One)
Correct
dependsOn Explanation. “dependsOn” You can specify these dependencies using the dependsOn option in your configuration files or templates. When you add the dependsOn option for a resource, Deployment Manager creates or updates the dependencies before creating or updating the resource. https://cloud.google.com/deployment-manager/docs/configuration/create-explicit-dependencies
Incorrect
dependsOn Explanation. “dependsOn” You can specify these dependencies using the dependsOn option in your configuration files or templates. When you add the dependsOn option for a resource, Deployment Manager creates or updates the dependencies before creating or updating the resource. https://cloud.google.com/deployment-manager/docs/configuration/create-explicit-dependencies
Unattempted
dependsOn Explanation. “dependsOn” You can specify these dependencies using the dependsOn option in your configuration files or templates. When you add the dependsOn option for a resource, Deployment Manager creates or updates the dependencies before creating or updating the resource. https://cloud.google.com/deployment-manager/docs/configuration/create-explicit-dependencies
Question 37 of 65
37. Question
Which command will configure Cloud Build to store the image in Container Registry as part of build flow? (Select One)
Correct
docker push command Explanation: docker push command will push an image or a repository to a registry such as Container Registry. Specify the hostname which specifies location where you will store the image. To specify use these prefixes (multi-region) gcr.io hosts images in data centers in the United States, but the location may change in the future us.gcr.io hosts image in data centers in the United States, in a separate storage bucket from images hosted by gcr.io eu.gcr.io hosts the images in the European Union asia.gcr.io hosts images in data centers in Asia The Docker credential helper is the simplest way to configure Docker to authenticate directly with Container Registry. You then use the docker command to tag, push, and pull images. Alternatively, you can use the client libraries to manage container images, or you can interact directly with the Docker API
Incorrect
docker push command Explanation: docker push command will push an image or a repository to a registry such as Container Registry. Specify the hostname which specifies location where you will store the image. To specify use these prefixes (multi-region) gcr.io hosts images in data centers in the United States, but the location may change in the future us.gcr.io hosts image in data centers in the United States, in a separate storage bucket from images hosted by gcr.io eu.gcr.io hosts the images in the European Union asia.gcr.io hosts images in data centers in Asia The Docker credential helper is the simplest way to configure Docker to authenticate directly with Container Registry. You then use the docker command to tag, push, and pull images. Alternatively, you can use the client libraries to manage container images, or you can interact directly with the Docker API
Unattempted
docker push command Explanation: docker push command will push an image or a repository to a registry such as Container Registry. Specify the hostname which specifies location where you will store the image. To specify use these prefixes (multi-region) gcr.io hosts images in data centers in the United States, but the location may change in the future us.gcr.io hosts image in data centers in the United States, in a separate storage bucket from images hosted by gcr.io eu.gcr.io hosts the images in the European Union asia.gcr.io hosts images in data centers in Asia The Docker credential helper is the simplest way to configure Docker to authenticate directly with Container Registry. You then use the docker command to tag, push, and pull images. Alternatively, you can use the client libraries to manage container images, or you can interact directly with the Docker API
Question 38 of 65
38. Question
Your company currently uses a third-party monitoring solution for your enterprise apps. You are using Kubernetes Engine for your container deployments and would like to enable this internal monitoring app for Kubernetes clusters. What would be the best approach? (Select One)
Correct
Deploy the monitoring pod as a DaemonSet. Explanation: Many monitoring solutions use the Kubernetes DaemonSet structure to deploy an agent on every cluster node. S Note that each tool has its own software for cluster monitoring. Heapster is another option that could also be used, Heapster is a bridge between a cluster and a storage designed to collect the cluster metrics. Stackdriver is native to Google Cloud and therefore the recommended approach by Google Cloud.
Incorrect
Deploy the monitoring pod as a DaemonSet. Explanation: Many monitoring solutions use the Kubernetes DaemonSet structure to deploy an agent on every cluster node. S Note that each tool has its own software for cluster monitoring. Heapster is another option that could also be used, Heapster is a bridge between a cluster and a storage designed to collect the cluster metrics. Stackdriver is native to Google Cloud and therefore the recommended approach by Google Cloud.
