Professional-Cloud-Developer問題集を掴み取れ![最新2024]Google試験合格させます [Q61-Q76]

Share

Professional-Cloud-Developer問題集を掴み取れ![最新2024]Google試験合格させます

Professional-Cloud-Developer試験問題集PDF正確率保証と更新された問題


この試験は、Compute Engine、Kubernetes、App Engine などの GCP サービスを使用してクラウドネイティブアプリケーションを記述、展開、管理する能力、クラウド環境で高度にスケーラブルで信頼性の高く安全なアプリケーションを設計、開発する熟練度を評価します。この試験は、理論的な理解だけではなく、候補者の実践的なスキルと知識を試験するように設計されています。

 

質問 # 61
A governmental regulation was recently passed that affects your application. For compliance purposes, you are now required to send a duplicate of specific application logs from your application's project to a project that is restricted to the security team. What should you do?

  • A. Create user-defined log buckets in the security team's project. Configure a Cloud Logging sink to route your application s logs to log buckets in the security team's project.
  • B. Create a job that copies the togs from the _Required log bucket into the security team's log bucket in their project.
  • C. Modify the _Default tog bucket sink rules to reroute the logs into the security team's log bucket.
  • D. Create a job that copies the System Event logs from the _Required log bucket into the security team's log bucket in their project.

正解:A


質問 # 62
You are using Cloud Build build to promote a Docker image to Development, Test, and Production environments. You need to ensure that the same Docker image is deployed to each of these environments.
How should you identify the Docker image in your build?

  • A. Use a semantic version Docker image tag.
  • B. Use a unique Docker image name.
  • C. Use the latest Docker image tag.
  • D. Use the digest of the Docker image.

正解:A


質問 # 63
You are planning to deploy hundreds of microservices in your Google Kubernetes Engine (GKE) cluster. How should you secure communication between the microservices on GKE using a managed service?

  • A. Deploy open source Istio in your GKE cluster, and enable mTLS in your Service Mesh
  • B. Install cert-manager on GKE to automatically renew the SSL certificates.
  • C. Use global HTTP(S) Load Balancing with managed SSL certificates to protect your services
  • D. Install Anthos Service Mesh, and enable mTLS in your Service Mesh.

正解:D

解説:
Explanation
https://cloud.google.com/service-mesh/docs/overview#security_benefits
- Ensures encryption in transit. Using mTLS for authentication also ensures that all TCP communications are encrypted in transit.


質問 # 64
Your team manages a Google Kubernetes Engine (GKE) cluster where an application is running. A different team is planning to integrate with this application. Before they start the integration, you need to ensure that the other team cannot make changes to your application, but they can deploy the integration on GKE. What should you do?

  • A. Create a new GKE cluster. Using Identity and Access Management (IAM), grant the Editor role on the cluster project to the other team.
  • B. Using Identity and Access Management (IAM), grant the Viewer IAM role on the cluster project to the other team.
  • C. Create a new namespace in the existing cluster. Using Identity and Access Management (IAM), grant the Editor role on the cluster project to the other team.
  • D. Create a new namespace in the existing cluster. Using Kubernetes role-based access control (RBAC), grant the Admin role on the new namespace to the other team.

正解:D


質問 # 65
You are using Cloud Run to host a web application. You need to securely obtain the application project ID and region where the application is running and display this information to users. You want to use the most performant approach. What should you do?

  • A. In the Google Cloud console, navigate to the Project Dashboard and gather configuration details. Navigate to the Cloud Run "Variables & Secrets" tab, and add the desired environment variables in Key:Value format.
  • B. Make an API call to the Cloud Asset Inventory API from the application and format the request to include instance metadata.
  • C. Use HTTP requests to query the available metadata server at the http://metadata.google.internal/ endpoint with the Metadata-Flavor: Google header.
  • D. In the Google Cloud console, navigate to the Project Dashboard and gather configuration details. Write the application configuration information to Cloud Run's in-memory container filesystem.

