Free Google Professional Cloud DevOps Actual Exam Questions
Dumps Box (DumpsBox) offers up-to-date practice exam questions for GCC-Professional Cloud DevOps certification exam which are developed and validated by Google subject domain experts certified in Google Professional Cloud DevOps . These practice questions are update regularly as we keep an eye on any recent changes in GCC-Professional Cloud DevOps syllabus, and when there is update our team quickly adjusts the questions. This commitment to providing the best quality exam prep material to certification aspirants is what makes DumpsBox.com the best certification exam prep website. On top of that, our strong, yet strictly moderated, community based feedback keeps the content clean and current. Each question has helpful community discussion that provides it extra perspective and introduces helpful resources for better exam preparation. This also saves students from other outdated practice questions or illicit exam dumps that can have adverse affects on career. Browse through our Google Professional Cloud DevOps exam questions and pass your exam on first try.
You need to define Service Level Objectives (SLOs) for a high-traffic multi-region web application.
Customers expect the application to always be available and have fast response times. Customers are
currently happy with the application performance and availability. Based on current measurement,
you observe that the 90th percentile of latency is 120ms and the 95th percentile of latency is 275ms
over a 28-day window. What latency SLO would you recommend to the team to publish?
A/B? I’d rule out D and C since they’re way looser than current metrics, which doesn’t seem right if users expect fast responses. Between A and B, B matches what customers already experience, so it feels safer.
A/B? B matches current experience exactly, which customers like, but A sets a tighter goal that could push for better performance. Not sure if that risk is worth it given current satisfaction.
Your company operates in a highly regulated domain. Your security team requires that only trusted
container images can be deployed to Google Kubernetes Engine (GKE). You need to implement a
solution that meets the requirements of the security team, while minimizing management overhead.
What should you do?
D imo, Binary Authorization is built specifically for GKE to enforce trusted images at deploy time, which fits the security team's needs without extra overhead. C feels more complex and less integrated.
D
[Building and implementing CI/CD pipelines for a service] You recently deployed your application in Google Kubernetes Engine (GKE) and now need to release a new version of the application You need the ability to instantly roll back to the previous version of the application in case there are issues with the new version Which deployment model should you use?
It’s D for sure. Blue/green deployment means you have both environments ready to go, so if the new version messes up, you just flip the traffic back to the old one immediately. Rolling or canary deployments don't give that instant rollback because they gradually replace pods, which can take time and risk partial outages. Plus, the question highlights needing an instant rollback, and blue/green is designed exactly for that scenario. Even if it might cost more to run two environments briefly, it’s worth it when uptime and quick recovery are priorities.
C/D? Canary lets you test gradually but rollback isn’t instant since old pods get replaced. Blue/green keeps both live, so switching back is immediate if issues pop up.
You support a user-facing web application. When analyzing the application’s error budget over the
previous six months, you notice that the application has never consumed more than 5% of its error
budget in any given time window. You hold a Service Level Objective (SLO) review with business
stakeholders and confirm that the SLO is set appropriately. You want your application’s SLO to more
closely reflect its observed reliability. What steps can you take to further that goal while balancing
velocity, reliability, and business needs? (Choose two.)
Option B feels right because if you’ve got a big error budget left over, you can afford to push releases more often or take a few risks without breaking your SLO. That helps balance speed and reliability. Alongside that, D is smart since adding more SLIs can give a fuller picture of how the app really performs from different angles before making any SLO changes. Just tightening the SLO without better measurement might be rushing it.
D definitely, and also B to balance reliability with faster releases.
You are investigating issues in your production application that runs on Google Kubernetes Engine
(GKE). You determined that the source Of the issue is a recently updated container image, although
the exact change in code was not identified. The deployment is currently pointing to the latest tag.
You need to update your cluster to run a version of the container that functions as intended. What
should you do?
Probably D here too. Using the exact sha256 digest means you’re locking in the precise image that worked before, avoiding any tag confusion. Tags like ‘latest’ can move around, so switching back to a tag (like in A or B) might not guarantee the same image. Building a new container from an old Git tag (C) could work, but it takes extra steps and might introduce build inconsistencies. Just pointing to the digest keeps it simple and reliable for rollback.
D, because using the digest guarantees the exact image without relying on tags.
You are building an application that runs on Cloud Run The application needs to access a third-party
API by using an API key You need to determine a secure way to store and use the API key in your
application by following Google-recommended practices What should you do?
Cloud KMS in C and D is more about encryption keys, not storing API keys directly. So those options don’t fit here. Using Secret Manager like in A is really the best practice for managing secrets securely in Cloud Run.
I’m with A on this one. Cloud Run has built-in support for pulling secrets from Secret Manager directly into environment variables, which is super straightforward and secure. Mounting secrets like in B isn’t even supported in Cloud Run, so that option’s kind of a non-starter. Using Cloud KMS like in C or D makes things complicated since you’d have to handle encryption/decryption yourself, and Google recommends Secret Manager for managing secrets properly. So A makes the most sense here for both security and simplicity.
You support a Node.js application running on Google Kubernetes Engine (GKE) in production. The
application makes several HTTP requests to dependent applications. You want to anticipate which
dependent applications might cause performance issues. What should you do?
A imo, Stackdriver Profiler can help identify performance bottlenecks inside the applications themselves, not just the HTTP calls. While Trace focuses on request latency, Profiler gives a CPU and memory usage perspective which can highlight inefficient code causing slowness. This can be useful when dependent apps are slow internally, not just in network timing. It’s a different angle than tracing or logging HTTP times and complements those approaches. If you have control over all apps, profiling might reveal issues you wouldn’t catch with logs or traces alone.
