CCNA Ace Ensuring Operation Questions

25 of 100 questions · Page 2/2 · Ace Ensuring Operation topic · Answers revealed

76
MCQeasy

A site reliability engineer needs to be notified immediately when the error rate of a production microservice exceeds 5% over a 5-minute window. Which type of alerting policy should be used?

A.Uptime check alert
B.Pub/Sub notification hook
C.Metric threshold alert
D.Log-based alert (log metric trigger)
AnswerC

A metric threshold alert evaluates a metric against a threshold and is ideal for this use case.

Why this answer

A metric threshold alert triggers when a metric crosses a threshold. This scenario requires tracking the error rate metric and alerting when it exceeds 5%.

77
MCQmedium

You are configuring an uptime check for an HTTPS endpoint that returns a JSON response. The check should validate that the response contains a specific field "status":"ok". Which uptime check option should you use?

A.Enable SSL hostname verification
B.Configure a notification channel
C.Add a content match with a regular expression
D.Create a log-based alert for the endpoint
AnswerC

Content matching allows you to specify a regex or substring to check in the response body.

Why this answer

Uptime checks can validate response content using content matching.

78
Multi-Selecthard

Your GKE cluster is running an older version of Kubernetes. You need to upgrade the cluster's control plane and node pools. Which two steps should you perform? (Choose two.)

Select 2 answers
A.Create a new cluster with the desired version and migrate workloads
B.Drain all nodes using kubectl drain before upgrading
C.Manually update the kubelet version on each node
D.Upgrade the cluster's control plane using gcloud container clusters upgrade
E.Upgrade node pools using gcloud container node-pools upgrade
AnswersD, E

The control plane must be upgraded first.

Why this answer

Upgrading a GKE cluster involves upgrading the cluster (control plane) first using gcloud container clusters upgrade, and then upgrading node pools separately (or they can be auto-upgraded). You cannot upgrade nodes without upgrading the control plane first. Draining nodes is not a step for upgrading, it's for maintenance.

79
MCQeasy

Your team uses Cloud Logging to store application logs. You want to create a metric that counts the number of ERROR log entries per service. Which type of log-based metric should you create?

A.Distribution metric
B.Boolean metric
C.Counter metric
D.Gauge metric
AnswerC

Correct: a counter metric counts log entries that match the filter (e.g., severity=ERROR).

Why this answer

Log-based metrics can be counter metrics (count of log entries matching a filter) or distribution metrics. For counting occurrences, a counter metric is appropriate.

80
Multi-Selectmedium

You are managing a Cloud Run service that has two revisions: v1 (serving 100% traffic) and v2 (new revision). You want to shift 10% of traffic to v2 gradually. Which TWO steps should you take? (Choose two.)

Select 2 answers
A.Run gcloud run services update-traffic SERVICE_NAME --to-revisions v2=10
B.Run gcloud run services update-traffic SERVICE_NAME --to-latest
C.Run gcloud run services update-traffic SERVICE_NAME --to-revisions v1=90,v2=10
D.Run gcloud run deploy --image gcr.io/project/v2 --no-traffic
E.Run gcloud run revisions list to confirm revision names
AnswersA, C

This command updates traffic to send 10% to v2, leaving the rest (90%) to the latest ready revision (v1 if no other revisions defined).

Why this answer

To split traffic, you need to create a traffic configuration that assigns percentages to revisions. Options B and D are correct.

81
MCQhard

Your GKE cluster has a node pool that you want to enable autoscaling on. The initial node count is 3, and you want the cluster to scale between 1 and 10 nodes. Which command should you use?

A.gcloud container clusters update my-cluster --enable-autoscaling --min-nodes 1 --max-nodes 10 --region us-central1
B.gcloud container clusters update my-cluster --enable-autoscaling --min-size 1 --max-size 10 --region us-central1
C.gcloud container node-pools update my-pool --cluster=my-cluster --enable-autoscaling --min-nodes 1 --max-nodes 10 --region us-central1
D.gcloud container node-pools update my-pool --cluster=my-cluster --autoscaling --min 1 --max 10 --region us-central1
AnswerC

This command correctly updates the node pool with autoscaling and min/max nodes.

