• Home
  • Blogs
  • Unique Top-selling Professional-Cloud-DevOps-Engineer Exams - New 2024 Google Pratice Exam [Q25-Q50]

Unique Top-selling Professional-Cloud-DevOps-Engineer Exams - New 2024 Google Pratice Exam [Q25-Q50]

Share

Unique Top-selling Professional-Cloud-DevOps-Engineer Exams - New 2024 Google Pratice Exam

Cloud DevOps Engineer Dumps Professional-Cloud-DevOps-Engineer Exam for Full Questions - Exam Study Guide

NEW QUESTION # 25
You are configuring Cloud Logging for a new application that runs on a Compute Engine instance with a public IP address.
A user-managed service account is attached to the instance.
You confirmed that the necessary agents are running on the instance but you cannot see any log entries from the instance in Cloud Logging. You want to resolve the issue by following Google-recommended practices.
What should you do?

  • A. Export the service account key and configure the agents to use the key.
  • B. Enable Private Google Access on the subnet that the instance is in.
  • C. Update the instance to use the default Compute Engine service account.
  • D. Add the Logs Writer role to the service account.

Answer: D

Explanation:
To use Cloud Logging, the service account attached to the Compute Engine instance must have the necessary permissions to write log entries. The Logs Writer role (roles/logging.logWriter) provides this permission. You can grant this role to the user-managed service account at the project, folder, or organization level1.
Private Google Access is not required for Cloud Logging, as it allows instances without external IP addresses to access Google APIs and services2. The default Compute Engine service account already has the Logs Writer role, but it is not a recommended practice to use it for user applications3. Exporting the service account key and configuring the agents to use the key is not a secure way of authenticating the service account, as it exposes the key to potential compromise4.
Explanation:
The correct answer is
Reference:
1: Access control with IAM | Cloud Logging | Google Cloud
2: Private Google Access overview | VPC | Google Cloud
3: Service accounts | Compute Engine Documentation | Google Cloud
4: Best practices for securing service accounts | IAM Documentation | Google Cloud


NEW QUESTION # 26
You are part of an organization that follows SRE practices and principles. You are taking over the management of a new service from the Development Team, and you conduct a Production Readiness Review (PRR). After the PRR analysis phase, you determine that the service cannot currently meet its Service Level Objectives (SLOs). You want to ensure that the service can meet its SLOs in production. What should you do next?

  • A. Identify recommended reliability improvements to the service to be completed before handover.
  • B. Bring the service into production with no SLOs and build them when you have collected operational data.
  • C. Notify the development team that they will have to provide production support for the service.
  • D. Adjust the SLO targets to be achievable by the service so you can bring it into production.

Answer: A


NEW QUESTION # 27
You deploy a new release of an internal application during a weekend maintenance window when there is minimal user tragic. After the window ends, you learn that one of the new features isn't working as expected in the production environment. After an extended outage, you roll back the new release and deploy a fix. You want to modify your release process to reduce the mean time to recovery so you can avoid extended outages in the future. What should you do? (Choose two.)

  • A. Before merging new code, require 2 different peers to review the code changes.
  • B. Require developers to run automated integration tests on their local development environments before release.
  • C. Integrate a code linting tool to validate coding standards before any code is accepted into the repository.
  • D. Adopt the blue/green deployment strategy when releasing new code via a CD server.
  • E. Configure a CI server. Add a suite of unit tests to your code and have your CI server run them on commit and verify any changes.

Answer: A,C


NEW QUESTION # 28
You recently migrated an ecommerce application to Google Cloud. You now need to prepare the application for the upcoming peak traffic season. You want to follow Google-recommended practices. What should you do first to prepare for the busy season?

  • A. Load test the application to profile its performance for scaling.
  • B. Pre-provision the additional compute power that was used last season, and expect growth.
  • C. Migrate the application to Cloud Run, and use autoscaling.
  • D. Create a Terraform configuration for the application's underlying infrastructure to quickly deploy to additional regions.