Unattempted
Deploy the monitoring pod as a DaemonSet. Explanation: Many monitoring solutions use the Kubernetes DaemonSet structure to deploy an agent on every cluster node. S Note that each tool has its own software for cluster monitoring. Heapster is another option that could also be used, Heapster is a bridge between a cluster and a storage designed to collect the cluster metrics. Stackdriver is native to Google Cloud and therefore the recommended approach by Google Cloud.
Question 39 of 65
39. Question
You have created a new image of an application without the signature part and you tried to deploy. Instead of deploying you received an error “ Denied by Attestor”. What could be the problem to resolve? (Select One)
Correct
. Create an attestation and submit to Binary Authorization Explanation: Binary Authorization is a deploy time security service provided by Google that ensures that only trusted containers are deployed in our GKE cluster. It uses a policy driven model that allows us to configure security policies. Behind the scenes, this service talks to the Container Analysis service. Attestation is a statement from the Attestor that an image is ready to be deployed. This attestation needs to be submitted properly or the error will occur. A note is needed which as well is a piece of metadata in Container Analysis storage that is associated with an Attestor There is a setup process required in the project that the cluster is hosted – · Enable the required APIs, · Create a Kubernetes cluster that has Binary Authorization enabled · Set up a Note · Generate the PGP keys · Create an Attestor
Incorrect
. Create an attestation and submit to Binary Authorization Explanation: Binary Authorization is a deploy time security service provided by Google that ensures that only trusted containers are deployed in our GKE cluster. It uses a policy driven model that allows us to configure security policies. Behind the scenes, this service talks to the Container Analysis service. Attestation is a statement from the Attestor that an image is ready to be deployed. This attestation needs to be submitted properly or the error will occur. A note is needed which as well is a piece of metadata in Container Analysis storage that is associated with an Attestor There is a setup process required in the project that the cluster is hosted – · Enable the required APIs, · Create a Kubernetes cluster that has Binary Authorization enabled · Set up a Note · Generate the PGP keys · Create an Attestor
Unattempted
. Create an attestation and submit to Binary Authorization Explanation: Binary Authorization is a deploy time security service provided by Google that ensures that only trusted containers are deployed in our GKE cluster. It uses a policy driven model that allows us to configure security policies. Behind the scenes, this service talks to the Container Analysis service. Attestation is a statement from the Attestor that an image is ready to be deployed. This attestation needs to be submitted properly or the error will occur. A note is needed which as well is a piece of metadata in Container Analysis storage that is associated with an Attestor There is a setup process required in the project that the cluster is hosted – · Enable the required APIs, · Create a Kubernetes cluster that has Binary Authorization enabled · Set up a Note · Generate the PGP keys · Create an Attestor
Question 40 of 65
40. Question
You have just started your cluster and deployed your pods. You now need to view all the running pods. What is the proper CLI syntax to accomplish this task? (Select One)
Correct
kubectl get pods Explanation: The command syntax to inspect pods is the same as you would use for your on-premises deployments. kubectl get pods
Incorrect
kubectl get pods Explanation: The command syntax to inspect pods is the same as you would use for your on-premises deployments. kubectl get pods
Unattempted
kubectl get pods Explanation: The command syntax to inspect pods is the same as you would use for your on-premises deployments. kubectl get pods
Question 41 of 65
41. Question
Where does Container Analysis store resulting metadata and makes it available for consumption through an API (Select One)
Correct
Container Registry Explanation: Container Analysis is an API that is used to store trusted metadata about our software artefacts and is used during the Binary Authorization process. However, the scanning service performs vulnerability scans on images in Container Registry, then stores the resulting metadata and makes it available for consumption through an API. https://cloud.google.com/container-registry/docs/container-analysis
Incorrect
Container Registry Explanation: Container Analysis is an API that is used to store trusted metadata about our software artefacts and is used during the Binary Authorization process. However, the scanning service performs vulnerability scans on images in Container Registry, then stores the resulting metadata and makes it available for consumption through an API. https://cloud.google.com/container-registry/docs/container-analysis
Unattempted
Container Registry Explanation: Container Analysis is an API that is used to store trusted metadata about our software artefacts and is used during the Binary Authorization process. However, the scanning service performs vulnerability scans on images in Container Registry, then stores the resulting metadata and makes it available for consumption through an API. https://cloud.google.com/container-registry/docs/container-analysis
