Professional-Cloud-DevOps-Engineer Google Cloud Certified - Professional Cloud DevOps Engineer Exam Questions and Answers

Call individual stakeholders lo explain what happened.

Develop a post-mortem to be distributed to stakeholders.

Send the Incident State Document to all the stakeholders.

Require the engineer responsible to write an apology email to all stakeholders.

MTTD: 5

MTTR: 10

MTBF: 90

Impact: 33%

MTTD:5

MTTR: 20

MTBF: 90

Impact: 33%

MTTD:5

MTTR: 10

MTBF: 90

Impact 50%

MTTD:5

MTTR: 20

MTBF: 90

Impact: 50%

Create a basic log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.

Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, and then copy the entries to a Cloud Storage bucket.

Create an advanced log filter matching userinfo, configure a log export in the Stackdriver console with Cloud Storage as a sink, and then configure a tog exclusion with userinfo as a filter.

Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, create an advanced log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.

Assign the Container Developer role to the Cloud Build service account.

Specify the Container Developer role for Cloud Build in the cloudbuild.yaml file.

Create a new service account with the Container Developer role and use it to run Cloud Build.

Create a separate step in Cloud Build to retrieve service account credentials and pass these to kubectl.

Store the Terraform code in a version-control system. Establish procedures for pushing new versions and merging with the master.

Store the Terraform code in a network shared folder with child folders for each version release. Ensure that everyone works on different files.

Store the Terraform code in a Cloud Storage bucket using object versioning. Give access to the bucket to every team member so they can download the files.

Store the Terraform code in a shared Google Drive folder so it syncs automatically to every team member’s computer. Organize files with a naming convention that identifies each new version.

Before merging new code, require 2 different peers to review the code changes.

Adopt the blue/green deployment strategy when releasing new code via a CD server.

Integrate a code linting tool to validate coding standards before any code is accepted into the repository.

Require developers to run automated integration tests on their local development environments before release.

Configure a CI server. Add a suite of unit tests to your code and have your CI server run them on commit and verify any changes.

Adjust the SLO targets to be achievable by the service so you can bring it into production.

Notify the development team that they will have to provide production support for the service.

Identify recommended reliability improvements to the service to be completed before handover.

Bring the service into production with no SLOs and build them when you have collected operational data.

Roll back the experimental canary release.

Start monitoring latency, traffic, errors, and saturation.

Record data for the postmortem document of the incident.

Trace the origin of 500 errors and the root cause of increased latency.

Compare the canary with a new deployment of the current production version.

Compare the canary with a new deployment of the previous production version.

Compare the canary with the existing deployment of the current production version.

Compare the canary with the average performance of a sliding window of previous production versions.

Configure Prometheus cross-service federation for centralized data access

Configure workload metrics within Cloud Operations for GKE

Configure Prometheus hierarchical federation for centralized data access

Configure Google Cloud Managed Service for Prometheus

Deploy the prototype product in a test environment, run a load test, and share the results with the product development team.

When the initial product version passes the quality assurance phase and compliance assessments, deploy the product to a staging environment. Share error logs and performance metrics with the product development team.

When the new product is used by at least one internal customer in production, share error logs and monitoring metrics with the product development team.

Review the design of the product with the product development team to provide feedback early in the design phase.

Eliminate unactionable alerts.

Create an incident report for each of the alerts.

Distribute the alerts to engineers in different time zones.

Redefine the related Service Level Objective so that the error budget is not exhausted.

Premium Tier with a global load balancer

Premium Tier with a regional load balancer

Standard Tier with a global load balancer

Standard Tier with a regional load balancer

Perform a rolling deployment and test your new application after the deployment is complete

Perform A. B testing, and test your application periodically after the deployment is complete

Perform a canary deployment, and test your new application periodically after the new version is deployed

Perform a blue/green deployment and test your new application after the deployment is complete

Add logic to each Cloud Build step to HTTP POST the build information to a webhook.

