Google Professional-Cloud-Developer Exam Practice Test Instant Access

Question 1

Your team is creating a serverless web application on Cloud Run. The application needs to access images stored in a private Cloud Storage bucket. You want to give the application Identity and Access Management (IAM) permission to access the images in the bucket, while also securing the services using Google-recommended best practices What should you do?

AEnforce signed URLs for the desired bucket. Grant the Storage Object Viewer IAM role on the bucket to the Compute Engine default service account.

BEnforce public access prevention for the desired bucket. Grant the Storage Object Viewer IAM role on the bucket to the Compute Engine
default service account.

CEnforce signed URLs for the desired bucket Create and update the Cloud Run service to use a user -managed service account. Grant the Storage Object Viewer IAM role on the bucket to the service account

DEnforce public access prevention for the desired bucket.
Create and update the Cloud Run service to use a user-managed service account. Grant the Storage Object Viewer IAM role on the bucket to the service account.

Answer : B

Question 2

You are tasked with using C++ to build and deploy a microservice for an application hosted on Google Cloud. The code needs to be containerized and use several custom software libraries that your team has built. You do not want to maintain the underlying infrastructure of the application How should you deploy the microservice?

AUse Cloud Functions to deploy the microservice.

BUse Cloud Build to create the container, and deploy it on Cloud Run.

CUse Cloud Shell to containerize your microservice. and deploy it on GKE Standard.

DUse Cloud Shell to containerize your microservice. and deploy it on a Container-Optimized OS Compute Engine instance.

Answer : B

Question 3

You are reviewing and updating your Cloud Build steps to adhere to Google-recommended practices. Currently, your build steps include:

1. Pull the source code from a source repository.

2. Build a container image

3. Upload the built image to Artifact Registry.

You need to add a step to perform a vulnerability scan of the built container image, and you want the results of the scan to be available to your deployment pipeline running in Google Cloud. You want to minimize changes that could disrupt other teams' processes What should you do?

AEnable Binary Authorization, and configure it to attest that no vulnerabilities exist in a container image.

BEnable the Container Scanning API in Artifact Registry, and scan the built container images for vulnerabilities.

CUpload the built container images to your Docker Hub instance, and scan them for vulnerabilities.

DAdd Artifact Registry to your Aqua Security instance, and scan the built container images for vulnerabilities

Answer : B

Question 4

Your application stores customers' content in a Cloud Storage bucket, with each object being encrypted with the customer's encryption key. The key for each object in Cloud Storage is entered into your application by the customer. You discover that your application is receiving an HTTP 4xx error when reading the object from Cloud Storage What is a possible cause of this error?

AYou attempted the read operation without the base64-encoded SHA256 hash of the encryption key.

BYou entered the same encryption algorithm specified by the customer when attempting the read operation.

CYou attempted the read operation on the object with the base64-encoded SHA256 hash of the customer's key.

DYou attempted the read operation on the object with the customers base64-encoded key.

Answer : D

Question 5

You need to load-test a set of REST API endpoints that are deployed to Cloud Run. The API responds to HTTP POST requests Your load tests must meet the following requirements:

* Load is initiated from multiple parallel threads

* User traffic to the API originates from multiple source IP addresses.

* Load can be scaled up using additional test instances

You want to follow Google-recommended best practices How should you configure the load testing'?

ACreate an image that has cURL installed and configure cURLto run a test plan Deploy the image in a
managed instance group, and run one instance of the image for each VM.

BCreate an image that has cURL installed and configure cURL to run a test plan Deploy the image in an
unmanaged instance group, and run one instance of the image for each VM.

CDeploy a distributed load testing framework on a private Google Kubernetes Engine Cluster Deploy
additional Pods as needed to initiate more traffic and support the number of concurrent users.

DDownload the container image of a distributed load testing framework on Cloud Shell Sequentially start
several instances of the container on Cloud Shell to increase the load on the API.

Answer : C

Question 6

You are developing a new web application using Cloud Run and committing code to Cloud Source Repositories. You want to deploy new code in the most efficient way possible. You have already created a Cloud Build YAML file that builds a container and runs the following command: gcloud run deploy. What should you do next?

ACreate a Pub/Sub topic to be notified when code is pushed to the repository. Create a Pub/Sub trigger that runs the build file when an event is published to the topic.

BCreate a build trigger that runs the build file in response to a repository code being pushed to the development branch.

CCreate a webhook build trigger that runs the build file in response to HTTP POST calls to the webhook URL.

DCreate a Cron job that runs the following command every 24 hours: gcloud builds submit.

Answer : B

https://cloud.google.com/build/docs/triggers

Cloud Build uses build triggers to enable CI/CD automation. You can configure triggers to listen for incoming events, such as when a new commit is pushed to a repository or when a pull request is initiated, and then automatically execute a build when new events come in. You can also configure triggers to build code on any changes to your source repository or only on changes that match certain criteria.

Question 7

You are developing an application hosted on Google Cloud that uses a MySQL relational database schem

a. The application will have a large volume of reads and writes to the database and will require backups and ongoing capacity planning. Your team does not have time to fully manage the database but can take on small administrative tasks. How should you host the database?

AConfigure Cloud SQL to host the database, and import the schema into Cloud SQL.

BDeploy MySQL from the Google Cloud Marketplace to the database using a client, and import the schema.

CConfigure Bigtable to host the database, and import the data into Bigtable.

DConfigure Cloud Spanner to host the database, and import the schema into Cloud Spanner.

EConfigure Firestore to host the database, and import the data into Firestore.

Answer : A

https://cloud.google.com/spanner/docs/migrating-mysql-to-spanner#migration-process

Cloud SQL: Cloud SQL is a web service that allows you to create, configure, and use relational databases that live in Google's cloud. It is a fully-managed service that maintains, manages, and administers your databases, allowing you to focus on your applications and services.

https://cloud.google.com/sql/docs/mysql Cloud SQL for MySQL is a fully-managed database service that helps you set up, maintain, manage, and administer your MySQL relational databases on Google Cloud Platform.

Google Professional Cloud Developer Exam Practice Test