Question 42 of 65
42. Question
Container Analysis performs vulnerability scans on images in Container Registry and monitors the vulnerability information to keep it up to date. What are the two main tasks that Container Analysis performs? (Select Two)
Correct
Incremental Scanning and Continuous Logging Explanation: Incremental scanning: Container Analysis scans new images when they‘re uploaded to Container Registry. Continuous analysis: Container Analysis continuously monitors the metadata of scanned images in Container Registry for new vulnerabilities. https://cloud.google.com/container-registry/docs/vulnerability-scanning
Incorrect
Incremental Scanning and Continuous Logging Explanation: Incremental scanning: Container Analysis scans new images when they‘re uploaded to Container Registry. Continuous analysis: Container Analysis continuously monitors the metadata of scanned images in Container Registry for new vulnerabilities. https://cloud.google.com/container-registry/docs/vulnerability-scanning
Unattempted
Incremental Scanning and Continuous Logging Explanation: Incremental scanning: Container Analysis scans new images when they‘re uploaded to Container Registry. Continuous analysis: Container Analysis continuously monitors the metadata of scanned images in Container Registry for new vulnerabilities. https://cloud.google.com/container-registry/docs/vulnerability-scanning
Question 43 of 65
43. Question
Cloud Trace can collect latency data from which of the following services? (Select One)
Correct
All the Above. Explanation: Trace collects latency data from App Engine, HTTP(S) load balancers, and applications instrumented with the Cloud Trace API
Incorrect
All the Above. Explanation: Trace collects latency data from App Engine, HTTP(S) load balancers, and applications instrumented with the Cloud Trace API
Unattempted
All the Above. Explanation: Trace collects latency data from App Engine, HTTP(S) load balancers, and applications instrumented with the Cloud Trace API
Question 44 of 65
44. Question
A recent software update to your enterprises e-commerce website that is running on Google Cloud has caused the website to crash for several hours. Your CTO decides that all critical changes must now have a back-out/roll-back plan. The website is deployed on hundreds of virtual machines (VMs), and critical changes are frequent. Which two actions should you take to implement the back-out/roll-back plan? (Select One)
Correct
managed instance groups with the “update-instances” command when starting a rolling update Explanation: Use managed instance groups to provide updates and object versioning will ensure that you can get back to the previous stable version
Incorrect
managed instance groups with the “update-instances” command when starting a rolling update Explanation: Use managed instance groups to provide updates and object versioning will ensure that you can get back to the previous stable version
Unattempted
managed instance groups with the “update-instances” command when starting a rolling update Explanation: Use managed instance groups to provide updates and object versioning will ensure that you can get back to the previous stable version
Question 45 of 65
45. Question
__________________is a unified programming model and also a managed service for developing and executing a wide range of data processing patterns including ETL, batch computation, and continuous computation. What is the service? (Select One)
Correct
Cloud Dataflow Explanation: Cloud Dataflow is a unified programming model and a managed service for developing and executing a wide range of data processing patterns including ETL, batch computation, and continuous computation. The challenge with a lot of the GCP services is that they sound the same or have the same prefix which can be confusing. https://cloud.google.com/sdk/gcloud/reference/dataflow/
Incorrect
Cloud Dataflow Explanation: Cloud Dataflow is a unified programming model and a managed service for developing and executing a wide range of data processing patterns including ETL, batch computation, and continuous computation. The challenge with a lot of the GCP services is that they sound the same or have the same prefix which can be confusing. https://cloud.google.com/sdk/gcloud/reference/dataflow/
Unattempted
Cloud Dataflow Explanation: Cloud Dataflow is a unified programming model and a managed service for developing and executing a wide range of data processing patterns including ETL, batch computation, and continuous computation. The challenge with a lot of the GCP services is that they sound the same or have the same prefix which can be confusing. https://cloud.google.com/sdk/gcloud/reference/dataflow/
Question 46 of 65
46. Question
Your company is getting ready to deploy a CI pipeline on GCP. You need to confirm that you have the proper syntax for creating a Kubernetes namespace called “production” that will logically isolate the deployment. What is the Kubernetes command to do this? (Select One)
What does Cloud Logging in Google Cloud include as part of the service? (Select Three)
Correct
User Interface (Logs Viewer) B, API for programmatic access and C. Storage for logs. Explanation: Cloud Logging is integrated with Stackdriver but there are no analytics or special extensions for Kubernetes. There are Kubernetes metrics.
