[2023年03月]更新のProfessional-Cloud-DevOps-Engineer認定実際の問題を提供します [Q27-Q51]

Share

[2023年03月]更新のProfessional-Cloud-DevOps-Engineer認定実際の問題を提供します

更新されたのはProfessional-Cloud-DevOps-Engineer問題集PDFでProfessional-Cloud-DevOps-Engineerリアル有効なブレーン問題集には82問があります!


Google Professional-Cloud-DevOps-Engineer 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Create environments dynamically per feature branch with GKE, Cloud Deployment Manager
  • Collecting third-party and structured logs with Stackdriver Logging, Fluentd
トピック 2
  • Manage different development environments
  • Vulnerability analysis with Container Registry
トピック 3
  • Artifact repositories with Container Registry
  • Balance change, velocity, and reliability of the service
トピック 4
  • Perform investigation to isolate most likely actual cause
  • Applying site reliability engineering principles to a service
トピック 5
  • Immutable artifacts with Container Registry
  • Deployment strategies with Cloud Build, Spinnaker
トピック 6
  • Communicate postmortem to stakeholders
  • Agree to consequences of not meeting the error budget
  • Construct feedback loops to decide what to build next

 

質問 27
You are part of an organization that follows SRE practices and principles. You are taking over the management of a new service from the Development Team, and you conduct a Production Readiness Review (PRR). After the PRR analysis phase, you determine that the service cannot currently meet its Service Level Objectives (SLOs). You want to ensure that the service can meet its SLOs in production. What should you do next?

  • A. Notify the development team that they will have to provide production support for the service.
  • B. djust the SLO targets to be achievable by the service so you can bring it into production.
  • C. Identify recommended reliability improvements to the service to be completed before handover.
  • D. Bring the service into production with no SLOs and build them when you have collected operational data.

正解: C

 

質問 28
Your team is designing a new application for deployment both inside and outside Google Cloud Platform (GCP). You need to collect detailed metrics such as system resource utilization. You want to use centralized GCP services while minimizing the amount of work required to set up this collection system. What should you do?

  • A. Import the Stackdriver Debugger package, and configure the application to emit debug messages with timing information.
  • B. Install an Application Performance Monitoring (APM) tool in both locations, and configure an export to a central data storage location for analysis.
  • C. Import the Stackdriver Profiler package, and configure it to relay function timing data to Stackdriver for further analysis.
  • D. Instrument the code using a timing library, and publish the metrics via a health check endpoint that is scraped by Stackdriver.

正解: B

 

質問 29
Your application runs on Google Cloud Platform (GCP). You need to implement Jenkins for deploying application releases to GCP. You want to streamline the release process, lower operational toil, and keep user data secure. What should you do?

  • A. Implement Jenkins on Kubernetes on-premises
  • B. Implement Jenkins on local workstations.
  • C. Implement Jenkins on Google Cloud Functions.
  • D. Implement Jenkins on Compute Engine virtual machines.

正解: D

解説:
Your application runs on Google Cloud Platform (GCP). You need to implement Jenkins for deploying application releases to GCP. You want to streamline the release process, lower operational toil, and keep user data secure. What should you do?
https://plugins.jenkins.io/google-compute-engine/

 

質問 30
You support an application running on GCP and want to configure SMS notifications to your team for the most critical alerts in Stackdriver Monitoring. You have already identified the alerting policies you want to configure this for. What should you do?

  • A. Select the Webhook notifications option for each alerting policy, and configure it to use a third-party integration tool. Ensure that your team members add their SMS/phone numbers to the external tool.
  • B. Download and configure a third-party integration between Stackdriver Monitoring and an SMS gateway. Ensure that your team members add their SMS/phone numbers to the external tool.
  • C. Ensure that your team members set their SMS/phone numbers in their Stackdriver Profile. Select the SMS notification option for each alerting policy and then select the appropriate SMS/phone numbers from the list.
  • D. Configure a Slack notification for each alerting policy. Set up a Slack-to-SMS integration to send SMS messages when Slack messages are received. Ensure that your team members add their SMS/phone numbers to the external integration.

正解: D

 

質問 31
You are writing a postmortem for an incident that severely affected users. You want to prevent similar incidents in the future. Which two of the following sections should you include in the postmortem? (Choose two.)

  • A. A list of employees responsible for causing the incident
  • B. Copies of the design documents for all the services impacted by the incident
  • C. Your opinion of the incident's severity compared to past incidents
  • D. A list of action items to prevent a recurrence of the incident
  • E. An explanation of the root cause of the incident

正解: A,E

 

質問 32
You are using Stackdriver to monitor applications hosted on Google Cloud Platform (GCP). You recently deployed a new application, but its logs are not appearing on the Stackdriver dashboard.
You need to troubleshoot the issue. What should you do?

