Spring Sale 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Google Professional-Cloud-DevOps-Engineer Based on Real Exam Environment

Google Cloud Certified - Professional Cloud DevOps Engineer Exam Questions and Answers

Question 21

You have a set of applications running on a Google Kubernetes Engine (GKE) cluster, and you are using Stackdriver Kubernetes Engine Monitoring. You are bringing a new containerized application required by your company into production. This application is written by a third party and cannot be modified or reconfigured. The application writes its log information to /var/log/app_messages.log, and you want to send these log entries to Stackdriver Logging. What should you do?

Options:

A.

Use the default Stackdriver Kubernetes Engine Monitoring agent configuration.

B.

Deploy a Fluentd daemonset to GKE. Then create a customized input and output configuration to tail the log file in the application's pods and write to Slackdriver Logging.

C.

Install Kubernetes on Google Compute Engine (GCE> and redeploy your applications. Then customize the built-in Stackdriver Logging configuration to tail the log file in the application's pods and write to Stackdriver Logging.

D.

Write a script to tail the log file within the pod and write entries to standard output. Run the script as a sidecar container with the application's pod. Configure a shared volume between the containers to allow the script to have read access to /var/log in the application container.

Question 22

You are performing a semiannual capacity planning exercise for your flagship service. You expect a service user growth rate of 10% month-over-month over the next six months. Your service is fully containerized and runs on Google Cloud Platform (GCP). using a Google Kubernetes Engine (GKE) Standard regional cluster on three zones with cluster autoscaler enabled. You currently consume about 30% of your total deployed CPU capacity, and you require resilience against the failure of a zone. You want to ensure that your users experience minimal negative impact as a result of this growth or as a result of zone failure, while avoiding unnecessary costs. How should you prepare to handle the predicted growth?

Options:

A.

Verity the maximum node pool size, enable a horizontal pod autoscaler, and then perform a load test to verity your expected resource needs.

B.

Because you are deployed on GKE and are using a cluster autoscaler. your GKE cluster will scale automatically, regardless of growth rate.

C.

Because you are at only 30% utilization, you have significant headroom and you won't need to add any additional capacity for this rate of growth.

D.

Proactively add 60% more node capacity to account for six months of 10% growth rate, and then perform a load test to make sure you have enough capacity.

Question 23

Your company has recently experienced several production service issues. You need to create a Cloud Monitoring dashboard to troubleshoot the issues, and you want to use the dashboard to distinguish between failures in your own service and those caused by a Google Cloud service that you use. What should you do?

Options:

A.

Enable Personalized Service Health annotations on the dashboard.

B.

Create an alerting policy for the system error metrics.

C.

Create a log-based metric to track cloud service errors, and display the metric on the dashboard.

D.

Create a logs widget to display system errors from Cloud Logging on the dashboard.

Question 24

A third-party application needs to have a service account key to work properly When you try to export the key from your cloud project you receive an error "The organization policy constraint larn.disableServiceAccountKeyCreation is enforcedM You need to make the third-party application work while following Google-recommended security practices What should you do?

Options:

A.

Enable the default service account key. and download the key

B.

Remove the iam.disableServiceAccountKeyCreation policy at the organization level, and create a key.

C.

Disable the service account key creation policy at the project's folder, and download the default key

D.

Add a rule to set the iam.disableServiceAccountKeyCreation policy to off in your project and create a key.