[Q59-Q79] 2023 Updated Professional-Cloud-Developer PDF for the Professional-Cloud-Developer Tests Free Updated Today!

Share

2023 Updated Professional-Cloud-Developer PDF for the Professional-Cloud-Developer Tests Free Updated Today!

Fully Updated Dumps PDF - Latest Professional-Cloud-Developer Exam Questions and Answers


The Professional-Cloud-Developer certification exam is a computer-based exam that consists of multiple-choice and multiple-select questions. The exam is timed, and candidates are given approximately two hours to complete it. A passing score is required to earn the certification, and the certification is valid for two years. After two years, candidates must retake the exam to maintain their certification.


Section 4: Integrating Google Cloud Services

The aim of this domain is to evaluate the learners based on their capacity to integrate an app with storage & data services, integrate an app with compute services, as well as integrate Cloud APIs with apps.

 

NEW QUESTION # 59
Your application is deployed in a Google Kubernetes Engine (GKE) cluster. You want to expose this application publicly behind a Cloud Load Balancing HTTP(S) load balancer. What should you do?

  • A. Configure a GKE Ingress resource with type: LoadBalancer.
  • B. Configure a GKE Service resource.
  • C. Configure a GKE Ingress resource.
  • D. Configure a GKE Service resource with type: LoadBalancer.

Answer: C

Explanation:
Reference: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress


NEW QUESTION # 60
Your company has a data warehouse that keeps your application information in BigQuery. The BigQuery data warehouse keeps 2 PBs of user data. Recently, your company expanded your user base to include EU users and needs to comply with these requirements:
Your company must be able to delete all user account information upon user request.
All EU user data must be stored in a single region specifically for EU users.
Which two actions should you take? (Choose two.)

  • A. Re-upload your data using to a Cloud Dataflow pipeline by filtering your user records out.
  • B. Create a Cloud Storage bucket in the EU region to store information for EU users only.
  • C. Use DML statements in BigQuery to update/delete user records based on their requests.
  • D. Use BigQuery federated queries to query data from Cloud Storage.
  • E. Create a dataset in the EU region that will keep information about EU users only.

Answer: B,C

Explanation:
Reference:
https://cloud.google.com/solutions/bigquery-data-warehouse


NEW QUESTION # 61
Your team develops stateless services that run on Google Kubernetes Engine (GKE). You need to deploy a new service that will only be accessed by other services running in the GKE cluster. The service will need to scale as quickly as possible to respond to changing load. What should you do?

  • A. Use a Vertical Pod Autoscaler to scale the containers, and expose them via a NodePort Service.
  • B. Use a Horizontal Pod Autoscaler to scale the containers, and expose them via a NodePort Service.
  • C. Use a Horizontal Pod Autoscaler to scale the containers, and expose them via a ClusterIP Service.
  • D. Use a Vertical Pod Autoscaler to scale the containers, and expose them via a ClusterIP Service.

Answer: C

Explanation:
https://cloud.google.com/kubernetes-engine/docs/concepts/service


NEW QUESTION # 62
You are developing an application hosted on Google Cloud that uses a MySQL relational database schema.
The application will have a large volume of reads and writes to the database and will require backups and ongoing capacity planning. Your team does not have time to fully manage the database but can take on small administrative tasks. How should you host the database?

  • A. Deploy MySQL from the Google Cloud Marketplace to the database using a client, and import the schema.
  • B. Configure Bigtable to host the database, and import the data into Bigtable.
  • C. Configure Cloud SQL to host the database, and import the schema into Cloud SQL.
  • D. Configure Cloud Spanner to host the database, and import the schema into Cloud Spanner.
  • E. Configure Firestore to host the database, and import the data into Firestore.