Incorrect
User Interface (Logs Viewer) B, API for programmatic access and C. Storage for logs. Explanation: Cloud Logging is integrated with Stackdriver but there are no analytics or special extensions for Kubernetes. There are Kubernetes metrics.
Unattempted
User Interface (Logs Viewer) B, API for programmatic access and C. Storage for logs. Explanation: Cloud Logging is integrated with Stackdriver but there are no analytics or special extensions for Kubernetes. There are Kubernetes metrics.
Question 48 of 65
48. Question
The first step in Cloud Deployment manager is to create what____________? (Select One)
What would be the best definition of “StatefulSets” with Google Kubernetes Engine (Select One)
Correct
StatefulSets represent a Cluster with unique, persistent identities and stable hostnames that GKE maintains regardless of where they are scheduled Explanation. Stateless applications are applications which do not store data or application state to the cluster or to persistent storage. Instead, data and application state stay with the client, which makes stateless applications more scalable. https://cloud.google.com/kubernetes-engine/docs/how-to/stateless-apps
Incorrect
StatefulSets represent a Cluster with unique, persistent identities and stable hostnames that GKE maintains regardless of where they are scheduled Explanation. Stateless applications are applications which do not store data or application state to the cluster or to persistent storage. Instead, data and application state stay with the client, which makes stateless applications more scalable. https://cloud.google.com/kubernetes-engine/docs/how-to/stateless-apps
Unattempted
StatefulSets represent a Cluster with unique, persistent identities and stable hostnames that GKE maintains regardless of where they are scheduled Explanation. Stateless applications are applications which do not store data or application state to the cluster or to persistent storage. Instead, data and application state stay with the client, which makes stateless applications more scalable. https://cloud.google.com/kubernetes-engine/docs/how-to/stateless-apps
Question 50 of 65
50. Question
You would like to add a strict deploy-time policy enforcement to your Kubernetes Engine cluster. What would be your best option? (Select One)
Correct
Binary Authorization Explanation: Binary Authorization is a deploy-time security control that ensures only trusted container images are deployed on Google Kubernetes Engine (GKE). Using Binary Authorization, you can require images to be signed by trusted authorities during the development process and then enforce signature validation when deploying https://cloud.google.com/binary-authorization
Incorrect
Binary Authorization Explanation: Binary Authorization is a deploy-time security control that ensures only trusted container images are deployed on Google Kubernetes Engine (GKE). Using Binary Authorization, you can require images to be signed by trusted authorities during the development process and then enforce signature validation when deploying https://cloud.google.com/binary-authorization
Unattempted
Binary Authorization Explanation: Binary Authorization is a deploy-time security control that ensures only trusted container images are deployed on Google Kubernetes Engine (GKE). Using Binary Authorization, you can require images to be signed by trusted authorities during the development process and then enforce signature validation when deploying https://cloud.google.com/binary-authorization
Question 51 of 65
51. Question
You are currently designing a cloud application that your user base will connect to without a gateway VPN. The company is wanting to ensure that the application maintains user identity and context to guard access to the applications and VMs. What would you recommend? (Select One)
Correct
IAP Explanation: IAP protects SSH and RDP access to your VMs hosted on GCP. This is an effective whitelisting approach. Your VM instances don‘t even need public IP addresses. https://cloud.google.com/iap/
Incorrect
IAP Explanation: IAP protects SSH and RDP access to your VMs hosted on GCP. This is an effective whitelisting approach. Your VM instances don‘t even need public IP addresses. https://cloud.google.com/iap/
Unattempted
IAP Explanation: IAP protects SSH and RDP access to your VMs hosted on GCP. This is an effective whitelisting approach. Your VM instances don‘t even need public IP addresses. https://cloud.google.com/iap/
Question 52 of 65
52. Question
You would like to deploy a LAMP stack for your development team. The only issue is you’re not sure how to configure this LAMP stack. You would like to use a solution that has ready made templates to deploy. What GCP service could you use (Select One)
Correct
Cloud Marketplace Explanation: Google Cloud Marketplace formerly Cloud Launcher offers ready-to-go development stacks, solutions, and services to accelerate development, so you spend less time installing and more time developing. https://cloud.google.com/launcher/
Incorrect
Cloud Marketplace Explanation: Google Cloud Marketplace formerly Cloud Launcher offers ready-to-go development stacks, solutions, and services to accelerate development, so you spend less time installing and more time developing. https://cloud.google.com/launcher/
Unattempted
Cloud Marketplace Explanation: Google Cloud Marketplace formerly Cloud Launcher offers ready-to-go development stacks, solutions, and services to accelerate development, so you spend less time installing and more time developing. https://cloud.google.com/launcher/
Question 53 of 65
53. Question
What would be the reason to implement Cloud Run APIs? (Select One)
Correct
Deploy and manage user provided container images that scale automatically based on HTTP traffic Explanation: Cloud Run is a newer service that became available this year. Its main purpose is to deploy and manage user provided container images that scale automatically based on HTTP traffic https://cloud.google.com/run/docs/reference/rest/
