Professional-Cloud-DevOps-Engineer Certification Overview - [Dec 25, 2021] Latest Professional-Cloud-DevOps-Engineer PDF Dumps [Q40-Q57]

Professional-Cloud-DevOps-Engineer Certification Overview - [Dec 25, 2021] Latest Professional-Cloud-DevOps-Engineer PDF Dumps

The Best Google Professional-Cloud-DevOps-Engineer Study Guides and Dumps of 2021

The Google Professional Cloud DevOps Engineer exam is taken by the specialists who want to obtain international certification and get validated as professional engineers who can manage Cloud DevOps features.

 

NEW QUESTION 40
You are using Stackdriver to monitor applications hosted on Google Cloud Platform (GCP). You recently deployed a new application, but its logs are not appearing on the Stackdriver dashboard.
You need to troubleshoot the issue. What should you do?

• A. Confirm that port 25 has been opened in the firewall to allow messages through to Stackdriver.
• B. Confirm that the Stackdriver agent has been installed in the hosting virtual machine.
• C. Confirm that your account has the proper permissions to use the Stackdriver dashboard.
• D. Confirm that the application is using the required client library and the service account key has proper permissions.

Answer: C

 

NEW QUESTION 41
Some of your production services are running in Google Kubernetes Engine (GKE) in the eu-west-1 region. Your build system runs in the us-west-1 region. You want to push the container images from your build system to a scalable registry to maximize the bandwidth for transferring the images to the cluster. What should you do?

• A. Push the images to Google Container Registry (GCR) using the us.gcr.io hostname.
• B. Push the images to Google Container Registry (GCR) using the eu.gcr.io hostname.
• C. Push the images to Google Container Registry (GCR) using the gcr.io hostname.
• D. Push the images to a private image registry running on a Compute Engine instance in the eu-west-1 region.

Answer: A

 

NEW QUESTION 42
You are responsible for creating and modifying the Terraform templates that define your Infrastructure. Because two new engineers will also be working on the same code, you need to define a process and adopt a tool that will prevent you from overwriting each other's code. You also want to ensure that you capture all updates in the latest version. What should you do?

• A. * Store your code as text files in Google Drive in a defined folder structure that organizes the files.
  * At the end of each day. confirm that all changes have been captured in the files within the folder structure.
  * Rename the folder structure with a predefined naming convention that increments the version.
• B. * Store your code in a Git-based version control system.
  * Establish a process that allows developers to merge their own changes at the end of each day.
  * Package and upload code lo a versioned Cloud Storage bucket as the latest master version.
• C. * Store your code as text files in Google Drive in a defined folder structure that organizes the files.
  * At the end of each day, confirm that all changes have been captured in the files within the folder structure and create a new .zip archive with a predefined naming convention.
  * Upload the .zip archive to a versioned Cloud Storage bucket and accept it as the latest version.
• D. * Store your code in a Git-based version control system.
  * Establish a process that includes code reviews by peers and unit testing to ensure integrity and functionality before integration of code.
  * Establish a process where the fully integrated code in the repository becomes the latest master version.

Answer: B

 

NEW QUESTION 43
You are running an application in a virtual machine (VM) using a custom Debian image. The image has the Stackdriver Logging agent installed. The VM has the cloud-platform scope. The application is logging information via syslog. You want to use Stackdriver Logging in the Google Cloud Platform Console to visualize the logs. You notice that syslog is not showing up in the "All logs" dropdown list of the Logs Viewer. What is the first thing you should do?

• A. Install the most recent version of the Stackdriver agent.
• B. SSH to the VM and execute the following commands on your VM: ps ax I grep fluentd
• C. Look for the agent's test log entry in the Logs Viewer.
• D. Verify the VM service account access scope includes the monitoring.write scope.

Answer: B

Explanation:
https://cloud.google.com/compute/docs/access/service-accounts#associating_a_service_account_to_an_instance

 

NEW QUESTION 44
You support an application running on GCP and want to configure SMS notifications to your team for the most critical alerts in Stackdriver Monitoring. You have already identified the alerting policies you want to configure this for. What should you do?

