[2024年01月03日] Professional-Cloud-DevOps-Engineer問題集でCloud DevOps Engineer合格確定させる練習問題集 [Q69-Q90]

Share

[2024年01月03日]Fast2test Professional-Cloud-DevOps-Engineer問題集でCloud DevOps Engineer合格確定させる練習問題集

Google Professional-Cloud-DevOps-Engineer実際にある問題とブレーン問題集


Google Professional-Cloud-Devops-Engineer認定試験の資格を得るには、候補者は、DevOpsエンジニアリングの役割で少なくとも3年間の経験があり、Google Cloudを使用して最低1年の経験が必要です。候補者は、PythonやBashなどのスクリプト言語の経験と同様に、ソフトウェア開発の原則と実践を確実に理解することも期待されています。

 

質問 # 69
You encountered a major service outage that affected all users of the service for multiple hours. After several hours of incident management, the service returned to normal, and user access was restored. You need to provide an incident summary to relevant stakeholders following the Site Reliability Engineering recommended practices. What should you do first?

  • A. Send the Incident State Document to all the stakeholders.
  • B. Call individual stakeholders lo explain what happened.
  • C. Require the engineer responsible to write an apology email to all stakeholders.
  • D. Develop a post-mortem to be distributed to stakeholders.

正解:D


質問 # 70
You use Terraform to manage an application deployed to a Google Cloud environment The application runs on instances deployed by a managed instance group The Terraform code is deployed by using a CI/CD pipeline When you change the machine type on the instance template used by the managed instance group, the pipeline fails at the terraform apply stage with the following error message

You need to update the instance template and minimize disruption to the application and the number of pipeline runs What should you do?

  • A. Delete the managed instance group and recreate it after updating the instance template
  • B. Remove the managed instance group from the Terraform state file update the instance template and reimport the managed instance group.
  • C. Set the create_bef ore_destroy meta-argument to true in the lifecycle block on the instance template
  • D. Add a new instance template update the managed instance group to use the new instance template and delete the old instance template

正解:C

解説:
Explanation
The best option for updating the instance template and minimizing disruption to the application and the number of pipeline runs is to set the create_before_destroy meta-argument to true in the lifecycle block on the instance template. The create_before_destroy meta-argument is a Terraform feature that specifies that a new resource should be created before destroying an existing one during an update. This way, you can avoid downtime and errors when updating a resource that is in use by another resource, such as an instance template that is used by a managed instance group. By setting the create_before_destroy meta-argument to true in the lifecycle block on the instance template, you can ensure that Terraform creates a new instance template with the updated machine type, updates the managed instance group to use the new instance template, and then deletes the old instance template.


質問 # 71
You encountered a major service outage that affected all users of the service for multiple hours. After several hours of incident management, the service returned to normal, and user access was restored. You need to provide an incident summary to relevant stakeholders following the Site Reliability Engineering recommended practices. What should you do first?

  • A. Develop a post-mortem to be distributed to stakeholders.
  • B. Call individual stakeholders lo explain what happened.
  • C. Require the engineer responsible to write an apology email to all stakeholders.
  • D. Send the Incident State Document to all the stakeholders.

正解:D


質問 # 72
You currently store the virtual machine (VM) utilization logs in Stackdriver. You need to provide an easy-to- share interactive VM utilization dashboard that is updated in real time and contains information aggregated on a quarterly basis. You want to use Google Cloud Platform solutions. What should you do?

  • A. 1. Export VM utilization logs from Stackdriver to a Cloud Storage bucket.
    2. Enable the Cloud Storage API to pull the logs programmatically.
    3. Build a custom data visualization application.
    4. Display the pulled logs in a custom dashboard.
  • B. 1. Export VM utilization logs from Stackdriver to BigQuery.
    2. From BigQuery, export the logs to a CSV file.
    3. Import the CSV file into Google Sheets.
    4. Build a dashboard in Google Sheets and share it with your stakeholders.
  • C. 1. Export VM utilization logs from Stackdriver to Cloud Pub/Sub.
    2. From Cloud Pub/Sub, send the logs to a Security Information and Event Management (SIEM) system.
    3. Build the dashboards in the SIEM system and share with your stakeholders.
  • D. 1. Export VM utilization logs from Stackdriver to BigQuery.
    2. Create a dashboard in Data Studio.
    3. Share the dashboard with your stakeholders.