Answer: A

Explanation:
Explanation
The first thing you should do to prepare your ecommerce application for the upcoming peak traffic season is to load test the application to profile its performance for scaling. Load testing is a process of simulating high traffic or user demand on your application and measuring how it responds. Load testing can help you identify any bottlenecks, errors, or performance issues that might affect your application during the busy season1. Load testing can also help you determine the optimal scaling strategy for your application, such as horizontal scaling (adding more instances) or vertical scaling (adding more resources to each instance)2.
There are different tools and methods for load testing your ecommerce application on Google Cloud, depending on the type and complexity of your application. For example, you can use Cloud Load Balancing to distribute traffic across multiple instances of your application, and use Cloud Monitoring to measure the latency, throughput, and error rate of your application3. You can also use Cloud Functions or Cloud Run to create serverless load generators that can simulate user requests and send them to your application4.
Alternatively, you can use third-party tools such as Apache JMeter or Locust to create and run load tests on your application.
By load testing your ecommerce application before the peak traffic season, you can ensure that your application is ready to handle the expected load and provide a good user experience. You can also use the results of your load tests to plan and implement other steps to prepare your application for the busy season, such as migrating to a more scalable platform, creating a Terraform configuration for deploying to additional regions, or pre-provisioning additional compute power.
References:
1: Load Testing 101: How To Test Website Performance | BlazeMeter
2: Scaling applications | Google Cloud
3: Load testing using Google Cloud | Solutions | Google Cloud
4: Serverless load testing using Cloud Functions | Solutions | Google Cloud


NEW QUESTION # 29
You are writing a postmortem for an incident that severely affected users. You want to prevent similar incidents in the future. Which two of the following sections should you include in the postmortem? (Choose two.)

  • A. A list of action items to prevent a recurrence of the incident
  • B. An explanation of the root cause of the incident
  • C. Your opinion of the incident's severity compared to past incidents
  • D. Copies of the design documents for all the services impacted by the incident
  • E. A list of employees responsible for causing the incident

Answer: B,E


NEW QUESTION # 30
You support a service with a well-defined Service Level Objective (SLO). Over the previous 6 months, your service has consistently met its SLO and customer satisfaction has been consistently high. Most of your service's operations tasks are automated and few repetitive tasks occur frequently. You want to optimize the balance between reliability and deployment velocity while following site reliability engineering best practices. What should you do? (Choose two.)

  • A. Shift engineering time to other services that need more reliability.
  • B. Increase the service's deployment velocity and/or risk.
  • C. Change the implementation of your Service Level Indicators (SLIs) to increase coverage.
  • D. Get the product team to prioritize reliability work over new features.
  • E. Make the service's SLO more strict.

Answer: A,B

Explanation:
(https://sre.google/workbook/implementing-slos/#slo-decision-matrix)


NEW QUESTION # 31
You are using Terraform to manage infrastructure as code within a Cl/CD pipeline You notice that multiple copies of the entire infrastructure stack exist in your Google Cloud project, and a new copy is created each time a change to the existing infrastructure is made You need to optimize your cloud spend by ensuring that only a single instance of your infrastructure stack exists at a time. You want to follow Google-recommended practices What should you do?

  • A. Update the pipeline to remove any existing infrastructure before you apply the latest configuration
  • B. Create a new pipeline to delete old infrastructure stacks when they are no longer needed
  • C. Verify that the pipeline is storing and retrieving the terrafom.tfstat* file from a source control
  • D. Confirm that the pipeline is storing and retrieving the terraform. if state file from Cloud Storage with the Terraform gcs backend

Answer: D

Explanation:
The best option for optimizing your cloud spend by ensuring that only a single instance of your infrastructure stack exists at a time is to confirm that the pipeline is storing and retrieving the terraform.tfstate file from Cloud Storage with the Terraform gcs backend. The terraform.tfstate file is a file that Terraform uses to store the current state of your infrastructure. The Terraform gcs backend is a backend type that allows you to store the terraform.tfstate file in a Cloud Storage bucket. By using the Terraform gcs backend, you can ensure that your pipeline has access to the latest state of your infrastructure and avoid creating multiple copies of the entire infrastructure stack.


