PCA Q's 1-100 Flashcards
1.
Your company has decided to make a major revision of their API in order to create better expenences for their developers They need to keep the old version of the API available and deployable, while allowing new customers and testers to try out the new API They want to keep the same SSL and DNS records in place to serve both APIs.
What should they do?
A Configure a new load balancer for the new version of the API
B Reconfigure old clients to use a new endpoint for the new API
C. Have the old API forward traffic to the new API based on the path
D Use separate backend pools for each API path behind the load balancer
D.
Use separate backend pools for each API path behind the load balancer
D is the answer because HTTP(S) load balancer can direct traffic reaching a single IP to different backends based on the incoming URL. A is not correct because configuring a new load balancer would require a new or different SSL and DNS records which conflicts with the requirements to keep the same SSL and DNS records. B is not correct because it goes against the requirements. The company wants to keep the old API available while new customers and testers try the new API. C is not correct because it is not a requirement to decommission the implementation behind the old API. Moreover, it introduces unnecessary risk in case bugs or incompatibilities are discovered in the new API
2.
Your company plans to migrate a multi-petabyte data set to the cloud The data set must be available 24hrs a day. Your business analysts have experience only with using a
SQL interface.
How should you store the data to optimize it for ease of analysis?
A Load data into Google BigQuery
B Insert data into Google Cloud SQL
C Put flat files into Google Cloud Storage
D Stream data into Google Cloud Datastore
A. Load data into Google BigQuery
This question could go either way for A or B. But Big Query was designed with this in mind, according to numerous Google presentation and videos. Cloud Datastore is a NoSQL database (https://cloud.google.com/datastore/docs/concepts/overview)
Cloud Storage does not have an SQL interface. The previous two sentences eliminate options C and D. So I’d pick “A”.
3.
The operations manager asks you for a list of recommended practices that she should consider when migrating a J2EE application to the cloud Which three practices should you recommend? (Choose three.)
A Port the application code to run on Google App Engine
B Integrate Cloud Dataflow into the application to capture real-time metrics
C. Instrument the application with a monitoring tool like Stackdriver Debugger
D Select an automation framework to reliably provision the cloud infrastructure
E Deploy a continuous integration tool with automated testing in a staging environment
F Migrate from MySQL to a managed NoSQL database like Google Cloud Datastore or Bigtable
References: https //cloud Qooole com/appenaine/docs/standard/|ava/tools/uploadinQanapp
https //cloud google com/appengine/docs/standard/java/building-app/cloud-sql tvt_vn/ebay
A, C E
4.
A news feed web service has the following code running on Google App Engine. During peak load, users report that they can see news articles they already viewed
What is the most likely cause of this problem?
import news
from flask, import: Flask, redirect, request
from flask.ext.api import status
from google.appengine.api import users
app = Flask( _name_ )
sessions = { }
@app.route (“/”)
def homepage():
user — users.get_current_user()
if not user:
return “Invalid login”,
status.HTTP 401 UNAUTHORIZED
if user not in sessions:
sessions[user] = {“viewed”: [ ] }
news_articles = news.get new news (user, sessions [user]
[“viewed”])
sessions [user] [“viewed”] +— [n[“id”] for n in news_articles]
return news.render(news articles) if name " main ": app.run( )
A. The session variable is local to just a single instance
B The session variable is being overwritten in Cloud Datastore
C. The URL of the API needs to be modified to prevent caching
D The HTTP Expires header needs to be set to -1 stop caching
A. The session variable is local to just a single instance
5.
An application development team believes their current logging tool will not meet their needs for their new cloud-based product. They want a better tool to capture errors and
help them analyze their historical log data You want to help them find a solution that meets their needs.
What should you do?
A Direct them to download and install the Google StackDriver logging agent
B Send them a list of online resources about logging best practices
C. Help them define their requirements and assess viable logging tools
D Help them upgrade their current tool to take advantage of any new features
Correct: A
Reason: This is a GCP exam lol. Besides, stackdriver is the GCP solution for logging
6.
You need to reduce the number of unplanned rollbacks of erroneous production deployments in your company’s web hosting platform. Improvement to the QA/Test processes
accomplished an 80% reduction.
