CCNA Analyze and optimize technical and business processes Questions

75 of 77 questions · Page 1/2 · Analyze and optimize technical and business processes · Answers revealed

1
MCQmedium

You are a cloud architect for an e-commerce company. Their application runs on Google Kubernetes Engine (GKE) with a Regional cluster. The application consists of a frontend service, a backend service, and a Redis cache. Traffic is routed via an external HTTP(S) Load Balancer to the frontend. Recently, customers have reported intermittent 502 Bad Gateway errors during peak hours. The frontend logs show 'upstream connect error or disconnect/reset before headers. retried and limit reset' errors. The backend service is deployed with 3 replicas, each with resource requests of 1 CPU and 2 GB memory. The cluster autoscaler is enabled with a minimum of 3 nodes and a maximum of 10 nodes, using e2-standard-4 instances. The backend service's HPA is configured with CPU utilization target of 80%. During peak hours, CPU utilization on the backend pods reaches 90%, but the HPA does not scale up. The cluster has sufficient node capacity. What should you do to resolve the issue?

A.Change the HPA to use memory utilization instead of CPU.
B.Lower the HPA CPU target to 60% and increase the number of replicas min to 5.
C.Increase the backend service's max connections per pod in the backendConfig.
D.Increase the maximum number of nodes in the cluster autoscaler to 20.
AnswerB

Lowering the target triggers scaling earlier, and more min replicas provide baseline capacity.

Why this answer

The HPA is configured with a CPU utilization target of 80%, but during peak hours, CPU utilization reaches 90% without triggering scale-up. This indicates that the HPA's target utilization is too high relative to the actual load, causing the HPA to not scale because the average CPU utilization across pods may still be below the target when considering the metric calculation. Lowering the HPA CPU target to 60% ensures that the HPA triggers scaling earlier, and increasing the minimum replicas to 5 provides a baseline capacity to absorb traffic spikes, preventing the upstream connect errors from the backend being overwhelmed.

Exam trap

Google Cloud often tests the misconception that increasing cluster node count or changing autoscaler settings resolves pod-level scaling issues, when the real problem is the HPA configuration not triggering due to a high target utilization or insufficient minimum replicas.

How to eliminate wrong answers

Option A is wrong because switching to memory utilization does not address the root cause—CPU is the bottleneck (90% utilization) and memory may not be the limiting factor; the HPA would still fail to scale if memory is not the constrained resource. Option C is wrong because the error 'upstream connect error or disconnect/reset before headers' indicates connection timeouts or resource exhaustion at the pod level, not a connection limit per pod; increasing max connections in backendConfig would not resolve the underlying CPU starvation. Option D is wrong because the cluster already has sufficient node capacity (the autoscaler can add nodes up to 10, and the issue is that the HPA is not scaling pods, not that nodes are unavailable; adding more nodes does not force the HPA to scale pods.

2
MCQeasy

A team uses Cloud Build for CI/CD. The builds are taking longer than expected due to dependency downloads. What is the best practice to speed up builds?

A.Increase the machine type to e2-highcpu-32 to speed up compilation.
B.Use Docker layer caching with Cloud Build by specifying a cache image or using Kaniko cache.
C.Use Artifact Registry to store built packages and pull them during build.
D.Store dependencies in Cloud Source Repositories and fetch them during build.
AnswerB

Caching dependencies reduces build time significantly.

Why this answer

Option B is correct because Docker layer caching allows Cloud Build to reuse previously built layers, significantly reducing the time spent re-downloading and re-installing dependencies. By specifying a cache image or using Kaniko's built-in cache, only changed layers are rebuilt, while unchanged dependency layers are pulled from the cache instead of being fetched from the internet each time.

Exam trap

The trap here is that candidates confuse increasing compute resources (Option A) with solving a network-bound problem, or they mistakenly think storing dependencies in a repository (Options C and D) eliminates the need to download them, when in fact only layer caching avoids re-downloading by reusing previously built layers.

How to eliminate wrong answers

Option A is wrong because increasing the machine type to e2-highcpu-32 primarily speeds up CPU-bound compilation tasks, not network-bound dependency downloads; the bottleneck here is network latency and download throughput, not CPU cores. Option C is wrong because Artifact Registry stores built packages (e.g., container images, Maven artifacts), not raw dependency files; pulling pre-built packages from Artifact Registry does not address the initial download of dependencies during the build process. Option D is wrong because Cloud Source Repositories is a Git repository hosting service, not a dependency cache; storing dependencies there would require manual management and does not integrate with standard package managers (e.g., pip, npm, Maven) to avoid re-downloading.

3
Multi-Selecthard

A company runs a batch processing workload on Compute Engine. They need to minimize cost and ensure jobs complete within a 24-hour window. Which THREE strategies should they implement? (Choose 3.)

Select 3 answers
A.Use sole-tenant nodes for resource isolation.
B.Use preemptible VMs for fault-tolerant jobs.
C.Configure instance reservations for guaranteed capacity.
D.Use committed use discounts for one-year term.
E.Set up a managed instance group with autoscaling based on job queue depth.
AnswersB, D, E

Preemptible VMs are low-cost and suitable for batch jobs that can handle interruptions.

Why this answer

Preemptible VMs are significantly cheaper than standard VMs and are ideal for batch processing workloads that are fault-tolerant. Since the job can handle interruptions and be restarted, using preemptible VMs directly reduces cost while still completing within the 24-hour window if the job is designed to checkpoint progress.

Exam trap

Google Cloud often tests the misconception that sole-tenant nodes or instance reservations are cost-saving strategies, when in fact they are designed for isolation or capacity assurance and typically increase costs.

4
Multi-Selecthard

A company uses Cloud Armor to protect their HTTP load balancer. They need to block traffic from a specific set of IP addresses and also prevent SQL injection attacks. Which two configurations should they use? (Choose TWO.)

Select 2 answers
A.IAM roles to restrict access
B.Firewall rules on the VM instances
C.Ingress rules on the VPC network
D.Security policies with IP deny rules
E.Web Application Firewall (WAF) rules with SQL injection preconfigured rules
AnswersD, E

Cloud Armor security policies can include IP-based deny rules.

Why this answer

Option D is correct because Cloud Armor security policies allow you to create IP deny rules to block traffic from specific IP addresses or ranges at the edge of Google's network, before it reaches your load balancer. Option E is correct because Cloud Armor also provides preconfigured WAF rules, including SQL injection detection, which can be added to the same security policy to inspect HTTP/HTTPS requests and block malicious payloads.

Exam trap

The trap here is that candidates confuse network-layer controls (firewall rules, VPC ingress) with application-layer protection (WAF), or think IAM roles can filter traffic, when in fact Cloud Armor is the only service that combines IP-based deny rules with WAF capabilities for HTTP load balancers.

5
MCQeasy

A company wants to reduce Google Cloud costs for a batch processing workload. They currently use n1-standard-4 VMs running 24/7. The workload runs for 2 hours each night. What is the most cost-effective recommendation?

A.Use on-demand VMs and rely on sustained use discounts.
B.Use a custom machine type with fewer vCPUs.
C.Use committed use discounts for 1 year.
D.Use preemptible VMs with a startup script and persistent disk.
AnswerD

Preemptible VMs cost about 60% less than standard, ideal for short, fault-tolerant batch jobs.

Why this answer

D is correct because the workload runs for only 2 hours per night, making preemptible VMs ideal — they cost up to 80% less than on-demand VMs and can be terminated at any time. A startup script ensures the job resumes if the VM is preempted, and using a persistent disk preserves data across interruptions. This combination provides the lowest cost for a short, fault-tolerant batch job.