Add a new step at the end of the pipeline in Cloud Build to HTTP POST the build information to a webhook.

Use Stackdriver Logging to create a logs-based metric from the Cloud Buitd logs. Create an Alert with a Webhook notification type.

Create a Cloud Pub/Sub push subscription to the Cloud Build cloud-builds PubSub topic to HTTP POST the build information to a webhook.

Calculate the value of improved availability to be $900, and determine that the increase in availability is not worth the investment

Calculate the value of improved availability to be $1 000 and determine that the increase in availability is not worth the investment

Calculate the value of improved availability to be $1 000 and determine that the increase in availability is worth the investment

Calculate the value of improved availability to be $9,000. and determine that the increase in availability is worth the investment

• Store your code in a Git-based version control system.

• Establish a process that allows developers to merge their own changes at the end of each day.

• Package and upload code lo a versioned Cloud Storage bucket as the latest master version.

• Store your code in a Git-based version control system.

• Establish a process that includes code reviews by peers and unit testing to ensure integrity and functionality before integration of code.

• Establish a process where the fully integrated code in the repository becomes the latest master version.

• Store your code as text files in Google Drive in a defined folder structure that organizes the files.

• At the end of each day. confirm that all changes have been captured in the files within the folder structure.

• Rename the folder structure with a predefined naming convention that increments the version.

• Store your code as text files in Google Drive in a defined folder structure that organizes the files.

• At the end of each day, confirm that all changes have been captured in the files within the folder structure and create a new .zip archive with a predefined naming convention.

• Upload the .zip archive to a versioned Cloud Storage bucket and accept it as the latest version.

1. Export VM utilization logs from Stackdriver to BigOuery.

2. Create a dashboard in Data Studio.

3. Share the dashboard with your stakeholders.

1. Export VM utilization logs from Stackdriver to Cloud Pub/Sub.

2. From Cloud Pub/Sub, send the logs to a Security Information and Event Management (SIEM) system.

3. Build the dashboards in the SIEM system and share with your stakeholders.

1. Export VM utilization logs (rom Stackdriver to BigQuery.

2. From BigQuery. export the logs to a CSV file.

3. Import the CSV file into Google Sheets.

4. Build a dashboard in Google Sheets and share it with your stakeholders.

1. Export VM utilization logs from Stackdriver to a Cloud Storage bucket.

2. Enable the Cloud Storage API to pull the logs programmatically.

3. Build a custom data visualization application.

4. Display the pulled logs in a custom dashboard.

Use the Google Cloud console to create projects.

Write a script by using the gcloud CLI that passes the appropriate parameters from the request. Save the script in a Git repository.

Write a Terraform module and save it in your source control repository. Copy and run the apply command to create the new project.

Use the Terraform repositories from the Cloud Foundation Toolkit. Apply the code with appropriate parameters to create the Google Cloud project and related resources.

Configure the horizontal pod autoscaler to use the average response time from the Liveness and Readiness probes.

Configure the vertical pod autoscaler in GKE and enable the cluster autoscaler to scale the cluster as pods expand.

Install the Stackdriver custom metrics adapter and configure a horizontal pod autoscaler to use the number of requests provided by the GCLB.

Expose the NGINX stats endpoint and configure the horizontal pod autoscaler to use the request metrics exposed by the NGINX deployment.

Identify engineers responsible for the incident and escalate to their senior management.

Ensure that test cases that catch errors of this type are run successfully before new software releases.

Follow up with the employees who reviewed the changes and prescribe practices they should follow in the future.

Design a policy that will require on-call teams to immediately call engineers and management to discuss a plan of action if an incident occurs.

Prompt developers for secrets at build time. Instruct developers to not store secrets at rest.

Store secrets in a separate configuration file on Git. Provide select developers with access to the configuration file.