正解:A


質問 # 66
You have an application in production. It is deployed on Compute Engine virtual machine instances controlled by a managed instance group. Traffic is routed to the instances via a HTTP(s) load balancer. Your users are unable to access your application. You want to implement a monitoring technique to alert you when the application is unavailable.
Which technique should you choose?

  • A. Managed instance group - heath checks
  • B. Cloud Load Balancing - heath checks
  • C. Smoke tests
  • D. Stackdriver uptime checks

正解:D

解説:
Reference:
476b8507f59c


質問 # 67
You work for a web development team at a small startup. Your team is developing a Node.js application using Google Cloud services, including Cloud Storage and Cloud Build. The team uses a Git repository for version control. Your manager calls you over the weekend and instructs you to make an emergency update to one of the company's websites, and you're the only developer available. You need to access Google Cloud to make the update, but you don't have your work laptop. You are not allowed to store source code locally on a non-corporate computer. How should you set up your developer environment?

  • A. Use Cloud Shell and the built-in code editor for development. Send your source code updates as pull requests.
  • B. Use a text editor and the Git command line to send your source code updates as pull requests from a public computer.
  • C. Use a text editor and the Git command line to send your source code updates as pull requests from a virtual machine running on a public computer.
  • D. Use a Cloud Storage bucket to store the source code that you need to edit. Mount the bucket to a public computer as a drive, and use a code editor to update the code. Turn on versioning for the bucket, and point it to the team's Git repository.

正解:A

解説:
Explanation
https://cloud.google.com/shell/docs


質問 # 68

  • A. It is supposed to write an object in a Cloud Storage bucket owned by project B. However, the write call is failing with the error "403 Forbidden".
    What should you do to correct the problem?
  • B. Grant your user account the roles/iam.serviceAccountUser role for the service-PROJECTA@gcf-admin- robot.iam.gserviceaccount.com service account.
  • C. Grant the [email protected] service account the roles/ storage.objectCreator role for the Cloud Storage bucket.
  • D. Grant your user account the roles/storage.objectCreator role for the Cloud Storage bucket.
  • E. Enable the Cloud Storage API in project B.

正解:B


質問 # 69
Case Study
Company Overview
HipLocal is a community application designed to facilitate communication between people in close proximity. It is used for event planning and organizing sporting events, and for businesses to connect with their local communities. HipLocal launched recently in a few neighborhoods in Dallas and is rapidly growing into a global phenomenon. Its unique style of hyper-local community communication and business outreach is in demand around the world.
Executive Statement
We are the number one local community app; it's time to take our local community services global. Our venture capital investors want to see rapid growth and the same great experience for new local and virtual communities that come online, whether their members are 10 or 10000 miles away from each other.
Solution Concept
HipLocal wants to expand their existing service, with updated functionality, in new regions to better serve their global customers. They want to hire and train a new team to support these regions in their time zones. They will need to ensure that the application scales smoothly and provides clear uptime data.
Existing Technical Environment
HipLocal's environment is a mix of on-premises hardware and infrastructure running in Google Cloud Platform.
The HipLocal team understands their application well, but has limited experience in global scale applications.
Their existing technical environment is as follows:
* Existing APIs run on Compute Engine virtual machine instances hosted in GCP.
* State is stored in a single instance MySQL database in GCP.
* Data is exported to an on-premises Teradata/Vertica data warehouse.
* Data analytics is performed in an on-premises Hadoop environment.
* The application has no logging.
* There are basic indicators of uptime; alerts are frequently fired when the APIs are unresponsive.
Business Requirements
HipLocal's investors want to expand their footprint and support the increase in demand they are seeing. Their requirements are:
* Expand availability of the application to new regions.
* Increase the number of concurrent users that can be supported.
* Ensure a consistent experience for users when they travel to different regions.
* Obtain user activity metrics to better understand how to monetize their product.
* Ensure compliance with regulations in the new regions (for example, GDPR).
* Reduce infrastructure management time and cost.
* Adopt the Google-recommended practices for cloud computing.
Technical Requirements
* The application and backend must provide usage metrics and monitoring.
* APIs require strong authentication and authorization.
* Logging must be increased, and data should be stored in a cloud analytics platform.
* Move to serverless architecture to facilitate elastic scaling.
* Provide authorized access to internal apps in a secure manner.
HipLocal's APIs are showing occasional failures, but they cannot find a pattern. They want to collect some metrics to help them troubleshoot.
What should they do?

