[Jul-2023 Newly Released] Pass Professional-Cloud-DevOps-Engineer Exam - Real Questions & Answers [Q48-Q70]

Share

[Jul-2023 Newly Released] Pass Professional-Cloud-DevOps-Engineer Exam - Real Questions and Answers

Pass Professional-Cloud-DevOps-Engineer Review Guide, Reliable Professional-Cloud-DevOps-Engineer Test Engine


Earning the Google Cloud Certified Professional Cloud DevOps Engineer certification can help professionals advance their careers and demonstrate their expertise in DevOps practices and GCP. Google Cloud Certified - Professional Cloud DevOps Engineer Exam certification is also valuable for organizations that are looking to hire DevOps engineers who can help them streamline their software delivery processes, improve application reliability, and increase operational efficiency using GCP services.


Google Professional-Cloud-DevOps-Engineer certification exam consists of multiple-choice questions and scenario-based questions. Professional-Cloud-DevOps-Engineer exam is administered online and can be taken from anywhere in the world. Candidates must achieve a score of 70% or higher to pass the exam and earn the certification.

 

NEW QUESTION # 48
You support the backend of a mobile phone game that runs on a Google Kubernetes Engine (GKE) cluster. The application is serving HTTP requests from users. You need to implement a solution that will reduce the network cost. What should you do?

  • A. Configure your Kubernetes duster as a Private Cluster.
  • B. Configure a Google Cloud HTTP Load Balancer as Ingress.
  • C. Configure the VPC as a Shared VPC Host project.
  • D. Configure your network services on the Standard Tier.

Answer: B

Explanation:
Costs associated with a load balancer are charged to the project containing the load balancer components. Because of these benefits, container-native load balancing is the recommended solution for load balancing through Ingress. When NEGs are used with GKE Ingress, the Ingress controller facilitates the creation of all aspects of the L7 load balancer. This includes creating the virtual IP address, forwarding rules, health checks, firewall rules, and more. https://cloud.google.com/architecture/best-practices-for-running-cost-effective-kubernetes-applications-on-gke


NEW QUESTION # 49
You need to deploy a new service to production. The service needs to automatically scale using a Managed Instance Group (MIG) and should be deployed over multiple regions. The service needs a large number of resources for each instance and you need to plan for capacity. What should you do?

  • A. Use the n1-highcpu-96 machine type in the configuration of the MIG.
  • B. Validate that the resource requirements are within the available quota limits of each region.
  • C. Deploy the service in one region and use a global load balancer to route traffic to this region.
  • D. Monitor results of Stackdriver Trace to determine the required amount of resources.

Answer: C


NEW QUESTION # 50
You encountered a major service outage that affected all users of the service for multiple hours. After several hours of incident management, the service returned to normal, and user access was restored. You need to provide an incident summary to relevant stakeholders following the Site Reliability Engineering recommended practices. What should you do first?

  • A. Require the engineer responsible to write an apology email to all stakeholders.
  • B. Call individual stakeholders lo explain what happened.
  • C. Send the Incident State Document to all the stakeholders.
  • D. Develop a post-mortem to be distributed to stakeholders.

Answer: B


NEW QUESTION # 51
You have a CI/CD pipeline that uses Cloud Build to build new Docker images and push them to Docker Hub. You use Git for code versioning. After making a change in the Cloud Build YAML configuration, you notice that no new artifacts are being built by the pipeline. You need to resolve the issue following Site Reliability Engineering practices. What should you do?

  • A. Change the CI pipeline to push the artifacts to Container Registry instead of Docker Hub.
  • B. Upload the configuration YAML file to Cloud Storage and use Error Reporting to identify and fix the issue.
  • C. Disable the CI pipeline and revert to manually building and pushing the artifacts.
  • D. Run a Git compare between the previous and current Cloud Build Configuration files to find and fix the bug.

Answer: D

Explanation:
"After making a change in the Cloud Build YAML configuration, you notice that no new artifacts are being built by the pipeline"- means something wrong on the recent change not with the image registry.


NEW QUESTION # 52
You support an application running on App Engine. The application is used globally and accessed from various device types. You want to know the number of connections. You are using Stackdriver Monitoring for App Engine. What metric should you use?