Answer: C

Explanation:
Explanation
https://cloud.google.com/spanner/docs/migrating-mysql-to-spanner#migration-process Cloud SQL: Cloud SQL is a web service that allows you to create, configure, and use relational databases that live in Google's cloud. It is a fully-managed service that maintains, manages, and administers your databases, allowing you to focus on your applications and services.
https://cloud.google.com/sql/docs/mysql Cloud SQL for MySQL is a fully-managed database service that helps you set up, maintain, manage, and administer your MySQL relational databases on Google Cloud Platform.


NEW QUESTION # 63
Your team develops services that run on Google Cloud. You need to build a data processing service and will use Cloud Functions. The data to be processed by the function is sensitive. You need to ensure that invocations can only happen from authorized services and follow Google-recommended best practices for securing functions. What should you do?

  • A. Create a service account with the Cloud Functions Viewer role. Use that service account to invoke the function.
  • B. Enable Identity-Aware Proxy in your project. Secure function access using its permissions.
  • C. Create an OAuth 2.0 client ID for your calling service in the same project as the function you want to secure. Use those credentials to invoke the function.
  • D. Create a service account with the Cloud Functions Invoker role. Use that service account to invoke the function.

Answer: D

Explanation:
Reference:
https://medium.com/google-cloud/how-to-securely-invoke-a-cloud-function-from-google-kubernetes-engine-run


NEW QUESTION # 64
You are a developer at a large organization. You have an application written in Go running in a production Google Kubernetes Engine (GKE) cluster. You need to add a new feature that requires access to BigQuery.
You want to grant BigQuery access to your GKE cluster following Google-recommended best practices. What should you do?

  • A. Create a Google service account with BigQuery access. Add the JSON key to Secret Manager, and use the Go client library to access the JSON key.
  • B. Create a Google service account with BigQuery access. Add the Google service account JSON key as a Kubernetes secret, and configure the application to use this secret.
  • C. Create a Google service account with BigQuery access. Add the Google service account JSON key to Secret Manager, and use an init container to access the secret for the application to use.
  • D. Create a Google service account and a Kubernetes service account. Configure Workload Identity on the GKE cluster, and reference the Kubernetes service account on the application Deployment.

Answer: D

Explanation:
Explanation
https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity#what_is Applications running on GKE might need access to Google Cloud APIs such as Compute Engine API, BigQuery Storage API, or Machine Learning APIs.
Workload Identity allows a Kubernetes service account in your GKE cluster to act as an IAM service account.
Pods that use the configured Kubernetes service account automatically authenticate as the IAM service account when accessing Google Cloud APIs. Using Workload Identity allows you to assign distinct, fine-grained identities and authorization for each application in your cluster.


NEW QUESTION # 65
Your development team has been tasked with maintaining a .NET legacy application. The application incurs occasional changes and was recently updated. Your goal is to ensure that the application provides consistent results while moving through the CI/CD pipeline from environment to environment. You want to minimize the cost of deployment while making sure that external factors and dependencies between hosting environments are not problematic. Containers are not yet approved in your organization. What should you do?

  • A. Deploy the application using MS Web Deploy, and make sure to always use the latest, patched MS Windows Server base image in Compute Engine.
  • B. Use Cloud Build to package the application, and deploy to a Google Kubernetes Engine cluster. Use namespaces to separate the environments.
  • C. Use Cloud Build to deploy the application as a new Compute Engine image for each build. Use this image in each environment.
  • D. Rewrite the application using .NET Core, and deploy to Cloud Run. Use revisions to separate the environments.

Answer: C

Explanation:
Explanation
https://cloud.google.com/architecture/modernization-path-dotnet-applications-google-cloud#phase_1_rehost_in_
https://cloud.google.com/architecture/modernization-path-dotnet-applications-google-cloud


NEW QUESTION # 66
You are planning to migrate a MySQL database to the managed Cloud SQL database for Google Cloud. You have Compute Engine virtual machine instances that will connect with this Cloud SQL instance. You do not want to whitelist IPs for the Compute Engine instances to be able to access Cloud SQL.
What should you do?