NEW QUESTION # 32
Your company is using HTTPS requests to trigger a public Cloud Run-hosted service accessible at the
https://booking-engine-abcdef .a.run.app URL You need to give developers the ability to test the latest revisions of the service before the service is exposed to customers What should you do?

  • A. Pass the curl -K "Authorization: Hearer S(gclcud auth print-identity-token)" auth token Use the https: /
    /booking-engine-abcdef. a. run. app URL to test privately
  • B. Runthegcioud run deploy booking-engine -no-traffic --ag dev command Use the
    https://dev----booking-engine-abcdef. a. run. app URL for testing
  • C. Grant the roles/run. invoker role to the developers testing the booking-engine service Use the https:
    //booking-engine-abcdef. private. run. app URL for testing
  • D. Runthegcioud run services update-traffic booking-engine -to-revisions LATEST*! command Use the ht tps: //booking-engine-abcdef. a. run. ape URL for testing

Answer: D

Explanation:
Explanation
The best option for securing the CI/CD deployment pipeline is to configure vulnerability analysis with Artifact Registry and Binary Authorization. Vulnerability analysis is a feature that allows you to scan container images for known vulnerabilities and security issues. You can use vulnerability analysis with Artifact Registry, which is a service that allows you to store and manage container images and other artifacts. By using vulnerability analysis with Artifact Registry, you can ensure that your container images are scanned for vulnerabilities before they are deployed. Binary Authorization is a feature that allows you to enforce signature-based validation when deploying container images. You can use Binary Authorization with Cloud Build, which is a service that allows you to build and deploy container images. By using Binary Authorization with Cloud Build, you can ensure that only authorized and verified container images are deployed to your environment.


NEW QUESTION # 33
Your organization wants to collect system logs that will be used to generate dashboards in Cloud Operations for their Google Cloud project. You need to configure all current and future Compute Engine instances to collect the system logs and you must ensure that the Ops Agent remains up to date. What should you do?

  • A. Install the Ops Agent on the Compute Engine image by using a startup script
  • B. Use the gcloud CLI to create an Agent Policy.
  • C. Use the gcloud CLI to install the Ops Agent on each VM listed in the Cloud Asset Inventory
  • D. Select all VMs with an Agent status of Not detected on the Cloud Operations VMs dashboard Then select Install agents

Answer: B

Explanation:
The best option for configuring all current and future Compute Engine instances to collect system logs and ensure that the Ops Agent remains up to date is to use the gcloud CLI to create an Agent Policy. An Agent Policy is a resource that defines how Ops Agents are installed and configured on VM instances that match certain criteria, such as labels or zones. Ops Agents are software agents that collect metrics and logs from VM instances and send them to Cloud Operations products, such as Cloud Monitoring and Cloud Logging. By creating an Agent Policy, you can ensure that all current and future VM instances that match the policy criteria will have the Ops Agent installed and updated automatically. This way, you can collect system logs from all VM instances and use them to generate dashboards in Cloud Operations.


NEW QUESTION # 34
Your organization is using Helm to package containerized applications Your applications reference both public and private charts Your security team flagged that using a public Helm repository as a dependency is a risk You want to manage all charts uniformly, with native access control and VPC Service Controls What should you do?

  • A. Store public and private charts in OCI format by using Artifact Registry
  • B. Store public and private charts by using GitHub Enterprise with Google Workspace as the identity provider
  • C. Configure a Helm chart repository server to run in Google Kubernetes Engine (GKE) with Cloud Storage bucket as the storage backend
  • D. Store public and private charts by using Git repository Configure Cloud Build to synchronize contents of the repository into a Cloud Storage bucket Connect Helm to the bucket by using https: // [bucket]
    .srorage.googleapis.com/ [holnchart] as the Helm repository

Answer: A

Explanation:
Explanation
The best option for managing all charts uniformly, with native access control and VPC Service Controls is to store public and private charts in OCI format by using Artifact Registry. Artifact Registry is a service that allows you to store and manage container images and other artifacts in Google Cloud. Artifact Registry supports OCI format, which is an open standard for storing container images and other artifacts such as Helm charts. You can use Artifact Registry to store public and private charts in OCI format and manage them uniformly. You can also use Artifact Registry's native access control features, such as IAM policies and VPC Service Controls, to secure your charts and control who can access them.