  • A. flex/connections/current
  • B. tcp_ssl_proxy/new_connections
  • C. tcp_ssl_proxy/open_connections
  • D. flex/instance/connections/current

Answer: A

Explanation:
https://cloud.google.com/monitoring/api/metrics_gcp#gcp-appengine


NEW QUESTION # 53
You are managing the production deployment to a set of Google Kubernetes Engine (GKE) clusters. You want to make sure only images which are successfully built by your trusted CI/CD pipeline are deployed to production. What should you do?

  • A. Enable Cloud Security Scanner on the clusters.
  • B. Set up the Kubernetes Engine clusters with Binary Authorization.
  • C. Enable Vulnerability Analysis on the Container Registry.
  • D. Set up the Kubernetes Engine clusters as private clusters.

Answer: B

Explanation:
https://cloud.google.com/binary-authorization/docs/overview


NEW QUESTION # 54
Your team has recently deployed an NGINX-based application into Google Kubernetes Engine (GKE) and has exposed it to the public via an HTTP Google Cloud Load Balancer (GCLB) ingress. You want to scale the deployment of the application's frontend using an appropriate Service Level Indicator (SLI). What should you do?

  • A. Expose the NGINX stats endpoint and configure the horizontal pod autoscaler to use the request metrics exposed by the NGINX deployment.
  • B. Configure the vertical pod autoscaler in GKE and enable the cluster autoscaler to scale the cluster as pods expand.
  • C. Install the Stackdriver custom metrics adapter and configure a horizontal pod autoscaler to use the number of requests provided by the GCLB.
  • D. Configure the horizontal pod autoscaler to use the average response time from the Liveness and Readiness probes.

Answer: A


NEW QUESTION # 55
You support a high-traffic web application that runs on Google Cloud Platform (GCP). You need measure application reliability from a user perspective without making any engineering changes to it. What should you do? (Choose two.)

  • A. Review current application metrics and add new ones as needed.
  • B. Modify the code to capture additional information for user interaction.
  • C. Analyze the web proxy logs only and capture response time of each request.
  • D. Create new synthetic clients to simulate a user journey using the application.
  • E. Use current and historic Request Logs to trace customer interaction with the application.

Answer: B,D


NEW QUESTION # 56
Some of your production services are running in Google Kubernetes Engine (GKE) in the eu-west-1 region. Your build system runs in the us-west-1 region. You want to push the container images from your build system to a scalable registry to maximize the bandwidth for transferring the images to the cluster. What should you do?

  • A. Push the images to a private image registry running on a Compute Engine instance in the eu-west-1 region.
  • B. Push the images to Google Container Registry (GCR) using the us.gcr.io hostname.
  • C. Push the images to Google Container Registry (GCR) using the eu.gcr.io hostname.
  • D. Push the images to Google Container Registry (GCR) using the gcr.io hostname.

Answer: B


NEW QUESTION # 57
Your organization recently adopted a container-based workflow for application development. Your team develops numerous applications that are deployed continuously through an automated build pipeline to a Kubernetes cluster in the production environment. The security auditor is concerned that developers or operators could circumvent automated testing and push code changes to production without approval. What should you do to enforce approvals?

  • A. Enable binary authorization inside the Kubernetes cluster and configure the build pipeline as an attestor.
  • B. Leverage Kubernetes Role-Based Access Control (RBAC) to restrict access to only approved users.
  • C. Use an Admission Controller to verify that incoming requests originate from approved sources.
  • D. Configure the build system with protected branches that require pull request approval.

Answer: B


NEW QUESTION # 58
You support an application running on App Engine. The application is used globally and accessed from various device types. You want to know the number of connections. You are using Stackdriver Monitoring for App Engine. What metric should you use?

  • A. tcp_ssl_proxy/new_connections
  • B. flex/connections/current
  • C. flex/instance/connections/current
  • D. tcp_ssl_proxy/open_connections

Answer: C

Explanation:
Explanation/Reference: https://cloud.google.com/monitoring/api/metrics_gcp


NEW QUESTION # 59
Your application services run in Google Kubernetes Engine (GKE). You want to make sure that only images from your centrally-managed Google Container Registry (GCR) image registry in the altostrat-images project can be deployed to the cluster while minimizing development time. What should you do?

  • A. Create a custom builder for Cloud Build that will only push images to gcr.io/altostrat-images.
  • B. Add a tag to each image in gcr.io/altostrat-images and check that this tag is present when the image is deployed.
  • C. Add logic to the deployment pipeline to check that all manifests contain only images from gcr.io/altostrat-images.
  • D. Use a Binary Authorization policy that includes the whitelist name pattern gcr.io/attostrat-images/.

