Professional-Cloud-Developer Google Exam Questions and Free Practice Test

Question 31

- (Exam Topic 2)
You are deploying a microservices application to Google Kubernetes Engine (GKE). The application will receive daily updates. You expect to deploy a large number of distinct containers that will run on the Linux operating system (OS). You want to be alerted to any known OS vulnerabilities in the new containers. You want to follow Google-recommended best practices. What should you do?

A. Use the gcloud CLI to call Container Analysis to scan new container image

B. Review the vulnerability results before each deployment.

C. Enable Container Analysis, and upload new container images to Artifact Registr

D. Review the vulnerability results before each deployment.

E. Enable Container Analysis, and upload new container images to Artifact Registr

F. Review the critical vulnerability results before each deployment.

G. Use the Container Analysis REST API to call Container Analysis to scan new container image

H. Review the vulnerability results before each deployment.

Correct Answer:B
https://cloud.google.com/container-analysis/docs/automated-scanning-howto https://cloud.google.com/container-analysis/docs/os-overview says: The Container Scanning API allows you to automate OS vulnerability detection, scanning each time you push an image to Container Registry or Artifact Registry. Enabling this API also triggers language package scans for Go and Java vulnerabilities (Preview).

Question 32

- (Exam Topic 2)
You are designing an application that will subscribe to and receive messages from a single Pub/Sub topic and insert corresponding rows into a database. Your application runs on Linux and leverages preemptible virtual machines to reduce costs. You need to create a shutdown script that will initiate a graceful shutdown. What should you do?

A. Write a shutdown script that uses inter-process signals to notify the application process to disconnect from the database.

B. Write a shutdown script that broadcasts a message to all signed-in users that the Compute Engine instance is going down and instructs them to save current work and sign out.

C. Write a shutdown script that writes a file in a location that is being polled by the application once every five minute

D. After the file is read, the application disconnects from the database.

E. Write a shutdown script that publishes a message to the Pub/Sub topic announcing that a shutdown is in progres

F. After the application reads the message, it disconnects from the database.

Correct Answer:D

Question 33

- (Exam Topic 2)
Your team is developing an ecommerce platform for your company. Users will log in to the website and add items to their shopping cart. Users will be automatically logged out after 30 minutes of inactivity. When users log back in, their shopping cart should be saved. How should you store users’ session and shopping cart information while following Google-recommended best practices?

A. Store the session information in Pub/Sub, and store the shopping cart information in Cloud SQL.

B. Store the shopping cart information in a file on Cloud Storage where the filename is the SESSION ID.

C. Store the session and shopping cart information in a MySQL database running on multiple Compute Engine instances.

D. Store the session information in Memorystore for Redis or Memorystore for Memcached, and store the shopping cart information in Firestore.

Correct Answer:D

Question 34

- (Exam Topic 2)
You have written a Cloud Function that accesses other Google Cloud resources. You want to secure the environment using the principle of least privilege. What should you do?

A. Create a new service account that has Editor authority to access the resource

B. The deployer is given permission to get the access token.

C. Create a new service account that has a custom IAM role to access the resource

D. The deployer is given permission to get the access token.

E. Create a new service account that has Editor authority to access the resource

F. The deployer is given permission to act as the new service account.

G. Create a new service account that has a custom IAM role to access the resource

H. The deployer is given permission to act as the new service account.

Correct Answer:D
Reference:
https://cloud.google.com/blog/products/application-development/least-privilege-for-cloud-functions-using-cloud

Question 35

- (Exam Topic 2)
You migrated some of your applications to Google Cloud. You are using a legacy monitoring platform deployed on-premises for both on-premises and cloud-deployed applications. You discover that your notification system is responding slowly to time-critical problems in the cloud applications. What should you do?

A. Replace your monitoring platform with Cloud Monitoring.

B. Install the Cloud Monitoring agent on your Compute Engine instances.

C. Migrate some traffic back to your old platfor

D. Perform A/B testing on the two platforms concurrently.

E. Use Cloud Logging and Cloud Monitoring to capture logs, monitor, and send alert

F. Send them to your existing platform.

Correct Answer:D

Question 36

- (Exam Topic 2)
You want to use the Stackdriver Logging Agent to send an application's log file to Stackdriver from a Compute Engine virtual machine instance.
After installing the Stackdriver Logging Agent, what should you do first?

A. Enable the Error Reporting API on the project.

B. Grant the instance full access to all Cloud APIs.

C. Configure the application log file as a custom source.

D. Create a Stackdriver Logs Export Sink with a filter that matches the application's log entries.

Correct Answer:B

START Professional-Cloud-Developer EXAM