Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsPCDExam Questions

Google Cloud · Free Practice Questions · Last reviewed May 2026

PCD Exam Questions and Answers

30real exam-style questions organised by domain, each with the correct answer highlighted and a plain-English explanation of why it's right — and why the others are wrong.

60 exam questions
120 min time limit
Pass: 720/1000 / 1000
5 exam domains
OverviewDomain BlueprintStudy GuideAll QuestionsSample by Domain
1. Designing highly scalable, available, and reliable cloud-native applications2. Building and testing applications3. Deploying applications4. Integrating Google Cloud services5. Managing application performance monitoring
1

Domain 1: Designing highly scalable, available, and reliable cloud-native applications

All Designing highly scalable, available, and reliable cloud-native applications questions
Q1
easyFull explanation →

A company is designing a cloud-native application on Google Cloud that requires low-latency access to a global user base. The application serves static content and dynamic APIs. Which strategy best minimizes latency while maintaining high availability?

A

Deploy the application in a single region and use Cloud Interconnect for global access.

B

Use Cloud CDN to cache static content and deploy the API across multiple regions with global load balancing.

Cloud CDN caches at edge locations, and multi-region deployment with global load balancing reduces latency for dynamic content.

C

Use Cloud Armor to protect the application and rely on Google's backbone for low latency.

D

Store all content in Cloud Storage and serve directly from there.

Why: Option B is correct because it combines Cloud CDN for caching static content at edge locations worldwide, reducing latency for static assets, and deploys the dynamic API across multiple regions with global load balancing (using Google Cloud's global external HTTP(S) load balancer) to route users to the nearest healthy backend, minimizing latency for dynamic requests while ensuring high availability through regional redundancy.
Q2
mediumFull explanation →

A team is migrating a monolithic application to a microservices architecture on Google Kubernetes Engine (GKE). They want to ensure that failures in one microservice do not cascade to others. Which design pattern should they implement?

A

Implement retry logic with exponential backoff for all inter-service calls.

B

Implement a circuit breaker pattern that opens when failure thresholds are exceeded.

Circuit breaker fails fast and prevents unnecessary load on failing services.

C

Use synchronous HTTP calls with timeouts to detect failures quickly.

D

Use bulkheads to separate thread pools for each service.

Why: The circuit breaker pattern is the correct choice because it prevents cascading failures by monitoring inter-service calls and opening the circuit when failures exceed a threshold, allowing the system to fail fast and recover gracefully. In a GKE-based microservices architecture, this pattern is typically implemented using libraries like Resilience4j or Istio's circuit breaker, which can be configured to trip after a certain number of consecutive failures, thus protecting downstream services from being overwhelmed.
Q3
hardFull explanation →

A company running a high-traffic e-commerce platform on Google Cloud experiences occasional data loss in their Cloud SQL database during failover events. The database is configured with a failover replica in a different zone. What is the most likely cause of the data loss?

A

Automated backups are not enabled.

B

The database is using asynchronous replication to the failover replica.

Asynchronous replication may not have replicated the most recent transactions before failover.

C

The failover replica is configured as a read replica instead of a failover replica.

D

The database is not using regional persistent disks.

Why: Cloud SQL uses synchronous replication for failover replicas by default, ensuring that transactions are committed on both the primary and the replica before acknowledging the write. If asynchronous replication is configured, the replica may lag behind the primary, and during a failover, any transactions not yet replicated are lost. This is the most likely cause of data loss during failover events.
Q4
easyFull explanation →

An organization wants to design a serverless data processing pipeline that is highly available and can automatically scale based on the number of incoming requests. The pipeline processes JSON messages from a Cloud Pub/Sub topic and writes results to BigQuery. Which service should be used as the compute component?

A

Cloud Dataflow

B

Cloud Run

Cloud Run provides automatic scaling, can be triggered via Pub/Sub push, and supports longer processing times.