Why this answer

The correct command is gcloud container node-pools update with --enable-autoscaling and the min and max node flags. The cluster name and region/zone are required.

82
MCQeasy

You need to load a CSV file from Cloud Storage into an existing BigQuery table. Which bq command should you use?

A.bq query --source_format=CSV 'SELECT * FROM mydataset.mytable'
B.bq load --source_format=CSV mydataset.mytable gs://mybucket/myfile.csv
C.bq insert mydataset.mytable gs://mybucket/myfile.csv
D.bq import mydataset.mytable gs://mybucket/myfile.csv
AnswerB

This correctly loads the CSV file into the table.

Why this answer

The bq load command loads data into a BigQuery table. You specify the source format (CSV) and the location of the file in Cloud Storage.

83
MCQmedium

You notice that a deployment in your GKE cluster is running an outdated image. You need to update the deployment to use the new image 'gcr.io/my-project/my-app:v2'. Which kubectl command should you use?

A.kubectl set image deployment/my-deployment my-app=gcr.io/my-project/my-app:v2
B.kubectl rollout restart deployment my-deployment --image gcr.io/my-project/my-app:v2
C.kubectl update deployment my-deployment --image gcr.io/my-project/my-app:v2
D.kubectl replace deployment my-deployment --image gcr.io/my-project/my-app:v2
AnswerA

This is the correct syntax: kubectl set image deployment/<name> <container>=<image>.

Why this answer

To update the image of a deployment, use 'kubectl set image' specifying the deployment name and the container name:tag.

84
MCQhard

You need to drain a GKE node for maintenance. The node is running a DaemonSet and some pods with emptyDir volumes. Which kubectl command should you use to safely drain the node without causing errors?

A.kubectl drain node-name --force
B.kubectl drain node-name --ignore-daemonsets --delete-emptydir-data
C.kubectl drain node-name --ignore-daemonsets
D.kubectl cordon node-name && kubectl delete pods --all --grace-period=0
AnswerB

These flags handle DaemonSets and emptyDir volumes, allowing the drain to complete.

Why this answer

The kubectl drain command with --ignore-daemonsets and --delete-emptydir-data flags safely evicts pods while ignoring DaemonSets (which are managed by the node) and allowing deletion of pods with emptyDir volumes.

85
Multi-Selecteasy

You want to create a monitoring dashboard that shows a time-series chart of CPU utilization for a specific Compute Engine instance. Which THREE components do you need to configure? (Choose three.)

Select 3 answers
A.Choose a time aggregation function (e.g., mean, max)
B.Select the resource type: 'gce_instance' and filter by the instance ID
C.Create a log-based metric for CPU utilization
D.Select the metric: 'compute.googleapis.com/instance/cpu/utilization'
E.Set up a notification channel to send alerts
AnswersA, B, D

Aggregation is needed for the time series.

Why this answer

In Cloud Monitoring, to create a chart you need to select a metric, a resource, and a time aggregation function.

86
Multi-Selecthard

Your Cloud Run service has a new revision that you want to gradually shift traffic to. You want to send 10% of traffic to the new revision and 90% to the current one. Which TWO steps are required? (Choose TWO.)

Select 2 answers
A.Set a new default URL for the new revision.
B.Delete the old revision.
C.Create the new revision by updating the service with a new image tag.
D.Enable VPC ingress for the new revision.
E.Use gcloud run services update-traffic to set traffic percentages.
AnswersC, E

Updating the service creates a new revision.

Why this answer

You first create the new revision (by updating the service) and then modify traffic percentages.

87
MCQeasy

You have a Compute Engine VM that is running a critical application. You need to change its machine type from n1-standard-4 to n2-standard-8. What is the correct procedure?

A.Stop the instance, then use gcloud compute instances set-machine-type, then start the instance
B.Use gcloud compute instances update --machine-type n2-standard-8 while the instance is running
C.Delete the instance and create a new one with the desired machine type
D.Use gcloud compute instances resize --machine-type n2-standard-8 without stopping
AnswerA

This is the correct procedure: stop, change machine type, start.

