
2022 100% Free Professional-Cloud-DevOps-Engineer Daily Practice Exam With 83 Questions
Professional-Cloud-DevOps-Engineer exam torrent Google study guide
Preparation Resources for Certification Test
Passing this Google exam is possible from the first attempt if you combine different preparation resources such as the ones offered by the vendor and the books available on Amazon. In case you’re on the lookout for the most effective revision materials, here’s our choice:
- Google Cloud DevOps Engineer Learning Path
The vendor has developed a comprehensive learning path for candidates who want to pass the Professional Cloud DevOps Engineer exam. It includes several courses that will take the applicants through all the steps necessary to validate the necessary abilities to get the passing score from the first attempt. In particular, this learning kit includes the following training sessions:
- The Google Cloud Fundamentals: Core Infrastructure class focuses on helping the candidates learn about storage and computing services which are included in Google Cloud Pack. Therefore, the exam-takers will learn how to use the BigQuery, App Engine, Cloud SQL and Storage, and Google Kubernetes Engine features.
- The training dedicated to the development of a Google SRE culture helps the candidates gain advanced skills in providing production support and minimizing the gap between operations and development. During this course, applicants will learn the secrets of Site Reliability Engineering and how they can benefit from creating a Google SRE culture.
- The Architecting with Google Cloud: Design and Process class helps the test-takers learn how to deploy Google Cloud features in a cost-effective and performant way.
- The final training session included in this learning path is dedicated to monitoring, logging, and observability in Google Cloud. It teaches the candidates how to troubleshoot and improve Google Cloud infrastructure performance.
Once the candidates go through the courses mentioned above, they will gain several skill badges that consolidate their skills in DevOps engineering. These badges are as follows:
- The skill badge that validates the ability to use Google Cloud for performing foundational infrastructure tasks. It helps the candidates learn how to manage important application services such as Cloud Functions or Stackdriver.
- The second badge is related to the implementation of DevOps features in Google Cloud. In particular, it will help the candidates improve their software delivery capacity with the help of Google Cloud and achieve a higher speed, availability, and stability.
- The last badge helps the candidates understand how to use the Google Cloud Operations Suite for monitoring and logging. Thus, the applicants will learn how to use Google Cloud’s ins and outs for generating healthier and improved applications.
Without doubt, a candidate who goes through this learning process provided by Google will have significantly higher chances to get certified in one go.
- Google Cloud Professional Cloud DevOps Engineer Exam – All in One Guide: Get Certified Efficiently in Google Cloud! (Google Cloud Certification Series Book 7)
This book is available on Amazon in Kindle format and has been published by Joseph Holbrook. Also, the candidates can buy it for almost $12. This guide follows all the topics tested in the certification exam and helps the applicants sharpen their skills in managing Google Cloud DevOps Engineer features. Besides, it helps entrants to fully prepare for the designation test as it includes more than 100 questions and detailed answers for each of them. Thus, the exam-takers will get used to the test structure and difficulty level. Plus, anyone who buys this guide will receive free access to additional learning resources that will consolidate their knowledge of Google Cloud apps and features.
The Google Professional Cloud DevOps Engineer exam is taken by the specialists who want to obtain international certification and get validated as professional engineers who can manage Cloud DevOps features.
NEW QUESTION 36
You need to run a business-critical workload on a fixed set of Compute Engine instances for several months. The workload is stable with the exact amount of resources allocated to it. You want to lower the costs for this workload without any performance implications. What should you do?
- A. Convert the instances to preemptible virtual machines.
- B. Purchase Committed Use Discounts.
- C. Migrate the instances to a Managed Instance Group.
- D. Create an Unmanaged Instance Group for the instances used to run the workload.
Answer: D
NEW QUESTION 37
Your organization recently adopted a container-based workflow for application development. Your team develops numerous applications that are deployed continuously through an automated build pipeline to a Kubernetes cluster in the production environment. The security auditor is concerned that developers or operators could circumvent automated testing and push code changes to production without approval. What should you do to enforce approvals?
- A. Use an Admission Controller to verify that incoming requests originate from approved sources.