C

Cloud Functions

D

Compute Engine with managed instance groups

Why: Cloud Run is the correct compute component because it is a fully managed serverless platform that automatically scales from zero based on incoming HTTP requests, supports event-driven processing via Pub/Sub push subscriptions, and integrates natively with BigQuery. It provides high availability by default across zones and can handle burst traffic without provisioning overhead, making it ideal for a serverless pipeline that processes JSON messages and writes results to BigQuery.
Q5
mediumFull explanation →

A company is building a real-time analytics application on Google Cloud that ingests data from thousands of IoT devices. The data must be processed with sub-second latency and stored in a time-series database for querying. Which combination of services provides the best scalability and availability?

A

Cloud Pub/Sub, Cloud Dataflow, Cloud Datastore

B

Cloud Pub/Sub, Cloud Functions, Cloud SQL

C

Cloud Pub/Sub, Cloud Dataflow, Cloud Storage

D

Cloud Pub/Sub, Cloud Dataflow, Cloud Bigtable

Bigtable is ideal for high-throughput time-series data with low-latency access.

Why: Cloud Bigtable is a fully managed, scalable NoSQL database designed for large analytical and operational workloads, offering sub-10ms latency for time-series data. Combined with Cloud Pub/Sub for ingesting high-throughput IoT data and Cloud Dataflow for stream processing, this combination provides the best scalability and availability for real-time analytics with sub-second latency requirements.
Q6
hardFull explanation →

A team is designing a globally distributed application on Google Cloud that requires strong consistency for writes but can tolerate eventual consistency for reads. The application expects millions of concurrent users. Which two strategies should they implement? (Choose two.)

A

Use Cloud Spanner for write operations requiring strong consistency.

Spanner provides global strong consistency and high availability.

B

Use Firestore in multi-region mode for all operations.

C

Use global HTTP(S) Load Balancer with Cloud CDN for read-heavy traffic.

Cloud CDN caches content globally, providing low-latency reads with eventual consistency.

D

Deploy Cloud SQL with cross-region replication for read scalability.

E

Use Cloud Bigtable for reading data with strong consistency.

Why: Cloud Spanner provides strongly consistent writes globally through synchronous replication using the TrueTime API and Paxos-based consensus. This ensures that all write operations are immediately consistent across regions, meeting the requirement for strong consistency on writes.

Want more Designing highly scalable, available, and reliable cloud-native applications practice?

Practice this domain
2

Domain 2: Building and testing applications

All Building and testing applications questions
Q1
mediumFull explanation →

A company is developing a microservices application on Google Cloud. Each service is deployed as a Docker container on Cloud Run. The development team wants to ensure that inter-service communication is encrypted and authenticated. What is the best approach?

A

Use Cloud Run's built-in IAM-based authentication and automatic TLS for internal requests.

Cloud Run uses IAM to authenticate requests between services and automatically provisions TLS certificates.

B

Configure mutual TLS (mTLS) between services using Cloud Endpoints.

C

Deploy a sidecar proxy on each Cloud Run service to handle TLS termination.

D

Assign a service account to each service and use its private key to sign requests.

Why: Cloud Run automatically provisions TLS certificates for all incoming requests and supports IAM-based authentication for internal requests between services in the same Google Cloud project. This means inter-service communication is encrypted by default via HTTPS and can be authenticated by configuring the receiving service to require a valid IAM token from the caller, without any additional infrastructure or sidecar proxies.
Q2
hardFull explanation →

A developer is designing a CI/CD pipeline for a Node.js application hosted on Cloud Run using Cloud Build. The pipeline should run unit tests, build the container, push to Artifact Registry, and deploy to Cloud Run. The developer wants to minimize build time by caching dependencies. What is the recommended approach?

A

Run npm install locally and commit the node_modules folder to the repository for faster builds.

B

Use Cloud Build's step-level caching by copying the node_modules from a previous build step.

C

Create a custom base image that includes all dependencies and reference it in the Dockerfile.

D

Use Cloud Build's built-in caching with a persistent volume to store node_modules between builds.

Cloud Build's volume caching allows dependency caching across builds.