Exam trap

The trap here is that candidates see 'cost-effective' and immediately think of committed use discounts (C) or sustained use discounts (A), failing to recognize that for short, intermittent workloads, preemptible VMs offer the deepest savings despite their preemption risk.

How to eliminate wrong answers

Option A is wrong because sustained use discounts apply automatically to on-demand VMs running for a significant portion of a month, but a 2-hour nightly workload (about 60 hours/month) does not trigger meaningful discounts — the discount only kicks in after 25% of a month (roughly 180 hours). Option B is wrong because custom machine types with fewer vCPUs reduce cost only if the workload is over-provisioned; the question does not indicate that n1-standard-4 is oversized, and the core issue is idle time, not resource sizing. Option C is wrong because committed use discounts (1-year) require a 24/7 commitment, which is wasteful for a 2-hour nightly job — you pay for unused resources the other 22 hours each day, negating any discount benefit.

6
MCQmedium

A company has an on-premises data center connected to GCP via Dedicated Interconnect. They run latency-sensitive applications on GCE and use Cloud Storage for backups. The backup traffic is causing congestion on the Interconnect link. How should they optimize costs and performance?

A.Increase the Dedicated Interconnect bandwidth to accommodate both traffic types.
B.Move backup storage to a different region to reduce data transfer costs.
C.Use Cloud Interconnect to connect directly to Cloud Storage for backup traffic.
D.Route backup traffic through a separate VPN tunnel over the internet to reduce congestion on the Interconnect.
AnswerD

This offloads non-critical traffic, preserving Interconnect performance for latency-sensitive apps.

Why this answer

Option D is correct because routing backup traffic over a separate VPN tunnel using the internet offloads non-latency-sensitive backup data from the Dedicated Interconnect link, reducing congestion without incurring additional costs for increased bandwidth. This approach preserves the low-latency path for critical application traffic while using a cost-effective, encrypted internet-based connection for backups, optimizing both performance and cost.

Exam trap

The trap here is that candidates often assume all traffic must use the most reliable connection (Dedicated Interconnect) for everything, overlooking that non-critical traffic can be cost-effectively offloaded to a VPN over the internet without violating security or performance requirements.

How to eliminate wrong answers

Option A is wrong because simply increasing Dedicated Interconnect bandwidth would raise costs without addressing the root cause—it would still mix latency-sensitive and backup traffic, potentially degrading performance for critical apps. Option B is wrong because moving backup storage to a different region does not reduce congestion on the Interconnect link; it may even increase latency and costs due to cross-region data transfer fees. Option C is wrong because Cloud Interconnect is a general term for dedicated connections (including Dedicated Interconnect and Partner Interconnect) and does not provide a separate path to Cloud Storage; using it would still route backup traffic over the same congested link, failing to alleviate the issue.

7
Drag & Dropmedium

Drag and drop the steps to implement a disaster recovery plan using Cloud Storage and Cloud Functions in the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

Versioning protects against accidental deletion. The Cloud Function copies objects to the DR bucket.

8
MCQhard

A company uses Cloud CDN to accelerate content delivery for their global user base. They notice a low cache hit ratio, and they also need to deliver personalized content based on user geolocation. What should they do?

A.Set appropriate Cache-Control headers and use cache keys including the 'User-Geo' header
B.Configure cache keys based on URL and query parameters
C.Use signed URLs for personalized content
D.Serve personalized content from the origin and use Cloud CDN only for static content
AnswerA

This enables caching per geography while personalizing.

Why this answer

Option A is correct because setting appropriate Cache-Control headers (e.g., s-maxage, private vs. public) allows Cloud CDN to cache content effectively, while including the 'User-Geo' header in cache keys enables the CDN to serve different cached responses based on the user's geolocation. This approach balances caching efficiency with personalized content delivery, as the CDN can cache a separate copy for each geographic region without requiring a cache miss for every request.

Exam trap

Google Cloud often tests the misconception that personalized content cannot be cached at all, leading candidates to choose Option D, but in reality, Cloud CDN can cache personalized content by using geolocation-based cache keys, which improves performance while still delivering region-specific responses.

How to eliminate wrong answers

Option B is wrong because configuring cache keys based solely on URL and query parameters does not account for geolocation-based personalization; it would serve the same cached content to all users regardless of location, failing to deliver personalized content. Option C is wrong because signed URLs are used for access control and authorization (e.g., restricting content to specific users or time windows), not for personalizing content based on geolocation; they do not improve cache hit ratio or handle geolocation-based differentiation. Option D is wrong because serving personalized content exclusively from the origin and using Cloud CDN only for static content defeats the purpose of using a CDN for dynamic personalization; it would increase latency and origin load, and does not leverage Cloud CDN's ability to cache region-specific responses.

9
MCQhard

A team deployed the Terraform configuration shown in the exhibit. They observe that Cloud NAT is not translating traffic from the private subnet as expected. What is the most likely cause?

A.The Cloud Router is not in the same VPC network as the private subnet
B.The log filter is set to ERRORS_ONLY, which suppresses all logs
C.The NAT IP allocation is manual and no IPs were specified
D.The subnet is not included in the source_subnetwork_ip_ranges_to_nat list
AnswerA

Cloud NAT requires the router to be in the same VPC network as the subnet. If the router is in a different VPC, NAT will not work.

Why this answer

Option A is correct because Cloud NAT requires a Cloud Router to be in the same VPC network as the subnet whose traffic needs translation. If the Cloud Router is in a different VPC network, the NAT gateway cannot establish the necessary BGP sessions or route traffic from the private subnet, causing NAT to fail silently.

Exam trap

Google Cloud often tests the requirement that Cloud Router must be in the same VPC as the NAT gateway and the private subnet, tempting candidates to focus on subnet inclusion or log settings instead of the cross-VPC routing dependency.

How to eliminate wrong answers

Option B is wrong because the log filter setting (ERRORS_ONLY) only affects which logs are sent to Cloud Logging; it does not prevent NAT from translating traffic. Option C is wrong because manual NAT IP allocation without specifying IPs would cause NAT to fail with a clear error, not silently fail to translate traffic. Option D is wrong because the source_subnetwork_ip_ranges_to_nat list controls which subnets are eligible for NAT, but the exhibit shows the subnet is included; the issue is the Cloud Router's VPC mismatch.

10
MCQeasy

A developer is migrating a stateful application to GKE. The application requires persistent storage with high IOPS for a database. Which storage option is most suitable?

A.Local SSD
B.Persistent Disk SSD
C.Cloud Storage Fuse
D.Persistent Disk Standard
AnswerB

PD SSD offers high IOPS and persists data independently of node lifecycle.

Why this answer

Persistent Disk SSD (pd-ssd) is the most suitable option for a stateful database on GKE requiring high IOPS because it provides block storage with consistent, high-performance IOPS and can be dynamically provisioned via PersistentVolumeClaims. Unlike Local SSD, pd-ssd persists data independently of the node lifecycle, ensuring data durability during pod rescheduling or node failures.

Exam trap

Google Cloud often tests the misconception that Local SSD is suitable for stateful workloads because of its high IOPS, but the trap is that candidates forget Local SSD is ephemeral and does not survive pod rescheduling or node failures.

How to eliminate wrong answers

Option A is wrong because Local SSD provides high IOPS but is ephemeral—data is lost if the pod is rescheduled or the node is deleted, making it unsuitable for stateful databases that require persistent storage. Option C is wrong because Cloud Storage Fuse is a file-system interface for Cloud Storage objects, not a block device; it introduces latency and lacks the low-level IOPS consistency needed for database workloads. Option D is wrong because Persistent Disk Standard (pd-standard) uses HDD-based storage with significantly lower IOPS and higher latency, which cannot meet the high IOPS requirements of a database.