  • A. Confirm that the application is using the required client library and the service account key has proper permissions.
  • B. Confirm that port 25 has been opened in the firewall to allow messages through to Stackdriver.
  • C. Confirm that your account has the proper permissions to use the Stackdriver dashboard.
  • D. Confirm that the Stackdriver agent has been installed in the hosting virtual machine.

正解: D

解説:
https://cloud.google.com/monitoring/agent/monitoring/troubleshooting#checklist

 

質問 33
Your organization recently adopted a container-based workflow for application development. Your team develops numerous applications that are deployed continuously through an automated build pipeline to a Kubernetes cluster in the production environment. The security auditor is concerned that developers or operators could circumvent automated testing and push code changes to production without approval. What should you do to enforce approvals?

  • A. Enable binary authorization inside the Kubernetes cluster and configure the build pipeline as an attestor.
  • B. Leverage Kubernetes Role-Based Access Control (RBAC) to restrict access to only approved users.
  • C. Use an Admission Controller to verify that incoming requests originate from approved sources.
  • D. Configure the build system with protected branches that require pull request approval.

正解: A

解説:
The keywords here is "developers or operators". Option A the operators could push images to production without approval (operators could touch the cluster directly and the cluster cannot do any action against them). Rest same as francisco_guerra.

 

質問 34
You use Spinnaker to deploy your application and have created a canary deployment stage in the pipeline. Your application has an in-memory cache that loads objects at start time. You want to automate the comparison of the canary version against the production version. How should you configure the canary analysis?

  • A. Compare the canary with a new deployment of the previous production version.
  • B. Compare the canary with the average performance of a sliding window of previous production versions.
  • C. Compare the canary with the existing deployment of the current production version.
  • D. Compare the canary with a new deployment of the current production version.

正解: D

 

質問 35
You support a multi-region web service running on Google Kubernetes Engine (GKE) behind a Global HTTP'S Cloud Load Balancer (CLB). For legacy reasons, user requests first go through a third-party Content Delivery Network (CDN). which then routes traffic to the CLB. You have already implemented an availability Service Level Indicator (SLI) at the CLB level. However, you want to increase coverage in case of a potential load balancer misconfiguration. CDN failure, or other global networking catastrophe. Where should you measure this new SLI?
Choose 2 answers

  • A. Your application servers' logs
  • B. A synthetic client that periodically sends simulated user requests
  • C. Instrumentation coded directly in the client
  • D. GKE health checks for your application servers
  • E. Metrics exported from the application servers

正解: B,C

 

質問 36
Your application artifacts are being built and deployed via a CI/CD pipeline. You want the CI/CD pipeline to securely access application secrets. You also want to more easily rotate secrets in case of a security breach. What should you do?

  • A. Encrypt the secrets and store them in the source code repository. Store a decryption key in a separate repository and grant your pipeline access to it
  • B. Store secrets in Cloud Storage encrypted with a key from Cloud KMS. Provide the CI/CD pipeline with access to Cloud KMS via IAM.
  • C. Store secrets in a separate configuration file on Git. Provide select developers with access to the configuration file.
  • D. Prompt developers for secrets at build time. Instruct developers to not store secrets at rest.

正解: C

 

質問 37
You support a large service with a well-defined Service Level Objective (SLO). The development team deploys new releases of the service multiple times a week. If a major incident causes the service to miss its SLO, you want the development team to shift its focus from working on features to improving service reliability. What should you do before a major incident occurs?

  • A. Negotiate with the product team to always prioritize service reliability over releasing new features.
  • B. Add a plugin to your Jenkins pipeline that prevents new releases whenever your service is out of SLO.
  • C. Develop an appropriate error budget policy in cooperation with all service stakeholders.
  • D. Negotiate with the development team to reduce the release frequency to no more than once a week.

正解: A

 

質問 38
You support a high-traffic web application with a microservice architecture. The home page of the application displays multiple widgets containing content such as the current weather, stock prices, and news headlines. The main serving thread makes a call to a dedicated microservice for each widget and then lays out the homepage for the user. The microservices occasionally fail; when that happens, the serving thread serves the homepage with some missing content. Users of the application are unhappy if this degraded mode occurs too frequently, but they would rather have some content served instead of no content at all. You want to set a Service Level Objective (SLO) to ensure that the user experience does not degrade too much. What Service Level Indicator {SLI) should you use to measure this?

  • A. An availability SLI: the ratio of healthy microservices to the total number of microservices
  • B. A latency SLI: the ratio of microservice calls that complete in under 100 ms to the total number of microservice calls
  • C. A quality SLI: the ratio of non-degraded responses to total responses
  • D. A freshness SLI: the proportion of widgets that have been updated within the last 10 minutes

正解: A

 

質問 39
You support a large service with a well-defined Service Level Objective (SLO). The development team deploys new releases of the service multiple times a week. If a major incident causes the service to miss its SLO, you want the development team to shift its focus from working on features to improving service reliability. What should you do before a major incident occurs?