Why: Option D is correct because Cloud Build supports built-in caching via persistent volumes (e.g., `/cache` or `/workspace`) that can store `node_modules` across builds. By configuring a cache volume in the `cloudbuild.yaml` and using `npm ci --prefer-offline`, the pipeline avoids re-downloading dependencies on every run, significantly reducing build time for Node.js applications on Cloud Run.
Q3
easyFull explanation →

A developer needs to test a Cloud Function locally before deploying. Which tool should they use?

A

Docker container with a custom entrypoint.

B

gcloud functions call command.

C

Cloud Code for VS Code or IntelliJ.

D

Functions Framework for your language.

Functions Framework provides a local server for testing Cloud Functions.

Why: The Functions Framework is the correct tool because it is an open-source library that allows you to run Cloud Functions locally on your machine, emulating the Cloud Functions runtime environment. This enables you to test your function's behavior, including HTTP triggers and event handling, without deploying to Google Cloud. Option D is correct because the Functions Framework is specifically designed for local development and testing of Cloud Functions.
Q4
hardFull explanation →

A team is building a mobile backend on Google Cloud using Cloud Endpoints with Firebase Authentication. They want to protect their API from abuse by implementing rate limiting per user. What approach should they take?

A

Implement rate limiting in the backend code and enforce it via Cloud Endpoints.

B

Use Apigee API Management as a proxy to enforce rate limiting per developer app.

Apigee can rate limit based on API keys or tokens associated with users.

C

Configure Cloud Armor with a rule to block requests from users exceeding a threshold.

D

Use Cloud CDN with a cache key based on the user ID.

Why: Apigee API Management is the correct choice because it provides built-in rate limiting policies that can be enforced per developer app, which maps directly to per-user rate limiting when Firebase Authentication is used. Cloud Endpoints does not natively support per-user rate limiting; it relies on the backend to implement such logic, which is not a managed solution. Apigee acts as a proxy that can inspect the Firebase-issued JWT token to identify the user and apply rate limits accordingly, offloading this concern from the backend code.
Q5
mediumFull explanation →

A company is migrating a monolithic Java application to microservices on Google Kubernetes Engine (GKE). The application uses a shared MySQL database. The team wants to adopt a testing strategy that validates service interactions without deploying to a full cluster. Which testing approach is most appropriate?

A

Load testing to simulate production traffic.

B

Unit testing with mocked dependencies.

C

Consumer-driven contract testing with tools like Spring Cloud Contract.

Contract testing validates that services adhere to agreed-upon contracts without full deployment.

D

End-to-end testing in a staging environment.

Why: Consumer-driven contract testing (CDC) with tools like Spring Cloud Contract validates the interactions between microservices by defining and verifying API contracts (e.g., request/response formats, headers, status codes) without requiring a full GKE cluster. This approach is ideal for a migration from a monolithic Java application because it ensures that each service adheres to its expected behavior when communicating over HTTP or messaging, catching integration issues early in the development cycle. It does not require deploying to a cluster, making it faster and more lightweight than end-to-end testing.
Q6
easyFull explanation →

Which TWO statements about building container images for Google Cloud Run are correct? (Choose TWO.)

A

The container must use HTTP/1.1; HTTP/2 is not supported.

B

The container must respond to health checks on the same port as the main application.

Health checks are sent to the container's port; the app must respond with 200 OK.

C

The container must be stateless and not rely on local file system persistence.

Cloud Run is stateless; any local file system writes are ephemeral.

D

The container must listen on port 8080 by default.

E

The container must run as root user.

Why: Option B is correct because Cloud Run requires the container to respond to health checks (e.g., HTTP GET /health) on the same port as the main application. Cloud Run uses the same port for both user requests and health check probes; if the health check fails, the container is restarted. This ensures the container is always ready to serve traffic.

Want more Building and testing applications practice?

Practice this domain
3

Domain 3: Deploying applications

All Deploying applications questions
Q1
easyFull explanation →

A team deploys a containerized web application on Google Kubernetes Engine (GKE) using a Deployment. They need to expose the application externally via a stable IP address and enable SSL termination. Which resource should they use?