- B. Leverage Kubernetes Role-Based Access Control (RBAC) to restrict access to only approved users.
- C. Enable binary authorization inside the Kubernetes cluster and configure the build pipeline as an attestor.
- D. Configure the build system with protected branches that require pull request approval.
Answer: D
NEW QUESTION 38
You support a stateless web-based API that is deployed on a single Compute Engine instance in the europe-west2-a zone . The Service Level Indicator (SLI) for service availability is below the specified Service Level Objective (SLO). A postmortem has revealed that requests to the API regularly time out. The time outs are due to the API having a high number of requests and running out memory. You want to improve service availability. What should you do?
- A. Set up additional service instances in other zones and load balance the traffic between all instances.
- B. Change the specified SLO to match the measured SLI.
- C. Move the service to higher-specification compute instances with more memory.
- D. Set up additional service instances in other zones and use them as a failover in case the primary instance is unavailable.
Answer: A
NEW QUESTION 39
Your company experiences bugs, outages, and slowness in its production systems. Developers use the production environment for new feature development and bug fixes. Configuration and experiments are done in the production environment, causing outages for users. Testers use the production environment for load testing, which often slows the production systems. You need to redesign the environment to reduce the number of bugs and outages in production and to enable testers to load test new features. What should you do?
- A. Create an automated testing script in production to detect failures as soon as they occur.
- B. Secure the production environment to ensure that developers can't change it and set up one controlled update per year.
- C. Create a development environment with smaller server capacity and give access only to developers and testers.
- D. Create a development environment for writing code and a test environment for configurations, experiments, and load testing.
Answer: A
NEW QUESTION 40
Your team uses Cloud Build for all CI/CO pipelines. You want to use the kubectl builder for Cloud Build to deploy new images to Google Kubernetes Engine (GKE). You need to authenticate to GKE while minimizing development effort. What should you do?
- A. Create a separate step in Cloud Build to retrieve service account credentials and pass these to kubectl.
- B. Specify the Container Developer role for Cloud Build in the cloudbuild.yaml file.
- C. Create a new service account with the Container Developer role and use it to run Cloud Build.
- D. Assign the Container Developer role to the Cloud Build service account.
Answer: C
NEW QUESTION 41
You are running an application in a virtual machine (VM) using a custom Debian image. The image has the Stackdriver Logging agent installed. The VM has the cloud-platform scope. The application is logging information via syslog. You want to use Stackdriver Logging in the Google Cloud Platform Console to visualize the logs. You notice that syslog is not showing up in the "All logs" dropdown list of the Logs Viewer. What is the first thing you should do?
- A. Verify the VM service account access scope includes the monitoring.write scope.
- B. Install the most recent version of the Stackdriver agent.
- C. Look for the agent's test log entry in the Logs Viewer.
- D. SSH to the VM and execute the following commands on your VM: ps ax I grep fluentd
Answer: D
NEW QUESTION 42
You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (Pll) is leaking into certain log entry fields. All Pll entries begin with the text userinfo. You want to capture these log entries in a secure location for later review and prevent them from leaking to Stackdriver Logging. What should you do?
- A. Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, create an advanced log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
- B. Create a basic log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
- C. Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, and then copy the entries to a Cloud Storage bucket.
- D. Create an advanced log filter matching userinfo, configure a log export in the Stackdriver console with Cloud Storage as a sink, and then configure a tog exclusion with userinfo as a filter.
Answer: B
NEW QUESTION 43
Your team is designing a new application for deployment both inside and outside Google Cloud Platform (GCP). You need to collect detailed metrics such as system resource utilization. You want to use centralized GCP services while minimizing the amount of work required to set up this collection system. What should you do?
- A. Instrument the code using a timing library, and publish the metrics via a health check endpoint that is scraped by Stackdriver.
- B. Import the Stackdriver Profiler package, and configure it to relay function timing data to Stackdriver for further analysis.
- C. Import the Stackdriver Debugger package, and configure the application to emit debug messages with timing information.
