google google-professional-cloud-devops-engineer online test

Question 1

You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some
personally identifiable information (PII) is leaking into certain log entry fields. You want to prevent these fields from being
written in new log entries as quickly as possible. What should you do?

• A. Use the filter-record-transformer Fluentd filter plugin to remove the fields from the log entries in flight.
• B. Use the fluent-plugin-record-reformer Fluentd output plugin to remove the fields from the log entries in flight.
• C. Wait for the application developers to patch the application, and then verify that the log entries are no longer exposing PII.
• D. Stage log entries to Cloud Storage, and then trigger a Cloud Function to remove the fields and write the entries to Stackdriver via the Stackdriver Logging API.

Answer:

B

Explanation:
Reference https://cloud.google.com/logging/docs/agent/logging/configuration

Question 2

You support an e-commerce application that runs on a large Google Kubernetes Engine (GKE) cluster deployed on-
premises and on Google Cloud Platform. The application consists of microservices that run in containers. You want to
identify containers that are using the most CPU and memory. What should you do?

• A. Use Stackdriver Kubernetes Engine Monitoring.
• B. Use Prometheus to collect and aggregate logs per container, and then analyze the results in Grafana.
• C. Use the Stackdriver Monitoring API to create custom metrics, and then organize your containers using groups.
• D. Use Stackdriver Logging to export application logs to BigQuery, aggregate logs per container, and then analyze CPU and memory consumption.

Answer:

B

Question 3

You use a multiple step Cloud Build pipeline to build and deploy your application to Google Kubernetes Engine (GKE). You
want to integrate with a third-party monitoring platform by performing a HTTP POST of the build information to a webhook.
You want to minimize the development effort. What should you do?

• A. Add logic to each Cloud Build step to HTTP POST the build information to a webhook.
• B. Add a new step at the end of the pipeline in Cloud Build to HTTP POST the build information to a webhook.
• C. Use Stackdriver Logging to create a logs-based metric from the Cloud Build logs. Create an Alert with a Webhook notification type.
• D. Create a Cloud Pub/Sub push subscription to the Cloud Build cloud-builds PubSub topic to HTTP POST the build information to a webhook.

Answer:

D

Question 4

Your application services run in Google Kubernetes Engine (GKE). You want to make sure that only images from your
centrally-managed Google Container Registry (GCR) image registry in the altostratimages project can be deployed to the
cluster while minimizing development time. What should you do?

• A. Create a custom builder for Cloud Build that will only push images to gcr.io/altostrat-images.
• B. Use a Binary Authorization policy that includes the whitelist name pattern gcr.io/altostrat-images/.
• C. Add logic to the deployment pipeline to check that all manifests contain only images from gcr.io/altostrat-images.
• D. Add a tag to each image in gcr.io/altostrat-images and check that this tag is present when the image is deployed.

Answer:

D

Question 5

Your application images are built and pushed to Google Container Registry (GCR). You want to build an automated pipeline
that deploys the application when the image is updated while minimizing the development effort. What should you do?

• A. Use Cloud Build to trigger a Spinnaker pipeline.
• B. Use Cloud Pub/Sub to trigger a Spinnaker pipeline.
• C. Use a custom builder in Cloud Build to trigger Jenkins pipeline.
• D. Use Cloud Pub/Sub to trigger a custom deployment service running in Google Kubernetes Engine (GKE).

Answer:

D

Question 6

You support the backend of a mobile phone game that runs on a Google Kubernetes Engine (GKE) cluster. The application
is serving HTTP requests from users. You need to implement a solution that will reduce the network cost. What should you
do?

• A. Configure the VPC as a Shared VPC Host project.
• B. Configure your network services on the Standard Tier.
• C. Configure your Kubernetes cluster as a Private Cluster.
• D. Configure a Google Cloud HTTP Load Balancer as Ingress.

Answer:

C

Explanation:
Reference: https://cloud.google.com/solutions/prep-kubernetes-engine-for-prod

Question 7

You support a service with a well-defined Service Level Objective (SLO). Over the previous 6 months, your service has
consistently met its SLO and customer satisfaction has been consistently high. Most of your services operations tasks are
automated and few repetitive tasks occur frequently. You want to optimize the balance between reliability and deployment
velocity while following site reliability engineering best practices. What should you do? (Choose two.)

• A. Make the service’s SLO more strict.
• B. Increase the service’s deployment velocity and/or risk.
• C. Shift engineering time to other services that need more reliability.
• D. Get the product team to prioritize reliability work over new features.
• E. Change the implementation of your Service Level Indicators (SLIs) to increase coverage.

Answer:

D E

Explanation:
Reference: https://sre.google/sre-book/service-level-objectives/

Question 8

You support a high-traffic web application with a microservice architecture. The home page of the application displays
multiple widgets containing content such as the current weather, stock prices, and news headlines. The main serving thread
makes a call to a dedicated microservice for each widget and then lays out the homepage for the user. The microservices
occasionally fail; when that happens, the serving thread serves the homepage with some missing content. Users of the
application are unhappy if this degraded mode occurs too frequently, but they would rather have some content served
instead of no content at all. You want to set a Service Level Objective (SLO) to ensure that the user experience does not
degrade too much. What Service Level Indicator (SLI) should you use to measure this?

• A. A quality SLI: the ratio of non-degraded responses to total responses.
• B. An availability SLI: the ratio of healthy microservices to the total number of microservices.
• C. A freshness SLI: the proportion of widgets that have been updated within the last 10 minutes.
• D. A latency SLI: the ratio of microservice calls that complete in under 100 ms to the total number of microservice calls.

Answer:

D

Explanation:
Reference: https://cloud.google.com/stackdriver/docs/solutions/slo-monitoring

Question 9

You support a multi-region web service running on Google Kubernetes Engine (GKE) behind a Global HTTP/S Cloud Load
Balancer (CLB). For legacy reasons, user requests first go through a third-party Content Delivery Network (CDN), which then
routes traffic to the CLB. You have already implemented an availability Service Level Indicator (SLI) at the CLB level.
However, you want to increase coverage in case of a potential load balancer misconfiguration, CDN failure, or other global
networking catastrophe. Where should you measure this new SLI? (Choose two.)

• A. Your application servers' logs.
• B. Instrumentation coded directly in the client.
• C. Metrics exported from the application servers.
• D. GKE health checks for your application servers.
• E. A synthetic client that periodically sends simulated user requests.

Answer:

C D

Question 10

You currently store the virtual machine (VM) utilization logs in Stackdriver. You need to provide an easy-to-share interactive
VM utilization dashboard that is updated in real time and contains information aggregated on a quarterly basis. You want to
use Google Cloud Platform solutions. What should you do?

• A. 1. Export VM utilization logs from Stackdriver to BigQuery. 2. Create a dashboard in Data Studio. 3. Share the dashboard with your stakeholders.
• B. 1. Export VM utilization logs from Stackdriver to Cloud Pub/Sub. 2. From Cloud Pub/Sub, send the logs to a Security Information and Event Management (SIEM) system. 3. Build the dashboards in the SIEM system and share with your stakeholders.C. 1. Export VM utilization logs from Stackdriver to BigQuery. 2. From BigQuery, export the logs to a CSV file. 3. Import the CSV file into Google Sheets. 4. Build a dashboard in Google Sheets and share it with your stakeholders.D. 1. Export VM utilization logs from Stackdriver to a Cloud Storage bucket. 2. Enable the Cloud Storage API to pull the logs programmatically. 3. Build a custom data visualization application. 4. Display the pulled logs in a custom dashboard.

Answer:

A