A

HorizontalPodAutoscaler

B

Ingress with Google-managed SSL certificate

Provides SSL termination and a stable IP via the load balancer.

C

Service type NodePort

D

Service type LoadBalancer

Why: An Ingress with a Google-managed SSL certificate is the correct choice because it provides a single stable IP address via a global forwarding rule, terminates SSL at the Google Cloud HTTP(S) load balancer, and routes traffic to the GKE Deployment. This approach offloads SSL decryption from the application pods and uses a managed certificate that auto-renews, meeting both the stable IP and SSL termination requirements.
Q2
mediumFull explanation →

During a deployment to App Engine flexible environment, the new version fails to start and the logs show 'Container failed to start: context deadline exceeded'. The previous version remains serving traffic. What is the most likely cause?

A

The health check is misconfigured, causing the instance to be considered unhealthy.

B

The app requires an environment variable that is not set.

C

The container startup time exceeds the 10-minute timeout.

App Engine flexible environment has a 10-minute startup timeout; if the container takes longer, it fails with this error.

D

The Dockerfile has a syntax error that prevents the container from building.

Why: Option C is correct because the error 'context deadline exceeded' in App Engine flexible environment indicates that the container did not start within the allowed startup timeout. The default timeout for container startup in App Engine flexible is 10 minutes, and if the application takes longer (e.g., due to slow initialization, large dependency downloads, or database migrations), the platform kills the container and logs this error. The previous version continues serving because the new version failed to become healthy.
Q3
hardFull explanation →

A company has a multi-region Cloud Run service with traffic splitting between revisions. They notice that a newly rolled-out revision is receiving 0% of traffic even though they set traffic to 100% via the console. The revision shows 'Ready: Yes'. What is the most likely cause?

A

The revision has a low CPU limit causing it to be throttled.

B

The revision is not healthy because of a misconfigured health check.

C

The revision has a tag but no traffic percentage assigned; the tag is being used for routing.

If a revision has a tag, it may be accessible only via that URL; without a traffic percentage, it won't serve at the default URL.

D

The revision has a concurrency setting of 0, which is invalid.

Why: When a revision shows 'Ready: Yes' but receives 0% traffic despite setting 100% via the console, the most likely cause is that the revision has a tag assigned but no traffic percentage. In Cloud Run, tags are used for direct URL routing (e.g., for testing) and do not receive any traffic from the service's main URL unless a traffic percentage is explicitly assigned. The console's traffic splitting UI allows setting a tag without a percentage, which can lead to this confusion.
Q4
mediumFull explanation →

A DevOps engineer is automating deployments to Compute Engine using a CI/CD pipeline. They want to minimize downtime and ensure that if a new VM fails health checks, the old VM continues serving. Which deployment strategy should they implement?

A

Redeploy the old version manually if the new version fails

B

Rolling update with a readiness probe

C

Blue/green deployment with health checks and a managed instance group

Blue/green allows keeping the old version (blue) serving while the new version (green) is tested; if health checks fail, traffic remains on blue.

D

Canary deployment with a small percentage of traffic

Why: Blue/green deployment with health checks and a managed instance group is correct because it allows the new version (green) to be fully deployed and validated against health checks before any traffic is switched from the old version (blue). If the new VM fails health checks, the managed instance group automatically keeps the old version serving, ensuring zero downtime and immediate rollback without manual intervention.
Q5
hardFull explanation →

A developer deploys a Cloud Function (2nd gen) that processes messages from Pub/Sub. The function sometimes fails with 'Deadline Exceeded' for messages that take longer than 9 minutes. What should the developer do to handle these long-running messages without losing them?

A

Configure the function to retry on failure and set a maximum retry count.

B

Increase the Cloud Function timeout to 60 minutes.

C

Set the Pub/Sub subscription acknowledgment deadline to 10 minutes and implement a push endpoint that acknowledges after processing.

Extending the ack deadline prevents the message from being redelivered before processing completes.

D

Use Cloud Tasks instead of Pub/Sub for asynchronous invocation.

