[Google] GCP-PCD - Professional Cloud Developer Exam Dumps & Study Guide

Free [Google] GCP-PCD - Professional Cloud Developer Practice Questions Preview

• Question 1

  You want to upload files from an on-premises virtual machine to Google Cloud Storage as part of a data migration. These files will be consumed by Cloud
  DataProc Hadoop cluster in a GCP environment.
  Which command should you use?
  

  • A. gsutil cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/
  • B. gcloud cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/
  • C. hadoop fs cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/
  • D. gcloud dataproc cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/

  Correct Answer: A

  Explanation:

  The best command to use for uploading files from an on-premises virtual machine to Google Cloud Storage is A. gsutil cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/. This is because gsutil is the command-line tool specifically designed for interacting with Google Cloud Storage. It's optimized for transferring data to and from Cloud Storage buckets. The problem asks for transferring files to Google Cloud Storage and Hadoop cluster will consume it in GCP environment.

  Here's a breakdown of why the other options are not as suitable:

  • B. gcloud cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/: While gcloud is a powerful command-line tool for managing Google Cloud resources, it is not the ideal tool for transferring the data to Cloud Storage. gcloud storage cp is also available, however, gsutil is the more appropriate choice.
  • C. hadoop fs cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/: The hadoop fs command is used for interacting with Hadoop Distributed File System (HDFS) and other file systems compatible with Hadoop. While it can interact with Google Cloud Storage through the Hadoop connector, it's primarily designed for Hadoop-related tasks within a Hadoop environment. The data is being migrated to be used by Cloud DataProc, but right now it is in the virtual machine and not in the Hadoop environment.
  • D. gcloud dataproc cp [LOCAL_OBJECT] gs://[DESTINATION_BUCKET_NAME]/: gcloud dataproc is specifically for managing Dataproc clusters and jobs, not for general file transfers to Cloud Storage. There is also no `cp` command in `gcloud dataproc`.

  Therefore, gsutil cp is the most direct, efficient, and appropriate command for uploading files to Google Cloud Storage in this scenario.

  • gsutil cp command - Google Cloud Documentation, https://cloud.google.com/storage/docs/gsutil/commands/cp

• Question 2

  You migrated your applications to Google Cloud Platform and kept your existing monitoring platform. You now find that your notification system is too slow for time critical problems.
  What should you do?
  

  • A. Replace your entire monitoring platform with Stackdriver.
  • B. Install the Stackdriver agents on your Compute Engine instances.
  • C. Use Stackdriver to capture and alert on logs, then ship them to your existing platform.
  • D. Migrate some traffic back to your old platform and perform AB testing on the two platforms concurrently.

  Correct Answer: C

  Explanation:

  The recommended answer is C. Use Stackdriver to capture and alert on logs, then ship them to your existing platform.

  Reasoning: The problem is that the existing notification system is too slow for time-critical issues after migrating to Google Cloud Platform (GCP). Stackdriver (now known as Cloud Monitoring) is GCP's native monitoring solution and has robust alerting capabilities. Option C suggests leveraging Stackdriver to capture logs and, more importantly, to trigger alerts based on those logs. The alerts can be configured to be sent out immediately when critical events occur. Then, the logs can be shipped to the existing monitoring platform for further analysis and historical data retention. This approach addresses the immediate problem of slow notifications without requiring a complete replacement of the existing platform, preserving existing investments and workflows. This provides a balanced and least disruptive approach, leverages Stackdriver's real-time alerting capabilities, and preserves the investment in the existing monitoring platform.

  Reasons for not choosing other options:

  • A. Replace your entire monitoring platform with Stackdriver: While Stackdriver is a powerful monitoring solution, a complete replacement can be disruptive and time-consuming. It requires reconfiguring all existing monitoring rules, dashboards, and integrations. The question focuses on the immediate problem of slow notifications, and a full replacement is an overkill solution.
  • B. Install the Stackdriver agents on your Compute Engine instances: Installing Stackdriver agents is a necessary step for monitoring Compute Engine instances, but it doesn't directly address the slow notification problem. Agents collect metrics and logs, but the alert configuration and notification mechanism are separate. It doesn't guarantee faster notifications.
  • D. Migrate some traffic back to your old platform and perform AB testing on the two platforms concurrently: This option is irrelevant to the monitoring and notification problem. AB testing is used to compare different versions of an application or feature, not to solve monitoring latency issues. Moving traffic back to the old platform simply avoids the problem rather than addressing it.