Which additional two approaches can you take to further reduce the rollbacks? (Choose two.)
A. Introduce a green-blue deployment model
B. Replace the QA environment with canary releases
C. Fragment the monolithic platform into microservices
D. Reduce the platform’s dependency on relational database systems
E Replace the platform’s relational database systems with a NoSQL database tvt_vn/ebay
A, C
“D) and E) are pointless in this context.
C) is certainly a good practice.
Now between A) and B)
A) Blue green deployment is an application release model that gradually transfers user traffic from a previous version of an app or microservice to a nearly identical new release—both of which are running in production.
c) In software, a canary process is usually the first instance that receives live production traffic about a new configuration update, either a binary or configuration rollout. The new release only goes to the canary at first. The fact that the canary handles real user traffic is key: if it breaks, real users get affected, so canarying should be the first step in your deployment process, as opposed to the last step in testing in production. “
While both green-blue and canary releases are useful, B) suggests “replacing QA” with canary releases - which is not good. QA got the issue down by 80%. Hence A) and C)”
7.
To reduce costs, the Director of Engineering has required all developers to move their development infrastructure resources from on-premises virtual machines (VMs) to
Google Cloud Platform. These resources go through multiple start/stop events during the day and require state to persist. You have been asked to design the process of running a development environment in Google Cloud while providing cost visibility to the finance department
Which two steps should you take? (Choose two.)
A. Use the - -no-auto-delete flag on all persistent disks and stop the VM
B. Use the - -auto-delete flag on all persistent disks and terminate the VM
C. Apply VM CPU utilization label and include it in the BigQuery billing export
D. Use Google BigQuery billing export and labels to associate cost to groups
E. Store all state into local SSD. snapshot the persistent disks, and terminate the VM
F. Store all state in Google Cloud Storage, snapshot the persistent disks, and terminate the VM tvt_vn/ebay
A, D
he correct answer is 100% A / D and here is why. On the sample question, the “F” option is gone. “A” is there but slightly reworked, it now says: “Use persistent disks to store the state. Start and stop the VM as needed” which makes much more sense. The practice exam says A and D are correct. Given the wording of this question, if A and B, where there then both would be correct because of the word “persistent” and not because of the flag. The “no-auto-delete” makes A slightly safer than B, but it is the “persistent disk” that makes them right, not the flag. Hope that helps! F is not right because that is a complex way of solving the issue that by choosing Persistent Disk solves it up front. HTH
- Your company wants to track whether someone is present in a meeting room reserved for a scheduled meeting There are 1000 meeting rooms across 5 offices on 3 continents.Each room is equipped with a motion sensor that reports its status every second. The data from the motion detector includes only a sensor ID and several
different discrete items of information Analysts will use this data, together with information about account owners and office locations.
Which database type should you use?
A. Flat file
B. NoSQL
C. Relational
D. Blobstore
B. NoSQL
A does not seem reasonable because a flat file is not easy to query and analyze.
B seems reasonable because this accommodates unstructured data.
C seems unreasonable because we have no idea on the structure of the data.
D seems unreasonable beacause there is no such Google database type.
9.
You set up an autoscaling instance group to serve web traffic for an upcoming launch After configuring the instance group as a backend service to an HTTP(S) load balancer,
you notice that virtual machine (VM) instances are being terminated and re-launched every minute. The instances do not have a public IP address. You have verified the appropriate web response is coming from each instance using the curl command. You want to ensure the backend is configured correctly.
What should you do?
A. Ensure that a firewall rules exists to allow source traffic on HTTP/HTTPS to reach the load balancer
B. Assign a public IP to each instance and configure a firewall rule to allow the load balancer to reach the instance public IP.
C. Ensure that a firewall rule exists to allow load balancer health checks to reach the instances in the instance group.
D. Create a tag on each instance with the name of the load balancer Configure a firewall rule with the name of the load balancer as the source and the instance tag as
the destination
C. Ensure that a firewall rule exists to allow load balancer health checks to reach the instances in the instance group.
A” and “B” wouldn’t turn the VMs on or off, it would jsut prevent traffic. “C” would turn them off if the health check is configured to terminate the VM is it fails. “D” is the start of a pseudo health check without any logic, so it also isn’t an answer because it is like “A” and “B”. Correct Answer: “C”
10.