Why this answer

To change the machine type of a VM, you must stop the instance first, then use the gcloud compute instances set-machine-type command, and finally start the instance again.

88
MCQmedium

A Cloud Run service named 'my-service' is currently serving 100% traffic to revision 'rev1'. You deploy a new revision 'rev2' and want to gradually shift traffic so that rev2 receives 10% of requests. Which command should you use?

A.gcloud run services update-traffic my-service --to-revisions=rev2=10,rev1=90
B.gcloud run services update my-service --traffic=rev2=10%
C.gcloud run deploy my-service --image=... --traffic=rev2=10
D.gcloud run revisions update rev2 --traffic=10
AnswerA

This correctly sends 10% to rev2 and 90% to rev1.

Why this answer

gcloud run services update-traffic allows you to set traffic percentages per revision. The syntax is --to-revisions=REVISION=PERCENTAGE.

89
MCQmedium

You are troubleshooting a Pub/Sub subscription that is not receiving messages as fast as they are published. You want to check if there is a backlog of unacknowledged messages for the subscription. What should you use?

A.Check the Cloud Logging logs for the subscription
B.Use gcloud pubsub subscriptions describe and check the ackDeadlineSeconds
C.Check the Cloud Console Pub/Sub dashboard for the topic publish rate
D.Use Cloud Monitoring to view the 'oldest_unacked_message_age' metric
AnswerD

This metric directly indicates the backlog.

Why this answer

Cloud Monitoring has a metric for Pub/Sub subscription backlog (oldest unacknowledged message age or num_undelivered_messages).

90
MCQmedium

You need to query logs in Cloud Logging to find errors from a specific Compute Engine instance. The instance ID is 'my-instance'. Which query language filter should you use?

A.resource.type="compute.googleapis.com/Instance" AND instance="my-instance" AND severity="ERROR"
B.resource.type="gce_instance" AND resource.labels.instance_id="my-instance" AND severity="ERROR"
C.resource.type="gce_instance" AND resource.labels.instance_id="my-instance" AND severity>=ERROR
D.resource.type="gce_instance" AND labels."instance_id"="my-instance" AND severity="ERROR"
AnswerC

Correctly filters for GCE instance and severity ERROR or higher.

Why this answer

The filter should specify resource.type and resource.labels.instance_id.

91
MCQmedium

You need to create a log-based metric that counts the number of errors in your application logs. What must you do first in Cloud Logging?

A.Create an alerting policy with a condition
B.Create a log sink that exports logs to BigQuery
C.Define a filter that matches the error logs
D.Install the Logging agent on your VMs
AnswerC

You define a filter to select the logs, then create the metric based on that filter.

Why this answer

In Cloud Logging, a log-based metric is based on a filter. You define the filter using the logging query language to match the logs you want to count, then create the metric from that filter.

92
MCQhard

Your Cloud Run service is receiving a sudden spike in traffic. You want to ensure that the number of concurrent requests per container instance does not exceed 10 to avoid overloading the backend. Which configuration should you set?

A.Set --timeout to 10 seconds
B.Set --concurrency to 10
C.Set --max-instances to 10
D.Set --cpu-throttling to true
AnswerB

Correct: concurrency limits the number of simultaneous requests per container instance.

Why this answer

Cloud Run allows setting the maximum number of concurrent requests per container instance via the --concurrency flag or the concurrency field in the YAML. The default is 80; setting it to 10 limits each instance to 10 concurrent requests.

93
MCQmedium

An engineer needs to enable autoscaling on an existing node pool in a GKE cluster. Which command should they use?

A.gcloud compute instance-groups set-autoscaling
B.kubectl autoscale node-pool
C.gcloud container clusters update
D.gcloud container node-pools update --enable-autoscaling
AnswerD

Why this answer

'gcloud container node-pools update' with '--enable-autoscaling' enables autoscaling. 'gcloud container clusters update' updates cluster-level settings, not node pools. 'kubectl autoscale' is for workloads, not node pools. 'gcloud compute instance-groups' is not used for GKE node pools.

94
MCQmedium

A DevOps team wants to be notified in Slack when a specific error log appears in Cloud Logging. They set up a log-based alert with a notification channel to a Slack webhook. However, notifications are not arriving. What is the most likely cause?