Answer: D


NEW QUESTION # 60
You are creating and assigning action items in a postmodern for an outage. The outage is over, but you need to address the root causes. You want to ensure that your team handles the action items quickly and efficiently. How should you assign owners and collaborators to action items?

  • A. Assign the team lead as the owner for all action items because they are in charge of the SRE team.
  • B. Assign collaborators but no individual owners to the items to keep the postmortem blameless.
  • C. Assign one owner for each action item and any necessary collaborators.
  • D. Assign multiple owners for each item to guarantee that the team addresses items quickly

Answer: C

Explanation:
https://devops.com/when-it-disaster-strikes-part-3-conducting-a-blameless-post-mortem/


NEW QUESTION # 61
You use a multiple step Cloud Build pipeline to build and deploy your application to Google Kubernetes Engine (GKE). You want to integrate with a third-party monitoring platform by performing a HTTP POST of the build information to a webhook. You want to minimize the development effort. What should you do?

  • A. Add logic to each Cloud Build step to HTTP POST the build information to a webhook.
  • B. Add a new step at the end of the pipeline in Cloud Build to HTTP POST the build information to a webhook.
  • C. Create a Cloud Pub/Sub push subscription to the Cloud Build cloud-builds PubSub topic to HTTP POST the build information to a webhook.
  • D. Use Stackdriver Logging to create a logs-based metric from the Cloud Build logs. Create an Alert with a Webhook notification type.

Answer: C


NEW QUESTION # 62
Your company follows Site Reliability Engineering practices. You are the Incident Commander for a new. customer-impacting incident. You need to immediately assign two incident management roles to assist you in an effective incident response. What roles should you assign?
Choose 2 answers

  • A. Operations Lead
  • B. Communications Lead
  • C. Customer Impact Assessor
  • D. Engineering Lead
  • E. External Customer Communications Lead

Answer: A,C


NEW QUESTION # 63
You support a high-traffic web application with a microservice architecture. The home page of the application displays multiple widgets containing content such as the current weather, stock prices, and news headlines. The main serving thread makes a call to a dedicated microservice for each widget and then lays out the homepage for the user. The microservices occasionally fail; when that happens, the serving thread serves the homepage with some missing content. Users of the application are unhappy if this degraded mode occurs too frequently, but they would rather have some content served instead of no content at all. You want to set a Service Level Objective (SLO) to ensure that the user experience does not degrade too much. What Service Level Indicator {SLI) should you use to measure this?

  • A. A freshness SLI: the proportion of widgets that have been updated within the last 10 minutes
  • B. An availability SLI: the ratio of healthy microservices to the total number of microservices
  • C. A quality SLI: the ratio of non-degraded responses to total responses
  • D. A latency SLI: the ratio of microservice calls that complete in under 100 ms to the total number of microservice calls

Answer: B


NEW QUESTION # 64
Your team has recently deployed an NGINX-based application into Google Kubernetes Engine (GKE) and has exposed it to the public via an HTTP Google Cloud Load Balancer (GCLB) ingress. You want to scale the deployment of the application's frontend using an appropriate Service Level Indicator (SLI). What should you do?

  • A. Expose the NGINX stats endpoint and configure the horizontal pod autoscaler to use the request metrics exposed by the NGINX deployment.
  • B. Configure the vertical pod autoscaler in GKE and enable the cluster autoscaler to scale the cluster as pods expand.
  • C. Configure the horizontal pod autoscaler to use the average response time from the Liveness and Readiness probes.
  • D. Install the Stackdriver custom metrics adapter and configure a horizontal pod autoscaler to use the number of requests provided by the GCLB.

Answer: D

Explanation:
https://cloud.google.com/kubernetes-engine/docs/tutorials/autoscaling-metrics


NEW QUESTION # 65
You are on-call for an infrastructure service that has a large number of dependent systems. You receive an alert indicating that the service is failing to serve most of its requests and all of its dependent systems with hundreds of thousands of users are affected. As part of your Site Reliability Engineering (SRE) incident management protocol, you declare yourself Incident Commander (IC) and pull in two experienced people from your team as Operations Lead (OLJ and Communications Lead (CL). What should you do next?