- D. Install an Application Performance Monitoring (APM) tool in both locations, and configure an export to a central data storage location for analysis.
Answer: C
Explanation:
Explanation/Reference:
NEW QUESTION 44
Your company experiences bugs, outages, and slowness in its production systems. Developers use the production environment for new feature development and bug fixes. Configuration and experiments are done in the production environment, causing outages for users. Testers use the production environment for load testing, which often slows the production systems. You need to redesign the environment to reduce the number of bugs and outages in production and to enable testers to toad test new features. What should you do?
- A. Create an automated testing script in production to detect failures as soon as they occur.
- B. Secure the production environment to ensure that developers can't change it and set up one controlled update per year.
- C. Create a development environment with smaller server capacity and give access only to developers and testers.
- D. Create a development environment for writing code and a test environment for configurations, experiments, and load testing.
Answer: A
NEW QUESTION 45
You are managing the production deployment to a set of Google Kubernetes Engine (GKE) clusters. You want to make sure only images which are successfully built by your trusted CI/CD pipeline are deployed to production. What should you do?
- A. Enable Vulnerability Analysis on the Container Registry.
- B. Set up the Kubernetes Engine clusters with Binary Authorization.
- C. Set up the Kubernetes Engine clusters as private clusters.
- D. Enable Cloud Security Scanner on the clusters.
Answer: B
Explanation:
https://cloud.google.com/binary-authorization/docs/overview
NEW QUESTION 46
You support an application running on App Engine. The application is used globally and accessed from various device types. You want to know the number of connections. You are using Stackdriver Monitoring for App Engine. What metric should you use?
- A. tcp_ssl_proxy/new_connections
- B. (lex/jnstance/connections/current
- C. tcp_ssl_proxy/open_connections
- D. flex/connections/current
Answer: D
NEW QUESTION 47
You support a high-traffic web application with a microservice architecture. The home page of the application displays multiple widgets containing content such as the current weather, stock prices, and news headlines. The main serving thread makes a call to a dedicated microservice for each widget and then lays out the homepage for the user. The microservices occasionally fail; when that happens, the serving thread serves the homepage with some missing content. Users of the application are unhappy if this degraded mode occurs too frequently, but they would rather have some content served instead of no content at all. You want to set a Service Level Objective (SLO) to ensure that the user experience does not degrade too much. What Service Level Indicator {SLI) should you use to measure this?
- A. An availability SLI: the ratio of healthy microservices to the total number of microservices
- B. A latency SLI: the ratio of microservice calls that complete in under 100 ms to the total number of microservice calls
- C. A quality SLI: the ratio of non-degraded responses to total responses
- D. A freshness SLI: the proportion of widgets that have been updated within the last 10 minutes
Answer: A
Explanation:
https://cloud.google.com/blog/products/gcp/available-or-not-that-is-the-question-cre-life-lessons
NEW QUESTION 48
You use Spinnaker to deploy your application and have created a canary deployment stage in the pipeline. Your application has an in-memory cache that loads objects at start time. You want to automate the comparison of the canary version against the production version. How should you configure the canary analysis?
- A. Compare the canary with a new deployment of the current production version.
- B. Compare the canary with the existing deployment of the current production version.
- C. Compare the canary with a new deployment of the previous production version.
- D. Compare the canary with the average performance of a sliding window of previous production versions.
Answer: A
NEW QUESTION 49
You support a user-facing web application. When analyzing the application's error budget over the previous six months, you notice that the application has never consumed more than 5% of its error budget in any given time window. You hold a Service Level Objective (SLO) review with business stakeholders and confirm that the SLO is set appropriately. You want your application's SLO to more closely reflect its observed reliability. What steps can you take to further that goal while balancing velocity, reliability, and business needs? (Choose two.)
- A. Add more serving capacity to all of your application's zones.
- B. Implement and measure additional Service Level Indicators (SLIs) fro the application.
- C. Tighten the SLO match the application's observed reliability.
- D. Announce planned downtime to consume more error budget, and ensure that users are not depending on a tighter SLO.
- E. Have more frequent or potentially risky application releases.