11
MCQmedium

You are running a Cloud Run service that experiences occasional cold starts causing latency spikes. You want to minimize cold starts cost-effectively. What should you do?

A.Increase the max-instances setting to allow more concurrent requests.
B.Set concurrency to 1 to ensure each instance handles one request at a time.
C.Set min-instances to 1 to keep at least one instance always warm.
D.Use a larger machine type (e.g., 2 vCPU) to reduce startup time.
AnswerC

This directly addresses cold starts by keeping an instance running.

Why this answer

Setting min-instances to 1 ensures that at least one instance of your Cloud Run service is always kept warm, meaning it is initialized and ready to handle requests immediately. This eliminates cold starts for the first request after a period of inactivity, reducing latency spikes without requiring over-provisioning of resources. It is cost-effective because you only pay for the idle instance when it is not serving traffic, and you avoid the higher costs of larger machine types or excessive concurrent instances.

Exam trap

Google Cloud often tests the misconception that increasing resources (like vCPU or max-instances) solves cold starts, but the real solution is to keep an instance warm via min-instances, which directly addresses the root cause of initialization delay.

How to eliminate wrong answers

Option A is wrong because increasing max-instances allows more concurrent requests but does not prevent cold starts; it only caps the maximum number of instances, and cold starts still occur when new instances are needed. Option B is wrong because setting concurrency to 1 forces each instance to handle only one request at a time, which can increase the number of instances and cold starts, not minimize them, and it wastes resources. Option D is wrong because using a larger machine type (e.g., 2 vCPU) reduces startup time slightly but does not eliminate cold starts entirely, and it increases cost significantly without guaranteeing a warm instance is always available.

12
MCQeasy

A company commits to using Compute Engine for 3 years and wants the maximum discount. Which purchasing option should they use?

A.3-year committed use discount.
B.Pay-as-you-go pricing.
C.Sustained use discounts.
D.1-year committed use discount.
AnswerA

Highest discount for long-term commitment.

Why this answer

A 3-year committed use discount (CUD) offers the highest discount rate (up to 57% for most machine types) compared to 1-year CUDs (up to 37%) or pay-as-you-go pricing. By committing to a consistent resource usage for the full 3-year term, the company maximizes the discount on Compute Engine costs.

Exam trap

Google Cloud often tests the misconception that sustained use discounts provide the best long-term savings, but they are automatic and capped at 30%, whereas committed use discounts require a contractual commitment but offer significantly higher discounts for longer terms.

How to eliminate wrong answers

Option B is wrong because pay-as-you-go pricing provides no discount and is the most expensive option for long-term usage. Option C is wrong because sustained use discounts are automatic per-month discounts for running instances over 25% of a month, but they max out at 30% and do not require a commitment; they cannot match the deeper discount of a 3-year CUD. Option D is wrong because a 1-year committed use discount offers a lower discount rate (up to 37%) than a 3-year CUD (up to 57%), so it does not provide the maximum discount.

13
MCQeasy

Refer to the exhibit. A team wants to grant the ability to run queries (but not modify) on BigQuery datasets to a new set of users who have email addresses in the 'example.com' domain. What is the simplest way to achieve this?

A.No action needed; new users with 'example.com' accounts already have the dataViewer role through the existing domain membership
B.Create a new binding with role 'roles/bigquery.dataViewer' and include the new users as members
C.Remove the domain binding and only grant access to individual users
D.Add the new users to the existing 'domain:example.com' member list
AnswerA

The domain binding automatically grants access to all users in that domain.

Why this answer

The domain 'example.com' is already bound to the dataViewer role, so any user with an email in that domain automatically has query access. No action is needed.

14
Matchingmedium

Match each GCP database service to its type.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Managed relational database (MySQL, PostgreSQL, SQL Server)

NoSQL document database

NoSQL wide-column database

Horizontally scalable relational database

Managed Redis or Memcached

Why these pairings

These are database services offered by GCP.

15
MCQmedium

A team deployed a new version of a service on Cloud Run. After deployment, users report 502 errors. The logs show "Error: Server Error" with no stack trace. What is the first step the team should take to diagnose the issue?

A.Enable Cloud Debugger to inspect the running instance.
B.Check the container image for missing dependencies or misconfiguration.
C.Increase Cloud Run max instances limit.
D.Rollback to the previous version immediately.
AnswerB

Logs indicate the container may be failing to start, so checking dependencies is the first diagnostic step.

Why this answer

The 502 error with 'Error: Server Error' and no stack trace typically indicates that the container failed to start or crashed immediately after startup, often due to missing dependencies or misconfiguration in the container image. Cloud Run requires the container to listen on the port specified by the PORT environment variable (default 8080) and respond to health checks; if the container exits or fails to bind, Cloud Run returns a 502. Checking the container image is the first diagnostic step because it addresses the most common root cause before investigating runtime or scaling issues.

Exam trap

Google Cloud often tests the distinction between startup failures (502) and runtime errors (500), leading candidates to mistakenly choose Cloud Debugger or scaling fixes instead of verifying the container image first.

How to eliminate wrong answers

Option A is wrong because Cloud Debugger is designed for inspecting live application state (e.g., variables, stack traces) in a running instance, but here the container is likely failing to start or crashing immediately, so there is no running instance to attach to. Option C is wrong because increasing the max instances limit addresses scaling or concurrency issues (e.g., 429 or 503 errors), not a 502 error caused by a container startup failure. Option D is wrong because rolling back immediately is a reactive recovery action, not a diagnostic step; the team should first understand the root cause to prevent recurrence, and the question explicitly asks for the first step to diagnose the issue.

16
MCQhard

A developer is deploying a containerized application to Cloud Run. The deployment fails with the error above. What is the most likely cause?

A.The container is listening on port 3000 instead of 8080.
B.The container health check is misconfigured.
C.The container startup script fails.
D.The container does not have a web server.
AnswerA

Cloud Run requires the container to listen on the port defined by the PORT environment variable, which defaults to 8080.

Why this answer

Cloud Run requires containers to listen on the port defined by the `PORT` environment variable, which defaults to 8080. If the container is hardcoded to listen on port 3000, Cloud Run's health checks and routing will fail because the runtime cannot reach the application on the expected port, causing the deployment to fail.

Exam trap

Google Cloud often tests the misconception that any port mismatch will cause a health check failure, but the actual trap is that Cloud Run's deployment validation checks port binding before the container is considered healthy, so a wrong port causes an immediate deployment failure, not a post-deployment health check issue.

How to eliminate wrong answers

Option B is wrong because a misconfigured health check would cause the container to be marked unhealthy after startup, but the deployment itself would still succeed initially; the error in the question indicates a deployment failure, not a post-deployment health check failure. Option C is wrong because a startup script failure would typically result in a different error (e.g., container crash loop or exit code), not a port mismatch error. Option D is wrong because the container does have a web server (it listens on port 3000), but it is listening on the wrong port; Cloud Run does not require a specific web server, only that the container listens on the correct port.

17
Multi-Selecthard

A company is using Cloud Bigtable for time-series data from IoT devices. They are experiencing high latency for queries that scan a large range of rows. Which THREE actions can improve query performance? (Choose three.)

Select 3 answers
A.Reduce the size of row keys.
B.Increase the number of nodes in the Bigtable cluster.
C.Use Key Visualizer to analyze access patterns.
D.Switch from SSD storage to HDD storage.
E.Use application profiles to route to a single cluster if using replication.
AnswersA, B, E

Smaller row keys reduce I/O and improve scan performance.