Incorrect
Deploy and manage user provided container images that scale automatically based on HTTP traffic Explanation: Cloud Run is a newer service that became available this year. Its main purpose is to deploy and manage user provided container images that scale automatically based on HTTP traffic https://cloud.google.com/run/docs/reference/rest/
Unattempted
Deploy and manage user provided container images that scale automatically based on HTTP traffic Explanation: Cloud Run is a newer service that became available this year. Its main purpose is to deploy and manage user provided container images that scale automatically based on HTTP traffic https://cloud.google.com/run/docs/reference/rest/
Question 54 of 65
54. Question
Which of the following is not possible using primitive roles in GCP? (Select One)
Correct
Allows a user access to view all datasets in a project, but not run queries on them. Explanation: Primitive roles can be used to give owner, editor, or viewer access to a user or group, but they can‘t be used to separate data access permissions from job-running permissions. Reference: https://cloud.google.com/bigquery/docs/access-control#primitive_iam_roles
Incorrect
Allows a user access to view all datasets in a project, but not run queries on them. Explanation: Primitive roles can be used to give owner, editor, or viewer access to a user or group, but they can‘t be used to separate data access permissions from job-running permissions. Reference: https://cloud.google.com/bigquery/docs/access-control#primitive_iam_roles
Unattempted
Allows a user access to view all datasets in a project, but not run queries on them. Explanation: Primitive roles can be used to give owner, editor, or viewer access to a user or group, but they can‘t be used to separate data access permissions from job-running permissions. Reference: https://cloud.google.com/bigquery/docs/access-control#primitive_iam_roles
Question 55 of 65
55. Question
You would like to create a new repository in Cloud Source Repositories with gcloud. What would be the command to create a repo called “devops” (Select One)
Correct
gcloud source repo create devops Explanation. Note on the DevOps exam there were around 8 questions that required exact syntax knowledge for devops services such as Cloud Build, Cloud Source Repo and Container Registry gcloud source repo create developer https://cloud.google.com/source-repositories/docs/creating-an-empty-repository
Incorrect
gcloud source repo create devops Explanation. Note on the DevOps exam there were around 8 questions that required exact syntax knowledge for devops services such as Cloud Build, Cloud Source Repo and Container Registry gcloud source repo create developer https://cloud.google.com/source-repositories/docs/creating-an-empty-repository
Unattempted
gcloud source repo create devops Explanation. Note on the DevOps exam there were around 8 questions that required exact syntax knowledge for devops services such as Cloud Build, Cloud Source Repo and Container Registry gcloud source repo create developer https://cloud.google.com/source-repositories/docs/creating-an-empty-repository
Question 56 of 65
56. Question
. You need to create many projects for many different teams. You want to use a Cloud Deployment Manager (DM) deployment to create those projects in a folder called devops1. What should you do? (Select One)
Correct
Create a project called devops1 and enable appropriate APIs. Grant the project creator role to the service account Use command “gcloud deployment-manager deployments create -project devops1 Explanation: The best option is to allow for the project creator role. (never owner) for a service account. Command syntax is correct
Incorrect
Create a project called devops1 and enable appropriate APIs. Grant the project creator role to the service account Use command “gcloud deployment-manager deployments create -project devops1 Explanation: The best option is to allow for the project creator role. (never owner) for a service account. Command syntax is correct
Unattempted
Create a project called devops1 and enable appropriate APIs. Grant the project creator role to the service account Use command “gcloud deployment-manager deployments create -project devops1 Explanation: The best option is to allow for the project creator role. (never owner) for a service account. Command syntax is correct
Question 57 of 65
57. Question
App Engine has several solid use cases for the enterprise? What are three uses cases for App Engine to be a good candidate for a customer? (Select Three)
Correct
Develop Applications on a hosted platform, Testing Applications on a hosted platform and Scaling Applications on a hosted platform Explanation. App Engine is a Platform as a Service (PaaS). It was built to Develop, Scale and Test applications. https://cloud.google.com/appengine/
Incorrect
Develop Applications on a hosted platform, Testing Applications on a hosted platform and Scaling Applications on a hosted platform Explanation. App Engine is a Platform as a Service (PaaS). It was built to Develop, Scale and Test applications. https://cloud.google.com/appengine/
Unattempted
Develop Applications on a hosted platform, Testing Applications on a hosted platform and Scaling Applications on a hosted platform Explanation. App Engine is a Platform as a Service (PaaS). It was built to Develop, Scale and Test applications. https://cloud.google.com/appengine/
Question 58 of 65
58. Question
What is the default retention period for Admin Activity Logs? (Select One)
Correct
400 Explanation: There is some trivia on the exam around logging. We need to know both 400 and 30 days. In the Stackdriver section is a table that list there for Admin Activity, Data Access, etc.