Store secrets in Cloud Storage encrypted with a key from Cloud KMS. Provide the CI/CD pipeline with access to Cloud KMS via IAM.

Encrypt the secrets and store them in the source code repository. Store a decryption key in a separate repository and grant your pipeline access to it

Export logs to BigQuery tables for each project team. Grant project teams access to their tables. Grant logs writer access to the operations team in the central logging project.

Create log views for each project team, and only show each project team their application logs. Grant the operations team access to the _ Al Il-jogs View in the central logging project.

Grant each project team access to the project _ Default view in the central logging project. Grant logging viewer access to the operations team in the central logging project.

Create Identity and Access Management (IAM) roles for each project team and restrict access to the _ Default log view in their individual Google Cloud project. Grant viewer access to the operations team in the central logging project.

Create a trigger to notify the required team to complete the next step when manual intervention is required

Divide the automation steps into smaller tasks

Use a script to automate the creation of the deployment pipeline in Google Cloud Deploy

Add more engineers to finish the manual steps.

Automate promotion approvals from the development environment to the test environment

Run the kubectl rollout undo command

Delete the new container image, and delete the running Pods

Update the Kubernetes Service to point to the previous Kubernetes Deployment

Scale the new Kubernetes Deployment to zero

Create a single aggregated log sink at the organization level.

Create a log sink in each project

Create two aggregated log sinks at the organization level, and filter by project ID

Create an aggregated Iog sink in the Dev and Prod folders

Use Cloud Build private pools to connect to the private VPC.

Use Spinnaker for Google Cloud to connect to the private VPC.

Use Cloud Build as a pipeline runner. Configure Internal HTTP(S) Load Balancing for API access.

Use Cloud Build as a pipeline runner. Configure External HTTP(S) Load Balancing with a Google Cloud Armor policy for API access.

• In your application, create a metric with a metricKind set to DELTA and a valueType set to DOUBLE.

• In Stackdriver's Metrics Explorer, use a Slacked Bar graph to visualize the metric.

• In your application, create a metric with a metricKind set to CUMULATIVE and a valueType set to DOUBLE.

• In Stackdriver's Metrics Explorer, use a Line graph to visualize the metric.

• In your application, create a metric with a metricKind set to gauge and a valueType set to distribution.

• In Stackdriver's Metrics Explorer, use a Heatmap graph to visualize the metric.

• In your application, create a metric with a metricKind. set toMETRlc_KIND_UNSPECIFIEDanda valueType set to INT64.

• In Stackdriver's Metrics Explorer, use a Stacked Area graph to visualize the metric.

Use the gcloud CLI to install the Ops Agent on each VM listed in the Cloud Asset Inventory

Select all VMs with an Agent status of Not detected on the Cloud Operations VMs dashboard Then select Install agents

Use the gcloud CLI to create an Agent Policy.

Install the Ops Agent on the Compute Engine image by using a startup script

Migrate the application to Cloud Run, and use autoscaling.

Load test the application to profile its performance for scaling.

Create a Terraform configuration for the application's underlying infrastructure to quickly deploy to additional regions.

Pre-provision the additional compute power that was used last season, and expect growth.

Use a partitioned rolling update.

Use Node taints with NoExecute.

Use a replica set in the deployment specification.

Use a stateful set with parallel pod management policy.

Install the Stackdriver Error Reporting library for Python, and then run your code on a Compute Engine VM.

Install the Stackdriver Error Reporting library for Python, and then run your code on Google Kubernetes Engine.

Install the Stackdriver Error Reporting library for Python, and then run your code on App Engine flexible environment.

Use the Stackdriver Error Reporting API to write errors from your application to ReportedErrorEvent, and then generate log entries with properly formatted error messages in Stackdriver Logging.

Analyze VPC flow logs along the path of the request.

Investigate the Liveness and Readiness probes for each service.

Create a Dataflow pipeline to analyze service metrics in real time.

Use a distributed tracing framework such as OpenTelemetry or Stackdriver Trace.

