Free Access Google.Professional-Cloud-DevOps-Engineer.v2025-09-27.q141 Practice Test (Page 11)

Question 46

You have a set of applications running on a Google Kubernetes Engine (GKE) cluster, and you are using Stackdriver Kubernetes Engine Monitoring. You are bringing a new containerized application required by your company into production. This application is written by a third party and cannot be modified or reconfigured. The application writes its log information to /var/log/app_messages.log, and you want to send these log entries to Stackdriver Logging. What should you do?

A.Use the default Stackdriver Kubernetes Engine Monitoring agent configuration.

B.Deploy a Fluentd daemonset to GKE. Then create a customized input and output configuration to tail the log file in the application's pods and write to Slackdriver Logging.

C.Install Kubernetes on Google Compute Engine (GCE> and redeploy your applications. Then customize the built-in Stackdriver Logging configuration to tail the log file in the application's pods and write to Stackdriver Logging.

D.Write a script to tail the log file within the pod and write entries to standard output. Run the script as a sidecar container with the application's pod. Configure a shared volume between the containers to allow the script to have read access to /var/log in the application container.

Question 47

Your company is developing applications that are deployed on Google Kubernetes Engine (GKE) Each team manages a different application You need to create the development and production environments for each team while you minimize costs Different teams should not be able to access other teams environments You want to follow Google-recommended practices What should you do?

A.Create one Google Cloud project per team In each project create a cluster for development and one for production Grant the teams Identity and Access Management (1AM) access to their respective clusters

B.Create one Google Cloud project per team In each project create a cluster with a Kubernetes namespace for development and one for production Grant the teams Identity and Access Management (1AM) access to their respective clusters.

C.Create a development and a production GKE cluster in separate projects In each cluster create a Kubernetes namespace per team and then configure Identity-Aware Proxy so that each team can only access its own namespace

D.Create a development and a production GKE cluster in separate projects In each cluster create a Kubernetes namespace per team and then configure Kubernetes role-based access control (RBAC) so that each team can only access its own namespace

Question 48

Your application artifacts are being built and deployed via a CI/CD pipeline. You want the CI/CD pipeline to securely access application secrets. You also want to more easily rotate secrets in case of a security breach. What should you do?

A.Store secrets in Cloud Storage encrypted with a key from Cloud KMS. Provide the CI/CD pipeline with access to Cloud KMS via IAM.

B.Prompt developers for secrets at build time. Instruct developers to not store secrets at rest.

C.Store secrets in a separate configuration file on Git. Provide select developers with access to the configuration file.

D.Encrypt the secrets and store them in the source code repository. Store a decryption key in a separate repository and grant your pipeline access to it

Question 49

You are running an application on Compute Engine and collecting logs through Stackdriver. You discover that some personally identifiable information (PII) is leaking into certain log entry fields. You want to prevent these fields from being written in new log entries as quickly as possible. What should you do?

A.Use the filter-record-transformer Fluentd filter plugin to remove the fields from the log entries in flight.

B.Stage log entries to Cloud Storage, and then trigger a Cloud Function to remove the fields and write the entries to Stackdriver via the Stackdriver Logging API.

C.Wait for the application developers to patch the application, and then verify that the log entries are no longer exposing PII.

D.Use the fluent-plugin-record-reformer Fluentd output plugin to remove the fields from the log entries in flight.

Question 50

You are monitoring a service that uses n2-standard-2 Compute Engine instances that serve large files. Users have reported that downloads are slow. Your Cloud Monitoring dashboard shows that your VMS are running at peak network throughput. You want to improve the network throughput performance. What should you do?

A.Deploy a Cloud NAT gateway and attach the gateway to the subnet of the VMS.

B.Add additional network interface controllers (NICs) to your VMS.

C.Change the machine type for your VMS to n2-standard-8.

D.Deploy the Ops Agent to export additional monitoring metrics.

Other Version: 390Google.Professional-Cloud-DevOps-Engineer.v2026-03-30.q189; 1147Google.Professional-Cloud-DevOps-Engineer.v2023-01-21.q29; 2379Google.Professional-Cloud-DevOps-Engineer.v2022-06-30.q61; 2476Google.Professional-Cloud-DevOps-Engineer.v2022-04-13.q62; 65Google.Pass4surecert.Professional-Cloud-DevOps-Engineer.v2021-09-22.by.horace.37q.pdf

Latest Upload: 200PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 292Nokia.4A0-113.v2026-05-01.q69; 250EC-COUNCIL.312-49v11.v2026-04-30.q214; 227Microsoft.MB-820.v2026-04-30.q101; 207Salesforce.MC-202.v2026-04-30.q57; 203BICSI.INSTC_V8.v2026-04-29.q53; 332NMLS.MLO.v2026-04-28.q82; 241NCARB.Project-Management.v2026-04-28.q27; 457EMC.D-AV-DY-23.v2026-04-27.q184; 1107ServiceNow.CSA.v2026-04-27.q483

Question 46

Question 47

Question 48

Question 49

Question 50

Download PDF File