Google Professional-Cloud-Developerリアル試験問題解答は無料 [Q89-Q113]

Share

Google Professional-Cloud-Developerリアル試験問題解答は無料

試験問題集でProfessional-Cloud-Developer練習無料最新のGoogle練習テスト


Google Professional-Cloud-Developer認定を獲得するには、候補者は、複数選択と複数選択の質問で構成される3時間の試験に合格する必要があります。試験はコンピューターベースであり、リモートまたはテストセンターで撮影できます。試験の合格スコアは70%で、認定は2年間有効です。候補者は、GCP開発に関する継続的な専門知識を実証するために、2年ごとに認定を更新する必要があります。

 

質問 # 89
Your company uses Cloud Logging to manage large volumes of log dat
a. You need to build a real-time log analysis architecture that pushes logs to a third-party application for processing. What should you do?

  • A. Create a Cloud Logging log export to Cloud Storage.
  • B. Create a Cloud Logging log export to BigQuery.
  • C. Create a Cloud Function to read Cloud Logging log entries and send them to the third-party application.
  • D. Create a Cloud Logging log export to Pub/Sub.

正解:D


質問 # 90
You are deploying your application on a Compute Engine instance that communicates with Cloud SQL. You will use Cloud SQL Proxy to allow your application to communicate to the database using the service account associated with the application's instance. You want to follow the Google-recommended best practice of providing minimum access for the role assigned to the service account. What should you do?

  • A. Assign the Cloud SQL Editor role.
  • B. Assign the Project Editor role.
  • C. Assign the Project Owner role.
  • D. Assign the Cloud SQL Client role.

正解:D

解説:
Reference: https://cloud.google.com/sql/docs/mysql/sql-proxy


質問 # 91
Your application is deployed in a Google Kubernetes Engine (GKE) cluster. When a new version of your application is released, your CI/CD tool updates the spec.template.spec.containers[0].image value to reference the Docker image of your new application version. When the Deployment object applies the change, you want to deploy at least 1 replica of the new version and maintain the previous replicas until the new replica is healthy.
Which change should you make to the GKE Deployment object shown below?

  • A. Set the Deployment strategy to RollingUpdate with maxSurge set to 0, maxUnavailable set to 1.
  • B. Set the Deployment strategy to RollingUpdate with maxSurge set to 1, maxUnavailable set to 0.
  • C. Set the Deployment strategy to Recreate with maxSurge set to 1, maxUnavailable set to 0.
  • D. Set the Deployment strategy to Recreate with maxSurge set to 0, maxUnavailable set to 1.

正解:C


質問 # 92
Your service adds text to images that it reads from Cloud Storage. During busy times of the year, requests to Cloud Storage fail with an HTTP 429 "Too Many Requests" status code.
How should you handle this error?

  • A. Add a cache-control header to the objects.
  • B. Change the storage class of the Cloud Storage bucket to Multi-regional.
  • C. Request a quota increase from the GCP Console.
  • D. Retry the request with a truncated exponential backoff strategy.

正解:D

解説:
Explanation/Reference: https://developers.google.com/gmail/api/v1/reference/quota


質問 # 93
For this question, refer to the HipLocal case study.
How should HipLocal redesign their architecture to ensure that the application scales to support a large increase in users?

  • A. Use a Cloud Storage bucket to serve the application as a static website, and use another Cloud Storage bucket to store user state information.
  • B. Use multiple Compute Engine instances to run MySQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.
  • C. Use Memorystore to store session information and CloudSQL to store state information. Use a Google Cloud-managed load balancer to distribute the load between instances. Use managed instance groups for scaling.
  • D. Use Google Kubernetes Engine (GKE) to run the application as a microservice. Run the MySQL database on a dedicated GKE node.

正解:A


質問 # 94
Your development team has been asked to refactor an existing monolithic application into a set of composable microservices. Which design aspects should you implement for the new application? (Choose two.)

  • A. Develop the microservice code in the same programming language used by the microservice caller.
  • B. Ensure that sufficient instances of the microservice are running to accommodate the performance requirements.
  • C. Create an API contract agreement between the microservice implementation and microservice caller.
  • D. Require asynchronous communications between all microservice implementations and microservice callers.
  • E. Implement a versioning scheme to permit future changes that could be incompatible with the current interface.