• A. Download and configure a third-party integration between Stackdriver Monitoring and an SMS gateway. Ensure that your team members add their SMS/phone numbers to the external tool.
• B. Select the Webhook notifications option for each alerting policy, and configure it to use a third-party integration tool. Ensure that your team members add their SMS/phone numbers to the external tool.
• C. Configure a Slack notification for each alerting policy. Set up a Slack-to-SMS integration to send SMS messages when Slack messages are received. Ensure that your team members add their SMS/phone numbers to the external integration.
• D. Ensure that your team members set their SMS/phone numbers in their Stackdriver Profile. Select the SMS notification option for each alerting policy and then select the appropriate SMS/phone numbers from the list.

Answer: D

Explanation:
https://cloud.google.com/monitoring/support/notification-options#creating_channels To configure SMS notifications, do the following:
In the SMS section, click Add new and follow the instructions. Click Save. When you set up your alerting policy, select the SMS notification type and choose a verified phone number from the list.

 

NEW QUESTION 45
You are managing the production deployment to a set of Google Kubernetes Engine (GKE) clusters. You want to make sure only images which are successfully built by your trusted CI/CD pipeline are deployed to production. What should you do?

• A. Set up the Kubernetes Engine clusters with Binary Authorization.
• B. Set up the Kubernetes Engine clusters as private clusters.
• C. Enable Vulnerability Analysis on the Container Registry.
• D. Enable Cloud Security Scanner on the clusters.

Answer: A

Explanation:
https://cloud.google.com/binary-authorization/docs/overview

 

NEW QUESTION 46
You use Spinnaker to deploy your application and have created a canary deployment stage in the pipeline. Your application has an in-memory cache that loads objects at start time. You want to automate the comparison of the canary version against the production version. How should you configure the canary analysis?

• A. Compare the canary with the average performance of a sliding window of previous production versions.
• B. Compare the canary with a new deployment of the current production version.
• C. Compare the canary with a new deployment of the previous production version.
• D. Compare the canary with the existing deployment of the current production version.

Answer: B

Explanation:
https://cloud.google.com/architecture/automated-canary-analysis-kubernetes-engine-spinnaker
https://spinnaker.io/guides/user/canary/best-practices/#compare-canary-against-baseline-not-against-production

 

NEW QUESTION 47
You are deploying an application that needs to access sensitive information. You need to ensure that this information is encrypted and the risk of exposure is minimal if a breach occurs. What should you do?

• A. Store the encryption keys in Cloud Key Management Service (KMS) and rotate the keys frequently
• B. Leverage a continuous build pipeline that produces multiple versions of the secret for each instance of the application.
• C. Inject the secret at the time of instance creation via an encrypted configuration management system.
• D. Integrate the application with a Single sign-on (SSO) system and do not expose secrets to the application

Answer: A

 

NEW QUESTION 48
Your company follows Site Reliability Engineering practices. You are the person in charge of Communications for a large, ongoing incident affecting your customer-facing applications. There is still no estimated time for a resolution of the outage. You are receiving emails from internal stakeholders who want updates on the outage, as well as emails from customers who want to know what is happening. You want to efficiently provide updates to everyone affected by the outage. What should you do?

• A. Provide all internal stakeholder emails to the Incident Commander, and allow them to manage internal communications. Focus on providing responses directly to customers.
• B. Delegate the responding to internal stakeholder emails to another member of the Incident Response Team. Focus on providing responses directly to customers.
• C. Focus on responding to internal stakeholders at least every 30 minutes. Commit to "next update" times.
• D. Provide periodic updates to all stakeholders in a timely manner. Commit to a "next update" time in all communications.

Answer: D

Explanation:
When disaster strikes, the person who declares the incident typically steps into the IC role and directs the high-level state of the incident. The IC concentrates on the 3Cs and does the following: Commands and coordinates the incident response, delegating roles as needed. By default, the IC assumes all roles that have not been delegated yet. Communicates effectively. Stays in control of the incident response. Works with other responders to resolve the incident. https://sre.google/workbook/incident-response/

 

NEW QUESTION 49
You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (Pll) is leaking into certain log entry fields. All Pll entries begin with the text userinfo. You want to capture these log entries in a secure location for later review and prevent them from leaking to Stackdriver Logging. What should you do?

