
100% Updated Google Professional-Cloud-DevOps-Engineer Enterprise PDF Dumps
Use Valid Exam Professional-Cloud-DevOps-Engineer by ActualCollection Books For Free Website
Google Professional Cloud DevOps Engineer Certified Professional salary
The average salary of a Google Professional Cloud DevOps Engineer Certified Expert in different regions is as follows:
- India: 25,00,000 INR
- Europe: 144,000 EURO
- United State: 151,00 USD
- England: 130,500 POUND
NEW QUESTION 16
You are ready to deploy a new feature of a web-based application to production. You want to use Google Kubernetes Engine (GKE) to perform a phased rollout to half of the web server pods.
What should you do?
- A. Use a partitioned rolling update.
- B. Use a replica set in the deployment specification.
- C. Use a stateful set with parallel pod management policy.
- D. Use Node taints with NoExecute.
Answer: A
NEW QUESTION 17
You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (PII) is leaking into certain log entry fields. You want to prevent these fields from being written in new log entries as quickly as possible. What should you do?
- A. Use the filter-record-transformer Fluentd filter plugin to remove the fields from the log entries in flight.
- B. Use the fluent-plugin-record-reformer Fluentd output plugin to remove the fields from the log entries in flight.
- C. Stage log entries to Cloud Storage, and then trigger a Cloud Function to remove the fields and write the entries to Stackdriver via the Stackdriver Logging API.
- D. Wait for the application developers to patch the application, and then verify that the log entries are no longer exposing PII.
Answer: B
NEW QUESTION 18
Your application artifacts are being built and deployed via a CI/CD pipeline. You want the CI/CD pipeline to securely access application secrets. You also want to more easily rotate secrets in case of a security breach.
What should you do?
- A. Store secrets in a separate configuration file on Git. Provide select developers with access to the configuration file.
- B. Prompt developers for secrets at build time. Instruct developers to not store secrets at rest.
- C. Encrypt the secrets and store them in the source code repository. Store a decryption key in a separate repository and grant your pipeline access to it.
- D. Store secrets in Cloud Storage encrypted with a key from Cloud KMS. Provide the CI/CD pipeline with access to Cloud KMS via IAM.
Answer: D
NEW QUESTION 19
You use a multiple step Cloud Build pipeline to build and deploy your application to Google Kubernetes Engine (GKE). You want to integrate with a third-party monitoring platform by performing a HTTP POST of the build information to a webhook. You want to minimize the development effort. What should you do?
- A. Add a new step at the end of the pipeline in Cloud Build to HTTP POST the build information to a webhook.
- B. Use Stackdriver Logging to create a logs-based metric from the Cloud Buitd logs. Create an Alert with a Webhook notification type.
- C. Create a Cloud Pub/Sub push subscription to the Cloud Build cloud-builds PubSub topic to HTTP POST the build information to a webhook.
- D. Add logic to each Cloud Build step to HTTP POST the build information to a webhook.
Answer: C
NEW QUESTION 20
You support a multi-region web service running on Google Kubernetes Engine (GKE) behind a Global HTTP'S Cloud Load Balancer (CLB). For legacy reasons, user requests first go through a third-party Content Delivery Network (CDN). which then routes traffic to the CLB. You have already implemented an availability Service Level Indicator (SLI) at the CLB level. However, you want to increase coverage in case of a potential load balancer misconfiguration. CDN failure, or other global networking catastrophe. Where should you measure this new SLI?
Choose 2 answers
- A. A synthetic client that periodically sends simulated user requests
- B. Metrics exported from the application servers
- C. Instrumentation coded directly in the client
- D. GKE health checks for your application servers
- E. Your application servers' logs
Answer: B,D
NEW QUESTION 21
You have a set of applications running on a Google Kubernetes Engine (GKE) cluster, and you are using Stackdriver Kubernetes Engine Monitoring. You are bringing a new containerized application required by your company into production. This application is written by a third party and cannot be modified or reconfigured. The application writes its log information to /var/log/app_messages.log, and you want to send these log entries to Stackdriver Logging. What should you do?