Why this answer

Reducing the size of row keys (A) improves query performance because Bigtable stores rows sorted by key, and smaller keys reduce the amount of data that must be scanned and transferred during range scans. This directly lowers I/O and network overhead, which is critical for time-series data where row keys often include timestamps and device IDs.

Exam trap

Google Cloud often tests the misconception that Key Visualizer is a performance-tuning action rather than an analysis tool, and that HDD storage could improve latency for large scans, when in fact it degrades performance.

18
Multi-Selecteasy

Which TWO actions can reduce costs for a Cloud SQL for MySQL instance? (Choose two.)

Select 2 answers
A.Use database flags to limit connections.
B.Use committed use discounts.
C.Use preemptible instances.
D.Use a smaller machine type during off-peak hours.
E.Use high availability configuration.
AnswersB, D

Committed use discounts provide up to 57% discount for 1-year or 3-year commitment.

Why this answer

Committed use discounts (CUDs) provide significant cost savings (up to 57%) for Cloud SQL instances when you commit to a 1- or 3-year term. Resizing to a smaller machine type during off-peak hours directly reduces compute costs by lowering the vCPU and memory allocation when demand is low, and Cloud SQL supports live instance resizing with minimal downtime.

Exam trap

Google Cloud often tests the misconception that preemptible instances are available for managed services like Cloud SQL, when in fact they are exclusive to Compute Engine and GKE, and candidates may also confuse connection limits with cost reduction, thinking that limiting resources directly lowers the bill.

19
MCQeasy

A company is running a web application on Compute Engine instances that average 20% CPU utilization. They want to reduce costs without impacting performance. What is the most effective action?

A.Rightsize instances to a smaller machine type based on usage metrics.
B.Change instance type to e2-standard-4.
C.Purchase 3-year committed use discounts.
D.Use preemptible instances for all traffic.
AnswerA

Rightsizing matches capacity to demand, reducing cost without performance impact.

Why this answer

The instances are averaging only 20% CPU utilization, indicating they are over-provisioned. Rightsizing to a smaller machine type directly reduces the compute cost per instance while maintaining adequate performance for the current workload, as the smaller instance can handle the existing load without degradation.

Exam trap

The trap here is that candidates often choose committed use discounts (Option C) as a quick cost-saving measure, failing to realize that rightsizing first yields greater savings without long-term commitment, and that preemptible instances (Option D) are not viable for production traffic due to their ephemeral nature.

How to eliminate wrong answers

Option B is wrong because it specifies a particular machine type (e2-standard-4) without considering the current usage metrics; this is a generic recommendation that may not be the optimal size and could still be over-provisioned or under-provisioned. Option C is wrong because purchasing 3-year committed use discounts locks in a long-term commitment for the current instance types, which may still be over-provisioned; rightsizing first then applying commitments is more cost-effective. Option D is wrong because preemptible instances can be terminated at any time by Google Cloud, making them unsuitable for handling all traffic in a production web application that requires reliability and availability.

20
MCQhard

A Cloud Spanner instance is experiencing high latency for point reads. The instance has 5 nodes and the read throughput is moderate. The table has a primary key with monotonically increasing values. What is the most likely cause and optimization?

A.Use interleaved tables to reduce the number of index lookups.
B.The instance is underprovisioned; add more nodes.
C.The primary key design causes hotspotting; use a hash prefix or add a leading random value.
D.The instance has too many nodes causing transaction conflicts; reduce nodes.
AnswerC

This distributes writes across splits.

Why this answer

The monotonically increasing primary key causes all writes to be directed to the last tablet (splitting point), creating a hotspot on one node. This hotspot leads to high latency for point reads because that node becomes a bottleneck. Adding a hash prefix or a leading random value distributes writes and reads evenly across all nodes, resolving the hotspotting issue.

Exam trap

Google Cloud often tests the misconception that adding more nodes solves all performance issues, but here the problem is a design flaw (hotspotting) that requires a key distribution strategy, not more capacity.

How to eliminate wrong answers

Option A is wrong because interleaved tables reduce join latency by colocating parent-child rows, but they do not address the root cause of hotspotting from a monotonically increasing primary key. Option B is wrong because the instance has moderate throughput and 5 nodes, so underprovisioning is not indicated; adding more nodes would not fix the hotspotting and could increase costs unnecessarily. Option D is wrong because having too many nodes does not cause transaction conflicts; Cloud Spanner uses a distributed transaction protocol (Paxos-based) that scales with nodes, and reducing nodes would not resolve the hotspotting issue.

21
Drag & Dropmedium

Drag and drop the steps to set up a Cloud SQL for PostgreSQL instance with high availability into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

HA configuration creates a primary and standby in different zones. Private IP requires VPC peering.

22
MCQeasy

A company wants to optimize their network costs for inter-region traffic using Cloud VPN. What is the most cost-effective configuration?

A.Use partner interconnect.
B.Use Cloud NAT.
C.Use dedicated interconnect.
D.Use a single VPN tunnel with dynamic routing.
AnswerD

VPN tunnels are low-cost and dynamic routing (BGP) provides redundancy and optimal path selection.

Why this answer

Option D is correct because a single VPN tunnel with dynamic routing (BGP) is the most cost-effective configuration for inter-region traffic using Cloud VPN. Cloud VPN charges per tunnel-hour and per GB of data processed, so using a single tunnel minimizes the hourly cost while dynamic routing ensures automatic failover and route advertisement without needing multiple tunnels.

Exam trap

Google Cloud often tests the misconception that multiple VPN tunnels or dedicated interconnect solutions are required for inter-region traffic, when in fact a single VPN tunnel with dynamic routing is the most cost-effective option for Cloud VPN.

How to eliminate wrong answers

Option A is wrong because Partner Interconnect is a dedicated connectivity solution that incurs higher monthly costs and requires a service provider contract, making it less cost-effective than Cloud VPN for inter-region traffic. Option B is wrong because Cloud NAT is used for outbound internet access from private instances, not for inter-region traffic between VPC networks. Option C is wrong because Dedicated Interconnect provides high-bandwidth dedicated connections but is significantly more expensive than Cloud VPN and is designed for on-premises to VPC connectivity, not inter-region traffic.

23
MCQeasy

A company runs a customer-facing web application on Google Kubernetes Engine (GKE) in us-central1. The application uses a Cloud SQL for PostgreSQL database for user data. Recently, they noticed that during peak hours, the application response times increase significantly, and some requests time out. The team has already scaled the GKE nodepool to the maximum size, but the issue persists. Database CPU utilization is at 80%, and connections are near the max limit. The application uses connection pooling via PgBouncer running as a sidecar. The team suspects the database is the bottleneck. They need to improve performance with minimal cost impact. What should they do?

A.Enable Cloud SQL automatic storage increase.
B.Increase the max connections parameter on Cloud SQL.
C.Increase the Cloud SQL machine type to the next tier.
D.Add read replicas and split read/write traffic.
AnswerD

Read replicas distribute read load, reducing primary database CPU and connection usage.

Why this answer

Option D is correct because adding read replicas and splitting read/write traffic offloads read queries from the primary Cloud SQL instance, reducing CPU and connection pressure. PgBouncer as a sidecar can be configured to route read-only transactions to replicas, while writes go to the primary. This directly addresses the 80% CPU and max connections issue without increasing costs as much as scaling up the machine type.

Exam trap

Google Cloud often tests the misconception that scaling up (increasing machine type) is always the first step for database performance issues, when in fact read replicas with read/write splitting can be more cost-effective and scalable for read-heavy workloads.