You write a Python script to connect to Google BigQuery from a Google Compute Engine virtual machine The script is printing errors that it cannot connect to BigQuery.
What should you do to fix the script?
A. Install the latest BigQuery API client library for Python
B. Run your script on a new virtual machine with the BigQuery access scope enabled
C. Create a new service account with BigQuery access and execute your script with that user
D. Install the bq component for gcloud with the command gcloud components install bq
C. Create a new service account with BigQuery access and execute your script with that user
Reason:
A - If client library was not installed, the python scripts won’t run - since the question states the script reports “cannot connect” - the client library must have been installed. so it’s B or C.
B - https://cloud.google.com/bigquery/docs/authorization an access scope is how your client application retrieve access_token with access permission in OAuth when you want to access services via API call - in this case, it is possible that the python script use an API call instead of library, if this is true, then access scope is required. client library requires no access scope (as it does not go through OAuth)
C - service account is Google Cloud’s best practice. Access scopes are the legacy method of specifying permissions for your instance. read from > https://cloud.google.com/compute/docs/access/service-accounts
So prefer C.
Your customer is moving an existing corporate application to Google Cloud Platform from an on-premises data center. The business owners require minimal user disruption There are strict secunty team requirements for storing passwords.
What authentication strategy should they use?
A. Use G Suite Password Sync to replicate passwords into Google
B. Federate authentication via SAML 2 0 to the existing Identity Provider
C. Provision users in Google using the Google Cloud Directory Sync tool
D Ask users to set their Google password to match their corporate password
B. Federate authentication via SAML 2 0 to the existing Identity Provider
The correct answer is B.
GCDS tool only copies the usernames, not the passwords. And more over strict security requirements for the passwords. Not allowed to copy them onto Google, I think.
Federation technique help resolve this issue. Please correct me if I am wrong.
- Your company has successfully migrated to the cloud and wants to analyze their data stream to optimize operations They do not have any existing code for this analysis, so they are exploring all their options. These options include a mix of batch and stream processing, as they are running some hourly jobs and live-processing some data as it comes in.
Which technology should they use for this?
A. Google Cloud Dataproc
B. Google Cloud Dataflow
C. Google Container Engine with Bigtable
D. Google Compute Engine with Google BigQuery
B. Google Cloud Dataflow
- Your customer is receiving reports that their recently updated Google App Engine application is taking approximately 30 seconds to load for some of their users This behavior was not reported before the update.
What strategy should you take?
A. Work with your ISP to diagnose the problem
B. Open a support ticket to ask for network capture and flow data to diagnose the problem, then roll back your application
C. Roll back to an earlier known good release initially, then use Stackdriver Trace and Logging to diagnose the problem in a development/test/staging environment
D. Roll back to an earlier known good release, then push the release again at a quieter period to investigate Then use Stackdriver Trace and Logging to diagnose the
problem
C. Roll back to an earlier known good release initially, then use Stackdriver Trace and Logging to diagnose the problem in a development/test/staging environment
14.
A production database virtual machine on Google Compute Engine has an ext4-formatted persistent disk for data files. The database is about to run out of storage space.
How can you remediate the problem with the least amount of downtime?
A. In the Cloud Platform Console, increase the size of the persistent disk and use the resize2fs command in Linux.
B. Shut down the virtual machine, use the Cloud Platform Console to increase the persistent disk size, then restart the virtual machine
C. In the Cloud Platform Console, increase the size of the persistent disk and verify the new space is ready to use with the fdisk command in Linux
D. In the Cloud Platform Console, create a new persistent disk attached to the virtual machine, format and mount it. and configure the database service to move the files
to the new disk
E. In the Cloud Platform Console, create a snapshot of the persistent disk restore the snapshot to a new larger disk, unmount the old disk, mount the new disk and
restart the database service
A.
In the Cloud Platform Console, increase the size of the persistent disk and use the resize2fs command in Linux.
15.
Your application needs to process credit card transactions. You want the smallest scope of Payment Card Industry (PCI) compliance without compromising the ability to
analyze transactional data and trends relating to which payment methods are used.
How should you design your architecture?