Make the service’s SLO more strict.

Increase the service’s deployment velocity and/or risk.

Shift engineering time to other services that need more reliability.

Get the product team to prioritize reliability work over new features.

Change the implementation of your Service Level Indicators (SLIs) to increase coverage.

Operations Lead

Engineering Lead

Communications Lead

Customer Impact Assessor

External Customer Communications Lead

Create a new tag called stable that points to the previously working container, and change the deployment to point to the new tag.

Apply the latest tag to the previous container image, and do a rolling update on the deployment.

Build a new container from a previous Git tag, and do a rolling update on the deployment to the new container.

Alter the deployment to point to the sha2 56 digest of the previously working container.

Grant the team members the IAM role of logging.configWriter on Cloud IAM.

Configure Access Context Manager to allow only these members to export logs.

Create and grant a custom IAM role with the permissions logging.sinks.list and logging.sink.get.

Create an Organizational Policy in Cloud IAM to allow only these members to create log exports.

A scalable in-memory caching system

The organization's public-facing website

A distributed, eventually consistent NoSQL database cluster with sufficient quorum

A GPU-accelerated video rendering platform that retrieves and stores videos in a storage bucket

Push the images to Google Container Registry (GCR) using the gcr.io hostname.

Push the images to Google Container Registry (GCR) using the us.gcr.io hostname.

Push the images to Google Container Registry (GCR) using the eu.gcr.io hostname.

Push the images to a private image registry running on a Compute Engine instance in the eu-west-1 region.

Check the serial port logs of the Compute Engine instance.

Use Stackdriver Profiler to visualize the resources utilization throughout the application.

Determine whether there is an increased number of connections to the Cloud SQL instance.

Use Cloud Security Scanner to see whether your Cloud SQL is under a Distributed Denial of Service (DDoS) attack.

Instrument all applications with Stackdriver Profiler.

Instrument all applications with Stackdriver Trace and review inter-service HTTP requests.

Use Stackdriver Debugger to review the execution of logic within each application to instrument all applications.

Modify the Node.js application to log HTTP request and response times to dependent applications. Use Stackdriver Logging to find dependent applications that are performing poorly.

In the Google Cloud Platform Console, use the Cost Breakdown section to visualize the costs per system.

Assign all instances a label specific to the system they run. Configure BigQuery billing export and query costs per label.

Enrich all instances with metadata specific to the system they run. Configure Stackdriver Logging to export to BigQuery, and query costs based on the metadata.

Name each virtual machine (VM) after the system it runs. Set up a usage report export to a Cloud Storage bucket. Configure the bucket as a source in BigQuery to query costs based on VM name.

Create a Cloud Storage bucket and use the built-in encryption at rest. Store the secrets in the bucket and grant Cloud Build access to the bucket.

Encrypt the secrets and store them in the application repository. Store a decryption key in a separate repository and grant Cloud Build access to the repository.

Use client-side encryption to encrypt the secrets and store them in a Cloud Storage bucket. Store a decryption key in the bucket and grant Cloud Build access to the bucket.

Use Cloud Key Management Service (Cloud KMS) to encrypt the secrets and include them in your Cloud Build deployment configuration. Grant Cloud Build access to the KeyRing.

Create one GCP Project per team. In each project, create a cluster for Development and one for Production. Grant the teams IAM access to their respective clusters.

Create one GCP Project per team. In each project, create a cluster with a Kubernetes namespace for Development and one for Production. Grant the teams IAM access to their respective clusters.

Create a Development and a Production GKE cluster in separate projects. In each cluster, create a Kubernetes namespace per team, and then configure Identity Aware Proxy so that each team can only access its own namespace.

Create a Development and a Production GKE cluster in separate projects. In each cluster, create a Kubernetes namespace per team, and then configure Kubernetes Role-based access control (RBAC) so that each team can only access its own namespace.