  • A. Look for ways to mitigate user impact and deploy the mitigations to production.
  • B. Start a postmortem, add incident information, circulate the draft internally, and ask internal stakeholders for input.
  • C. Establish a communication channel where incident responders and leads can communicate with each other.
  • D. Contact the affected service owners and update them on the status of the incident.

Answer: A


NEW QUESTION # 66
Your organization recently adopted a container-based workflow for application development. Your team develops numerous applications that are deployed continuously through an automated build pipeline to the production environment. A recent security audit alerted your team that the code pushed to production could contain vulnerabilities and that the existing tooling around virtual machine (VM) vulnerabilities no longer applies to the containerized environment. You need to ensure the security and patch level of all code running through the pipeline. What should you do?

  • A. Reconfigure the existing operating system vulnerability software to exist inside the container.
  • B. Set up Container Analysis to scan and report Common Vulnerabilities and Exposures.
  • C. Implement static code analysis tooling against the Docker files used to create the containers.
  • D. Configure the containers in the build pipeline to always update themselves before release.

Answer: C

Explanation:
https://cloud.google.com/binary-authorization
Binary Authorization is a deploy-time security control that ensures only trusted container images are deployed on Google Kubernetes Engine (GKE) or Cloud Run. With Binary Authorization, you can require images to be signed by trusted authorities during the development process and then enforce signature validation when deploying. By enforcing validation, you can gain tighter control over your container environment by ensuring only verified images are integrated into the build-and-release process.


NEW QUESTION # 67
You support a high-traffic web application and want to ensure that the home page loads in a timely manner. As a first step, you decide to implement a Service Level Indicator (SLI) to represent home page request latency with an acceptable page load time set to 100 ms. What is the Google-recommended way of calculating this SLI?

  • A. Bucketize the request latencies into ranges, and then compute the median and 90th percentiles.
  • B. Buckelize Ihe request latencies into ranges, and then compute the percentile at 100 ms.
  • C. Count the number of home page requests that load in under 100 ms, and then divide by the total number of home page requests.
  • D. Count the number of home page requests that load in under 100 ms. and then divide by the total number of all web application requests.

Answer: C


NEW QUESTION # 68
You are responsible for the reliability of a high-volume enterprise application. A large number of users report that an important subset of the application's functionality - a data intensive reporting feature - is consistently failing with an HTTP 500 error. When you investigate your application's dashboards, you notice a strong correlation between the failures and a metric that represents the size of an internal queue used for generating reports. You trace the failures to a reporting backend that is experiencing high I/O wait times. You quickly fix the issue by resizing the backend's persistent disk (PD). How you need to create an availability Service Level Indicator (SLI) for the report generation feature. How would you define it?

  • A. As the application's report generation queue size compared to a known-good threshold
  • B. As the proportion of report generation requests that result in a successful response
  • C. As the I/O wait times aggregated across all report generation backends
  • D. As the reporting backend PD throughout capacity compared to a known-good threshold

Answer: B

Explanation:
According to SRE Workbook, one of potential SLI is as below:
* Type of service: Request-driven
* Type of SLI: Availability
* Description: The proportion of requests that resulted in a successful response.
https://sre.google/workbook/implementing-slos/


NEW QUESTION # 69
You need to deploy a new service to production. The service needs to automatically scale using a Managed Instance Group (MIG) and should be deployed over multiple regions. The service needs a large number of resources for each instance and you need to plan for capacity. What should you do?

  • A. Use the n1-highcpu-96 machine type in the configuration of the MIG.
  • B. Validate that the resource requirements are within the available quota limits of each region.
  • C. Deploy the service in one region and use a global load balancer to route traffic to this region.
  • D. Monitor results of Stackdriver Trace to determine the required amount of resources.

Answer: B

Explanation:
https://cloud.google.com/compute/quotas#understanding_quotas
https://cloud.google.com/compute/quotas


NEW QUESTION # 70
......

100% Free Professional-Cloud-DevOps-Engineer Daily Practice Exam With 82 Questions: https://www.actualcollection.com/Professional-Cloud-DevOps-Engineer-exam-questions.html

Professional-Cloud-DevOps-Engineer Test Engine Practice Test Questions, Exam Dumps: https://drive.google.com/open?id=1Gb01SXGko3ntkDWrEBRV8tog7NtJeXjZ