A.The notification channel is not configured to use a Pub/Sub topic
B.The log-based alert is not using a valid metric threshold
C.The log query is case-sensitive and mismatched
D.The Slack webhook URL is outdated
AnswerA

Why this answer

Slack webhooks require a Pub/Sub topic as an intermediary for Cloud Monitoring notifications. Direct Slack integration via webhook is not supported; you must use a Pub/Sub topic with a push subscription to Slack.

95
MCQeasy

You need to monitor the uptime of an external HTTPS endpoint that is critical to your application. Which Google Cloud service should you use to create an uptime check?

A.Cloud Monitoring
B.Cloud Debugger
C.Cloud Trace
D.Cloud Logging
AnswerA

Cloud Monitoring includes uptime checks for verifying endpoint availability.

Why this answer

Cloud Monitoring provides uptime checks that can monitor HTTP, HTTPS, and TCP endpoints from multiple locations.

96
MCQmedium

You need to create a snapshot of a persistent disk attached to a running Compute Engine instance. The disk is used by a production database; you want minimal impact. What should you do?

A.Detach the disk, create the snapshot, then reattach.
B.Create the snapshot while the instance is running; snapshots are always consistent.
C.Use gcloud compute disks snapshot without stopping; data will be consistent.
D.Stop the instance, create the snapshot using gcloud compute disks snapshot, then restart the instance.
AnswerD

Stopping ensures data consistency with minimal risk.

Why this answer

Creating a snapshot of a disk in use is possible, but for data consistency, it's recommended to stop the instance or at least freeze the filesystem. However, the question says 'minimal impact', so the best practice is to stop the instance. But the correct answer reflects that snapshots can be taken from attached disks, but for database consistency, stop is recommended.

Let's choose the safer answer: stop the instance.

97
Multi-Selecthard

You are troubleshooting a slow application that uses multiple microservices. You suspect a particular service is causing high latency. Which TWO Google Cloud tools should you use to identify the root cause? (Select 2)

Select 2 answers
A.Cloud Profiler
B.Cloud Logging
C.Cloud Monitoring
D.Cloud Trace
E.Cloud Debugger
AnswersC, D

Metrics and dashboards can show latency per service.

Why this answer

Cloud Trace traces requests across services to pinpoint latency, and Cloud Monitoring can show metrics like request latency and error rates.

98
Multi-Selectmedium

You are configuring a log sink to export logs to Cloud Storage for compliance. Which TWO permissions are required for the sink's destination bucket? (Choose TWO.)

Select 2 answers
A.storage.objectViewer
B.storage.legacyBucketReader
C.storage.objectCreator
D.storage.admin
E.storage.legacyBucketWriter
AnswersA, C

Required to view and manage the objects.

Why this answer

The sink needs storage.objectCreator and storage.objectViewer to write and manage objects.

99
MCQeasy

You need to be notified when the CPU utilization of any Compute Engine instance in your project exceeds 80% for 5 minutes. Which Cloud Monitoring feature should you use?

A.Uptime check
B.Log-based alert
C.Metric threshold alerting policy
D.Dashboard
AnswerC

Correct: metric threshold alerting policies are designed for conditions like CPU > 80% for 5 minutes.

Why this answer

Metric threshold alerting policies allow you to set conditions based on metric values. When the condition (CPU > 80% for 5 minutes) is met, the alert fires and sends notifications via configured channels.

100
MCQmedium

A Cloud Run service needs to be updated to increase CPU and memory limits. Which command should the engineer use?

A.gcloud functions deploy
B.gcloud run deploy
C.gcloud run revisions update
D.gcloud run services update
AnswerD

Why this answer

'gcloud run services update' allows updating service configuration including CPU and memory. 'gcloud run revisions update' does not exist; revisions are immutable. 'gcloud run deploy' is used for initial deployment or updating to a new revision, but 'update' is the correct command for modifying an existing service's configuration.

← PreviousPage 2 of 2 · 100 questions total

Ready to test yourself?

Try a timed practice session using only Ace Ensuring Operation questions.