NEW QUESTION # 35
Your company runs applications in Google Kubernetes Engine (GKE) that are deployed following a GitOps methodology.
Application developers frequently create cloud resources to support their applications. You want to give developers the ability to manage infrastructure as code, while ensuring that you follow Google-recommended practices. You need to ensure that infrastructure as code reconciles periodically to avoid configuration drift.
What should you do?

  • A. Create a Pod resource with a Terraform docker image to execute terraform plan and terraform apply commands.
  • B. Create a Job resource with a Terraform docker image to execute terraforrm plan and terraform apply commands.
  • C. Install and configure Config Connector in Google Kubernetes Engine (GKE).
  • D. Configure Cloud Build with a Terraform builder to execute plan and apply commands.

Answer: C

Explanation:
Explanation
The best option to give developers the ability to manage infrastructure as code, while ensuring that you follow Google-recommended practices, is to install and configure Config Connector in Google Kubernetes Engine (GKE).
Config Connector is a Kubernetes add-on that allows you to manage Google Cloud resources through Kubernetes. You can use Config Connector to create, update, and delete Google Cloud resources using Kubernetes manifests. Config Connector also reconciles the state of the Google Cloud resources with the desired state defined in the manifests, ensuring that there is no configuration drift1.
Config Connector follows the GitOps methodology, as it allows you to store your infrastructure configuration in a Git repository, and use tools such as Anthos Config Management or Cloud Source Repositories to sync the configuration to your GKE cluster. This way, you can use Git as the source of truth for your infrastructure, and enable reviewable and version-controlled workflows2.
Config Connector can be installed and configured in GKE using either the Google Cloud Console or the gcloud command-line tool. You need to enable the Config Connector add-on for your GKE cluster, and create a Google Cloud service account with the necessary permissions to manage the Google Cloud resources. You also need to create a Kubernetes namespace for each Google Cloud project that you want to manage with Config Connector3.
By using Config Connector in GKE, you can give developers the ability to manage infrastructure as code, while ensuring that you follow Google-recommended practices. You can also benefit from the features and advantages of Kubernetes, such as declarative configuration, observability, and portability4.
References:
1: Overview | Artifact Registry Documentation | Google Cloud
2: Deploy Anthos on GKE with Terraform part 1: GitOps with Config Sync | Google Cloud Blog
3: Installing Config Connector | Config Connector Documentation | Google Cloud
4: Why use Config Connector? | Config Connector Documentation | Google Cloud


NEW QUESTION # 36
Your product is currently deployed in three Google Cloud Platform (GCP) zones with your users divided between the zones. You can fail over from one zone to another, but it causes a 10-minute service disruption for the affected users. You typically experience a database failure once per quarter and can detect it within five minutes. You are cataloging the reliability risks of a new real-time chat feature for your product. You catalog the following information for each risk:
* Mean Time to Detect (MUD} in minutes
* Mean Time to Repair (MTTR) in minutes
* Mean Time Between Failure (MTBF) in days
* User Impact Percentage
The chat feature requires a new database system that takes twice as long to successfully fail over between zones. You want to account for the risk of the new database failing in one zone. What would be the values for the risk of database failover with the new system?