  Therefore, using Stackdriver for immediate alerting and shipping logs to the existing platform offers the most practical and efficient solution.

  • Cloud Logging, https://cloud.google.com/logging
  • Cloud Monitoring, https://cloud.google.com/monitoring

• Question 3

  You are planning to migrate a MySQL database to the managed Cloud SQL database for Google Cloud. You have Compute Engine virtual machine instances that will connect with this Cloud SQL instance. You do not want to whitelist IPs for the Compute Engine instances to be able to access Cloud SQL.
  What should you do?
  

  • A. Enable private IP for the Cloud SQL instance.
  • B. Whitelist a project to access Cloud SQL, and add Compute Engine instances in the whitelisted project.
  • C. Create a role in Cloud SQL that allows access to the database from external instances, and assign the Compute Engine instances to that role.
  • D. Create a CloudSQL instance on one project. Create Compute engine instances in a different project. Create a VPN between these two projects to allow internal access to CloudSQL.

  Correct Answer: A

  Explanation:

  The best solution is to enable private IP for the Cloud SQL instance. Here's a detailed explanation:

  Suggested Answer: A

  Reasoning:

  The question explicitly states that you do not want to whitelist IPs for the Compute Engine instances to access Cloud SQL. Enabling private IP for the Cloud SQL instance allows Compute Engine instances within the same Virtual Private Cloud (VPC) network to connect to Cloud SQL using internal IP addresses. This ensures that the traffic stays within Google's private network, enhancing security and eliminating the need to expose Cloud SQL to the public internet or manage IP whitelists.

  Reasoning why other options are not suitable:

  • B: Whitelisting a project to access Cloud SQL, and add Compute Engine instances in the whitelisted project. This option still involves whitelisting, which the question wants to avoid.
  • C: Create a role in Cloud SQL that allows access to the database from external instances, and assign the Compute Engine instances to that role. While roles manage access control, they don't inherently establish a network connection. A role grants privileges, but the underlying network connectivity must still be established. This option doesn't negate the need for IP whitelisting or a private network connection.
  • D: Create a CloudSQL instance on one project. Create Compute engine instances in a different project. Create a VPN between these two projects to allow internal access to CloudSQL. While a VPN could solve the connectivity issue, it introduces unnecessary complexity compared to simply enabling private IP, especially if the resources can reside in the same project and VPC. It's an overkill solution for a relatively simple requirement.

  Enabling private IP is the most straightforward and secure way to allow Compute Engine instances to access Cloud SQL without IP whitelisting.

  In summary, the reason for choosing A is because it directly addresses the requirement of avoiding IP whitelisting while providing a secure connection between Compute Engine and Cloud SQL. The other options either fail to avoid whitelisting or introduce unnecessary complexity.

• Question 4

  You have deployed an HTTP(s) Load Balancer with the gcloud commands shown below.
  
  Health checks to port 80 on the Compute Engine virtual machine instance are failing and no traffic is sent to your instances. You want to resolve the problem.
  Which commands should you run?
  

  • A. gcloud compute instances add-access-config ${NAME}-backend-instance-1
  • B. gcloud compute instances add-tags ${NAME}-backend-instance-1 --tags http-server
  • C. gcloud compute firewall-rules create allow-lb --network load-balancer --allow tcp --source-ranges 130.211.0.0/22,35.191.0.0/16 --direction INGRESS
  • D. gcloud compute firewall-rules create allow-lb --network load-balancer --allow tcp --destination-ranges 130.211.0.0/22,35.191.0.0/16 --direction EGRESS

  Correct Answer: C

  Explanation:

  The correct answer is C. The problem is that health checks from the HTTP(s) Load Balancer to the Compute Engine instances are failing. This indicates that the load balancer is unable to reach the instances on port 80. To resolve this, a firewall rule must be created to allow traffic from the load balancer's IP ranges to the instances. Option C creates an ingress firewall rule that allows TCP traffic from the load balancer's source IP ranges (130.211.0.0/22 and 35.191.0.0/16) to reach the instances, which is exactly what's needed for the health checks to succeed and traffic to be routed correctly.