- A. Install Kubernetes on Google Compute Engine (GCE> and redeploy your applications. Then customize the built-in Stackdriver Logging configuration to tail the log file in the application's pods and write to Stackdriver Logging.
- B. Use the default Stackdriver Kubernetes Engine Monitoring agent configuration.
- C. Write a script to tail the log file within the pod and write entries to standard output. Run the script as a sidecar container with the application's pod. Configure a shared volume between the containers to allow the script to have read access to /var/log in the application container.
- D. Deploy a Fluentd daemonset to GKE. Then create a customized input and output configuration to tail the log file in the application's pods and write to Slackdriver Logging.
Answer: D
NEW QUESTION 22
You need to run a business-critical workload on a fixed set of Compute Engine instances for several months.
The workload is stable with the exact amount of resources allocated to it. You want to lower the costs for this workload without any performance implications. What should you do?
- A. Create an Unmanaged Instance Group for the instances used to run the workload.
- B. Purchase Committed Use Discounts.
- C. Migrate the instances to a Managed Instance Group.
- D. Convert the instances to preemptible virtual machines.
Answer: D
Explanation:
Explanation/Reference: https://cloud.google.com/compute/docs/faq
NEW QUESTION 23
You are running an application in a virtual machine (VM) using a custom Debian image. The image has the Stackdriver Logging agent installed. The VM has the cloud-platform scope. The application is logging information via syslog. You want to use Stackdriver Logging in the Google Cloud Platform Console to visualize the logs. You notice that syslog is not showing up in the "All logs" dropdown list of the Logs Viewer. What is the first thing you should do?
- A. Install the most recent version of the Stackdriver agent.
- B. SSH to the VM and execute the following commands on your VM: ps ax I grep fluentd
- C. Verify the VM service account access scope includes the monitoring.write scope.
- D. Look for the agent's test log entry in the Logs Viewer.
Answer: B
NEW QUESTION 24
You support a popular mobile game application deployed on Google Kubernetes Engine (GKE) across several Google Cloud regions. Each region has multiple Kubernetes clusters. You receive a report that none of the users in a specific region can connect to the application. You want to resolve the incident while following Site Reliability Engineering practices. What should you do first?
- A. Use Stackdriver Logging to filter on the clusters in the affected region, and inspect error messages in the logs.
- B. Add an extra node pool that consists of high memory and high CPU machine type instances to the cluster.
- C. Use Stackdriver Monitoring to check for a spike in CPU or memory usage for the affected region.
- D. Reroute the user traffic from the affected region to other regions that don't report issues.
Answer: A
NEW QUESTION 25
You use Spinnaker to deploy your application and have created a canary deployment stage in the pipeline. Your application has an in-memory cache that loads objects at start time. You want to automate the comparison of the canary version against the production version. How should you configure the canary analysis?
- A. Compare the canary with a new deployment of the current production version.
- B. Compare the canary with the average performance of a sliding window of previous production versions.
- C. Compare the canary with the existing deployment of the current production version.
- D. Compare the canary with a new deployment of the previous production version.
Answer: A
Explanation:
https://cloud.google.com/architecture/automated-canary-analysis-kubernetes-engine-spinnaker
https://spinnaker.io/guides/user/canary/best-practices/#compare-canary-against-baseline-not-against-production
NEW QUESTION 26
You support an application deployed on Compute Engine. The application connects to a Cloud SQL instance to store and retrieve dat a. After an update to the application, users report errors showing database timeout messages. The number of concurrent active users remained stable. You need to find the most probable cause of the database timeout. What should you do?
- A. Check the serial port logs of the Compute Engine instance.
- B. Determine whether there is an increased number of connections to the Cloud SQL instance.
- C. Use Cloud Security Scanner to see whether your Cloud SQL is under a Distributed Denial of Service (DDoS) attack.
- D. Use Stackdriver Profiler to visualize the resources utilization throughout the application.
Answer: D
NEW QUESTION 27
You support an e-commerce application that runs on a large Google Kubernetes Engine (GKE) cluster deployed on-premises and on Google Cloud Platform. The application consists of microservices that run in containers. You want to identify containers that are using the most CPU and memory. What should you do?