  • A. MTTD:5
    MTTR: 20
    MTBF: 90
    Impact: 33%
  • B. MTTD:5
    MTTR: 20
    MTBF: 90
    Impact: 50%
  • C. MTTD: 5
    MTTR: 10
    MTBF: 90
    Impact: 33%
  • D. MTTD:5
    MTTR: 10
    MTBF: 90
    Impact 50%

Answer: A

Explanation:
https://www.atlassian.com/incident-management/kpis/common-metrics
https://linkedin.github.io/school-of-sre/


NEW QUESTION # 37
You manage an application that runs in Google Kubernetes Engine (GKE) and uses the blue/green deployment methodology Extracts of the Kubernetes manifests are shown below

The Deployment app-green was updated to use the new version of the application During post-deployment monitoring you notice that the majority of user requests are failing You did not observe this behavior in the testing environment You need to mitigate the incident impact on users and enable the developers to troubleshoot the issue What should you do?

  • A. Change the selector on the Service app-2vc to app: my-app.
  • B. Update the Deployment ape-green to use the previous version of the application
  • C. Change the selector on the Service app-svc to app: my-app, version: blue
  • D. Update the Deployment app-blue to use the new version of the application

Answer: C

Explanation:
The best option for mitigating the incident impact on users and enabling the developers to troubleshoot the issue is to change the selector on the Service app-svc to app: my-app, version: blue. A Service is a resource that defines how to access a set of Pods. A selector is a field that specifies which Pods are selected by the Service. By changing the selector on the Service app-svc to app: my-app, version: blue, you can ensure that the Service only routes traffic to the Pods that have both labels app: my-app and version: blue. These Pods belong to the Deployment app-blue, which uses the previous version of the application. This way, you can mitigate the incident impact on users by switching back to the working version of the application. You can also enable the developers to troubleshoot the issue with the new version of the application in the Deployment app-green without affecting users.


NEW QUESTION # 38
You support the backend of a mobile phone game that runs on a Google Kubernetes Engine (GKE) cluster. The application is serving HTTP requests from users. You need to implement a solution that will reduce the network cost. What should you do?

  • A. Configure a Google Cloud HTTP Load Balancer as Ingress.
  • B. Configure your network services on the Standard Tier.
  • C. Configure your Kubernetes duster as a Private Cluster.
  • D. Configure the VPC as a Shared VPC Host project.

Answer: B

Explanation:
The Standard Tier network service offers lower network costs than the Premium Tier. This is the correct option to reduce the network cost for the application3.


NEW QUESTION # 39
You manage an application that is writing logs to Stackdriver Logging. You need to give some team members the ability to export logs. What should you do?

  • A. Grant the team members the IAM role of logging.configWriter on Cloud IAM.
  • B. Configure Access Context Manager to allow only these members to export logs.
  • C. Create and grant a custom IAM role with the permissions logging.sinks.list and logging.sink.get.
  • D. Create an Organizational Policy in Cloud IAM to allow only these members to create log exports.

Answer: A


NEW QUESTION # 40
You are reviewing your deployment pipeline in Google Cloud Deploy You must reduce toil in the pipeline and you want to minimize the amount of time it takes to complete an end-to-end deployment What should you do?
Choose 2 answers

  • A. Add more engineers to finish the manual steps.
  • B. Create a trigger to notify the required team to complete the next step when manual intervention is required
  • C. Use a script to automate the creation of the deployment pipeline in Google Cloud Deploy
  • D. Divide the automation steps into smaller tasks
  • E. Automate promotion approvals from the development environment to the test environment

Answer: B,E

Explanation:
The best options for reducing toil in the pipeline and minimizing the amount of time it takes to complete an end-to-end deployment are to create a trigger to notify the required team to complete the next step when manual intervention is required and to automate promotion approvals from the development environment to the test environment. A trigger is a resource that initiates a deployment when an event occurs, such as a code change, a schedule, or a manual request. You can create a trigger to notify the required team to complete the next step when manual intervention is required by using Cloud Build or Cloud Functions. This way, you can reduce the waiting time and human errors in the pipeline. A promotion approval is a process that allows you to approve or reject a deployment from one environment to another, such as from development to test. You can automate promotion approvals from the development environment to the test environment by using Google Cloud Deploy or Cloud Build. This way, you can speed up the deployment process and avoid manual steps.