  Here's why the other options are incorrect:

  • A: `gcloud compute instances add-access-config ${NAME}-backend-instance-1` - This command is used to add an external IP address to an instance. It doesn't address the firewall issue that is preventing the load balancer from reaching the instances.
  • B: `gcloud compute instances add-tags ${NAME}-backend-instance-1 --tags http-server` - While adding the `http-server` tag might be relevant in some scenarios, it doesn't directly solve the problem of the load balancer's health checks being blocked by a firewall. Even if the tag is set, the firewall rule based on the tag does not create a connection from the health check probe to the backend service.
  • D: `gcloud compute firewall-rules create allow-lb --network load-balancer --allow tcp --destination-ranges 130.211.0.0/22,35.191.0.0/16 --direction EGRESS` - This command creates an egress firewall rule, which controls outbound traffic *from* the instances. The problem is that the load balancer can't send traffic *to* the instances, so an ingress rule is required, not an egress rule.

  Therefore, the best solution is to create an ingress firewall rule that allows traffic from the load balancer's IP ranges to the instances, making option C the correct choice.

  • Google Cloud Documentation on Load Balancing and Firewalls, https://cloud.google.com/load-balancing/docs/firewall-rules
  • Google Cloud Documentation on Health Checks, https://cloud.google.com/load-balancing/docs/health-checks

• Question 5

  Your website is deployed on Compute Engine. Your marketing team wants to test conversion rates between 3 different website designs.
  Which approach should you use?
  

  • A. Deploy the website on App Engine and use traffic splitting.
  • B. Deploy the website on App Engine as three separate services.
  • C. Deploy the website on Cloud Functions and use traffic splitting.
  • D. Deploy the website on Cloud Functions as three separate functions.

  Correct Answer: A

  Explanation:

  The recommended answer is A. Deploy the website on App Engine and use traffic splitting.

  Reasoning: The most suitable approach for testing conversion rates between three different website designs, also known as A/B testing, is to use App Engine's traffic splitting feature. Traffic splitting allows you to distribute incoming user traffic across different versions of your application seamlessly. This is ideal for A/B testing scenarios where you want to compare the performance of different designs without requiring users to manually select a version or managing separate URLs. App Engine handles the routing and traffic distribution according to the configured percentages.

  Reasons for not choosing the other options: * **B. Deploy the website on App Engine as three separate services:** While deploying as separate services is possible, it adds unnecessary complexity. You would need to manage three distinct services, potentially with different URLs, and manually control traffic distribution. This is less efficient and more complex than using App Engine's built-in traffic splitting. * **C. Deploy the website on Cloud Functions and use traffic splitting:** Cloud Functions are designed for event-driven, short-lived tasks. Deploying an entire website on Cloud Functions is generally not recommended due to its stateless nature and potential performance limitations for serving web content. Also, Cloud Functions does not have built-in traffic splitting capabilities like App Engine. * **D. Deploy the website on Cloud Functions as three separate functions:** Similar to option C, this approach is not suitable for hosting a full website. It would also introduce significant complexity in managing multiple functions and routing traffic between them and Cloud function does not have traffic splitting function.

  App Engine's traffic splitting is designed specifically for this type of A/B testing scenario.

  • Traffic Splitting, https://cloud.google.com/appengine/docs/standard/python/how-requests-are-routed

• Question 6

  You need to copy directory local-scripts and all of its contents from your local workstation to a Compute Engine virtual machine instance.
  Which command should you use?
  

  • A. gsutil cp --project ג€my-gcp-projectג€ -r ~/local-scripts/ gcp-instance-name:~/server-scripts/ --zone ג€us-east1-bג€
  • B. gsutil cp --project ג€my-gcp-projectג€ -R ~/local-scripts/ gcp-instance-name:~/server-scripts/ --zone ג€us-east1-bג€
  • C. gcloud compute scp --project ג€my-gcp-projectג€ --recurse ~/local-scripts/ gcp-instance-name:~/server-scripts/ --zone ג€us-east1-bג€
  • D. gcloud compute mv --project ג€my-gcp-projectג€ --recurse ~/local-scripts/ gcp-instance-name:~/server-scripts/ --zone ג€us-east1-bג€

  Correct Answer: C

  Explanation:

  The best command to copy a directory and its contents to a Compute Engine instance is gcloud compute scp. Therefore, the suggested answer is C.