正解:C、E


質問 # 95
You are working on a social media application. You plan to add a feature that allows users to upload images.
These images will be 2 MB - 1 GB in size. You want to minimize their infrastructure operations overhead for this feature. What should you do?

  • A. Change the application to create signed URLs for Cloud Storage. Transfer these signed URLs to the client application to upload images to Cloud Storage.
  • B. Set up a web server on GCP to accept user images and create a file store to keep uploaded files. Change the application to retrieve images from the file store.
  • C. Create a separate bucket for each user in Cloud Storage. Assign a separate service account to allow write access on each bucket. Transfer service account credentials to the client application based on user information. The application uses this service account to upload images to Cloud Storage.
  • D. Change the application to accept images directly and store them in the database that stores other user information.

正解:A

解説:
Reference:
https://cloud.google.com/blog/products/storage-data-transfer/uploading-images-directly-to-cloud-storage-by-usin


質問 # 96
You are a SaaS provider deploying dedicated blogging software to customers in your Google Kubernetes Engine (GKE) cluster. You want to configure a secure multi-tenant platform to ensure that each customer has access to only their own blog and can't affect the workloads of other customers. What should you do?

  • A. Deploy a namespace per tenant and use Network Policies in each blog deployment.
  • B. Use GKE Audit Logging to identify malicious containers and delete them on discovery.
  • C. Enable Application-layer Secrets on the GKE cluster to protect the cluster.
  • D. Build a custom image of the blogging software and use Binary Authorization to prevent untrusted image deployments.

正解:A


質問 # 97
You have written a Cloud Function that accesses other Google Cloud resources. You want to secure the environment using the principle of least privilege. What should you do?

  • A. Create a new service account that has Editor authority to access the resources. The deployer is given permission to get the access token.
  • B. Create a new service account that has a custom IAM role to access the resources. The deployer is given permission to act as the new service account.
  • C. Create a new service account that has a custom IAM role to access the resources. The deployer is given permission to get the access token.
  • D. Create a new service account that has Editor authority to access the resources. The deployer is given permission to act as the new service account.

正解:B

解説:
Reference:
https://cloud.google.com/blog/products/application-development/least-privilege-for-cloud-functions-using-cloud


質問 # 98
You work for an organization that manages an ecommerce site. Your application is deployed behind a global HTTP(S) load balancer. You need to test a new product recommendation algorithm. You plan to use A/B testing to determine the new algorithm's effect on sales in a randomized way. How should you test this feature?

  • A. Mirror traffic to the new version of your application.
  • B. Split traffic between versions using weights.
  • C. Use HTTP header-based routing.
  • D. Enable the new recommendation feature flag on a single instance.

正解:A

解説:
https://cloud.google.com/load-balancing/docs/https/traffic-management-global#traffic_actions_weight-based_tra Deploying a new version of an existing production service generally incurs some risk. Even if your tests pass in staging, you probably don't want to subject 100% of your users to the new version immediately. With traffic management, you can define percentage-based traffic splits across multiple backend services.
For example, you can send 95% of the traffic to the previous version of your service and 5% to the new version of your service. After you've validated that the new production version works as expected, you can gradually shift the percentages until 100% of the traffic reaches the new version of your service. Traffic splitting is typically used for deploying new versions, A/B testing, service migration, and similar processes.
https://cloud.google.com/traffic-director/docs/advanced-traffic-management#weight-based_traffic_splitting_for_
https://cloud.google.com/architecture/implementing-deployment-and-testing-strategies-on-gke#split_the_traffic_
https://cloud.google.com/load-balancing/docs/https/traffic-management-global#traffic_actions_weight-based_tra


質問 # 99
Your company stores their source code in a Cloud Source Repositories repository. Your company wants to build and test their code on each source code commit to the repository and requires a solution that is managed and has minimal operations overhead.
Which method should they use?

  • A. Use a source code commit trigger to push a message to a Cloud Pub/Sub topic that triggers an App Engine service to build the source code.
  • B. Use a Compute Engine virtual machine instance with an open source continuous integration tool, configured to watch for source code commits.
  • C. Use Jenkins deployed via the Google Cloud Platform Marketplace, configured to watch for source code commits.
  • D. Use Cloud Build with a trigger configured for each source code commit.