NEW QUESTION # 41
You have a CI/CD pipeline that uses Cloud Build to build new Docker images and push them to Docker Hub. You use Git for code versioning. After making a change in the Cloud Build YAML configuration, you notice that no new artifacts are being built by the pipeline. You need to resolve the issue following Site Reliability Engineering practices. What should you do?

  • A. Change the CI pipeline to push the artifacts to Container Registry instead of Docker Hub.
  • B. Disable the CI pipeline and revert to manually building and pushing the artifacts.
  • C. Run a Git compare between the previous and current Cloud Build Configuration files to find and fix the bug.
  • D. Upload the configuration YAML file to Cloud Storage and use Error Reporting to identify and fix the issue.

Answer: B


NEW QUESTION # 42
You support an application that stores product information in cached memory. For every cache miss, an entry is logged in Stackdriver Logging. You want to visualize how often a cache miss happens over time. What should you do?

  • A. Create a logs-based metric in Stackdriver Logging and a dashboard for that metric in Stackdriver Monitoring.
  • B. Configure BigOuery as a sink for Stackdriver Logging. Create a scheduled query to filter the cache miss logs and write them to a separate table
  • C. Link Stackdriver Logging as a source in Google Data Studio. Filler (he logs on the cache misses.
  • D. Configure Stackdriver Profiler to identify and visualize when the cache misses occur based on the logs.

Answer: A

Explanation:
https://cloud.google.com/logging/docs/logs-based-metrics#counter-metric


NEW QUESTION # 43
You support a popular mobile game application deployed on Google Kubernetes Engine (GKE) across several Google Cloud regions. Each region has multiple Kubernetes clusters. You receive a report that none of the users in a specific region can connect to the application. You want to resolve the incident while following Site Reliability Engineering practices. What should you do first?

  • A. Reroute the user traffic from the affected region to other regions that don't report issues.
  • B. Add an extra node pool that consists of high memory and high CPU machine type instances to the cluster.
  • C. Use Stackdriver Logging to filter on the clusters in the affected region, and inspect error messages in the logs.
  • D. Use Stackdriver Monitoring to check for a spike in CPU or memory usage for the affected region.

Answer: A

Explanation:
Google always aims to first stop the impact of an incident, and then find the root cause (unless the root cause just happens to be identified early on).


NEW QUESTION # 44
You are managing an application that exposes an HTTP endpoint without using a load balancer. The latency of the HTTP responses is important for the user experience. You want to understand what HTTP latencies all of your users are experiencing. You use Stackdriver Monitoring. What should you do?

  • A. * In your application, create a metric with a metricKind. set toMETRlc_KIND_UNSPECIFIEDanda valueType set to INT64.
    * In Stackdriver's Metrics Explorer, use a Stacked Area graph to visualize the metric.
  • B. * In your application, create a metric with a metricKind set to gauge and a valueType set to distribution.
    * In Stackdriver's Metrics Explorer, use a Heatmap graph to visualize the metric.
  • C. * In your application, create a metric with a metricKind set to DELTA and a valueType set to DOUBLE.
    * In Stackdriver's Metrics Explorer, use a Slacked Bar graph to visualize the metric.
  • D. * In your application, create a metric with a metricKind set to CUMULATIVE and a valueType set to DOUBLE.
    * In Stackdriver's Metrics Explorer, use a Line graph to visualize the metric.

Answer: B

Explanation:
Explanation
https://sre.google/workbook/implementing-slos/
https://cloud.google.com/architecture/adopting-slos/
Latency is commonly measured as a distribution. Given a distribution, you can measure various percentiles.
For example, you might measure the number of requests that are slower than the historical 99th percentile.


NEW QUESTION # 45
Your company processes IOT data at scale by using Pub/Sub, App Engine standard environment, and an application written in GO. You noticed that the performance inconsistently degrades at peak load. You could not reproduce this issue on your workstation. You need to continuously monitor the application in production to identify slow paths in the code. You want to minimize performance impact and management overhead.
What should you do?
Install a continuous profiling tool into Compute Engine. Configure the application to send profiling data to the tool.