  • A. Whitelist a project to access Cloud SQL, and add Compute Engine instances in the whitelisted project.
  • B. Enable private IP for the Cloud SQL instance.
  • C. Create a CloudSQL instance on one project. Create Compute engine instances in a different project.
    Create a VPN between these two projects to allow internal access to CloudSQL.
  • D. Create a role in Cloud SQL that allows access to the database from external instances, and assign the Compute Engine instances to that role.

Answer: D

Explanation:
Reference:
https://cloud.google.com/sql/docs/mysql/connect-external-app


NEW QUESTION # 67
You need to copy directory local-scripts and all of its contents from your local workstation to a Compute Engine virtual machine instance.
Which command should you use?

  • A. gsutil cp --project "my-gcp-project" -R ~/local-scripts/ gcp-instance-name:~/ server-scripts/ --zone "us-east1-b"
  • B. gcloud compute mv --project "my-gcp-project" --recurse ~/local-scripts/ gcpinstance- name:~/server-scripts/ --zone "us-east1-b"
  • C. gcloud compute scp --project "my-gcp-project" --recurse ~/local-scripts/ gcpinstance- name:~/server-scripts/ --zone "us-east1-b"
  • D. gsutil cp --project "my-gcp-project" -r ~/local-scripts/ gcp-instance-name:~/ server-scripts/ --zone "us-east1-b"

Answer: C

Explanation:
Reference: https://cloud.google.com/sdk/gcloud/reference/compute/copy-files


NEW QUESTION # 68
Your team detected a spike of errors in an application running on Cloud Run in your production project. The application is configured to read messages from Pub/Sub topic A, process the messages, and write the messages to topic B.
You want to conduct tests to identify the cause of the errors. You can use a set of mock messages for testing. What should you do?

  • A. Deploy the Pub/Sub emulator on your local machine. Point the production application to your local Pub/Sub topics. Write mock messages to topic A, and then analyze the logs.
  • B. Use the gcloud CLI to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.
  • C. Use the Google Cloud console to write mock messages to topic A. Change the logging level in the application to DEBUG or INFO, and then analyze the logs.
  • D. Deploy the Pub/Sub and Cloud Run emulators on your local machine. Deploy the application locally, and change the logging level in the application to DEBUG or INFO. Write mock messages to topic A, and then analyze the logs.

Answer: D


NEW QUESTION # 69
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Company Overview
HipLocal is a community application designed to facilitate communication between people in close proximity. It is used for event planning and organizing sporting events, and for businesses to connect with their local communities. HipLocal launched recently in a few neighborhoods in Dallas and is rapidly growing into a global phenomenon. Its unique style of hyper-local community communication and business outreach is in demand around the world.
Executive Statement
We are the number one local community app; it's time to take our local community services global. Our venture capital investors want to see rapid growth and the same great experience for new local and virtual communities that come online, whether their members are 10 or 10000 miles away from each other.
Solution Concept
HipLocal wants to expand their existing service, with updated functionality, in new regions to better serve their global customers. They want to hire and train a new team to support these regions in their time zones. They will need to ensure that the application scales smoothly and provides clear uptime data.
Existing Technical Environment
HipLocal's environment is a mix of on-premises hardware and infrastructure running in Google Cloud Platform.
The HipLocal team understands their application well, but has limited experience in global scale applications.
Their existing technical environment is as follows:
* Existing APIs run on Compute Engine virtual machine instances hosted in GCP.
* State is stored in a single instance MySQL database in GCP.
* Data is exported to an on-premises Teradata/Vertica data warehouse.
* Data analytics is performed in an on-premises Hadoop environment.
* The application has no logging.
* There are basic indicators of uptime; alerts are frequently fired when the APIs are unresponsive.
Business Requirements
HipLocal's investors want to expand their footprint and support the increase in demand they are seeing. Their requirements are:
* Expand availability of the application to new regions.
* Increase the number of concurrent users that can be supported.
* Ensure a consistent experience for users when they travel to different regions.
* Obtain user activity metrics to better understand how to monetize their product.
* Ensure compliance with regulations in the new regions (for example, GDPR).
* Reduce infrastructure management time and cost.
* Adopt the Google-recommended practices for cloud computing.
Technical Requirements
* The application and backend must provide usage metrics and monitoring.
* APIs require strong authentication and authorization.
* Logging must be increased, and data should be stored in a cloud analytics platform.
* Move to serverless architecture to facilitate elastic scaling.
* Provide authorized access to internal apps in a secure manner.
HipLocal's APIs are showing occasional failures, but they cannot find a pattern. They want to collect some metrics to help them troubleshoot.
What should they do?