正解:D


質問 # 100
Your company has a data warehouse that keeps your application information in BigQuery. The BigQuery data warehouse keeps 2 PBs of user dat a. Recently, your company expanded your user base to include EU users and needs to comply with these requirements:
Your company must be able to delete all user account information upon user request.
All EU user data must be stored in a single region specifically for EU users.
Which two actions should you take? (Choose two.)

  • A. Use BigQuery federated queries to query data from Cloud Storage.
  • B. Create a Cloud Storage bucket in the EU region to store information for EU users only.
  • C. Re-upload your data using to a Cloud Dataflow pipeline by filtering your user records out.
  • D. Create a dataset in the EU region that will keep information about EU users only.
  • E. Use DML statements in BigQuery to update/delete user records based on their requests.

正解:B、E


質問 # 101
You need to copy directory local-scripts and all of its contents from your local workstation to a Compute Engine virtual machine instance.
Which command should you use?
gsutil cp --project "my-gcp-project" -r ~/local-scripts/ gcp-instance-name:~/

  • A. instance-name:~/server-scripts/ --zone "us-east1-b"
  • B. server-scripts/ --zone "us-east1-b"
    gcloud compute scp --project "my-gcp-project" --recurse ~/local-scripts/ gcp-
  • C. instance-name:~/server-scripts/ --zone "us-east1-b"
    gcloud compute mv --project "my-gcp-project" --recurse ~/local-scripts/ gcp-
  • D. server-scripts/ --zone "us-east1-b"
    gsutil cp --project "my-gcp-project" -R ~/local-scripts/ gcp-instance-name:~/

正解:C

解説:
Explanation/Reference: https://cloud.google.com/sdk/gcloud/reference/compute/copy-files


質問 # 102
You are in the final stage of migrating an on-premises data center to Google Cloud. You are quickly approaching your deadline, and discover that a web API is running on a server slated for decommissioning.
You need to recommend a solution to modernize this API while migrating to Google Cloud. The modernized web API must meet the following requirements:
* Autoscales during high traffic periods at the end of each month
* Written in Python 3.x
* Developers must be able to rapidly deploy new versions in response to frequent code changes You want to minimize cost, effort, and operational overhead of this migration. What should you do?

  • A. Deploy the modernized application to an n1-standard-1 Compute Engine instance.
  • B. Modernize and deploy the code on App Engine standard environment.
  • C. Modernize and deploy the code on App Engine flexible environment.
  • D. Ask the development team to re-write the application to run as a Docker container on Google Kubernetes Engine.

正解:B

解説:
https://cloud.google.com/appengine/docs/standard


質問 # 103
You are developing a web application that will be accessible over both HTTP and HTTPS and will run on Compute Engine instances. On occasion, you will need to SSH from your remote laptop into one of the Compute Engine instances to conduct maintenance on the app. How should you configure the instances while following Google-recommended best practices?

  • A. Set up a backend with Compute Engine web server instances with a private IP address behind a TCP proxy load balancer.
  • B. Set up a backend with Compute Engine web server instances with a private IP address behind an HTTP(S) load balancer. Set up a bastion host with a public IP address and open firewall ports. Connect to the web instances using the bastion host.
  • C. Configure the firewall rules to allow all ingress traffic to connect to the Compute Engine web servers, with each server having a unique external IP address.
  • D. Configure Cloud Identity-Aware Proxy API for SSH access. Then configure the Compute Engine servers with private IP addresses behind an HTTP(s) load balancer for the application web traffic.

正解:D


質問 # 104
Your code is running on Cloud Functions in project A.
It is supposed to write an object in a Cloud Storage
bucket owned by project B.
However, the write call is failing with the error "403 Forbidden".
What should you do to correct the problem?

  • A. Grant your user account the roles/iam.serviceAccountUser role for the service-PROJECTA@gcf-adminrobot.
    iam.gserviceaccount.com service account.
  • B. Grant your user account the roles/storage.objectCreator role for the Cloud Storage bucket.
  • C. Grant the [email protected] service account the roles/ storage.objectCreator role for the Cloud Storage bucket.
  • D. Enable the Cloud Storage API in project B.