  • A. Periodically run the go tool pprof command against the application instance. Analyze the results by using flame graphs.
  • B. Use Cloud Monitoring to assess the App Engine CPU utilization metric.
  • C. Configure Cloud Profiler, and initialize the [email protected]/go/profiler library in the application.

Answer: B

Explanation:
Explanation
The correct answer is C. Configure Cloud Profiler, and initialize the cloud.google.com/go/profiler library in the application.
According to the Google Cloud documentation, Cloud Profiler is a statistical, low-overhead profiler that continuously gathers CPU usage and memory-allocation information from your production applications1.
Cloud Profiler can help you identify slow paths in your code and optimize the performance of your applications. Cloud Profiler supports applications written in Go that run on App Engine standard environment2. To use Cloud Profiler, you need to configure it in your Google Cloud project and initialize the cloud.google.com/go/profiler library in your application code3. You can then use the Cloud Profiler interface to analyze the profiling data and visualize the results by using flame graphs4. Cloud Profiler has minimal performance impact and management overhead, as it only samples a small fraction of the application activity and does not require any additional infrastructure or agents.
The other options are incorrect because they do not meet the requirements of minimizing performance impact and management overhead. Option A is incorrect because it requires installing a continuous profiling tool into Compute Engine, which is an additional infrastructure that needs to be managed and maintained. Option B is incorrect because it requires periodically running the go tool pprof command against the application instance, which is a manual and disruptive process that can affect the application performance. Option D is incorrect because it only uses Cloud Monitoring to assess the App Engine CPU utilization metric, which is not enough to identify slow paths in the code or optimize the application performance.


NEW QUESTION # 46
You have a set of applications running on a Google Kubernetes Engine (GKE) cluster, and you are using Stackdriver Kubernetes Engine Monitoring. You are bringing a new containerized application required by your company into production. This application is written by a third party and cannot be modified or reconfigured. The application writes its log information to /var/log/app_messages.log, and you want to send these log entries to Stackdriver Logging. What should you do?

  • A. Use the default Stackdriver Kubernetes Engine Monitoring agent configuration.
  • B. Write a script to tail the log file within the pod and write entries to standard output. Run the script as a sidecar container with the application's pod. Configure a shared volume between the containers to allow the script to have read access to /var/log in the application container.
  • C. Install Kubernetes on Google Compute Engine (GCE> and redeploy your applications. Then customize the built-in Stackdriver Logging configuration to tail the log file in the application's pods and write to Stackdriver Logging.
  • D. Deploy a Fluentd daemonset to GKE. Then create a customized input and output configuration to tail the log file in the application's pods and write to Slackdriver Logging.

Answer: D

Explanation:
https://cloud.google.com/architecture/customizing-stackdriver-logs-fluentd Besides the list of default logs that the Logging agent streams by default, you can customize the Logging agent to send additional logs to Logging or to adjust agent settings by adding input configurations. The configuration definitions in these sections apply to the fluent-plugin-google-cloud output plugin only and specify how logs are transformed and ingested into Cloud Logging. https://cloud.google.com/logging/docs/agent/logging/configuration#configure


NEW QUESTION # 47
You support a large service with a well-defined Service Level Objective (SLO). The development team deploys new releases of the service multiple times a week. If a major incident causes the service to miss its SLO, you want the development team to shift its focus from working on features to improving service reliability. What should you do before a major incident occurs?

  • A. Negotiate with the product team to always prioritize service reliability over releasing new features.
  • B. Develop an appropriate error budget policy in cooperation with all service stakeholders.
  • C. Negotiate with the development team to reduce the release frequency to no more than once a week.
  • D. Add a plugin to your Jenkins pipeline that prevents new releases whenever your service is out of SLO.