正解:D


質問 # 73
You have a pool of application servers running on Compute Engine. You need to provide a secure solution that requires the least amount of configuration and allows developers to easily access application logs for troubleshooting. How would you implement the solution on GCP?

  • A. * Deploy the Stackdriver logging agent to the application servers.
    * Give the developers the IAM Logs Viewer role to access Stackdriver and view logs.
  • B. * Install the gsutil command line tool on your application servers.
    * Write a script using gsutil to upload your application log to a Cloud Storage bucket, and then schedule it to run via cron every 5 minutes.
    * Give the developers IAM Object Viewer access to view the logs in the specified bucket.
  • C. * Deploy the Stackdriver logging agent to the application servers.
    * Give the developers the IAM Logs Private Logs Viewer role to access Stackdriver and view logs.
  • D. * Deploy the Stackdriver monitoring agent to the application servers.
    * Give the developers the IAM Monitoring Viewer role to access Stackdriver and view metrics.

正解:A

解説:
Explanation
https://cloud.google.com/logging/docs/audit#access-control


質問 # 74
You are deploying an application that needs to access sensitive information. You need to ensure that this information is encrypted and the risk of exposure is minimal if a breach occurs. What should you do?

  • A. Leverage a continuous build pipeline that produces multiple versions of the secret for each instance of the application.
  • B. Inject the secret at the time of instance creation via an encrypted configuration management system.
  • C. Integrate the application with a Single sign-on (SSO) system and do not expose secrets to the application
  • D. Store the encryption keys in Cloud Key Management Service (KMS) and rotate the keys frequently

正解:D

解説:
https://cloud.google.com/security-key-management


質問 # 75
Your application artifacts are being built and deployed via a CI/CD pipeline. You want the CI/CD pipeline to securely access application secrets. You also want to more easily rotate secrets in case of a security breach. What should you do?

  • A. Encrypt the secrets and store them in the source code repository. Store a decryption key in a separate repository and grant your pipeline access to it
  • B. Prompt developers for secrets at build time. Instruct developers to not store secrets at rest.
  • C. Store secrets in Cloud Storage encrypted with a key from Cloud KMS. Provide the CI/CD pipeline with access to Cloud KMS via IAM.
  • D. Store secrets in a separate configuration file on Git. Provide select developers with access to the configuration file.

正解:D


質問 # 76
You have a pool of application servers running on Compute Engine. You need to provide a secure solution that requires the least amount of configuration and allows developers to easily access application logs for troubleshooting. How would you implement the solution on GCP?

  • A. * Install the gsutil command line tool on your application servers.
    * Write a script using gsutil to upload your application log to a Cloud Storage bucket, and then schedule it to run via cron every 5 minutes.
    * Give the developers IAM Object Viewer access to view the logs in the specified bucket.
  • B. * Deploy the Stackdriver logging agent to the application servers.
    * Give the developers the IAM Logs Private Logs Viewer role to access Stackdriver and view logs.
  • C. * Deploy the Stackdriver monitoring agent to the application servers.
    * Give the developers the IAM Monitoring Viewer role to access Stackdriver and view metrics.
  • D. * Deploy the Stackdriver logging agent to the application servers.
    * Give the developers the IAM Logs Viewer role to access Stackdriver and view logs.

正解:B


質問 # 77
You are creating and assigning action items in a postmodern for an outage. The outage is over, but you need to address the root causes. You want to ensure that your team handles the action items quickly and efficiently. How should you assign owners and collaborators to action items?