正解:A


質問 # 105
Your team develops services that run on Google Kubernetes Engine. Your team's code is stored in Cloud Source Repositories. You need to quickly identify bugs in the code before it is deployed to production. You want to invest in automation to improve developer feedback and make the process as efficient as possible. What should you do?

  • A. Use Cloud Build to automate building container images from code based on forked versions.
  • B. Use Spinnaker to automate building container images from code based on Git tags.
  • C. Use Spinnaker to automate deploying container images to the production environment.
  • D. Use Cloud Build to automate building container images from code based on Git tags.

正解:B


質問 # 106
You are load testing your server application. During the first 30 seconds, you observe that a previously inactive Cloud Storage bucket is now servicing 2000 write requests per second and 7500 read requests per second.
Your application is now receiving intermittent 5xx and 429 HTTP responses from the Cloud Storage JSON API as the demand escalates. You want to decrease the failed responses from the Cloud Storage API.
What should you do?

  • A. Distribute the uploads across a large number of individual storage buckets.
  • B. Use the XML API instead of the JSON API for interfacing with Cloud Storage.
  • C. Pass the HTTP response codes back to clients that are invoking the uploads from your application.
  • D. Limit the upload rate from your application clients so that the dormant bucket's peak request rate is reached more gradually.

正解:A

解説:
Reference:
https://cloud.google.com/storage/docs/request-rate


質問 # 107
Case Study
Company Overview
HipLocal is a community application designed to facilitate communication between people in close proximity. It is used for event planning and organizing sporting events, and for businesses to connect with their local communities. HipLocal launched recently in a few neighborhoods in Dallas and is rapidly growing into a global phenomenon. Its unique style of hyper-local community communication and business outreach is in demand around the world.
Executive Statement
We are the number one local community app; it's time to take our local community services global. Our venture capital investors want to see rapid growth and the same great experience for new local and virtual communities that come online, whether their members are 10 or 10000 miles away from each other.
Solution Concept
HipLocal wants to expand their existing service, with updated functionality, in new regions to better serve their global customers. They want to hire and train a new team to support these regions in their time zones. They will need to ensure that the application scales smoothly and provides clear uptime data.
Existing Technical Environment
HipLocal's environment is a mix of on-premises hardware and infrastructure running in Google Cloud Platform.
The HipLocal team understands their application well, but has limited experience in global scale applications.
Their existing technical environment is as follows:
* Existing APIs run on Compute Engine virtual machine instances hosted in GCP.
* State is stored in a single instance MySQL database in GCP.
* Data is exported to an on-premises Teradata/Vertica data warehouse.
* Data analytics is performed in an on-premises Hadoop environment.
* The application has no logging.
* There are basic indicators of uptime; alerts are frequently fired when the APIs are unresponsive.
Business Requirements
HipLocal's investors want to expand their footprint and support the increase in demand they are seeing. Their requirements are:
* Expand availability of the application to new regions.
* Increase the number of concurrent users that can be supported.
* Ensure a consistent experience for users when they travel to different regions.
* Obtain user activity metrics to better understand how to monetize their product.
* Ensure compliance with regulations in the new regions (for example, GDPR).
* Reduce infrastructure management time and cost.
* Adopt the Google-recommended practices for cloud computing.
Technical Requirements
* The application and backend must provide usage metrics and monitoring.
* APIs require strong authentication and authorization.
* Logging must be increased, and data should be stored in a cloud analytics platform.
* Move to serverless architecture to facilitate elastic scaling.
* Provide authorized access to internal apps in a secure manner.
In order to meet their business requirements, how should HipLocal store their application state?

  • A. Use local SSDs to store state.
  • B. Replace the MySQL instance with Cloud SQL.
  • C. Put a memcache layer in front of MySQL.
  • D. Move the state storage to Cloud Spanner.

正解:C

解説:
Explanation/Reference:


質問 # 108
You are developing a corporate tool on Compute Engine for the finance department, which needs to authenticate users and verify that they are in the finance department. All company employees use G Suite.
What should you do?