Answer: A,B
NEW QUESTION 50
You are managing the production deployment to a set of Google Kubernetes Engine (GKE) clusters. You want to make sure only images which are successfully built by your trusted CI/CD pipeline are deployed to production. What should you do?
- A. Enable Vulnerability Analysis on the Container Registry.
- B. Set up the Kubernetes Engine clusters with Binary Authorization.
- C. Set up the Kubernetes Engine clusters as private clusters.
- D. Enable Cloud Security Scanner on the clusters.
Answer: A
NEW QUESTION 51
You support a multi-region web service running on Google Kubernetes Engine (GKE) behind a Global HTTP'S Cloud Load Balancer (CLB). For legacy reasons, user requests first go through a third-party Content Delivery Network (CDN). which then routes traffic to the CLB. You have already implemented an availability Service Level Indicator (SLI) at the CLB level. However, you want to increase coverage in case of a potential load balancer misconfiguration. CDN failure, or other global networking catastrophe. Where should you measure this new SLI?
Choose 2 answers
- A. GKE health checks for your application servers
- B. Your application servers' logs
- C. Metrics exported from the application servers
- D. A synthetic client that periodically sends simulated user requests
- E. Instrumentation coded directly in the client
Answer: A,C
NEW QUESTION 52
You deploy a new release of an internal application during a weekend maintenance window when there is minimal user traffic. After the window ends, you learn that one of the new features isn't working as expected in the production environment. After an extended outage, you roll back the new release and deploy a fix. You want to modify your release process to reduce the mean time to recovery so you can avoid extended outages in the future. What should you do?
Choose 2 answers
- A. Integrate a code linting tool to validate coding standards before any code is accepted into the repository.
- B. Require developers to run automated integration tests on their local development environments before release.
- C. Before merging new code, require 2 different peers to review the code changes.
- D. Adopt the blue/green deployment strategy when releasing new code via a CD server.
- E. Configure a CI server. Add a suite of unit tests to your code and have your CI server run them on commit and verify any changes.
Answer: D,E
NEW QUESTION 53
You use a multiple step Cloud Build pipeline to build and deploy your application to Google Kubernetes Engine (GKE). You want to integrate with a third-party monitoring platform by performing a HTTP POST of the build information to a webhook. You want to minimize the development effort. What should you do?
- A. Add a new step at the end of the pipeline in Cloud Build to HTTP POST the build information to a webhook.
- B. Add logic to each Cloud Build step to HTTP POST the build information to a webhook.
- C. Use Stackdriver Logging to create a logs-based metric from the Cloud Buitd logs. Create an Alert with a Webhook notification type.
- D. Create a Cloud Pub/Sub push subscription to the Cloud Build cloud-builds PubSub topic to HTTP POST the build information to a webhook.
Answer: A
NEW QUESTION 54
You are part of an organization that follows SRE practices and principles. You are taking over the management of a new service from the Development Team, and you conduct a Production Readiness Review (PRR). After the PRR analysis phase, you determine that the service cannot currently meet its Service Level Objectives (SLOs). You want to ensure that the service can meet its SLOs in production. What should you do next?
- A. djust the SLO targets to be achievable by the service so you can bring it into production.
- B. Notify the development team that they will have to provide production support for the service.
- C. Bring the service into production with no SLOs and build them when you have collected operational data.
- D. Identify recommended reliability improvements to the service to be completed before handover.
Answer: D
NEW QUESTION 55
Your team is designing a new application for deployment both inside and outside Google Cloud Platform (GCP). You need to collect detailed metrics such as system resource utilization. You want to use centralized GCP services while minimizing the amount of work required to set up this collection system. What should you do?
- A. Instrument the code using a timing library, and publish the metrics via a health check endpoint that is scraped by Stackdriver.
- B. Import the Stackdriver Profiler package, and configure it to relay function timing data to Stackdriver for further analysis.
- C. Install an Application Performance Monitoring (APM) tool in both locations, and configure an export to a central data storage location for analysis.
- D. Import the Stackdriver Debugger package, and configure the application to emit debug messages with timing information.