  • A. Install the Stackdriver Monitoring agent on the VMs.
  • B. Install the Stackdriver Logging agent on the VMs.
  • C. Use Stackdriver Trace to look for performance bottlenecks.
  • D. Take frequent snapshots of all of the VMs.

正解:A


質問 # 70
You are planning to deploy your application in a Google Kubernetes Engine (GKE) cluster. Your application can scale horizontally, and each instance of your application needs to have a stable network identity and its own persistent disk.
Which GKE object should you use?

  • A. Deployment
  • B. ReplicaSet
  • C. StatefulSet
  • D. ReplicaController

正解:C

解説:
Reference: https://livebook.manning.com/book/kubernetes-in-action/chapter-10/46
Topic 1, HipLocal Case StudyCompany Overview
HipLocal is a community application designed to facilitate communication between people in close proximity.
It is used for event planning and organizing sporting events, and for businesses to connect with their local communities. HipLocal launched recently in a few neighborhoods in Dallas and is rapidly growing into a global phenomenon. Its unique style of hyper-local community communication and business outreach is in demand around the world.
Executive statement
We are the number one local community app; it's time to take our local community services global. Our venture capital investors want to see rapid growth and the same great experience for new local and virtual communities that come online, whether their members are 10 or 10,000 miles away from each other.
Solution concept
HipLocal wants to expand their existing service, with updated functionality, in new regions to better serve their global customers. They want to hire and train a new team to support these regions in their time zones.
They will need to ensure that the application scales smoothly and provides clear uptime data.
Existing technical environment
HipLocal's environment is a mix of on-premises hardware and infrastructure running in Google Cloud Platform. The HipLocal team understands their application well but has limited experience in global scale applications. Their existing technical environment is as follows:
* Existing APIs run on Compute Engine virtual machine instances hosted in GCP
* State is stored in a single instance MySQL database in GCP
* Data is exported to an on-premises Teradata/Vertica data warehouse
* Data analytics is performed in an on-premises Hadoop environment
* The application has no logging
* There are basic indicators of uptime; alerts are frequently fired when the APIs are unresponsive Business requirements HipLocal's investors want to expand their footprint and support the increase in demand they are seeing. Their requirements are:
* Expand availability of the application to new regions
* Increase the number of concurrent users that can be supported
* Ensure a consistent experience for users when they travel to different regions
* Obtain user activity metrics to better understand how to monetize their product
* Ensure compliance with regulations in the new regions (for example, GDPR)
* Reduce infrastructure management time and cost
* Adopt the Google-recommended practices for cloud computing
Technical requirements
* The application and backend must provide usage metrics and monitoring
* APIs require strong authentication and authorization
* Logging must be increased, and data should be stored in a cloud analytics platform
* Move to serverless architecture to facilitate elastic scaling
* Provide authorized access to internal apps in a secure manner


質問 # 71
Your application is composed of a set of loosely coupled services orchestrated by code executed on Compute Engine. You want your application to easily bring up new Compute Engine instances that find and use a specific version of a service. How should this be configured?

  • A. Define your service endpoint information as label data that is retrieved at runtime and used to connect to the desired service.
  • B. Define your service to use a fixed hostname and port to connect to the desired service. Replace the service at the endpoint with your new version.
  • C. Define your service endpoint information as metadata that is retrieved at runtime and used to connect to the desired service.
  • D. Define your service endpoint information to be retrieved from an environment variable at runtime and used to connect to the desired service.

正解:C

解説:
Explanation
https://cloud.google.com/service-infrastructure/docs/service-metadata/reference/rest#service-endpoint


質問 # 72
Your application requires service accounts to be authenticated to GCP products via credentials stored on its host Compute Engine virtual machine instances. You want to distribute these credentials to the host instances as securely as possible. What should you do?