  • A. Negotiate with the product team to always prioritize service reliability over releasing new features.
  • B. Add a plugin to your Jenkins pipeline that prevents new releases whenever your service is out of SLO.
  • C. Develop an appropriate error budget policy in cooperation with all service stakeholders.
  • D. Negotiate with the development team to reduce the release frequency to no more than once a week.

正解: C

解説:
Reason : Incident has not occurred yet, even when development team is already pushing new features multiple times a week. The option A says, to define an error budget "policy", not to define error budget(It is already present). Just simple means to bring in all stakeholders, and decide how to consume the error budget effectively that could bring balance between feature deployment and reliability.
The goals of this policy are to: -- Protect customers from repeated SLO misses -- Provide an incentive to balance reliability with other features https://sre.google/workbook/error-budget-policy/

 

質問 40
You are part of an organization that follows SRE practices and principles. You are taking over the management of a new service from the Development Team, and you conduct a Production Readiness Review (PRR). After the PRR analysis phase, you determine that the service cannot currently meet its Service Level Objectives (SLOs). You want to ensure that the service can meet its SLOs in production. What should you do next?

  • A. Notify the development team that they will have to provide production support for the service.
  • B. Adjust the SLO targets to be achievable by the service so you can bring it into production.
  • C. Identify recommended reliability improvements to the service to be completed before handover.
  • D. Bring the service into production with no SLOs and build them when you have collected operational data.

正解: C

 

質問 41
You support a high-traffic web application with a microservice architecture. The home page of the application displays multiple widgets containing content such as the current weather, stock prices, and news headlines. The main serving thread makes a call to a dedicated microservice for each widget and then lays out the homepage for the user. The microservices occasionally fail; when that happens, the serving thread serves the homepage with some missing content. Users of the application are unhappy if this degraded mode occurs too frequently, but they would rather have some content served instead of no content at all. You want to set a Service Level Objective (SLO) to ensure that the user experience does not degrade too much. What Service Level Indicator {SLI) should you use to measure this?

  • A. An availability SLI: the ratio of healthy microservices to the total number of microservices
  • B. A latency SLI: the ratio of microservice calls that complete in under 100 ms to the total number of microservice calls
  • C. A quality SLI: the ratio of non-degraded responses to total responses
  • D. A freshness SLI: the proportion of widgets that have been updated within the last 10 minutes

正解: A

解説:
https://cloud.google.com/blog/products/gcp/available-or-not-that-is-the-question-cre-life-lessons

 

質問 42
You encounter a large number of outages in the production systems you support. You receive alerts for all the outages that wake you up at night. The alerts are due to unhealthy systems that are automatically restarted within a minute. You want to set up a process that would prevent staff burnout while following Site Reliability Engineering practices. What should you do?

  • A. Eliminate unactionable alerts.
  • B. Redefine the related Service Level Objective so that the error budget is not exhausted.
  • C. Distribute the alerts to engineers in different time zones.
  • D. Create an incident report for each of the alerts.

正解: A

 

質問 43
Your application images are built and pushed to Google Container Registry (GCR). You want to build an automated pipeline that deploys the application when the image is updated while minimizing the development effort. What should you do?

  • A. Use Cloud Pub/Sub to trigger a custom deployment service running in Google Kubernetes Engine (GKE).
  • B. Use Cloud Pub/Sub to trigger a Spinnaker pipeline.
  • C. Use Cloud Build to trigger a Spinnaker pipeline.
  • D. Use a custom builder in Cloud Build to trigger a Jenkins pipeline.

正解: B

解説:
https://cloud.google.com/architecture/continuous-delivery-toolchain-spinnaker-cloud
https://spinnaker.io/guides/user/pipeline/triggers/pubsub/

 

質問 44
You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (Pll) is leaking into certain log entry fields. All Pll entries begin with the text userinfo. You want to capture these log entries in a secure location for later review and prevent them from leaking to Stackdriver Logging. What should you do?

  • A. Create a basic log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
  • B. Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, and then copy the entries to a Cloud Storage bucket.
  • C. Create an advanced log filter matching userinfo, configure a log export in the Stackdriver console with Cloud Storage as a sink, and then configure a tog exclusion with userinfo as a filter.
  • D. Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, create an advanced log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.

正解: A

 

質問 45
You are running a real-time gaming application on Compute Engine that has a production and testing environment. Each environment has their own Virtual Private Cloud (VPC) network. The application frontend and backend servers are located on different subnets in the environment's VPC. You suspect there is a malicious process communicating intermittently in your production frontend servers. You want to ensure that network traffic is captured for analysis. What should you do?

