Professional-Cloud-DevOps-Engineer Actual Questions Answers Pass With Real Professional-Cloud-DevOps-Engineer Exam Dumps [Q27-Q43]

Professional-Cloud-DevOps-Engineer Actual Questions Answers Pass With Real Professional-Cloud-DevOps-Engineer Exam Dumps

Professional-Cloud-DevOps-Engineer Dumps Prepare Your Exam With 164 Questions

NEW QUESTION # 27
You are on-call for an infrastructure service that has a large number of dependent systems. You receive an alert indicating that the service is failing to serve most of its requests and all of its dependent systems with hundreds of thousands of users are affected. As part of your Site Reliability Engineering (SRE) incident management protocol, you declare yourself Incident Commander (IC) and pull in two experienced people from your team as Operations Lead (OLJ and Communications Lead (CL). What should you do next?

• A. Look for ways to mitigate user impact and deploy the mitigations to production.
• B. Contact the affected service owners and update them on the status of the incident.
• C. Establish a communication channel where incident responders and leads can communicate with each other.
• D. Start a postmortem, add incident information, circulate the draft internally, and ask internal stakeholders for input.

Answer: A

NEW QUESTION # 28
You need to reduce the cost of virtual machines (VM| for your organization. After reviewing different options, you decide to leverage preemptible VM instances. Which application is suitable for preemptible VMs?

• A. The organization's public-facing website
• B. A GPU-accelerated video rendering platform that retrieves and stores videos in a storage bucket
• C. A scalable in-memory caching system
• D. A distributed, eventually consistent NoSQL database cluster with sufficient quorum

Answer: B

NEW QUESTION # 29
You use a multiple step Cloud Build pipeline to build and deploy your application to Google Kubernetes Engine (GKE). You want to integrate with a third-party monitoring platform by performing a HTTP POST of the build information to a webhook. You want to minimize the development effort. What should you do?

• A. Add a new step at the end of the pipeline in Cloud Build to HTTP POST the build information to a webhook.
• B. Use Stackdriver Logging to create a logs-based metric from the Cloud Buitd logs. Create an Alert with a Webhook notification type.
• C. Add logic to each Cloud Build step to HTTP POST the build information to a webhook.
• D. Create a Cloud Pub/Sub push subscription to the Cloud Build cloud-builds PubSub topic to HTTP POST the build information to a webhook.

Answer: A

NEW QUESTION # 30
You are the on-call Site Reliability Engineer for a microservice that is deployed to a Google Kubernetes Engine (GKE) Autopilot cluster. Your company runs an online store that publishes order messages to Pub/Sub and a microservice receives these messages and updates stock information in the warehousing system. A sales event caused an increase in orders, and the stock information is not being updated quickly enough. This is causing a large number of orders to be accepted for products that are out of stock You check the metrics for the microservice and compare them to typical levels.

You need to ensure that the warehouse system accurately reflects product inventory at the time orders are placed and minimize the impact on customers What should you do?

• A. Increase the Pod CPU and memory limits
• B. Decrease the acknowledgment deadline on the subscription
• C. Increase the number of Pod replicas
• D. Add a virtual queue to the online store that allows typical traffic levels

Answer: C

Explanation:
Explanation
The best option for ensuring that the warehouse system accurately reflects product inventory at the time orders are placed and minimizing the impact on customers is to increase the number of Pod replicas. Increasing the number of Pod replicas will increase the scalability and availability of your microservice, which will allow it to handle more Pub/Sub messages and update stock information faster. This way, you can reduce the backlog of undelivered messages and oldest unacknowledged message age, which are causing delays in updating product inventory. You can use Horizontal Pod Autoscaler or Cloud Monitoring metrics-based autoscaling to automatically adjust the number of Pod replicas based on load or custom metrics.