Why: Option C is correct because Cloud Functions (2nd gen) have a maximum timeout of 60 minutes, but Pub/Sub push subscriptions have a default acknowledgment deadline of 10 seconds. By setting the acknowledgment deadline to 10 minutes and implementing a push endpoint that acknowledges after processing, the developer ensures the message is not redelivered prematurely while allowing the function up to 10 minutes to complete. This prevents 'Deadline Exceeded' errors for messages that take longer than 9 minutes without losing messages, as the subscription will wait for the acknowledgment before considering the message as failed.
Q6
hardFull explanation →

Which TWO statements about deploying applications on Google Kubernetes Engine (GKE) are correct?

A

HorizontalPodAutoscaler can use custom metrics from Cloud Monitoring.

HPA supports custom metrics via the custom.metrics.k8s.io API.

B

Kubernetes Secrets are encrypted at rest by default.

C

A zonal GKE cluster automatically uses regional persistent disks for high availability.

D

PodDisruptionBudget can be used to ensure a minimum number of pods are available during node repair.

PodDisruptionBudget protects against voluntary disruptions like node repair.

E

To expose a Deployment externally, you must create an Ingress resource.

Why: HorizontalPodAutoscaler (HPA) in GKE can scale pods based on custom metrics from Cloud Monitoring (formerly Stackdriver). This is achieved by using the custom.metrics.k8s.io API, which allows HPA to query metrics like custom application latency or queue depth, not just default CPU/memory. This enables fine-grained, application-specific autoscaling.

Want more Deploying applications practice?

Practice this domain
4

Domain 4: Integrating Google Cloud services

All Integrating Google Cloud services questions
Q1
mediumFull explanation →

Your application runs on Compute Engine and uses Cloud Pub/Sub to receive messages from a third-party service. Recently, the message delivery latency has increased significantly. The third-party reports no issues on their end. You notice that the Pub/Sub subscription's 'ackDeadlineSeconds' is set to 10. What is the most likely cause of the latency?

A

The ackDeadlineSeconds is too short, causing frequent message redelivery.

Short ack deadline leads to redelivery before processing completes.

B

The topic's message retention duration is too long.

C

The push endpoint is not responding, causing Pub/Sub to retry.

D

The subscription has an exponential backoff policy that is too aggressive.

Why: A is correct because a 10-second ackDeadlineSeconds is very short. If your subscriber cannot process and acknowledge messages within 10 seconds, Pub/Sub will consider them unacknowledged and redeliver them. This redelivery causes duplicate processing and increases overall latency as messages are repeatedly sent back to the subscriber, delaying their final consumption.
Q2
hardFull explanation →

You are designing a data pipeline that ingests streaming data from IoT devices using Cloud IoT Core, processes it with Dataflow, and stores results in BigQuery. The data volume is expected to be 10 GB per day with occasional spikes. You need to minimize processing latency and cost. Which configuration should you choose for the Dataflow pipeline?

A

Use streaming mode with autoscaling and maximum workers set to 10.

B

Use Dataflow Prime for automatic optimization.

C

Use streaming mode with streaming engine enabled and 2 workers.

Streaming engine reduces latency and cost for moderate throughput.

D

Use batch mode with a fixed number of workers to reduce cost.

Why: Option C is correct because streaming mode with Streaming Engine is designed for low-latency, continuous data ingestion from IoT Core, and setting 2 workers minimizes cost while handling the expected 10 GB/day volume with occasional spikes through autoscaling. Streaming Engine offloads state management to the backend, reducing worker overhead and improving latency, making it ideal for this use case.
Q3
easyFull explanation →

A company stores sensitive user data in Cloud Storage. They want to ensure that only authenticated users with the appropriate permissions can access the data, and that data is encrypted at rest. Which two steps should they take? (Choose TWO.)

A

Configure a Customer-Managed Encryption Key (CMEK) in Cloud KMS.

B

Enable default encryption on the bucket using Google-managed keys.

Default server-side encryption is already enabled.

C

Use IAM roles to grant access to specific users and groups.

IAM controls access.

D

Set bucket-level public access prevention.