  • A. Use Stackdriver Trace to look for performance bottlenecks.
  • B. Take frequent snapshots of all of the VMs.
  • C. Install the Stackdriver Logging agent on the VMs.
  • D. Install the Stackdriver Monitoring agent on the VMs.

Answer: D

Explanation:
Explanation/Reference:


NEW QUESTION # 70

  • A. Grant the [email protected] service account the roles/ storage.objectCreator role for the Cloud Storage bucket.
  • B. Grant your user account the roles/iam.serviceAccountUser role for the service-PROJECTA@gcf-admin- robot.iam.gserviceaccount.com service account.
  • C. Enable the Cloud Storage API in project B.
  • D. Grant your user account the roles/storage.objectCreator role for the Cloud Storage bucket.
  • E. It is supposed to write an object in a Cloud Storage bucket owned by project B. However, the write call is failing with the error "403 Forbidden".
    What should you do to correct the problem?

Answer: B


NEW QUESTION # 71
Which of the following customer statements would alert you to a safety issue? (Choose two.)

  • A. The screen is too bright. It hurts my eyes.
  • B. My iPhone flashed and sparked when I tried to charge it.
  • C. My new Apple Watch makes me itchy and my wrist is red and irritated.
  • D. The corner of my iPad is badly bent.
  • E. The home button on my iPhone seems to have sunk.
  • F. My iPhone has fluctuating sound levels. Sometimes it is deafening.

Answer: B,E


NEW QUESTION # 72
One of your deployed applications in Google Kubernetes Engine (GKE) is having intermittent performance issues. Your team uses a third-party logging solution. You want to install this solution on each node in your GKE cluster so you can view the logs. What should you do?

  • A. Deploy the third-party solution as a DaemonSet
  • B. Modify your container image to include the monitoring software
  • C. Use SSH to connect to the GKE node, and install the software manually
  • D. Deploy the third-party solution using Terraform and deploy the logging Pod as a Kubernetes Deployment

Answer: A

Explanation:
Explanation
https://cloud.google.com/kubernetes-engine/docs/concepts/daemonset#usage_patterns DaemonSets are useful for deploying ongoing background tasks that you need to run on all or certain nodes, and which do not require user intervention. Examples of such tasks include storage daemons like ceph, log collection daemons like fluent-bit, and node monitoring daemons like collectd.


NEW QUESTION # 73
When would a technician need to use a positive 'no' with a customer? (Choose three.)

  • A. The device is eligible for repair.
  • B. The customer is misinformed about service options.
  • C. The device is out of warranty.
  • D. Apple introduces new product.
  • E. The device is an obsolete device that we no longer service.
  • F. The technician does not feel like helping the customer.
  • G. The customer wants to purchase a new device.

Answer: B,C,E


NEW QUESTION # 74
You are developing a JPEG image-resizing API hosted on Google Kubernetes Engine (GKE). Callers of the service will exist within the same GKE cluster. You want clients to be able to get the IP address of the service.
What should you do?