How to eliminate wrong answers

Option A is wrong because enabling automatic storage increase only adds disk space, which does not reduce CPU utilization or connection limits; the bottleneck is compute and connections, not storage. Option B is wrong because increasing the max connections parameter would allow more concurrent connections but would further strain the already high CPU (80%) and could lead to resource contention or crashes; it does not solve the underlying compute bottleneck. Option C is wrong because increasing the Cloud SQL machine type to the next tier would improve performance but at a higher cost, and the question specifies minimal cost impact; read replicas provide a more cost-effective scaling approach by distributing read load.

24
Multi-Selectmedium

A company stores large amounts of data in Cloud Storage and wants to reduce costs. Which two actions should they take? (Choose two.)

Select 2 answers
A.Disable object versioning to prevent multiple versions.
B.Enable object versioning and configure lifecycle rules to delete noncurrent versions after 90 days.
C.Add bucket labels to track cost by department.
D.Configure lifecycle management to transition objects to Nearline or Coldline storage classes after 30 days.
E.Change the default storage class to Standard for all buckets.
AnswersB, D

Removes outdated versions, saving storage.

Why this answer

Option B is correct because enabling object versioning and configuring lifecycle rules to delete noncurrent versions after 90 days directly reduces storage costs by automatically removing older object versions that are no longer needed. Option D is correct because transitioning objects to Nearline or Coldline storage classes after 30 days leverages lower-cost storage tiers for infrequently accessed data, aligning cost with access patterns.

Exam trap

Google Cloud often tests the distinction between cost allocation (labels) and direct cost reduction (lifecycle rules), leading candidates to mistakenly choose labeling as a cost-saving measure.

25
MCQmedium

A company uses Cloud SQL for PostgreSQL for their transactional database. They need a disaster recovery solution that provides cross-region failover with a recovery point objective (RPO) of less than 1 minute. Which solution meets these requirements?

A.Create a cross-region read replica and promote it during failover
B.Use Cloud Spanner for global strong consistency
C.Use a Cloud SQL for PostgreSQL instance with multiple zones
D.Take daily automated backups and restore in another region
AnswerA

Cross-region read replicas replicate data asynchronously with low RPO.

Why this answer

A cross-region read replica in Cloud SQL for PostgreSQL can be promoted to a standalone instance during a disaster, enabling failover to another region. The replica uses PostgreSQL's native streaming replication, which typically provides an RPO of less than 1 minute because changes are replicated asynchronously but with very low latency. This meets the stated RPO requirement without needing to redesign the application for global consistency.

Exam trap

Google Cloud often tests the distinction between high availability (within a region) and disaster recovery (cross-region), and the trap here is that candidates confuse multi-zone (regional) instances with cross-region failover, or assume that automated backups can meet a sub-minute RPO.

How to eliminate wrong answers

Option B is wrong because Cloud Spanner provides global strong consistency and automatic failover, but it is a different database service, not a solution for an existing Cloud SQL for PostgreSQL instance; migrating to Spanner would require significant application changes and is not a direct DR solution for Cloud SQL. Option C is wrong because a multi-zone (regional) Cloud SQL instance provides high availability within a single region, not cross-region failover, so it cannot protect against a regional outage. Option D is wrong because daily automated backups have an RPO of up to 24 hours (or the backup interval), which far exceeds the requirement of less than 1 minute; restoring from a backup also takes significant time, failing the recovery time objective.

26
MCQeasy

A company wants to reduce costs for a Cloud Storage bucket that stores infrequently accessed archival data. The data is accessed roughly once a quarter. Which storage class should they use?

A.Archive storage class.
B.Nearline storage class.
C.Standard storage class.
D.Coldline storage class.
AnswerA

Archive is for data accessed less than once a year.

Why this answer

The Archive storage class is the correct choice because it is designed for data accessed less than once a year, making it ideal for quarterly-accessed archival data. It offers the lowest storage cost among Google Cloud Storage classes, though it incurs higher retrieval costs and a minimum 365-day storage duration, which aligns with infrequent access patterns.

Exam trap

Google Cloud often tests the misconception that 'archival' automatically means Coldline, but the key differentiator is the access frequency threshold: Archive is for less than once a year, while Coldline is for less than once a quarter, so quarterly access fits Coldline's threshold but Archive is more cost-effective for truly infrequent data.

How to eliminate wrong answers

Option B (Nearline storage class) is wrong because it is optimized for data accessed less than once a month, not once a quarter, and has a 30-day minimum storage duration, leading to unnecessary cost for quarterly access. Option C (Standard storage class) is wrong because it is for frequently accessed data with no minimum storage duration, resulting in higher storage costs for archival data. Option D (Coldline storage class) is wrong because it is designed for data accessed less than once every 90 days, which is more frequent than quarterly access, and has a 90-day minimum storage duration, making it less cost-effective than Archive for this use case.

27
Multi-Selecthard

Which THREE steps can reduce processing costs in a Dataflow streaming pipeline? (Choose three.)

Select 3 answers
A.Use side inputs instead of a cross join.
B.Use a batch pipeline for non-critical data.
C.Minimize the use of GroupByKey in streaming mode.
D.Use a custom runner.
E.Increase the number of workers.
AnswersA, B, C

Side inputs are more efficient than cross joins, reducing processing cost.

Why this answer

Option A is correct because side inputs allow you to broadcast a static or slowly-changing dataset to all workers, avoiding the expensive shuffle and per-element processing required by a cross join. In Dataflow, cross joins in streaming mode require stateful processing and can lead to high data amplification, whereas side inputs are distributed efficiently via the streaming engine. This reduces both CPU and memory costs by eliminating redundant data movement.

Exam trap

Google Cloud often tests the misconception that scaling out (increasing workers) always reduces costs, when in fact it increases costs unless the pipeline is bottlenecked; the trap is to confuse throughput optimization with cost reduction.

28
MCQhard

A large enterprise is migrating its on-premises data warehouse to BigQuery. The current warehouse is 100 TB and uses complex ETL jobs that run on SQL Server Integration Services (SSIS). The team wants to minimize migration effort and maintain the same SQL logic for transformations. They plan to use BigQuery's standard SQL. They also need to schedule transformations and load data from multiple on-premises sources. Which approach should they take?

A.Connect SSIS to BigQuery using ODBC and run SSIS packages in a VM on Compute Engine.
B.Rewrite SSIS packages as Dataflow pipelines using Apache Beam.
C.Use Data Fusion to replicate SSIS packages.
D.Use Cloud Composer (Airflow) to orchestrate SQL statements in BigQuery, and use Data Transfer Service for scheduled loads.
AnswerD

This approach allows reusing SQL logic and provides native scheduling with minimal code changes.

Why this answer

Option A is correct: Cloud Composer (Airflow) can orchestrate BigQuery SQL statements, and Data Transfer Service handles scheduled loads from on-premises sources, minimizing code changes. Option B (Data Fusion) does not directly replicate SSIS. Option C (Dataflow) requires rewriting SSIS packages.

Option D (SSIS on Compute Engine) still needs migration and doesn't leverage BigQuery's strengths.

29
MCQeasy

A company runs a web application on Compute Engine instances. The application stores session state in files on local SSD. The company wants to reduce costs without sacrificing performance for a predictable traffic pattern. What should they do?

A.Use preemptible VMs in a managed instance group with autoscaling, and store session state in Redis (Memorystore).
B.Change the machine type to N2 standard and use committed use discounts.
C.Keep local SSDs but use sole-tenant nodes to reduce contention.
D.Migrate the session state to Cloud Firestore and use preemptible VMs.
AnswerA

Using preemptible VMs reduces cost, and storing session state in Memorystore ensures data persistence across preemptions.