Answer: B

Explanation:
Explanation
Reason : Incident has not occurred yet, even when development team is already pushing new features multiple times a week. The option A says, to define an error budget "policy", not to define error budget(It is already present). Just simple means to bring in all stakeholders, and decide how to consume the error budget effectively that could bring balance between feature deployment and reliability.
The goals of this policy are to: -- Protect customers from repeated SLO misses -- Provide an incentive to balance reliability with other features https://sre.google/workbook/error-budget-policy/


NEW QUESTION # 48
Your CTO has asked you to implement a postmortem policy on every incident for internal use. You want to define what a good postmortem is to ensure that the policy is successful at your company. What should you do?
Choose 2 answers

  • A. Ensure that all postmortems include what caused the incident, how the incident could have been worse, and how to prevent a future occurrence of the incident.
  • B. Ensure that all postmortems include what caused the incident, identify the person or team responsible for causing the incident. and how to prevent a future occurrence of the incident.
  • C. Ensure that all postmortems include how the incident was resolved and what caused the incident without naming customer information.
  • D. Ensure that all postmortems include all incident participants in postmortem authoring and share postmortems as widely as possible,
  • E. Ensure that all postmortems include the severity of the incident, how to prevent a future occurrence of the incident. and what caused the incident without naming internal system components.

Answer: A,D

Explanation:
The correct answers are B and E.
A good postmortem should include what caused the incident, how the incident could have been worse, and how to prevent a future occurrence of the incident1. This helps to identify the root cause of the problem, the impact of the incident, and the actions to take to mitigate or eliminate the risk of recurrence.
A good postmortem should also include all incident participants in postmortem authoring and share postmortems as widely as possible2. This helps to foster a culture of learning and collaboration, as well as to increase the visibility and accountability of the incident response process.
Answer A is incorrect because it assigns blame to a person or team, which goes against the principle of blameless postmortems2. Blameless postmortems focus on finding solutions rather than pointing fingers, and encourage honest and constructive feedback without fear of punishment.
Answer C is incorrect because it omits how the incident could have been worse, which is an important factor to consider when evaluating the severity and impact of the incident1. It also avoids naming internal system components, which makes it harder to understand the technical details and root cause of the problem.
Answer D is incorrect because it omits how to prevent a future occurrence of the incident, which is the main goal of a postmortem1. It also avoids naming customer information, which may be relevant for understanding the impact and scope of the incident.


NEW QUESTION # 49
Your company has a Google Cloud resource hierarchy with folders for production test and development Your cyber security team needs to review your company's Google Cloud security posture to accelerate security issue identification and resolution You need to centralize the logs generated by Google Cloud services from all projects only inside your production folder to allow for alerting and near-real time analysis. What should you do?

  • A. Enable the Workflows API and route all the logs to Cloud Logging
  • B. Create a central Cloud Monitoring workspace and attach all related projects
  • C. Create an aggregated log sink associated with the production folder that uses a Cloud Logging bucket as the destination
  • D. Create an aggregated log sink associated with the production folder that uses a Pub Sub topic as the destination

Answer: C

Explanation:
Explanation
The best option for centralizing the logs generated by Google Cloud services from all projects only inside your production folder is to create an aggregated log sink associated with the production folder that uses a Cloud Logging bucket as the destination. An aggregated log sink is a log sink that collects logs from multiple sources, such as projects, folders, or organizations. A Cloud Logging bucket is a storage location for logs that can be used as a destination for log sinks. By creating an aggregated log sink with a Cloud Logging bucket, you can collect and store all the logs from the production folder in one place and allow for alerting and near-real time analysis using Cloud Monitoring and Cloud Operations.


NEW QUESTION # 50
......

Best way to practice test for Google Professional-Cloud-DevOps-Engineer: https://www.surepassexams.com/Professional-Cloud-DevOps-Engineer-exam-bootcamp.html

Professional-Cloud-DevOps-Engineer Dump Ready - Exam Questions and Answers: https://drive.google.com/open?id=1sI_r6S45frWyJqFPYB-lEJ8Mx2XjOPUp

Related Blogs

more
Google Professional-Cloud-DevOps-Engineer Certification Practice Exam

Copyright © 2026 SUREPASSEXAMS.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.

Disclaimers:
SurePassExams doesn't offer Real Amazon Exam Questions.