A. Create a tokenizer service and store only tokenized data
B. Create separate projects that only process credit card data
C. Create separate subnetworks and isolate the components that process credit card data
D. Streamline the audit discovery phase by labeling all of the virtual machines (VMs) that process PCI data
E Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor
Reference:
https://wwwsans orq/readina-room/whiteDaDers/comDliance/wavs-reduce-Dci-dsstvt_vn/ebay -audit-scoDe-tokenizinq-cardholder-data-33194
A.
Create a tokenizer service and store only tokenized data
16.
You have been asked to select the storage system for the click-data of your company’s large portfolio of websites This data is streamed in from a custom website analytics
package at a typical rate of 6.000 clicks per minute With bursts of up to 8.500 clicks per second It must have been stored for future analysis by your data science and user
experience teams.
Which storage infrastructure should you choose?
A Google Cloud SQL
B Google Cloud Bigtable
C Google Cloud Storage
D Google Cloud Datastore
B Google Cloud Bigtable
- You are creating a solution to remove backup files older than 90 days from your backup Cloud Storage bucket. You want to optimize ongoing Cloud Storage spend
What should you do?
A. Write a lifecycle management rule in XML and push it to the bucket with gsutil
B. Write a lifecycle management rule in JSON and push it to the bucket with gsutil
C. Schedule a cron script using gsutil Is -lr gs://backups/ * * to find and remove items older than 90 days
D. Schedule a cron script using gsutil Is -1 gs://backups/ * * to find and remove items older than 90 days and schedule it with cron
B. Write a lifecycle management rule in JSON and push it to the bucket with gsutil
- Your company is forecasting a sharp increase in the number and size of Apache Spark and Hadoop jobs being run on your local datacenter You want to utilize the cloud to help you scale this upcoming demand with the least amount of operations work and code change
Which product should you use?
A Google Cloud Dataflow
B Google Cloud Dataproc
C. Google Compute Engine
D Google Kubernetes Engine
B Google Cloud Dataproc
- The database administration team has asked you to help them improve the performance of their new database server running on Google Compute Engine The database is for
importing and normalizing their performance statistics and is built with MySQL running on Debian Linux They have an n1-standard-8 virtual machine with 80 GB of SSD
persistent disk.
What should they change to get better performance from this system?
A. Increase the virtual machine’s memory to 64 GB
B. Create a new virtual machine running PostgreSQL
C. Dynamically resize the SSD persistent disk to 500 GB
D. Migrate their performance metrics warehouse to BigQuery
E Modify all of their batch jobs to use bulk inserts into the database
C. Dynamically resize the SSD persistent disk to 500 GB
Answer is C because persistent disk performance is based on the total persistent disk capacity attached to an instance and the number of vCPUs that the instance has. Incrementing the persistent disk capacity will increment its throughput and IOPS, which in turn improve the performance of MySQL.
- You want to optimize the performance of an accurate,real-time,weather-charting application. The data comes from 50.000 sensors sending 10 readings a second, in the format of a timestamp and sensor reading.
Where should you store the data?
A Google BigQuery
B Google Cloud SQL
C. Google Cloud Bigtable
D Google Cloud Storage
C. Google Cloud Bigtable
- Your company’s user-feedback portal comprises a standard LAMP stack replicated across two zones. It is deployed in the us-central1 region and uses autoscaled managed
instance groups on all layers, except the database. Currently, only a small group of select customers have access to the portal. The portal meets a 99,99% availability SLA
under these conditions. However next quarter, your company will be making the portal available to all users, including unauthenticated users. You need to develop a
resiliency testing strategy to ensure the system maintains the SLA once they introduce additional user load
What should you do?
A Capture existing users input and replay captured user load until autoscale is triggered on all layers At the same time, terminate all resources in one of the zones
B Create synthetic random user input, replay synthetic load until autoscale logic is triggered on at least one layer, and introduce * chaosr to the system by terminating random resources on both zones
C Expose the new system to a larger group of users, and increase group size each day until autoscale logic is triggered on all layers At the same time, terminate random resources on both zones
D Capture existing users input and replay captured user load until resource utilization crosses 80% Also, derive estimated number of users based on existing user’s
usage of the app. and deploy enough resources to handle 200% of expected load tvt_vn/ebay
B Create synthetic random user input, replay synthetic load until autoscale logic is triggered on at least one layer, and introduce *chaosr to the system by terminating random resources on both zones
One of the developers on your team deployed their application in Google Container Engine with the Dockerfile below They report that their application deployments are taking
too long
FROM ubuntu:16.04
COPY . /src
RUN apt-get update && apt-get install -y python python-pip
RUN pip install -r requirements.txt
You want to optimize this Dockerfile for faster deployment times without adversely affecting the app’s functionality.