- A. Use Prometheus to collect and aggregate logs per container, and then analyze the results in Grafana.
- B. Use Stackdriver Kubernetes Engine Monitoring.
- C. Use the Stackdriver Monitoring API to create custom metrics, and then organize your containers using groups.
- D. Use Stackdriver Logging to export application logs to BigOuery. aggregate logs per container, and then analyze CPU and memory consumption.
Answer: B
Explanation:
https://cloud.google.com/anthos/clusters/docs/on-prem/1.7/concepts/logging-and-monitoring
NEW QUESTION 28
You support an application that stores product information in cached memory. For every cache miss, an entry is logged in Stackdriver Logging. You want to visualize how often a cache miss happens over time. What should you do?
- A. Configure Stackdriver Profiler to identify and visualize when the cache misses occur based on the logs.
- B. Create a logs-based metric in Stackdriver Logging and a dashboard for that metric in Stackdriver Monitoring.
- C. Configure BigOuery as a sink for Stackdriver Logging. Create a scheduled query to filter the cache miss logs and write them to a separate table
- D. Link Stackdriver Logging as a source in Google Data Studio. Filler (he logs on the cache misses.
Answer: B
Explanation:
https://cloud.google.com/logging/docs/logs-based-metrics#counter-metric
NEW QUESTION 29
You support a web application that is hosted on Compute Engine. The application provides a booking service for thousands of users. Shortly after the release of a new feature, your monitoring dashboard shows that all users are experiencing latency at login. You want to mitigate the impact of the incident on the users of your service. What should you do first?
- A. Upsize the virtual machines running the login services.
- B. Roll back the recent release.
- C. Deploy a new release to see whether it fixes the problem.
- D. Review the Stackdriver monitoring.
Answer: A
NEW QUESTION 30
Your team of Infrastructure DevOps Engineers is growing, and you are starting to use Terraform to manage infrastructure. You need a way to implement code versioning and to share code with other team members. What should you do?
- A. Store the Terraform code in a network shared folder with child folders for each version release. Ensure that everyone works on different files.
- B. Store the Terraform code in a shared Google Drive folder so it syncs automatically to every team member's computer. Organize files with a naming convention that identifies each new version.
- C. Store the Terraform code in a Cloud Storage bucket using object versioning. Give access to the bucket to every team member so they can download the files.
- D. Store the Terraform code in a version-control system. Establish procedures for pushing new versions and merging with the master.
Answer: D
NEW QUESTION 31
You are performing a semi-annual capacity planning exercise for your flagship service. You expect a service user growth rate of 10% month-over-month over the next six months. Your service is fully containerized and runs on Google Cloud Platform (GCP), using a Google Kubernetes Engine (GKE) Standard regional cluster on three zones with cluster autoscaler enabled. You currently consume about 30% of your total deployed CPU capacity, and you require resilience against the failure of a zone. You want to ensure that your users experience minimal negative impact as a result of this growth or as a result of zone failure, while avoiding unnecessary costs. How should you prepare to handle the predicted growth?
- A. Proactively add 60% more node capacity to account for six months of 10% growth rate, and then perform a load test to make sure you have enough.
- B. Verify the maximum node pool size, enable a horizontal pod autoscaler, and then perform a load test to verify your expected resource needs.
- C. Because you are deployed on GKE and are using a cluster autoscaler, your GKE cluster will scale automatically regardless of growth rate.
- D. Because you are at only 30% utilization, you have significant headroom and you won't need to add any additional capacity for this rate of growth.
Answer: C
NEW QUESTION 32
......
Google Professional-Cloud-DevOps-Engineer Official Cert Guide PDF: https://www.actualcollection.com/Professional-Cloud-DevOps-Engineer-exam-questions.html
Free Cloud DevOps Engineer Professional-Cloud-DevOps-Engineer Official Cert Guide PDF Download: https://drive.google.com/open?id=1Gb01SXGko3ntkDWrEBRV8tog7NtJeXjZ