  • A. Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 0.5. Apply changes in testing before production.
  • B. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 1.0.
  • C. Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 1.0. Apply changes in testing before production.
  • D. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 0.5.

正解: C

 

質問 46
You have a pool of application servers running on Compute Engine. You need to provide a secure solution that requires the least amount of configuration and allows developers to easily access application logs for troubleshooting. How would you implement the solution on GCP?

  • A. * Deploy the Stackdriver logging agent to the application servers.
    * Give the developers the IAM Logs Viewer role to access Stackdriver and view logs.
  • B. * Deploy the Stackdriver monitoring agent to the application servers.
    * Give the developers the IAM Monitoring Viewer role to access Stackdriver and view metrics.
  • C. * Deploy the Stackdriver logging agent to the application servers.
    * Give the developers the IAM Logs Private Logs Viewer role to access Stackdriver and view logs.
  • D. * Install the gsutil command line tool on your application servers.
    * Write a script using gsutil to upload your application log to a Cloud Storage bucket, and then schedule it to run via cron every 5 minutes.
    * Give the developers IAM Object Viewer access to view the logs in the specified bucket.

正解: C

 

質問 47
You created a Stackdriver chart for CPU utilization in a dashboard within your workspace project. You want to share the chart with your Site Reliability Engineering (SRE) team only. You want to ensure you follow the principle of least privilege. What should you do?

  • A. Share the workspace Project ID with the SRE team. Assign the SRE team the Monitoring Viewer IAM role in the workspace project.
  • B. Click "Share chart by URL" and provide the URL to the SRE team. Assign the SRE team the Dashboard Viewer IAM role in the workspace project.
  • C. Share the workspace Project ID with the SRE team. Assign the SRE team the Dashboard Viewer IAM role in the workspace project.
  • D. Click "Share chart by URL" and provide the URL to the SRE team. Assign the SRE team the Monitoring Viewer IAM role in the workspace project.

正解: C

 

質問 48
You are on-call for an infrastructure service that has a large number of dependent systems. You receive an alert indicating that the service is failing to serve most of its requests and all of its dependent systems with hundreds of thousands of users are affected. As part of your Site Reliability Engineering (SRE) incident management protocol, you declare yourself Incident Commander (IC) and pull in two experienced people from your team as Operations Lead (OLJ and Communications Lead (CL). What should you do next?

  • A. Look for ways to mitigate user impact and deploy the mitigations to production.
  • B. Start a postmortem, add incident information, circulate the draft internally, and ask internal stakeholders for input.
  • C. Contact the affected service owners and update them on the status of the incident.
  • D. Establish a communication channel where incident responders and leads can communicate with each other.

正解: A

 

質問 49
You use a multiple step Cloud Build pipeline to build and deploy your application to Google Kubernetes Engine (GKE). You want to integrate with a third-party monitoring platform by performing a HTTP POST of the build information to a webhook. You want to minimize the development effort. What should you do?

  • A. Create a Cloud Pub/Sub push subscription to the Cloud Build cloud-builds PubSub topic to HTTP POST the build information to a webhook.
  • B. Add a new step at the end of the pipeline in Cloud Build to HTTP POST the build information to a webhook.
  • C. Use Stackdriver Logging to create a logs-based metric from the Cloud Buitd logs. Create an Alert with a Webhook notification type.
  • D. Add logic to each Cloud Build step to HTTP POST the build information to a webhook.

正解: B

 

質問 50
You have a CI/CD pipeline that uses Cloud Build to build new Docker images and push them to Docker Hub. You use Git for code versioning. After making a change in the Cloud Build YAML configuration, you notice that no new artifacts are being built by the pipeline. You need to resolve the issue following Site Reliability Engineering practices. What should you do?

  • A. Run a Git compare between the previous and current Cloud Build Configuration files to find and fix the bug.
  • B. Disable the CI pipeline and revert to manually building and pushing the artifacts.
  • C. Upload the configuration YAML file to Cloud Storage and use Error Reporting to identify and fix the issue.
  • D. Change the CI pipeline to push the artifacts to Container Registry instead of Docker Hub.

正解: A

解説:
"After making a change in the Cloud Build YAML configuration, you notice that no new artifacts are being built by the pipeline"- means something wrong on the recent change not with the image registry.

 

質問 51
......

あなたをお手軽にProfessional-Cloud-DevOps-Engineer試験合格させるし100%試験合格保証:https://jp.fast2test.com/Professional-Cloud-DevOps-Engineer-premium-file.html

100%無料Professional-Cloud-DevOps-Engineer試験問題集実際問題を使おうCloud DevOps Engineer問題集:https://drive.google.com/open?id=1FOHmN1aNX9L_PXbTx029irmMuiM9dm7a


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어