  • A. Assign the team lead as the owner for all action items because they are in charge of the SRE team.
  • B. Assign multiple owners for each item to guarantee that the team addresses items quickly
  • C. Assign one owner for each action item and any necessary collaborators.
  • D. Assign collaborators but no individual owners to the items to keep the postmortem blameless.

正解:C


質問 # 78
You support a production service that runs on a single Compute Engine instance. You regularly need to spend time on recreating the service by deleting the crashing instance and creating a new instance based on the relevant image. You want to reduce the time spent performing manual operations while following Site Reliability Engineering principles. What should you do?

  • A. File a bug with the development team so they can find the root cause of the crashing instance.
  • B. Create a Managed Instance Group with a single instance and use health checks to determine the system status.
  • C. Add a Load Balancer in front of the Compute Engine instance and use health checks to determine the system status.
  • D. Create a Stackdriver Monitoring dashboard with SMS alerts to be able to start recreating the crashed instance promptly after it has crashed.

正解:C


質問 # 79
You support a web application that runs on App Engine and uses CloudSQL and Cloud Storage for data storage. After a short spike in website traffic, you notice a big increase in latency for all user requests, increase in CPU use, and the number of processes running the application. Initial troubleshooting reveals:
After the initial spike in traffic, load levels returned to normal but users still experience high latency.
Requests for content from the CloudSQL database and images from Cloud Storage show the same high latency.
No changes were made to the website around the time the latency increased.
There is no increase in the number of errors to the users.
You expect another spike in website traffic in the coming days and want to make sure users don't experience latency. What should you do?

  • A. Upgrade the GCS buckets to Multi-Regional.
  • B. Move the application from App Engine to Compute Engine.
  • C. Modify the App Engine configuration to have additional idle instances.
  • D. Enable high availability on the CloudSQL instances.

正解:C

解説:
Scaling App Engine scales the number of instances automatically in response to processing volume. This scaling factors in the automatic_scaling settings that are provided on a per-version basis in the configuration file. A service with basic scaling is configured by setting the maximum number of instances in the max_instances parameter of the basic_scaling setting. The number of live instances scales with the processing volume. You configure the number of instances of each version in that service's configuration file. The number of instances usually corresponds to the size of a dataset being held in memory or the desired throughput for offline work. You can adjust the number of instances of a manually-scaled version very quickly, without stopping instances that are currently running, using the Modules API set_num_instances function. https://cloud.google.com/appengine/docs/standard/python/how-instances-are-managed
https://cloud.google.com/appengine/docs/standard/python/config/appref
max_idle_instances Optional. The maximum number of idle instances that App Engine should maintain for this version. Specify a value from 1 to 1000. If not specified, the default value is automatic, which means App Engine will manage the number of idle instances. Keep the following in mind: A high maximum reduces the number of idle instances more gradually when load levels return to normal after a spike. This helps your application maintain steady performance through fluctuations in request load, but also raises the number of idle instances (and consequent running costs) during such periods of heavy load.


質問 # 80
You are creating and assigning action items in a postmodern for an outage. The outage is over, but you need to address the root causes. You want to ensure that your team handles the action items quickly and efficiently. How should you assign owners and collaborators to action items?

  • A. Assign the team lead as the owner for all action items because they are in charge of the SRE team.
  • B. Assign multiple owners for each item to guarantee that the team addresses items quickly
  • C. Assign one owner for each action item and any necessary collaborators.
  • D. Assign collaborators but no individual owners to the items to keep the postmortem blameless.

正解:C

解説:
https://devops.com/when-it-disaster-strikes-part-3-conducting-a-blameless-post-mortem/


質問 # 81
Your organization stores all application logs from multiple Google Cloud projects in a central Cloud Logging project. Your security team wants to enforce a rule that each project team can only view their respective logs, and only the operations team can view all the logs. You need to design a solution that meets the security team's requirements, while minimizing costs. What should you do?