E

Enable VPC Service Controls to restrict data access.

Why: Option B is correct because Cloud Storage buckets are encrypted at rest by default using Google-managed keys, which satisfies the requirement for data encryption without additional configuration. Option C is correct because IAM roles provide fine-grained access control, ensuring only authenticated users with appropriate permissions can access the data.
Q4
hardFull explanation →

You are designing a serverless application using Cloud Functions that processes events from Cloud Storage and Cloud Pub/Sub. The function must be idempotent and handle duplicate events. Which three best practices should you implement? (Choose THREE.)

A

Generate a unique idempotency key for each event and store processed keys in a database.

Idempotency keys prevent duplicate processing.

B

Invoke the function synchronously to avoid duplicates.

C

Implement a deduplication logic that checks the event's publish time against a threshold.

Timestamps can help filter duplicates.

D

Use Cloud Firestore to record the state of each processed event.

Transactional state helps idempotency.

E

Set the function timeout to maximum (540 seconds) to ensure processing completes.

Why: Option A is correct because generating a unique idempotency key for each event and storing processed keys in a database (such as Cloud Firestore) ensures that if the same event is delivered multiple times (e.g., due to at-least-once delivery semantics in Cloud Pub/Sub or Cloud Storage notifications), the function can check the key before processing and skip duplicates. This pattern is essential for idempotent serverless functions, as Cloud Functions may be retried on failure or receive duplicate events from the source.
Q5
easyFull explanation →

You need to monitor the CPU usage of a Compute Engine instance and trigger an alert when it exceeds 80% for 5 minutes. Which Google Cloud service should you use?

A

Cloud Debugger

B

Cloud Monitoring

Cloud Monitoring provides metrics and alerting.

C

Cloud Logging

D

Error Reporting

Why: Cloud Monitoring (formerly Stackdriver Monitoring) is the correct service because it provides metrics, dashboards, and alerting policies for Compute Engine instances. You can create a metric-based alert condition that triggers when the CPU utilization metric exceeds 80% for a duration of 5 minutes, using the MQL or policy builder.
Q6
mediumFull explanation →

Your company uses Cloud SQL for MySQL to store transactional data. You need to perform a point-in-time recovery (PITR) to recover from a logical error that occurred 30 minutes ago. Which two prerequisites must be met? (Choose TWO.)

A

High availability (HA) is configured.

B

Binary logging is enabled.

Binary logs enable PITR.

C

Automated backups are enabled.

Backups are the base for PITR.

D

The backup window is set to a time before the incident.

E

A read replica is configured.

Why: Point-in-time recovery (PITR) for Cloud SQL for MySQL relies on binary logs to replay transactions up to a specific timestamp. Binary logging must be enabled because it records all changes to the database, allowing you to restore to any point within the retention period. Automated backups are also required because PITR uses the most recent full backup as a base, then applies binary logs from that backup to the target time. Without automated backups, there is no base image to start the recovery process.

Want more Integrating Google Cloud services practice?

Practice this domain
5

Domain 5: Managing application performance monitoring

All Managing application performance monitoring questions
Q1
easyFull explanation →

A company deploys a microservices application on Google Kubernetes Engine (GKE). The operations team needs to monitor API latency between services. Which Google Cloud service should they use to trace requests across services?

A

Error Reporting

B

Cloud Logging

C

Cloud Monitoring

D

Cloud Trace

Cloud Trace provides distributed tracing to analyze latency across services.

Why: Cloud Trace is the correct choice because it is a distributed tracing system designed to capture latency data as requests propagate through microservices. It provides end-to-end visibility by collecting trace spans from each service, allowing the operations team to identify bottlenecks and measure API latency between services in a GKE environment.
Q2
easyFull explanation →

A developer notices that a Cloud Function is timing out after 60 seconds. The function makes an external API call that occasionally takes longer than the timeout. What is the best practice to handle this?

A

Implement retry logic without changing the timeout

B

Increase the timeout for all Cloud Functions in the project

C

Increase the timeout for the specific Cloud Function to a higher value

Adjusting the timeout for the specific function allows the external call to complete.