Why this answer

Option A is correct because preemptible VMs reduce compute costs by up to 80%, and using a managed instance group with autoscaling handles the predictable traffic pattern efficiently. Storing session state in Redis (Memorystore) instead of local SSD ensures session data persists across VM preemptions and is shared among instances, which is critical for stateful applications. This combination maintains performance while eliminating the cost of always-on VMs.

Exam trap

Google Cloud often tests the misconception that local SSD is acceptable for session state if VMs are persistent, but the trap here is that any VM termination (preemption, maintenance, or autoscaling down) destroys local SSD data, so a shared external session store like Redis is mandatory when using preemptible or autoscaled instances.

How to eliminate wrong answers

Option B is wrong because changing to N2 standard machines and using committed use discounts reduces costs only if the workload runs continuously for 1 or 3 years, but it does not address the session state persistence issue—local SSD data is lost on VM termination, and the traffic pattern is predictable, not constant. Option C is wrong because sole-tenant nodes increase costs (dedicated hardware) and do not solve the session state problem; local SSD data is still ephemeral and lost on instance stop/termination. Option D is wrong because Cloud Firestore is a NoSQL document database not optimized for low-latency session state access (it is designed for mobile/web apps with eventual consistency), and preemptible VMs without a shared session store like Redis will lose session data on preemption.

30
MCQhard

A financial institution stores sensitive customer data in Cloud Storage. They need to audit all data access and prevent unauthorized data exfiltration. They also require context-aware access controls based on user location and device. Which Google Cloud service should they configure?

A.Cloud Data Loss Prevention (DLP) for inspecting data
B.Cloud Audit Logs and Cloud Monitoring for alerts
C.VPC Service Controls with the perimeter set to the data layer
D.Access Transparency logs for audit
AnswerC

VPC Service Controls prevent data from leaving the perimeter and support context-aware access.

Why this answer

VPC Service Controls (option C) is correct because it creates a security perimeter around Google Cloud APIs, including Cloud Storage, to prevent unauthorized data exfiltration (e.g., copying data to an external project) while allowing context-aware access controls based on user location and device via Access Context Manager. This directly addresses the requirement for both audit (via Cloud Audit Logs integrated with the perimeter) and exfiltration prevention, which other services like DLP or Access Transparency alone cannot enforce.

Exam trap

Google Cloud often tests the distinction between detective controls (audit logs, DLP) and preventive controls (VPC Service Controls), leading candidates to choose audit-focused options like B or D when the question explicitly requires preventing data exfiltration.

How to eliminate wrong answers

Option A is wrong because Cloud Data Loss Prevention (DLP) is an inspection and classification service for sensitive data, not an access control or exfiltration prevention mechanism; it cannot block data access or enforce context-aware policies. Option B is wrong because Cloud Audit Logs and Cloud Monitoring provide logging and alerting for visibility but do not prevent unauthorized data exfiltration or enforce context-aware access controls; they are reactive, not proactive. Option D is wrong because Access Transparency logs provide audit records of Google staff access to customer data, not customer-side access controls or exfiltration prevention; they do not block data movement or enforce location/device-based policies.

31
Multi-Selecthard

A company runs a web application on App Engine Standard environment. The application experiences downtime during deployments due to traffic shifting. Which two strategies should they implement to improve reliability? (Choose two.)

Select 2 answers
A.Use Cloud Endpoints to manage API traffic and route deployments.
B.Increase the number of idle instances to handle traffic during deployment.
C.Use traffic splitting to gradually migrate traffic to the new version.
D.Deploy to a separate version and then shift traffic using the App Engine console or gcloud.
E.Set manual scaling to avoid autoscaling delays.
AnswersC, D

Gradual migration reduces impact of any issues.

Why this answer

Option C is correct because App Engine's traffic splitting feature allows you to gradually shift traffic from the old version to the new version, minimizing the impact of deployment-related errors or performance issues. This incremental migration reduces the risk of a full outage during deployment and enables quick rollback if problems arise.

Exam trap

Google Cloud often tests the distinction between deployment strategies (traffic splitting/version shifting) and scaling or API management features, leading candidates to confuse operational scaling fixes with deployment reliability improvements.

32
Matchingmedium

Match each GCP migration term to its description.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Move workloads without modification

Tool to migrate VMs to GCP

Physical device for large data transfer

Online data transfer from other clouds or on-prem

Migrate databases to Cloud SQL with minimal downtime

Why these pairings

These are migration-related services and concepts in GCP.

33
MCQhard

Refer to the exhibit. A Cloud Function processes files uploaded to Cloud Storage. It usually completes within 2 minutes, but recently it has been timing out after 540 seconds. What is the most likely cause?

A.The function's maximum timeout was set to 540 seconds, causing it to always take that long
B.A user uploaded a file larger than the maximum allowed size for the function (e.g., 6 GB), causing the processing time to exceed the 540s timeout
C.The function's memory limit is too low, causing thrashing and slowdown
D.The function entered an infinite loop
AnswerB

Large files take longer to process, causing the function to hit the timeout.

Why this answer

Option B is correct because Cloud Functions have a maximum execution timeout of 540 seconds (9 minutes). If a file larger than the function's memory and processing capacity is uploaded, the function may take longer than this hard limit to process it, resulting in a timeout. The exhibit indicates the function usually completes within 2 minutes, so a sudden spike to exactly 540 seconds strongly suggests the file size exceeded the function's ability to finish within the maximum allowed timeout.

Exam trap

Google Cloud often tests the misconception that a timeout is caused by a configuration error or infinite loop, rather than the function hitting the hard 540-second limit due to an oversized workload.

How to eliminate wrong answers

Option A is wrong because setting the function's maximum timeout to 540 seconds does not cause it to always take that long; the timeout is an upper bound, not a fixed execution time. Option C is wrong because low memory causing thrashing would typically result in out-of-memory errors or gradual slowdowns, not a consistent timeout exactly at 540 seconds. Option D is wrong because an infinite loop would cause the function to never complete, but Cloud Functions would still terminate at the 540-second timeout, not consistently hit that exact limit only when processing large files.

34
MCQmedium

A company stores backup data in Cloud Storage. They observe high egress costs when clients download backups. Additionally, they must retain backups for 7 years for compliance. Which optimization should they implement first?

A.Use lifecycle rules to transition to Archive after 30 days and delete after 7 years
B.Enable requester pays on the bucket
C.Set up a Cloud CDN for backup downloads
D.Move the backup data to Archive storage class
AnswerB

Requester pays shifts the egress cost to the client, solving the high egress issue.

Why this answer

High egress costs occur when clients download backups, and enabling requester pays shifts these costs to the clients. This directly addresses the cost issue without changing storage class or retention. Requester pays is the first optimization because it resolves the immediate cost problem while lifecycle rules or storage class changes address separate concerns like retention or storage cost.

Exam trap

Google Cloud often tests the misconception that changing storage class (e.g., to Archive) reduces egress costs, when in fact egress costs are independent of storage class and requester pays is the direct solution for shifting download costs.

How to eliminate wrong answers

Option A is wrong because lifecycle rules manage storage cost and retention, not egress costs; transitioning to Archive after 30 days reduces storage cost but does not shift or reduce the egress charges incurred during downloads. Option C is wrong because Cloud CDN caches content to reduce latency and origin load, but it does not eliminate egress costs from Cloud Storage; egress from Cloud CDN still incurs charges, and backups are typically not cacheable due to infrequent access. Option D is wrong because moving to Archive storage class reduces storage cost but does not affect egress costs; Archive has higher retrieval fees and minimum retention periods that could conflict with the 7-year compliance requirement.

35
MCQeasy

Refer to the exhibit. The output is from `gcloud compute instances describe instance-1 --format=json`. What can you conclude from this output?