  • A. Create Identity and Access Management (IAM) roles for each project team and restrict access to the _ Default log view in their individual Google Cloud project. Grant viewer access to the operations team in the central logging project.
  • B. Create log views for each project team, and only show each project team their application logs. Grant the operations team access to the _ Al Il-jogs View in the central logging project.
  • C. Export logs to BigQuery tables for each project team. Grant project teams access to their tables. Grant logs writer access to the operations team in the central logging project.
  • D. Grant each project team access to the project _ Default view in the central logging project. Grant logging viewer access to the operations team in the central logging project.

正解:B

解説:
Explanation
Create log views for each project team, and only show each project team their application logs. Grant the operations team access to the _AllLogs View in the central logging project1.
This approach aligns with the Google Cloud's recommended methodologies for Professional Cloud DevOps Engineers1. Log views allow you to create and manage access control at a finer granularity for your logs. By creating a separate log view for each project team, you can ensure that they only have access to their respective logs. The operations team, on the other hand, can be granted access to the _AllLogs view in the central logging project, allowing them to view all logs as required.
This solution not only meets the security team's requirements but also minimizes costs as it leverages built-in features of Google Cloud's logging and does not require exporting logs to another service like BigQuery (as suggested in option A), which could incur additional costs1.


質問 # 82
You deploy a new release of an internal application during a weekend maintenance window when there is minimal user tragic. After the window ends, you learn that one of the new features isn't working as expected in the production environment. After an extended outage, you roll back the new release and deploy a fix. You want to modify your release process to reduce the mean time to recovery so you can avoid extended outages in the future. What should you do? (Choose two.)

  • A. Integrate a code linting tool to validate coding standards before any code is accepted into the repository.
  • B. Configure a CI server. Add a suite of unit tests to your code and have your CI server run them on commit and verify any changes.
  • C. Adopt the blue/green deployment strategy when releasing new code via a CD server.
  • D. Before merging new code, require 2 different peers to review the code changes.
  • E. Require developers to run automated integration tests on their local development environments before release.

正解:A、D


質問 # 83
You need to create a Cloud Monitoring SLO for a service that will be published soon. You want to verify that requests to the service will be addressed in fewer than 300 ms at least 90% Of the time per calendar month.
You need to identify the metric and evaluation method to use. What should you do?

  • A. Select a latency metric for a window-based method of evaluation.
  • B. Select an availability metric for a request-based method of evaluation.
  • C. Select a latency metric for a request-based method of evaluation.
  • D. Select an availability metric for a window-based method Of evaluation.

正解:C

解説:
Explanation
The correct answer is A. Select a latency metric for a request-based method of evaluation.
A latency metric measures how responsive your service is to users. For example, you can use the cloud.googleapis.com/http/server/response_latencies metric to measure the latency of HTTP requests to your service1. A request-based method of evaluation counts the number of successful requests that meet a certain criterion, such as being below a latency threshold, and compares it to the number of all requests. For example, you can define an SLI as the ratio of requests with latency below 300 ms to all requests2. A request-based method of evaluation is suitable for measuring performance over time, such as per calendar month. You can set an SLO for the SLI to be at least 90%, which means that you expect 90% of the requests to have latency below 300 ms in a month3.


質問 # 84
You have a CI/CD pipeline that uses Cloud Build to build new Docker images and push them to Docker Hub.
You use Git for code versioning. After making a change in the Cloud Build YAML configuration, you notice that no new artifacts are being built by the pipeline. You need to resolve the issue following Site Reliability Engineering practices. What should you do?

  • A. Change the CI pipeline to push the artifacts to Container Registry instead of Docker Hub.
  • B. Disable the CI pipeline and revert to manually building and pushing the artifacts.
  • C. Upload the configuration YAML file to Cloud Storage and use Error Reporting to identify and fix the issue.
  • D. Run a Git compare between the previous and current Cloud Build Configuration files to find and fix the bug.