NEW QUESTION # 31
You are performing a semi-annual capacity planning exercise for your flagship service. You expect a service user growth rate of 10% month-over-month over the next six months. Your service is fully containerized and runs on Google Cloud Platform (GCP), using a Google Kubernetes Engine (GKE) Standard regional cluster on three zones with cluster autoscaler enabled. You currently consume about 30% of your total deployed CPU capacity, and you require resilience against the failure of a zone. You want to ensure that your users experience minimal negative impact as a result of this growth or as a result of zone failure, while avoiding unnecessary costs. How should you prepare to handle the predicted growth?

• A. Because you are at only 30% utilization, you have significant headroom and you won't need to add any additional capacity for this rate of growth.
• B. Because you are deployed on GKE and are using a cluster autoscaler, your GKE cluster will scale automatically regardless of growth rate.
• C. Proactively add 60% more node capacity to account for six months of 10% growth rate, and then perform a load test to make sure you have enough.
• D. Verify the maximum node pool size, enable a horizontal pod autoscaler, and then perform a load test to verify your expected resource needs.

Answer: B

NEW QUESTION # 32
You have a pool of application servers running on Compute Engine. You need to provide a secure solution that requires the least amount of configuration and allows developers to easily access application logs for troubleshooting. How would you implement the solution on GCP?

• A. Install the gsutil command line tool on your application servers.
  * Write a script using gsutil to upload your application log to a Cloud Storage bucket, and then schedule it to run via cron every 5 minutes.
  * Give the developers IAM Object Viewer access to view the logs in the specified bucket.
• B. Deploy the Stackdriver logging agent to the application servers.
  * Give the developers the IAM Logs Viewer role to access Stackdriver and view logs.
• C. Deploy the Stackdriver logging agent to the application servers.
  * Give the developers the IAM Logs Private Logs Viewer role to access Stackdriver and view logs.
• D. Deploy the Stackdriver monitoring agent to the application servers.
  * Give the developers the IAM Monitoring Viewer role to access Stackdriver and view metrics.

Answer: A

NEW QUESTION # 33
Your team is building a service that performs compute-heavy processing on batches of data The data is processed faster based on the speed and number of CPUs on the machine These batches of data vary in size and may arrive at any time from multiple third-party sources You need to ensure that third parties are able to upload their data securely. You want to minimize costs while ensuring that the data is processed as quickly as possible What should you do?

• A. * Provide a Cloud Storage bucket so that third parties can upload batches of data, and provide appropriate Identity and Access Management (1AM) access to the bucket
  * Use a standard Google Kubernetes Engine (GKE) cluster and maintain two services one that processes the batches of data and one that monitors Cloud Storage for new batches of data
  * Stop the processing service when there are no batches of data to process
• B. * Provide a Cloud Storage bucket so that third parties can upload batches of data, and provide appropriate identity and Access Management (1AM) access to the bucket
  * Create a Cloud Function with a google, storage, object .finalise Cloud Storage trigger Write code so that the function can scale up a Compute Engine autoscaling managed instance group
  * Use an image pre-loaded with the data processing software that terminates the instances when processing completes
• C. * Provide a secure file transfer protocol (SFTP) server on a Compute Engine instance so that third parties can upload batches of data and provide appropriate credentials to the server
  * Create a Cloud Function with a google.storage, object, finalize Cloud Storage trigger Write code so that the function can scale up a Compute Engine autoscaling managed instance group
  * Use an image pre-loaded with the data processing software that terminates the instances when processing completes
• D. * Provide a Cloud Storage bucket so that third parties can upload batches of data, and provide appropriate Identity and Access Management (1AM) access to the bucket
  * Use Cloud Monitoring to detect new batches of data in the bucket and trigger a Cloud Function that processes the data
  * Set a Cloud Function to use the largest CPU possible to minimize the runtime of the processing