• A. Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, create an advanced log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
• B. Create a basic log filter matching userinfo, and then configure a log export in the Stackdriver console with Cloud Storage as a sink.
• C. Create an advanced log filter matching userinfo, configure a log export in the Stackdriver console with Cloud Storage as a sink, and then configure a tog exclusion with userinfo as a filter.
• D. Use a Fluentd filter plugin with the Stackdriver Agent to remove log entries containing userinfo, and then copy the entries to a Cloud Storage bucket.

Answer: D

Explanation:
https://medium.com/google-cloud/fluentd-filter-plugin-for-google-cloud-data-loss-prevention-api-42bbb1308e76

 

NEW QUESTION 50
You support a web application that runs on App Engine and uses CloudSQL and Cloud Storage for data storage. After a short spike in website traffic, you notice a big increase in latency for all user requests, increase in CPU use, and the number of processes running the application. Initial troubleshooting reveals:
After the initial spike in traffic, load levels returned to normal but users still experience high latency.
Requests for content from the CloudSQL database and images from Cloud Storage show the same high latency.
No changes were made to the website around the time the latency increased.
There is no increase in the number of errors to the users.
You expect another spike in website traffic in the coming days and want to make sure users don't experience latency. What should you do?

• A. Move the application from App Engine to Compute Engine.
• B. Enable high availability on the CloudSQL instances.
• C. Modify the App Engine configuration to have additional idle instances.
• D. Upgrade the GCS buckets to Multi-Regional.

Answer: B

 

NEW QUESTION 51
You have a set of applications running on a Google Kubernetes Engine (GKE) cluster, and you are using Stackdriver Kubernetes Engine Monitoring. You are bringing a new containerized application required by your company into production. This application is written by a third party and cannot be modified or reconfigured. The application writes its log information to /var/log/app_messages.log, and you want to send these log entries to Stackdriver Logging. What should you do?

• A. Install Kubernetes on Google Compute Engine (GCE> and redeploy your applications. Then customize the built-in Stackdriver Logging configuration to tail the log file in the application's pods and write to Stackdriver Logging.
• B. Write a script to tail the log file within the pod and write entries to standard output. Run the script as a sidecar container with the application's pod. Configure a shared volume between the containers to allow the script to have read access to /var/log in the application container.
• C. Use the default Stackdriver Kubernetes Engine Monitoring agent configuration.
• D. Deploy a Fluentd daemonset to GKE. Then create a customized input and output configuration to tail the log file in the application's pods and write to Slackdriver Logging.

Answer: B

 

NEW QUESTION 52
You deploy a new release of an internal application during a weekend maintenance window when there is minimal user traffic. After the window ends, you learn that one of the new features isn't working as expected in the production environment. After an extended outage, you roll back the new release and deploy a fix. You want to modify your release process to reduce the mean time to recovery so you can avoid extended outages in the future. What should you do?
Choose 2 answers

• A. Adopt the blue/green deployment strategy when releasing new code via a CD server.
• B. Integrate a code linting tool to validate coding standards before any code is accepted into the repository.
• C. Configure a CI server. Add a suite of unit tests to your code and have your CI server run them on commit and verify any changes.
• D. Require developers to run automated integration tests on their local development environments before release.
• E. Before merging new code, require 2 different peers to review the code changes.