  Reasoning: The gcloud compute scp command is designed for securely transferring files to and from Compute Engine virtual machine instances. The --recurse flag ensures that the directory and all its contents are copied recursively. This is the primary reason for choosing option C.

  Reasons for not choosing the other options: * **Option A & B:** gsutil cp is used for copying data to and from Cloud Storage buckets, not directly to Compute Engine instances using the instance name. While it's possible to copy to a bucket and then to the instance, it's less direct and efficient than using gcloud compute scp. * **Option D:** gcloud compute mv is used to move a Compute Engine instance, not to move files to a Compute Engine instance. It's not the correct tool for file transfer.

  The correct command to achieve the goal is gcloud compute scp with the --recurse flag.

  • gcloud compute scp, https://cloud.google.com/sdk/gcloud/reference/compute/scp

• Question 7

  You are deploying your application to a Compute Engine virtual machine instance with the Stackdriver Monitoring Agent installed. Your application is a unix process on the instance. You want to be alerted if the unix process has not run for at least 5 minutes. You are not able to change the application to generate metrics or logs.
  Which alert condition should you configure?
  

  • A. Uptime check
  • B. Process health
  • C. Metric absence
  • D. Metric threshold

  Correct Answer: C

  Explanation:

  The recommended answer is C. Metric absence.
  Here's the reasoning:
  The question requires an alert when a Unix process stops running for 5 minutes, without modifying the application. Metric absence is the correct choice because it's designed to trigger an alert when metrics are no longer reported within a specified duration. Since the application cannot be modified to generate specific metrics or logs, monitoring for the *absence* of existing metrics provided by the Stackdriver Monitoring Agent is the most suitable approach. If the process stops, the metrics associated with it will cease, triggering the metric absence alert.
  Here's why the other options are not ideal:
  * **A. Uptime check:** Uptime checks are generally used to monitor the availability of a service or website from an external perspective. They are not suitable for monitoring a specific process within a Compute Engine instance. * **B. Process health:** While "Process health" might seem relevant, it typically relies on specific metrics related to process status (e.g., CPU usage, memory consumption). The question states we can't change the application to generate specific metrics. If the application isn't actively providing health-related metrics, this option won't work. Moreover, the standard process health checks might not directly translate into an alert for a process *not running* for a specific period. * **D. Metric threshold:** Metric threshold alerts trigger when a metric exceeds or falls below a defined value. Since we want to know if the process *stops* and we can't generate specific metrics, this option is not as effective as monitoring for the absence of metrics altogether.
  The key is that the application cannot be modified, and we need to alert on the process *not* running, making metric absence the best solution.

  • Cloud Monitoring Documentation, https://cloud.google.com/monitoring/alerts

• Question 8

  You have two tables in an ANSI-SQL compliant database with identical columns that you need to quickly combine into a single table, removing duplicate rows from the result set.
  What should you do?
  

  • A. Use the JOIN operator in SQL to combine the tables.
  • B. Use nested WITH statements to combine the tables.
  • C. Use the UNION operator in SQL to combine the tables.
  • D. Use the UNION ALL operator in SQL to combine the tables.

  Correct Answer: C

  Explanation:

  The best approach to combine two tables with identical columns into a single table while removing duplicate rows is to use the UNION operator in SQL (Option C).

  Reasoning:

  • The UNION operator automatically removes duplicate rows from the combined result set. This directly addresses the requirement of the question.
  • The UNION ALL operator (Option D) combines the tables but does *not* remove duplicates. Since the question explicitly asks for the removal of duplicate rows, UNION ALL is not suitable.
  • JOIN operator (Option A) is used to combine rows from two or more tables based on a related column between them. It is not designed for combining tables with identical columns in the way described in the question.
  • Nested WITH statements (Option B) (Common Table Expressions - CTEs) are used to define temporary result sets that can be referenced within a single SQL statement. While CTEs can be part of a solution, they don't directly address the combining and de-duplication requirement as efficiently as UNION.

  Therefore, Option C is the most efficient and direct solution.