Probably B here. If you can instrument all services with Stackdriver Trace, you get detailed visibility into each HTTP request across services, which helps pinpoint the exact bottleneck. D is practical if you can’t touch dependent apps, but B gives a more comprehensive view and helps anticipate issues before they become big problems. Even if some services are third-party, you can often still trace the calls from your app side, which is better than just logging times locally.
You have an application that runs on Cloud Run. You want to use live production traffic to test a new
version of the application while you let the quality assurance team perform manual testing. You want
to limit the potential impact of any issues while testing the new version, and you must be able to roll
back to a previous version of the application if needed. How should you deploy the new version?
Choose 2 answers
Maybe E and B. E lets you gradually send a small portion of real user traffic to the new version, so you can catch issues early without fully switching over. B is good because deploying with a tag and no traffic means QA can test the new revision manually without affecting users. This combo balances real traffic testing and manual checks while keeping rollback simple. A or C don’t really help with controlled traffic management, and D seems risky since it routes traffic directly to the new version’s URL without proper control.
Not C, because deploying without a tag but no traffic still exposes risk if traffic is accidentally routed. B keeps it isolated, and E lets you control traffic split for safe rollout and quick rollback.
You are running an experiment to see whether your users like a new feature of a web application.
Shortly after deploying the feature as a canary release, you receive a spike in the number of 500
errors sent to users, and your monitoring reports show increased latency. You want to quickly
minimize the negative impact on users. What should you do first?
Maybe A, rollback first to stop the issue before digging deeper.
Option A makes the most sense; stop the problem fast before diving into details.
You use Cloud Build to build your application. You want to reduce the build time while minimizing
cost and development effort. What should you do?
Maybe C—smaller steps can run in parallel and spot slow parts fast.
C is worth considering here because breaking the build into smaller steps can help identify bottlenecks and potentially run some steps in parallel, speeding up the overall process without needing extra resources. It also doesn’t increase costs like bigger VMs would, and it’s less complex than setting up Jenkins agents. Plus, smaller steps can sometimes let you skip unnecessary parts if nothing changed there, indirectly reducing build time. This approach keeps things simple while still aiming to cut down total execution time, which fits the goal of minimizing development effort and cost.
You currently store the virtual machine (VM) utilization logs in Stackdriver. You need to provide an
easy-to-share interactive VM utilization dashboard that is updated in real time and contains
information aggregated on a quarterly basis. You want to use Google Cloud Platform solutions. What
should you do?
This one’s tricky, but I think C is a solid backup plan. Exporting logs to BigQuery then moving to Google Sheets for visualization lets you build something quickly and share easily, especially if you want something familiar. It might not be great for real-time updates or huge data, but for quarterly aggregation it works. Plus, Sheets dashboards can be interactive enough for basic needs without the overhead of learning Data Studio or custom apps. So I’d say C could be good if you want a straightforward, no-frills approach that’s easy to manage.
Maybe D if you want full customization, but A is way simpler and more scalable.
Your team is writing a postmortem after an incident on your external facing application Your team
wants to improve the postmortem policy to include triggers that indicate whether an incident
requires a postmortem Based on Site Reliability Engineenng (SRE) practices, what triggers should be
defined in the postmortem policy?
Choose 2 answers
Makes sense to include B since data loss is serious, plus C for internal visibility. C
Are we assuming that any failure detected by monitoring (D) counts as a major enough incident for a postmortem? Because sometimes instances fail but the service is still up. Also, does a rollback triggered by the CD pipeline (E) always imply an outage or data loss, or could it just be a safe precaution? The question doesn’t clarify if these are threshold-level incidents or minor blips. Without that, it’s tricky to pick which should definitely trigger a postmortem.
You need to reduce the cost of virtual machines (VM| for your organization. After reviewing different
options, you decide to leverage preemptible VM instances. Which application is suitable for
preemptible VMs?
Makes sense to avoid B since a public website needs high availability. D might take too long per task to risk preemption. C could work but depends on the quorum setup, so A is the safer bet. A
A imo, caching systems handle sudden shutdowns way better than rendering or databases.
You support the backend of a mobile phone game that runs on a Google Kubernetes Engine (GKE)
cluster. The application is serving HTTP requests from users. You need to implement a solution that
will reduce the network cost. What should you do?
D imo. Setting up a Google Cloud HTTP Load Balancer as Ingress can help optimize traffic routing and reduce unnecessary outgoing network hops, which should lower network costs. It’s designed for handling external HTTP traffic efficiently, and GKE integrates well with it.
Options like A and B don’t directly address network cost reduction from the HTTP traffic perspective, and C (Private Cluster) is more about security/isolation rather than cost savings on incoming user requests. So, D feels like the most solid bet here.
Probably B here. Using Standard Tier for network services is cheaper than Premium Tier, so switching to Standard Tier should cut network costs. The question doesn’t mention any particular security or performance needs that require Premium Tier, so this seems like a straightforward way to reduce cost without changing the cluster setup.
Also, the Private Cluster (C) mainly helps with security and internal access, but it doesn’t directly reduce network egress costs for user HTTP requests coming from outside. So B feels more aligned with just lowering cost.
You manage several production systems that run on Compute Engine in the same Google Cloud
Platform (GCP) project. Each system has its own set of dedicated Compute Engine instances. You
want to know how must it costs to run each of the systems. What should you do?
B/D? Labels (B) seem more reliable for cost allocation since they’re designed for that, while VM names (D) could be less consistent. Also, labels work well with billing export, making analysis smoother.
I’m wondering if relying on labels in B might miss costs like network egress that aren’t tied directly to instances. Would option A’s built-in Cost Breakdown capture those broader costs better?