  • A. Define a GKE Service. Clients should use the service name in the URL to connect to the service.
  • B. Define a GKE Endpoint. Clients should get the endpoint name from Cloud DNS.
  • C. Define a GKE Endpoint. Clients should get the endpoint name from the appropriate environment variable in the client container.
  • D. Define a GKE Service. Clients should use the name of the A record in Cloud DNS to find the service's cluster IP address.

Answer: C


NEW QUESTION # 75
You are planning to deploy your application in a Google Kubernetes Engine (GKE) cluster. Your application can scale horizontally, and each instance of your application needs to have a stable network identity and its own persistent disk.
Which GKE object should you use?

  • A. Deployment
  • B. ReplicaController
  • C. ReplicaSet
  • D. StatefulSet

Answer: D

Explanation:
Reference:
https://livebook.manning.com/book/kubernetes-in-action/chapter-10/46


NEW QUESTION # 76
You are developing a corporate tool on Compute Engine for the finance department, which needs to authenticate users and verify that they are in the finance department. All company employees use G Suite.
What should you do?

  • A. Enable Cloud Identity-Aware Proxy on the HTTP(s) load balancer and restrict access to a Google Group containing users in the finance department. Issue client-side certificates to everybody in the finance team and verify the certificates in the application.
  • B. Configure Cloud Armor Security Policies to restrict access to only corporate IP address ranges. Issue client side certificates to everybody in the finance team and verify the certificates in the application.
  • C. Enable Cloud Identity-Aware Proxy on the HTTP(s) load balancer and restrict access to a Google Group containing users in the finance department. Verify the provided JSON Web Token within the application.
  • D. Configure Cloud Armor Security Policies to restrict access to only corporate IP address ranges. Verify the provided JSON Web Token within the application.

Answer: C

Explanation:
https://cloud.google.com/iap/docs/signed-headers-howto#securing_iap_headers (https://cloud.google.com/endpoints/docs/openapi/authenticating-users-google-id).
https://cloud.google.com/armor/docs/security-policy-overview#:~:text=Google%20Cloud%20Armor%20security%20policies%20enable%20you%20to%20allow%20or,Private%20Cloud%20(VPC)%20networks
"Google Cloud Armor security policies protect your application by providing Layer 7 filtering and by scrubbing incoming requests for common web attacks or other Layer 7 attributes to potentially block traffic before it reaches your load balanced backend services or backend buckets"


NEW QUESTION # 77
You are planning to deploy hundreds of microservices in your Google Kubernetes Engine (GKE) cluster. How should you secure communication between the microservices on GKE using a managed service?

  • A. Install Anthos Service Mesh, and enable mTLS in your Service Mesh.
  • B. Use global HTTP(S) Load Balancing with managed SSL certificates to protect your services
  • C. Deploy open source Istio in your GKE cluster, and enable mTLS in your Service Mesh
  • D. Install cert-manager on GKE to automatically renew the SSL certificates.

Answer: A

Explanation:
Explanation
https://cloud.google.com/service-mesh/docs/overview#security_benefits
- Ensures encryption in transit. Using mTLS for authentication also ensures that all TCP communications are encrypted in transit.


NEW QUESTION # 78
Laura is performing a visual inspection of an embedded battery. What kinds of cosmetic issues should she look for? (Choose two.)

  • A. Scratches
  • B. QR Code
  • C. IATA complice label
  • D. Apple product serial number
  • E. Dents or dot imprints
  • F. Apple logo
  • G. UPC Code

Answer: A,E

Explanation:
Explanation/Reference: https://docplayer.net/50514766-Embedded-battery-safety.html


NEW QUESTION # 79
......

Free Professional-Cloud-Developer Exam Questions Professional-Cloud-Developer Actual Free Exam Questions: https://www.dumpstests.com/Professional-Cloud-Developer-latest-test-dumps.html

100% Free Professional-Cloud-Developer Exam Dumps to Pass Exam Easily: https://drive.google.com/open?id=1yKOCdf77e-8BZb3pv7rJjqskwHTV7l4h