Answer: C
NEW QUESTION 56
You are deploying an application that needs to access sensitive information. You need to ensure that this information is encrypted and the risk of exposure is minimal if a breach occurs. What should you do?
- A. Leverage a continuous build pipeline that produces multiple versions of the secret for each instance of the application.
- B. Inject the secret at the time of instance creation via an encrypted configuration management system.
- C. Store the encryption keys in Cloud Key Management Service (KMS) and rotate the keys frequently
- D. Integrate the application with a Single sign-on (SSO) system and do not expose secrets to the application
Answer: C
NEW QUESTION 57
You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (PII) is leaking into certain log entry fields. All PII entries begin with the text userinfo. You want to capture these log entries in a secure location for later review and prevent them from leaking to Stackdriver Logging. What should you do?
- A. Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, create an advanced log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
- B. Create a basic log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
- C. Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, and then copy the entries to a Cloud Storage bucket.
- D. Create an advanced log filter matching userinfo, configure a log export in the Stackdriver console with Cloud Storage as a sink, and then configure a log exclusion with userinfo as a filter.
Answer: B
NEW QUESTION 58
You use Cloud Build to build and deploy your application. You want to securely incorporate database credentials and other application secrets into the build pipeline. You also want to minimize the development effort. What should you do?
- A. Create a Cloud Storage bucket and use the built-in encryption at rest. Store the secrets in the bucket and grant Cloud Build access to the bucket.
- B. Use client-side encryption to encrypt the secrets and store them in a Cloud Storage bucket. Store a decryption key in the bucket and grant Cloud Build access to the bucket.
- C. Encrypt the secrets and store them in the application repository. Store a decryption key in a separate repository and grant Cloud Build access to the repository.
- D. Use Cloud Key Management Service (Cloud KMS) to encrypt the secrets and include them in your Cloud Build deployment configuration. Grant Cloud Build access to the KeyRing.
Answer: D
NEW QUESTION 59
Your team has recently deployed an NGINX-based application into Google Kubernetes Engine (GKE) and has exposed it to the public via an HTTP Google Cloud Load Balancer (GCLB) ingress. You want to scale the deployment of the application's frontend using an appropriate Service Level Indicator (SLI). What should you do?
- A. Install the Stackdriver custom metrics adapter and configure a horizontal pod autoscaler to use the number of requests provided by the GCLB.
- B. Configure the horizontal pod autoscaler to use the average response time from the Liveness and Readiness probes.
- C. Expose the NGINX stats endpoint and configure the horizontal pod autoscaler to use the request metrics exposed by the NGINX deployment.
- D. Configure the vertical pod autoscaler in GKE and enable the cluster autoscaler to scale the cluster as pods expand.
Answer: D
NEW QUESTION 60
You created a Stackdriver chart for CPU utilization in a dashboard within your workspace project. You want to share the chart with your Site Reliability Engineering (SRE) team only. You want to ensure you follow the principle of least privilege. What should you do?
- A. Click "Share chart by URL" and provide the URL to the SRE team. Assign the SRE team the Dashboard Viewer IAM role in the workspace project.
- B. Share the workspace Project ID with the SRE team. Assign the SRE team the Monitoring Viewer IAM role in the workspace project.
- C. Click "Share chart by URL" and provide the URL to the SRE team. Assign the SRE team the Monitoring Viewer IAM role in the workspace project.
- D. Share the workspace Project ID with the SRE team. Assign the SRE team the Dashboard Viewer IAM role in the workspace project.
Answer: C
Explanation:
https://cloud.google.com/monitoring/access-control
NEW QUESTION 61
......
Use Valid New Professional-Cloud-DevOps-Engineer Test Notes & Professional-Cloud-DevOps-Engineer Valid Exam Guide: https://www.testsdumps.com/Professional-Cloud-DevOps-Engineer_real-exam-dumps.html
Professional-Cloud-DevOps-Engineer Actual Questions Answers PDF 100% Cover Real Exam Questions: https://drive.google.com/open?id=1Smtuxp_nIAdGf_vtJKFaa48oRsca-u5z