A.The instance is billed based on the n1-standard-2 machine type.
B.The instance is using a custom machine type.
C.The instance is using committed use discounts.
D.The instance has a GPU attached.
AnswerA

The machine type determines the billing rate; n1-standard-2 is the type shown.

Why this answer

The output from `gcloud compute instances describe instance-1 --format=json` would include a `machineType` field that specifies the full URL of the machine type, such as `https://www.googleapis.com/compute/v1/projects/.../zones/.../machineTypes/n1-standard-2`. This confirms the instance is using the predefined n1-standard-2 machine type, which has 2 vCPUs and 7.5 GB of memory, and billing is based on that predefined type. The absence of a `custom` suffix or custom CPU/memory values in the machine type field indicates it is not a custom machine type.

Exam trap

Google Cloud often tests the distinction between predefined and custom machine types by hiding the machine type in the `machineType` URL, and candidates mistakenly think any non-standard name implies a custom type, but the key is checking for the `custom-` prefix or explicit CPU/memory fields.

How to eliminate wrong answers

Option B is wrong because a custom machine type would be indicated by a machine type URL ending with `custom-<vCPUs>-<memory>` (e.g., `custom-2-8192`) or by the presence of `custom` in the machine type name, which is not the case for `n1-standard-2`. Option C is wrong because committed use discounts are a billing-level commitment, not visible in the `gcloud compute instances describe` output; they would be shown in billing reports or the `gcloud compute commitments` command, not in instance metadata. Option D is wrong because a GPU attachment would be visible in the `accelerators` field of the instance description, which would list the GPU type and count; its absence means no GPU is attached.

36
MCQmedium

A company uses Cloud Composer to manage Apache Airflow workflows. They want to optimize costs. Which practice is most effective?

A.Configure auto scaling for the Cloud Composer environment
B.Use preemptible VMs for Airflow schedulers
C.Replace Cloud Composer with Cloud Functions for all workflows
D.Use small machine types for all Composer components
AnswerA

Auto scaling dynamically adjusts the number of workers to match demand.

Why this answer

Cloud Composer supports autoscaling for its workers, which dynamically adjusts the number of worker pods based on the Airflow task queue depth. This directly optimizes costs by scaling down during low-load periods and scaling up only when needed, avoiding over-provisioning.

Exam trap

The trap here is that candidates often assume preemptible VMs are always the best cost-saving measure, but they fail to recognize that Airflow schedulers and other critical components require persistent, reliable compute resources, making autoscaling a safer and more effective optimization.

How to eliminate wrong answers

Option B is wrong because preemptible VMs cannot be used for Airflow schedulers; schedulers must be reliable and stateful, and preemptible VMs can be terminated at any time, causing workflow failures. Option C is wrong because Cloud Functions is not a replacement for Cloud Composer; Cloud Functions is designed for event-driven, short-lived tasks, not for orchestrating complex, long-running, or dependency-heavy workflows that Airflow handles. Option D is wrong because using small machine types for all components, especially the scheduler and database, can lead to performance bottlenecks, task queuing, and failures, ultimately increasing costs due to retries and delays.

37
MCQmedium

A company migrated their on-premises database to Cloud SQL and now experiences high latency for read-heavy workloads. How can they optimize performance?

A.Switch to a higher machine type.
B.Enable automatic storage increase.
C.Use connection pooling.
D.Add read replicas.
AnswerD

Read replicas serve read traffic, reducing load on primary and improving read latency.

Why this answer

Adding read replicas is the correct optimization because Cloud SQL read replicas offload read traffic from the primary instance, reducing latency for read-heavy workloads. Read replicas asynchronously replicate data from the primary using MySQL or PostgreSQL native replication, allowing queries to be distributed across multiple instances. This directly addresses the high latency by scaling read capacity horizontally without impacting write performance.

Exam trap

Google Cloud often tests the misconception that vertical scaling (higher machine type) is the universal fix for performance issues, but the trap here is that read-heavy workloads require horizontal scaling via read replicas to distribute the read load, not just a more powerful single instance.

How to eliminate wrong answers

Option A is wrong because switching to a higher machine type (vertical scaling) may improve performance but does not specifically address read-heavy workloads; it increases cost without distributing the read load, and latency improvements are limited by the single instance's resources. Option B is wrong because enabling automatic storage increase only prevents storage-full errors and does not affect query latency or read throughput; it is a capacity management feature, not a performance optimization. Option C is wrong because connection pooling reduces the overhead of establishing new database connections but does not reduce latency for read-heavy workloads; it improves connection management efficiency, not query execution speed or read distribution.

38
Multi-Selectmedium

A company is migrating a legacy monolithic application to Google Cloud. They want to adopt microservices and improve deployment frequency. Which THREE practices should they adopt? (Choose 3.)

Select 3 answers
A.Use Infrastructure as Code (IaC) with Terraform.
B.Build a single deployment pipeline for all services.
C.Implement blue/green deployments.
D.Use canary releases with traffic splitting.
E.Apply immutable infrastructure principles.
AnswersA, D, E

IaC enables rapid provisioning of environments, increasing deployment frequency.

Why this answer

Option A is correct because Infrastructure as Code (IaC) with Terraform enables declarative, version-controlled provisioning of cloud resources. This supports the microservices migration by allowing teams to spin up consistent, repeatable environments for each service, which is essential for increasing deployment frequency without manual configuration errors.

Exam trap

The trap here is that candidates often confuse 'blue/green deployments' with 'canary releases' and assume both are equally valid, but the question specifically asks for three practices that improve deployment frequency, and canary releases with traffic splitting directly enable faster, safer rollouts, whereas blue/green is a broader strategy that may not inherently increase frequency.

39
MCQhard

A financial services company needs a disaster recovery plan for a critical application running on GKE. The application uses Cloud SQL for MySQL. The RPO is 5 minutes and RTO is 15 minutes. Which design meets these requirements cost-effectively?

A.Use Cloud SQL cross-region replication (MySQL) with a failover replica in another region, and deploy GKE cluster in that region with the same configuration.
B.Use Cloud SQL for MySQL with multi-region database flag and route traffic to nearest region via Cloud Load Balancing.
C.Set up VPC peering between two regions and use Cloud DNS to direct traffic in failover.
D.Use Cloud SQL backups to Cloud Storage and restore in another region, with GKE cluster recreated via Deployment Manager.
AnswerA

Cross-region replication can meet 5 min RPO.

Why this answer

Cloud SQL cross-region replication provides an asynchronous replica in another region with a typical replication lag of a few seconds, meeting the 5-minute RPO. The failover replica can be promoted in minutes, and deploying a GKE cluster in the same region with identical configuration allows the application to connect to the promoted replica, achieving the 15-minute RTO. This approach is cost-effective because you only pay for the replica and the second GKE cluster when needed for failover testing or actual disaster recovery.

Exam trap

The trap here is that candidates often confuse Cloud SQL's cross-region replication with Cloud Spanner's multi-region configuration, or assume that network-level solutions like VPC peering and DNS can satisfy data replication requirements without a dedicated database replication mechanism.

How to eliminate wrong answers

Option B is wrong because Cloud SQL for MySQL does not support a 'multi-region database flag'; that concept applies to Spanner, not MySQL, and Cloud SQL does not have built-in multi-region routing via Cloud Load Balancing for MySQL instances. Option C is wrong because VPC peering and Cloud DNS alone do not provide any database replication or failover mechanism; they only handle network connectivity and DNS resolution, leaving the critical data un-replicated and unable to meet the RPO/RTO. Option D is wrong because restoring from Cloud SQL backups to Cloud Storage and recreating a GKE cluster via Deployment Manager would take significantly longer than 15 minutes due to backup download, restore time, and cluster provisioning, failing the RTO requirement.