Answer: B

Explanation:
Explanation
The best option for ensuring that third parties are able to upload their data securely and minimizing costs while ensuring that the data is processed as quickly as possible is to provide a Cloud Storage bucket so that third parties can upload batches of data, and provide appropriate Identity and Access Management (IAM) access to the bucket; create a Cloud Function with a google.storage.object.finalize Cloud Storage trigger; write code so that the function can scale up a Compute Engine autoscaling managed instance group; use an image pre-loaded with the data processing software that terminates the instances when processing completes. A Cloud Storage bucket is a resource that allows you to store and access data in Google Cloud. You can provide a Cloud Storage bucket so that third parties can upload batches of data securely and conveniently. You can also provide appropriate IAM access to the bucket by using roles and policies to control who can read or write data to the bucket. A Cloud Function is a serverless function that executes code in response to an event, such as a change in a Cloud Storage bucket. A google.storage.object.finalize trigger is a type of trigger that fires when a new object is created or an existing object is overwritten in a Cloud Storage bucket. You can create a Cloud Function with a google.storage.object.finalize trigger so that the function runs whenever a new batch of data is uploaded to the bucket. You can write code so that the function can scale up a Compute Engine autoscaling managed instance group, which is a group of VM instances that automatically adjusts its size based on load or custom metrics. You can use an image pre-loaded with the data processing software that terminates the instances when processing completes, which means that the instances only run when there is data to process and stop when they are done. This way, you can minimize costs while ensuring that the data is processed as quickly as possible.

NEW QUESTION # 34
You have a pool of application servers running on Compute Engine. You need to provide a secure solution that requires the least amount of configuration and allows developers to easily access application logs for troubleshooting. How would you implement the solution on GCP?

• A. * Deploy the Stackdriver monitoring agent to the application servers.
  * Give the developers the IAM Monitoring Viewer role to access Stackdriver and view metrics.
• B. * Install the gsutil command line tool on your application servers.
  * Write a script using gsutil to upload your application log to a Cloud Storage bucket, and then schedule it to run via cron every 5 minutes.
  * Give the developers IAM Object Viewer access to view the logs in the specified bucket.
• C. * Deploy the Stackdriver logging agent to the application servers.
  * Give the developers the IAM Logs Private Logs Viewer role to access Stackdriver and view logs.
• D. * Deploy the Stackdriver logging agent to the application servers.
  * Give the developers the IAM Logs Viewer role to access Stackdriver and view logs.

Answer: D

Explanation:
Explanation
https://cloud.google.com/logging/docs/audit#access-control

NEW QUESTION # 35
You support a service with a well-defined Service Level Objective (SLO). Over the previous 6 months, your service has consistently met its SLO and customer satisfaction has been consistently high. Most of your service's operations tasks are automated and few repetitive tasks occur frequently. You want to optimize the balance between reliability and deployment velocity while following site reliability engineering best practices. What should you do? (Choose two.)

• A. Get the product team to prioritize reliability work over new features.
• B. Increase the service's deployment velocity and/or risk.
• C. Shift engineering time to other services that need more reliability.
• D. Make the service's SLO more strict.
• E. Change the implementation of your Service Level Indicators (SLIs) to increase coverage.

Answer: A,E

NEW QUESTION # 36
You support an e-commerce application that runs on a large Google Kubernetes Engine (GKE) cluster deployed on-premises and on Google Cloud Platform. The application consists of microservices that run in containers. You want to identify containers that are using the most CPU and memory. What should you do?

• A. Use Prometheus to collect and aggregate logs per container, and then analyze the results in Grafana.
• B. Use Stackdriver Kubernetes Engine Monitoring.
• C. Use Stackdriver Logging to export application logs to BigOuery. aggregate logs per container, and then analyze CPU and memory consumption.
• D. Use the Stackdriver Monitoring API to create custom metrics, and then organize your containers using groups.

Answer: B

Explanation:
https://cloud.google.com/anthos/clusters/docs/on-prem/1.7/concepts/logging-and-monitoring

NEW QUESTION # 37
Your team of Infrastructure DevOps Engineers is growing, and you are starting to use Terraform to manage infrastructure. You need a way to implement code versioning and to share code with other team members. What should you do?