Which two actions should you take? (Choose two.)
A. Remove Python after running pip
B. Remove dependencies from requirements txt
C. Use a slimmed-down base image like Alpine Linux
D. Use larger machine types for your Google Container Engine node pools
E. Copy the source after he package dependencies (Python and pip) are installed
C, E
C: Smaller the base image with minimum dependency faster the container will start
E: Docker image build uses caching. Docker Instructions sequence matter because
application’s dependencies change less frequently than the Python code which will help to reuse the cached layer of dependency and only add new layer for code change for Python Source code.
23.
Your solution is producing performance bugs in production that you did not see in staging and test environments. You want to adjust your test and deployment procedures to
avoid this problem in the fature.
What should you do?
A. Deploy fewer changes to production
B. Deploy smaller changes to production
C. Increase the load on your test and staging environments
D Deploy changes to a small subset of users before rolling out to production
C. Increase the load on your test and staging environments
- A small number of API requests to your microservices-based application take a very long time. You know that each request to the API can traverse many services. You want
to know which service takes the longest in those cases.
What should you do?
A. Set timeouts on your application so that you can fail requests faster
B. Send custom metrics for each of your requests to Stackdriver Monitoring
C. Use Stackdriver Monitoring to look for insights that show when your API latencies are high
D. Instrument your application with Stackdriver Trace in order to break down the request latencies at each microservice
D. Instrument your application with Stackdriver Trace in order to break down the request latencies at each microservice
25.
Dunng a high traffic portion of the day, one of your relational databases crashes, but the replica is never promoted to a master. You want to avoid this in the future.
What should you do?
A. Use a different database
B. Choose larger instances for your database
C. Create snapshots of your database more regularly
D. Implement routinely scheduled failovers of your databases
D. Implement routinely scheduled failovers of your databases
“I agree the question i s not clear. In GCP larger instances have larger number of CPUs, Memory and come with their own private network. So increases the instance size would help prevent the need for failover during high traffic times. However, routinely scheduled failovers would allow the team to test the failover when it is not required. This would make sure it is working when it is required.”
26.
Your organization requires that metrics from all applications be retained for 5 years for future analysis in possible legal proceedings
Which approach should you use?
A. Grant the security team access to the logs in each Project
B. Configure Stackdriver Monitoring for all Projects, and export to BigQuery
C. Configure Stackdriver Monitoring for all Projects with the default retention policies
D. Configure Stackdriver Monitoring for all Projects and export to Google Cloud Storage
D. Configure Stackdriver Monitoring for all Projects and export to Google Cloud Storage
27.
Your company has decided to build a backup replica of their on-premises user authentication PostgreSQL database on Google Cloud Platform. The database is 4 TB. and
large updates are frequent Replication requires private address space communication.
Which networking approach should you use?
A. Google Cloud Dedicated Interconnect
B. Google Cloud VPN connected to the data center network
C. A NAT and TLS translation gateway installed on-premises
D. A Google Compute Engine instance with a VPN server installed connected to the data center network
A. Google Cloud Dedicated Interconnect
28.
Auditors visit your teams every 12 months and ask to review all the Google Cloud Identity and Access Management (Cloud IAM) policy changes in the previous 12 months.
You want to streamline and expedite the analysis and audit process.
What should you do?
A. Create custom Google Stackdriver alerts and send them to the auditor
B. Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor
C. Use cloud functions to transfer log entries to Google Cloud SQL and use ACLs and views to limit an auditor’s view
D. Enable Google Cloud Storage (GCS) log export to audit logs into a GCS bucket and delegate access to the bucket
B. Enable Logging export to Google BigQuery and use ACLs and views to scope the data shared with the auditor