正解:D

解説:
Explanation
"After making a change in the Cloud Build YAML configuration, you notice that no new artifacts are being built by the pipeline"- means something wrong on the recent change not with the image registry.


質問 # 85
Your team is building a service that performs compute-heavy processing on batches of data The data is processed faster based on the speed and number of CPUs on the machine These batches of data vary in size and may arrive at any time from multiple third-party sources You need to ensure that third parties are able to upload their data securely. You want to minimize costs while ensuring that the data is processed as quickly as possible What should you do?

  • A. * Provide a Cloud Storage bucket so that third parties can upload batches of data, and provide appropriate Identity and Access Management (1AM) access to the bucket
    * Use Cloud Monitoring to detect new batches of data in the bucket and trigger a Cloud Function that processes the data
    * Set a Cloud Function to use the largest CPU possible to minimize the runtime of the processing
  • B. * Provide a secure file transfer protocol (SFTP) server on a Compute Engine instance so that third parties can upload batches of data and provide appropriate credentials to the server
    * Create a Cloud Function with a google.storage, object, finalize Cloud Storage trigger Write code so that the function can scale up a Compute Engine autoscaling managed instance group
    * Use an image pre-loaded with the data processing software that terminates the instances when processing completes
  • C. * Provide a Cloud Storage bucket so that third parties can upload batches of data, and provide appropriate Identity and Access Management (1AM) access to the bucket
    * Use a standard Google Kubernetes Engine (GKE) cluster and maintain two services one that processes the batches of data and one that monitors Cloud Storage for new batches of data
    * Stop the processing service when there are no batches of data to process
  • D. * Provide a Cloud Storage bucket so that third parties can upload batches of data, and provide appropriate identity and Access Management (1AM) access to the bucket
    * Create a Cloud Function with a google, storage, object .finalise Cloud Storage trigger Write code so that the function can scale up a Compute Engine autoscaling managed instance group
    * Use an image pre-loaded with the data processing software that terminates the instances when processing completes

正解:D

解説:
Explanation
The best option for ensuring that third parties are able to upload their data securely and minimizing costs while ensuring that the data is processed as quickly as possible is to provide a Cloud Storage bucket so that third parties can upload batches of data, and provide appropriate Identity and Access Management (IAM) access to the bucket; create a Cloud Function with a google.storage.object.finalize Cloud Storage trigger; write code so that the function can scale up a Compute Engine autoscaling managed instance group; use an image pre-loaded with the data processing software that terminates the instances when processing completes. A Cloud Storage bucket is a resource that allows you to store and access data in Google Cloud. You can provide a Cloud Storage bucket so that third parties can upload batches of data securely and conveniently. You can also provide appropriate IAM access to the bucket by using roles and policies to control who can read or write data to the bucket. A Cloud Function is a serverless function that executes code in response to an event, such as a change in a Cloud Storage bucket. A google.storage.object.finalize trigger is a type of trigger that fires when a new object is created or an existing object is overwritten in a Cloud Storage bucket. You can create a Cloud Function with a google.storage.object.finalize trigger so that the function runs whenever a new batch of data is uploaded to the bucket. You can write code so that the function can scale up a Compute Engine autoscaling managed instance group, which is a group of VM instances that automatically adjusts its size based on load or custom metrics. You can use an image pre-loaded with the data processing software that terminates the instances when processing completes, which means that the instances only run when there is data to process and stop when they are done. This way, you can minimize costs while ensuring that the data is processed as quickly as possible.


質問 # 86
You need to deploy a new service to production. The service needs to automatically scale using a Managed Instance Group (MIG) and should be deployed over multiple regions. The service needs a large number of resources for each instance and you need to plan for capacity. What should you do?