  • A. Use HTTP signed URLs to securely provide access to the required resources.
  • B. Use the instance's service account Application Default Credentials to authenticate to the required resources.
  • C. Generate a P12 file from the GCP Console after the instance is deployed, and copy the credentials to the host instance before starting the application.
  • D. Commit the credential JSON file into your application's source repository, and have your CI/CD process package it with the software that is deployed to the instance.

正解:B


質問 # 73
Your operations team has asked you to create a script that lists the Cloud Bigtable, Memorystore, and Cloud SQL databases running within a project. The script should allow users to submit a filter expression to limit the results presented. How should you retrieve the data?

  • A. Run gcloud bigtable instances list, gcloud redis instances list, and gcloud sql databases list. Use a filter within the application, and then display the results
  • B. Run gcloud bigtable instances list, gcloud redis instances list, and gcloud sql databases list. Use --filter flag with each command, and then display the results
  • C. Use the HBase API, Redis API, and MySQL connection to retrieve database lists. Combine the results, and then apply the filter to display the results
  • D. Use the HBase API, Redis API, and MySQL connection to retrieve database lists. Filter the results individually, and then combine them to display the results

正解:B

解説:
Explanation
https://cloud.google.com/sdk/gcloud/reference/topic/filters
Most gcloud commands return a list of resources on success. By default they are pretty-printed on the standard output. The --format=NAME[ATTRIBUTES](PROJECTION) and --filter=EXPRESSION flags along with projections can be used to format and change the default output to a more meaningful result. Use the --format flag to change the default output format of a command. For details run $ gcloud topic formats.


質問 # 74
You are deploying a microservices application to Google Kubernetes Engine (GKE). The application will receive daily updates. You expect to deploy a large number of distinct containers that will run on the Linux operating system (OS). You want to be alerted to any known OS vulnerabilities in the new containers. You want to follow Google-recommended best practices. What should you do?

  • A. Use the Container Analysis REST API to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.
  • B. Enable Container Analysis, and upload new container images to Artifact Registry. Review the vulnerability results before each deployment.
  • C. Use the gcloud CLI to call Container Analysis to scan new container images. Review the vulnerability results before each deployment.
  • D. Enable Container Analysis, and upload new container images to Artifact Registry. Review the critical vulnerability results before each deployment.

正解:B

解説:
Explanation
https://cloud.google.com/container-analysis/docs/automated-scanning-howto
https://cloud.google.com/container-analysis/docs/os-overview says: The Container Scanning API allows you to automate OS vulnerability detection, scanning each time you push an image to Container Registry or Artifact Registry. Enabling this API also triggers language package scans for Go and Java vulnerabilities (Preview).


質問 # 75
You are developing an internal application that will allow employees to organize community events within your company. You deployed your application on a single Compute Engine instance. Your company uses Google Workspace (formerly G Suite), and you need to ensure that the company employees can authenticate to the application from anywhere. What should you do?

  • A. Set up a VPN tunnel between your company network and your instance's VPC location on Google Cloud. Configure the required firewall rules and routing information to both the on-premises and Google Cloud networks.
  • B. Add an HTTP(S) load balancer in front of the instance, and set up Identity-Aware Proxy (IAP).
    Configure the IAP settings to allow your company domain to access the website.
  • C. Add a public IP address to your instance, and allow traffic from the internet. Generate a random hash, and create a subdomain that includes this hash and points to your instance. Distribute this DNS address to your company's employees.
  • D. Add a public IP address to your instance, and restrict access to the instance using firewall rules. Allow your company's proxy as the only source IP address.

正解:B

解説:
Explanation
https://cloud.google.com/blog/topics/developers-practitioners/control-access-your-web-sites-identity-aware-prox


質問 # 76
......

最新をゲットせよ!Professional-Cloud-Developer認定練習テスト問題 試験問題集:https://jp.fast2test.com/Professional-Cloud-Developer-premium-file.html

合格させるProfessional-Cloud-Developer試験にはリアルテストエンジンPDFには265問題あります:https://drive.google.com/open?id=1RR9QuLdCLQ3lrN22iYblNJ-0SfwI-1FN


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어