Incorrect
400 Explanation: There is some trivia on the exam around logging. We need to know both 400 and 30 days. In the Stackdriver section is a table that list there for Admin Activity, Data Access, etc.
Unattempted
400 Explanation: There is some trivia on the exam around logging. We need to know both 400 and 30 days. In the Stackdriver section is a table that list there for Admin Activity, Data Access, etc.
Question 59 of 65
59. Question
The company that has hired you to design a cloud application for their business is now requiring you to adhere to the following requirements. They want to utilize as many GCP data focused services as possible 1. Enterprise Data Warehouse (EDW) with SQL 2. Fast response times for OLAP workloads up to petabyte-scale, 3. Supports Big Data services and BI Tools. 4. Fully managed service What service would you recommend the customer consider based on the limited information? (Select One)
Correct
BigQuery Explanation: BigQuery is Enterprise Data Warehouse (EDW) with SQL and fast response times for OLAP workloads up to petabyte-scale, Big Data exploration and processing, and reporting via Business Intelligence (BI) tools https://cloud.google.com/storage-options/
Incorrect
BigQuery Explanation: BigQuery is Enterprise Data Warehouse (EDW) with SQL and fast response times for OLAP workloads up to petabyte-scale, Big Data exploration and processing, and reporting via Business Intelligence (BI) tools https://cloud.google.com/storage-options/
Unattempted
BigQuery Explanation: BigQuery is Enterprise Data Warehouse (EDW) with SQL and fast response times for OLAP workloads up to petabyte-scale, Big Data exploration and processing, and reporting via Business Intelligence (BI) tools https://cloud.google.com/storage-options/
Question 60 of 65
60. Question
What GCP service is a lightweight, event-based, asynchronous compute solution that allows you to create small, single-purpose functions that respond to cloud events without the need to manage a server or a runtime environment. (Select One)
Correct
Cloud Functions Explanation: Cloud Functions is an (FaaS) with no servers to manage. Let’s not get confused with Cloud Run. Cloud Run is a service that we would deploy for lightweight containers. https://cloud.google.com/functions/
Incorrect
Cloud Functions Explanation: Cloud Functions is an (FaaS) with no servers to manage. Let’s not get confused with Cloud Run. Cloud Run is a service that we would deploy for lightweight containers. https://cloud.google.com/functions/
Unattempted
Cloud Functions Explanation: Cloud Functions is an (FaaS) with no servers to manage. Let’s not get confused with Cloud Run. Cloud Run is a service that we would deploy for lightweight containers. https://cloud.google.com/functions/
Question 61 of 65
61. Question
You are currently running your containers on Google Kubernetes Engine. You have decided to also monitor the nodes that GKE has deployed on your containers on. You have set up logging information from your application to be sent to stdout while your app begins as a system service on your GKE. Without changing the app, how do you get logs sent to Stackdriver(Cloud Operations)? (Select One)
Correct
Install Stackdriver(Cloud Operations) Logging Agent. Review the application logs from the Compute Engine VM Instance syslog logs in Stackdriver.. Note that Stackdriver has now been rebranded to Cloud Operations and may not be reflected on the exam. Explanation: Question does not directly state if Stackdriver was installed. However, it is to be assumed that it was not because with the agent logs would flow. You need to first install the Stackdriver agents and then view the logs Note that when deploying compute services, you have the option to install the agents at the time of creation, this would be the simplest way. https://cloud.google.com/compute/docs/activity-logs
Incorrect
Install Stackdriver(Cloud Operations) Logging Agent. Review the application logs from the Compute Engine VM Instance syslog logs in Stackdriver.. Note that Stackdriver has now been rebranded to Cloud Operations and may not be reflected on the exam. Explanation: Question does not directly state if Stackdriver was installed. However, it is to be assumed that it was not because with the agent logs would flow. You need to first install the Stackdriver agents and then view the logs Note that when deploying compute services, you have the option to install the agents at the time of creation, this would be the simplest way. https://cloud.google.com/compute/docs/activity-logs