  Citations:

  • SQL UNION Operator, https://www.w3schools.com/sql/sql_union.asp
  • SQL UNION ALL Operator, https://www.w3schools.com/sql/sql_unionall.asp

• Question 9

  You have an application deployed in production. When a new version is deployed, some issues don't arise until the application receives traffic from users in production. You want to reduce both the impact and the number of users affected.
  Which deployment strategy should you use?
  

  • A. Blue/green deployment
  • B. Canary deployment
  • C. Rolling deployment
  • D. Recreate deployment

  Correct Answer: B

  Explanation:

  The recommended answer is B. Canary deployment. The reason for choosing Canary deployment is that it gradually rolls out a new version of an application to a small subset of users before releasing it to the entire infrastructure. This allows for real-world testing with minimal impact, providing an opportunity to identify and resolve issues before they affect a large number of users. It also allows for easier rollback if issues arise.

  The reason for not choosing the other answers is as follows:

  • A. Blue/green deployment: While blue/green deployments provide a quick rollback mechanism, they involve switching all traffic to the new version at once. This does not minimize the impact on users if issues arise in production; instead, all users are immediately affected.
  • C. Rolling deployment: Rolling deployments gradually update instances of the application, but they don't provide the same level of control and risk mitigation as canary deployments. Issues encountered during a rolling deployment can still affect a significant portion of users.
  • D. Recreate deployment: Recreate deployments shut down all existing application instances before deploying the new version, causing downtime and affecting all users. This is not suitable for minimizing impact and reducing the number of affected users.

  Therefore, canary deployment is the most suitable strategy for reducing both the impact and the number of users affected by issues arising in production after a new version is deployed.

  • Canary Deployment, https://cloud.google.com/solutions/canary-deployments
  • Blue/Green Deployment, https://cloud.google.com/solutions/blue-green-deployments
  • Rolling Deployment, https://octopus.com/docs/deployment-strategies/rolling-deployments

• Question 10

  Your company wants to expand their users outside the United States for their popular application. The company wants to ensure 99.999% availability of the database for their application and also wants to minimize the read latency for their users across the globe.
  Which two actions should they take? (Choose two.)
  

  • A. Create a multi-regional Cloud Spanner instance with "nam-asia-eur1" configuration.
  • B. Create a multi-regional Cloud Spanner instance with "nam3" configuration.
  • C. Create a cluster with at least 3 Spanner nodes.
  • D. Create a cluster with at least 1 Spanner node.
  • E. Create a minimum of two Cloud Spanner instances in separate regions with at least one node.
  • F. Create a Cloud Dataflow pipeline to replicate data across different databases.

  Correct Answer: AC

  Explanation:

  The best two actions to take are A. Create a multi-regional Cloud Spanner instance with "nam-asia-eur1" configuration and C. Create a cluster with at least 3 Spanner nodes.

  Reasoning:

  • Option A is correct because multi-regional Cloud Spanner instances are designed for high availability (99.999%) and low latency across a wide geographical area. The "nam-asia-eur1" configuration specifically targets North America, Asia, and Europe, which aligns with the requirement to serve users globally.
  • Option C is correct because increasing the number of nodes within a Spanner cluster enhances its processing power and resilience. At least 3 nodes are recommended to ensure data replication and fault tolerance for high availability.

  Reasons for excluding other options:

  • Option B is incorrect because "nam3" is a regional configuration, not a multi-regional one. It will not provide low latency for users in Asia and Europe.
  • Option D is incorrect because a single node provides no redundancy. If that node fails, the database becomes unavailable. It does not meet the availability requirement.
  • Option E is incorrect because creating multiple separate Spanner instances would require manual data synchronization and is operationally complex and more expensive than a multi-regional instance. Also, it does not provide the built-in high availability of a multi-regional instance.
  • Option F is incorrect because Cloud Dataflow is a data processing service, not a database replication tool for achieving high availability and low latency in a globally distributed database. It adds unnecessary complexity and cost.

  In summary, a multi-regional instance with sufficient nodes directly addresses the requirements for both high availability and low latency across the globe, making options A and C the optimal choices.

  • Cloud Spanner Overview, https://cloud.google.com/spanner/docs/overview
  • Cloud Spanner Instances, https://cloud.google.com/spanner/docs/instances