• A. Store the Terraform code in a version-control system. Establish procedures for pushing new versions and merging with the master.
• B. Store the Terraform code in a shared Google Drive folder so it syncs automatically to every team member's computer. Organize files with a naming convention that identifies each new version.
• C. Store the Terraform code in a network shared folder with child folders for each version release. Ensure that everyone works on different files.
• D. Store the Terraform code in a Cloud Storage bucket using object versioning. Give access to the bucket to every team member so they can download the files.

Answer: A

NEW QUESTION # 38
You have migrated an e-commerce application to Google Cloud Platform (GCP). You want to prepare the application for the upcoming busy season. What should you do first to prepare for the busy season?

• A. Create a runbook on inflating the disaster recovery (DR) environment if there is growth.
• B. Load teat the application to profile its performance for scaling.
• C. Enable AutoScaling on the production clusters, in case there is growth.
• D. Pre-provision double the compute power used last season, expecting growth.

Answer: C

NEW QUESTION # 39
You deployed an application into a large Standard Google Kubernetes Engine (GKE) cluster. The application is stateless and multiple pods run at the same time. Your application receives inconsistent traffic. You need to ensure that the user experience remains consistent regardless of changes in traffic. and that the resource usage of the cluster is optimized.
What should you do?

• A. Configure a Horizontal Pod Autoscaler.
• B. Configure a cron job to scale the deployment on a schedule.
• C. Configure a Vertical Pod Autoscaler.
• D. Configure cluster autoscaling on the node pool.

Answer: A

NEW QUESTION # 40
You manage an application that is writing logs to Stackdriver Logging. You need to give some team members the ability to export logs. What should you do?

• A. Create an Organizational Policy in Cloud IAM to allow only these members to create log exports.
• B. Grant the team members the IAM role of logging.configWriter on Cloud IAM.
• C. Configure Access Context Manager to allow only these members to export logs.
• D. Create and grant a custom IAM role with the permissions logging.sinks.list and logging.sink.get.

Answer: B

Explanation:
Explanation
https://cloud.google.com/logging/docs/access-control
The logging.configWriter role grants permissions to create, update, and delete log exports. This is the correct role to give team members who need to export logs2.

NEW QUESTION # 41
You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (PII) is leaking into certain log entry fields. You want to prevent these fields from being written in new log entries as quickly as possible. What should you do?

• A. Stage log entries to Cloud Storage, and then trigger a Cloud Function to remove the fields and write the entries to Stackdriver via the Stackdriver Logging API.
• B. Wait for the application developers to patch the application, and then verify that the log entries are no longer exposing PII.
• C. Use the filter-record-transformer Fluentd filter plugin to remove the fields from the log entries in flight.
• D. Use the fluent-plugin-record-reformer Fluentd output plugin to remove the fields from the log entries in flight.

Answer: C

NEW QUESTION # 42
You are managing an application that runs in Compute Engine The application uses a custom HTTP server to expose an API that is accessed by other applications through an internal TCP/UDP load balancer A firewall rule allows access to the API port from 0.0.0-0/0. You need to configure Cloud Logging to log each IP address that accesses the API by using the fewest number of steps What should you do Bret?

• A. Enable Packet Mirroring on the VPC
• B. Enable logging on the firewall rule
• C. Enable VPC Flow Logs on the subnet
• D. Install the Ops Agent on the Compute Engine instances.

Answer: B

Explanation:
Explanation
The best option for configuring Cloud Logging to log each IP address that accesses the API by using the fewest number of steps is to enable logging on the firewall rule. A firewall rule is a rule that controls the traffic to and from your Compute Engine instances. You can enable logging on a firewall rule to capture information about the traffic that matches the rule, such as source and destination IP addresses, protocols, ports, and actions. You can use Cloud Logging to view and export the firewall logs to other destinations, such as BigQuery, for further analysis.

NEW QUESTION # 43
......

New Professional-Cloud-DevOps-Engineer Dumps - Real Google Exam Questions: https://actualtests.crampdf.com/Professional-Cloud-DevOps-Engineer-exam-prep-dumps.html