Unattempted
Install Stackdriver(Cloud Operations) Logging Agent. Review the application logs from the Compute Engine VM Instance syslog logs in Stackdriver.. Note that Stackdriver has now been rebranded to Cloud Operations and may not be reflected on the exam. Explanation: Question does not directly state if Stackdriver was installed. However, it is to be assumed that it was not because with the agent logs would flow. You need to first install the Stackdriver agents and then view the logs Note that when deploying compute services, you have the option to install the agents at the time of creation, this would be the simplest way. https://cloud.google.com/compute/docs/activity-logs
Question 62 of 65
62. Question
Your Site Reliability Engineering team does toil work to archive unused data in tables within your application’s relational database. This toil is required to ensure that your application has a low Latency Service Level Indicator (SLI) to meet your Service Level Objective (SLO). Toil is preventing your team from focusing on a high-priority engineering project that will improve the Availability SLI of your application. You want to reduce repetitive tasks to avoid burnout, improve organizational efficiency, and follow the Site Reliability Engineering recommended practices. What should you do? (Select One)
Which of the following statements are true around simplicity around software systems? (Select Two)
Correct
Simple releases are generally better than complicated releases, constantly strive to eliminate complexity in systems they onboard and for which they assume operational responsibility Explanation: Simplicity software simplicity is a prerequisite to reliability. SREs need to strive to reduce toil and should never expect and accept complexity. Avoid what are called grab bags and realize it’s a poor practice misc. binary’s for example. https://landing.google.com/sre/sre-book/chapters/simplicity/
Incorrect
Simple releases are generally better than complicated releases, constantly strive to eliminate complexity in systems they onboard and for which they assume operational responsibility Explanation: Simplicity software simplicity is a prerequisite to reliability. SREs need to strive to reduce toil and should never expect and accept complexity. Avoid what are called grab bags and realize it’s a poor practice misc. binary’s for example. https://landing.google.com/sre/sre-book/chapters/simplicity/
Unattempted
Simple releases are generally better than complicated releases, constantly strive to eliminate complexity in systems they onboard and for which they assume operational responsibility Explanation: Simplicity software simplicity is a prerequisite to reliability. SREs need to strive to reduce toil and should never expect and accept complexity. Avoid what are called grab bags and realize it’s a poor practice misc. binary’s for example. https://landing.google.com/sre/sre-book/chapters/simplicity/
Question 64 of 65
64. Question
What is the maximum size of a log entry with Cloud Operations logging (Select One)
Correct
256 Explanation: Don’t confuse the length of the logging retention or metrics for example. Note 256 is approximate limit is based on internal data sizes, not the actual REST API request size.
Incorrect
256 Explanation: Don’t confuse the length of the logging retention or metrics for example. Note 256 is approximate limit is based on internal data sizes, not the actual REST API request size.
Unattempted
256 Explanation: Don’t confuse the length of the logging retention or metrics for example. Note 256 is approximate limit is based on internal data sizes, not the actual REST API request size.
Question 65 of 65
65. Question
Your application runs in Google Kubernetes Engine (GKE).
Correct
Use a Kubernetes Replica Set and then use Spinnaker to update the replica set for each new version deployed. Explanation: Spinnaker can update the replica set in place without conflicting with Kubernetes.
Incorrect
Use a Kubernetes Replica Set and then use Spinnaker to update the replica set for each new version deployed. Explanation: Spinnaker can update the replica set in place without conflicting with Kubernetes.
Unattempted
Use a Kubernetes Replica Set and then use Spinnaker to update the replica set for each new version deployed. Explanation: Spinnaker can update the replica set in place without conflicting with Kubernetes.
Use Page numbers below to navigate to other practice tests