  • A. Deploy the service in one region and use a global load balancer to route traffic to this region.
  • B. Monitor results of Stackdriver Trace to determine the required amount of resources.
  • C. Use the n1-highcpu-96 machine type in the configuration of the MIG.
  • D. Validate that the resource requirements are within the available quota limits of each region.

正解:A


質問 # 87
Your company runs services by using multiple globally distributed Google Kubernetes Engine (GKE) clusters Your operations team has set up workload monitoring that uses Prometheus-based tooling for metrics alerts:
and generating dashboards This setup does not provide a method to view metrics globally across all clusters You need to implement a scalable solution to support global Prometheus querying and minimize management overhead What should you do?

  • A. Configure Google Cloud Managed Service for Prometheus
  • B. Configure workload metrics within Cloud Operations for GKE
  • C. Configure Prometheus hierarchical federation for centralized data access
  • D. Configure Prometheus cross-service federation for centralized data access

正解:A

解説:
Explanation
The best option for implementing a scalable solution to support global Prometheus querying and minimize management overhead is to use Google Cloud Managed Service for Prometheus. Google Cloud Managed Service for Prometheus is a fully managed service that allows you to collect, query, and visualize metrics from your GKE clusters using Prometheus-based tooling. You can use Google Cloud Managed Service for Prometheus to query metrics across multiple clusters and regions using a global view. You can also use Google Cloud Managed Service for Prometheus to integrate with other Google Cloud services, such as Cloud Monitoring, Cloud Logging, and BigQuery. By using Google Cloud Managed Service for Prometheus, you can avoid managing and scaling your own Prometheus servers and focus on your application performance.


質問 # 88
You encounter a large number of outages in the production systems you support. You receive alerts for all the outages that wake you up at night. The alerts are due to unhealthy systems that are automatically restarted within a minute. You want to set up a process that would prevent staff burnout while following Site Reliability Engineering practices. What should you do?

  • A. Create an incident report for each of the alerts.
  • B. Redefine the related Service Level Objective so that the error budget is not exhausted.
  • C. Eliminate unactionable alerts.
  • D. Distribute the alerts to engineers in different time zones.

正解:C


質問 # 89
You are the on-call Site Reliability Engineer for a microservice that is deployed to a Google Kubernetes Engine (GKE) Autopilot cluster. Your company runs an online store that publishes order messages to Pub/Sub and a microservice receives these messages and updates stock information in the warehousing system. A sales event caused an increase in orders, and the stock information is not being updated quickly enough. This is causing a large number of orders to be accepted for products that are out of stock You check the metrics for the microservice and compare them to typical levels.

You need to ensure that the warehouse system accurately reflects product inventory at the time orders are placed and minimize the impact on customers What should you do?

  • A. Increase the Pod CPU and memory limits
  • B. Add a virtual queue to the online store that allows typical traffic levels
  • C. Increase the number of Pod replicas
  • D. Decrease the acknowledgment deadline on the subscription

正解:C

解説:
Explanation
The best option for ensuring that the warehouse system accurately reflects product inventory at the time orders are placed and minimizing the impact on customers is to increase the number of Pod replicas. Increasing the number of Pod replicas will increase the scalability and availability of your microservice, which will allow it to handle more Pub/Sub messages and update stock information faster. This way, you can reduce the backlog of undelivered messages and oldest unacknowledged message age, which are causing delays in updating product inventory. You can use Horizontal Pod Autoscaler or Cloud Monitoring metrics-based autoscaling to automatically adjust the number of Pod replicas based on load or custom metrics.


質問 # 90
......

最新Professional-Cloud-DevOps-Engineer合格保証 試験問題集でには正確で最新な 問題:https://jp.fast2test.com/Professional-Cloud-DevOps-Engineer-premium-file.html

合格させるProfessional-Cloud-DevOps-Engineer試験には最新なProfessional-Cloud-DevOps-Engineer試験問題集PDF2024:https://drive.google.com/open?id=1FOHmN1aNX9L_PXbTx029irmMuiM9dm7a


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어