D

Decrease the timeout to fail fast and implement retry logic

Why: Option C is correct because Cloud Functions have a configurable timeout per function (up to 540 seconds for HTTP functions). Increasing the timeout for the specific function that makes the slow external API call directly addresses the timeout issue without affecting other functions or introducing unnecessary retry overhead. This is the most targeted and efficient solution.
Q3
easyFull explanation →

A company uses Cloud Monitoring to set up an alerting policy for CPU utilization on Compute Engine instances. They want to be notified when average CPU usage exceeds 80% for 5 minutes. Which threshold type should they use?

A

Forecast

B

Change rate

C

Threshold

Threshold alert fires when metric crosses a set value for a duration.

D

Metric absence

Why: Option C is correct because a Threshold alerting policy in Cloud Monitoring triggers when a metric's value crosses a defined static boundary. For this use case, setting a threshold of 80% with a duration of 5 minutes directly matches the requirement to alert when average CPU usage exceeds 80% for that period.
Q4
mediumFull explanation →

An application running on GKE is experiencing high latency. The team uses Cloud Trace to identify the bottleneck. They notice that a particular service spends most of its time waiting on a database query. How can they optimize performance?

A

Decrease the number of pods to reduce load

B

Use Cloud CDN to cache database results

C

Optimize the database query and add appropriate indexes

Query optimization reduces execution time.

D

Increase the number of replicas for the service

Why: Option C is correct because the bottleneck is identified as a database query causing high latency. Optimizing the query and adding appropriate indexes directly reduces the time spent waiting on the database, which is the root cause. Cloud Trace shows the service is waiting on the database, so improving database performance is the most effective solution.
Q5
mediumFull explanation →

A company uses Cloud Run for a serverless application. They notice that cold starts are causing high latency for some requests. What is the best strategy to reduce cold starts?

A

Increase the max instances setting

B

Set a minimum number of instances to keep containers always warm

Min instances ensures pre-warmed containers are always ready.

C

Migrate the application to Cloud Functions

D

Reduce the container concurrency setting

Why: Option B is correct because setting a minimum number of instances ensures that Cloud Run keeps a baseline of container instances always warm and ready to serve requests. This eliminates cold starts for the first requests that hit those pre-warmed instances, directly addressing the latency issue. Cloud Run automatically scales to zero when idle, but a minimum instance setting overrides that behavior for the specified number of containers.
Q6
mediumFull explanation →

A team wants to monitor custom application metrics from a Compute Engine instance. They use the Cloud Monitoring agent. Which metric type should they use to report a gauge measurement like current memory usage?

A

histogram

B

delta

C

cumulative

D

gauge

Gauge metric type reports instantaneous values.

Why: Option D is correct because a gauge metric type is specifically designed to report a value that can arbitrarily increase or decrease over time, such as current memory usage. The Cloud Monitoring agent supports gauge metrics for point-in-time measurements, and they are reported as a single data point without any aggregation window, making them ideal for snapshot-like observations.

Want more Managing application performance monitoring practice?

Practice this domain

Frequently asked questions

How many questions are on the PCD exam?

The PCD exam has 60 questions and must be completed in 120 minutes. The passing score is 720/1000.

What types of questions appear on the PCD exam?

Scenario-based questions covering exam objectives with detailed answer explanations.

How are PCD questions organised by domain?

The exam covers 5 domains: Designing highly scalable, available, and reliable cloud-native applications, Building and testing applications, Deploying applications, Integrating Google Cloud services, Managing application performance monitoring. Questions are weighted by domain — higher-weight domains appear more on your actual exam.

Are these the actual PCD exam questions?

No. These are original exam-style practice questions written against the official Google Cloud PCD exam objectives. They are not copied from the real exam. Courseiva focuses on genuine understanding, not memorisation of braindumps.

Ready to practice all 60 PCD questions?

Courseiva tracks your accuracy per domain and routes you toward weak areas automatically. Free, no account required.

Browse all PCD questionsTake a timed practice test