Answer: A,C

 

NEW QUESTION 53
You support a multi-region web service running on Google Kubernetes Engine (GKE) behind a Global HTTP'S Cloud Load Balancer (CLB). For legacy reasons, user requests first go through a third-party Content Delivery Network (CDN). which then routes traffic to the CLB. You have already implemented an availability Service Level Indicator (SLI) at the CLB level. However, you want to increase coverage in case of a potential load balancer misconfiguration. CDN failure, or other global networking catastrophe. Where should you measure this new SLI?
Choose 2 answers

• A. Metrics exported from the application servers
• B. A synthetic client that periodically sends simulated user requests
• C. GKE health checks for your application servers
• D. Your application servers' logs
• E. Instrumentation coded directly in the client

Answer: B,E

 

NEW QUESTION 54
You created a Stackdriver chart for CPU utilization in a dashboard within your workspace project. You want to share the chart with your Site Reliability Engineering (SRE) team only. You want to ensure you follow the principle of least privilege. What should you do?

• A. Click "Share chart by URL" and provide the URL to the SRE team. Assign the SRE team the Dashboard Viewer IAM role in the workspace project.
• B. Share the workspace Project ID with the SRE team. Assign the SRE team the Dashboard Viewer IAM role in the workspace project.
• C. Share the workspace Project ID with the SRE team. Assign the SRE team the Monitoring Viewer IAM role in the workspace project.
• D. Click "Share chart by URL" and provide the URL to the SRE team. Assign the SRE team the Monitoring Viewer IAM role in the workspace project.

Answer: B

 

NEW QUESTION 55
You created a Stackdriver chart for CPU utilization in a dashboard within your workspace project. You want to share the chart with your Site Reliability Engineering (SRE) team only. You want to ensure you follow the principle of least privilege. What should you do?

• A. Click "Share chart by URL" and provide the URL to the SRE team. Assign the SRE team the Dashboard Viewer IAM role in the workspace project.
• B. Share the workspace Project ID with the SRE team. Assign the SRE team the Monitoring Viewer IAM role in the workspace project.
• C. Click "Share chart by URL" and provide the URL to the SRE team. Assign the SRE team the Monitoring Viewer IAM role in the workspace project.
• D. Share the workspace Project ID with the SRE team. Assign the SRE team the Dashboard Viewer IAM role in the workspace project.

Answer: C

Explanation:
https://cloud.google.com/monitoring/access-control

 

NEW QUESTION 56
You use a multiple step Cloud Build pipeline to build and deploy your application to Google Kubernetes Engine (GKE). You want to integrate with a third-party monitoring platform by performing a HTTP POST of the build information to a webhook. You want to minimize the development effort. What should you do?

• A. Create a Cloud Pub/Sub push subscription to the Cloud Build cloud-builds PubSub topic to HTTP POST the build information to a webhook.
• B. Add a new step at the end of the pipeline in Cloud Build to HTTP POST the build information to a webhook.
• C. Use Stackdriver Logging to create a logs-based metric from the Cloud Build logs. Create an Alert with a Webhook notification type.
• D. Add logic to each Cloud Build step to HTTP POST the build information to a webhook.

Answer: A

 

NEW QUESTION 57
......

Test Structure

The candidates who want to take this Google exam will have two hours to answer all questions. Even though the vendor doesn’t give details on the total number of questions that the examinees will receive, they should be prepared to solve multiple-choice and multiple-answer inquiries. Besides, the test is delivered in the English language only. As for the registration fee, the test-takers will need to pay $200 to take it. Additional taxes may apply depending on the candidate’s profile and chosen delivery method. By and large, the applicants have two options to take the official exam. They can choose to take it online from any remote location that they prefer. If they choose this option, the candidates should read carefully what the testing requirements are. In case applicants prefer to be present in a classroom when they take the actual testing, then they can search for a test center that is closest to their location. Also, Google doesn’t have any prerequisites for the candidates to be eligible for the evaluation. Still, it recommends that the candidates for the Professional Cloud DevOps Engineer exam should have at least 3 years of experience in the industry including a minimum of one year of experience in managing and developing solutions on GCP.

 

Valid Professional-Cloud-DevOps-Engineer Exam Updates - 2021 Study Guide: https://www.fast2test.com/Professional-Cloud-DevOps-Engineer-premium-file.html

Top Google Professional-Cloud-DevOps-Engineer Exam Audio Study Guide! Practice Questions Edition: https://drive.google.com/open?id=1mZZAi6uVG9IlUWp41QFilKT3kya5E9GM