  • A. Configure Cloud Armor Security Policies to restrict access to only corporate IP address ranges. Verify the provided JSON Web Token within the application.
  • B. Configure Cloud Armor Security Policies to restrict access to only corporate IP address ranges. Issue client side certificates to everybody in the finance team and verify the certificates in the application.
  • C. Enable Cloud Identity-Aware Proxy on the HTTP(s) load balancer and restrict access to a Google Group containing users in the finance department. Issue client-side certificates to everybody in the finance team and verify the certificates in the application.
  • D. Enable Cloud Identity-Aware Proxy on the HTTP(s) load balancer and restrict access to a Google Group containing users in the finance department. Verify the provided JSON Web Token within the application.

正解:D

解説:
https://cloud.google.com/iap/docs/signed-headers-howto#securing_iap_headers (https://cloud.google.com/endpoints/docs/openapi/authenticating-users-google-id).
https://cloud.google.com/armor/docs/security-policy-overview#:~:text=Google%20Cloud%20Armor%20security
"Google Cloud Armor security policies protect your application by providing Layer 7 filtering and by scrubbing incoming requests for common web attacks or other Layer 7 attributes to potentially block traffic before it reaches your load balanced backend services or backend buckets"


質問 # 109
Your company's development teams want to use various open source operating systems in their Docker builds. When images are created in published containers in your company's environment, you need to scan them for Common Vulnerabilities and Exposures (CVEs). The scanning process must not impact software development agility. You want to use managed services where possible. What should you do?

  • A. Disallow the use of non-commercially supported base images in your development environment.
  • B. Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.
  • C. Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.
  • D. Enable the Vulnerability scanning setting in the Container Registry.

正解:D

解説:
https://cloud.google.com/container-analysis/docs/os-overview


質問 # 110
Your company has a BigQuery dataset named "Master" that keeps information about employee travel and expenses. This information is organized by employee department. That means employees should only be able to view information for their department. You want to apply a security framework to enforce this requirement with the minimum number of steps.
What should you do?

  • A. Create a dataset named Master dataset. Create a separate view for each department in the Master dataset. Give employees access to the specific view for their department.
  • B. Create a separate dataset for each department. Create a data pipeline for each department to copy appropriate information from the Master dataset to the specific dataset for the department. Give employees the permission to this department-specific dataset.
  • C. Create a dataset named Master dataset. Create a separate table for each department in the Master dataset. Give employees access to the specific table for their department.
  • D. Create a separate dataset for each department. Create a view with an appropriate WHERE clause to select records from a particular dataset for the specific department. Authorize this view to access records from your Master dataset. Give employees the permission to this department-specific dataset.

正解:B


質問 # 111
You are working on a social media application. You plan to add a feature that allows users to upload images. These images will be 2 MB - 1 GB in size. You want to minimize their infrastructure operations overhead for this feature. What should you do?

  • A. Change the application to create signed URLs for Cloud Storage. Transfer these signed URLs to the client application to upload images to Cloud Storage.
  • B. Set up a web server on GCP to accept user images and create a file store to keep uploaded files. Change the application to retrieve images from the file store.
  • C. Create a separate bucket for each user in Cloud Storage. Assign a separate service account to allow write access on each bucket. Transfer service account credentials to the client application based on user information. The application uses this service account to upload images to Cloud Storage.
  • D. Change the application to accept images directly and store them in the database that stores other user information.

正解:A


質問 # 112
You are designing a deployment technique for your new applications on Google Cloud. As part of your deployment planning, you want to use live traffic to gather performance metrics for both new and existing applications. You need to test against the full production load prior to launch. What should you do?

  • A. Use A/B testing with traffic mirroring during deployment
  • B. Use blue/green deployment
  • C. Use rolling updates deployment
  • D. Use canary deployment

正解:D


質問 # 113
......

確認済みProfessional-Cloud-Developer試験問題集と解答で時間限定無料提供!Professional-Cloud-Developerには正解付き:https://jp.fast2test.com/Professional-Cloud-Developer-premium-file.html

Professional-Cloud-Developer試験問題、リアルProfessional-Cloud-Developer練習問題集:https://drive.google.com/open?id=19fduDuaQajQ-FD0aJDcJkGmySlJNkgjF


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어