40
MCQhard

A company runs batch processing jobs on a GKE cluster using preemptible node pools. The jobs are fault-tolerant and can be interrupted. However, the cluster is experiencing high costs due to underutilized nodes. The batch jobs run for 2-3 hours each. What is the most cost-effective optimization?

A.Switch to compute-optimized (C2) machine types for faster job completion.
B.Use regional persistent disks for stateful workloads to improve performance.
C.Reduce the number of min-nodes in the node pool to zero during idle times and use cluster autoscaler.
D.Create multiple node pools with different machine types and use node auto-provisioning with preemptible nodes and custom machine types.
AnswerD

Node auto-provisioning with custom machine types ensures resources match job requirements, reducing waste.

Why this answer

Option D is the most cost-effective because it leverages node auto-provisioning with preemptible nodes and custom machine types, which dynamically creates node pools tailored to the specific resource requirements of each batch job. This eliminates waste from over-provisioned nodes while maintaining fault tolerance for interruptible workloads. Combined with preemptible instances (up to 60-80% cheaper than regular VMs), this approach minimizes cost without sacrificing job completion, as the jobs are already designed to handle interruptions.

Exam trap

Google Cloud often tests the misconception that simply reducing node count (Option C) is sufficient for cost optimization, ignoring that node auto-provisioning with custom machine types can eliminate waste from mismatched instance sizes, which is the primary driver of underutilization costs in preemptible node pools.

How to eliminate wrong answers

Option A is wrong because switching to compute-optimized (C2) machine types increases per-node cost significantly (C2 instances are premium-priced for high CPU performance) and does not address underutilization; faster job completion may reduce runtime but not overall cost if nodes remain idle. Option B is wrong because regional persistent disks are designed for stateful workloads requiring high availability and durability, but the batch jobs are fault-tolerant and stateless; adding regional PDs increases storage costs without improving compute utilization. Option C is wrong because reducing min-nodes to zero and using cluster autoscaler only scales down idle nodes, but the cluster autoscaler cannot change machine types or right-size nodes for specific jobs; it still uses the same preemptible node pool configuration, leaving potential waste from mismatched instance sizes.

41
MCQmedium

A company is deploying a microservices application on Google Kubernetes Engine (GKE). They want to optimize costs without sacrificing availability. They have varying traffic patterns. Which strategy should they recommend?

A.Use committed use discounts with a 3-year term on all nodes.
B.Use GKE Autopilot with a single node pool.
C.Use a regional cluster with node pools of different machine types.
D.Use node auto-provisioning with preemptible nodes.
AnswerD

Node auto-provisioning dynamically creates node pools and preemptible nodes lower cost.

Why this answer

Node auto-provisioning with preemptible nodes automatically creates node pools based on workload demands and uses cheaper preemptible VMs, reducing cost for variable traffic. Regional clusters focus on high availability, not cost. Committed use discounts lock in usage and are not optimal for variable traffic.

GKE Autopilot provides convenience but may not be the most cost-efficient with preemptible options.

42
MCQmedium

A company is migrating its on-premises Oracle database to Cloud SQL for PostgreSQL. The database team wants to minimize downtime during migration. Which approach should they use?

A.Set up Oracle GoldenGate to replicate to Cloud SQL.
B.Use Database Migration Service for PostgreSQL with continuous migration from Oracle via Homogeneous Migration.
C.Take a physical backup of Oracle and restore to Cloud SQL.
D.Export the database as a dump file, upload to Cloud Storage, and import into Cloud SQL.
AnswerB

DMS supports minimal downtime via continuous replication.

Why this answer

Database Migration Service (DMS) for PostgreSQL with continuous migration is the correct approach because it supports ongoing change data capture (CDC) from Oracle to Cloud SQL for PostgreSQL, enabling near-zero downtime. DMS handles schema conversion and data replication continuously, allowing the target to stay synchronized until a cutover, which minimizes downtime compared to batch methods.

Exam trap

Google Cloud often tests the misconception that any 'migration service' automatically supports heterogeneous migrations, but here the trap is that Database Migration Service for PostgreSQL is specifically designed for PostgreSQL targets and includes built-in schema conversion from Oracle, whereas options like GoldenGate or dump/restore are either too complex or cause downtime.

How to eliminate wrong answers

Option A is wrong because Oracle GoldenGate is a third-party tool that requires separate licensing, complex configuration, and is not natively integrated with Cloud SQL for PostgreSQL; it is overkill and not the recommended Google Cloud service for this migration. Option C is wrong because a physical backup of Oracle (e.g., RMAN) is platform-specific and cannot be directly restored to Cloud SQL for PostgreSQL, which uses a different database engine and storage format. Option D is wrong because exporting as a dump file and importing is a one-time, offline process that requires the source database to be quiesced or taken offline, causing significant downtime, and does not support continuous replication.

43
MCQhard

A company uses Cloud Armor to protect their HTTP Load Balancer from DDoS attacks. Recently, they experienced a targeted attack that bypassed Cloud Armor's predefined rules. The attack involved a high rate of legitimate-looking requests from a small set of IPs that made the application unresponsive. The team needs to block the attack quickly without affecting legitimate users. What should they do?

A.Increase the load balancer's capacity to absorb the attack.
B.Configure rate limiting with a threshold based on the normal traffic pattern.
C.Enable Google Cloud Armor Adaptive Protection.
D.Add the attacking IPs to a Cloud Armor deny list.
AnswerC

Adaptive Protection learns normal traffic patterns and automatically blocks anomalous high-rate requests.

Why this answer

Option C is correct because Cloud Armor Adaptive Protection uses machine learning to analyze traffic patterns and automatically create tailored rules to block application-layer DDoS attacks that bypass predefined rules. In this scenario, the attack consists of legitimate-looking requests from a small set of IPs, which Adaptive Protection can detect as anomalous and generate a custom signature to block without manual intervention, preserving access for legitimate users.

Exam trap

The trap here is that candidates may choose Option D (adding IPs to a deny list) because it seems like a quick fix, but Cisco tests the understanding that Cloud Armor Adaptive Protection is the correct automated solution for application-layer DDoS attacks with legitimate-looking traffic, not manual IP blocking.

How to eliminate wrong answers

Option A is wrong because increasing the load balancer's capacity only absorbs volumetric attacks but does not address the application-layer nature of this attack; the high rate of legitimate-looking requests will still exhaust application resources regardless of capacity. Option B is wrong because configuring rate limiting with a threshold based on normal traffic patterns requires prior knowledge of those patterns and may inadvertently block legitimate users if the threshold is set too low, or fail to block the attack if the threshold is too high; it also does not leverage Cloud Armor's adaptive capabilities. Option D is wrong because adding the attacking IPs to a deny list is reactive and assumes the IPs are static; the attack may use rotating IPs or spoofed addresses, making manual deny lists ineffective and unsustainable for a rapid response.

44
MCQmedium

A company runs a monolithic application on Compute Engine. They want to modernize by moving to microservices on Google Kubernetes Engine (GKE) to improve deployment frequency and resource utilization. However, they are concerned about the increased operational complexity. Which approach best balances modernization benefits with operational overhead?

A.Keep the monolithic application on Compute Engine and use Cloud Monitoring to optimize resource utilization.
B.Migrate all application components to Cloud Run and use Cloud Tasks for asynchronous communication.
C.Rewrite the entire application as microservices and deploy on GKE with Istio for service mesh.
D.Identify stateless components to migrate to Cloud Run, and keep stateful components on GKE with managed services like Cloud Spanner.
AnswerD

Balances modernization with reduced complexity by using serverless where appropriate.

Why this answer

Option D is correct because it pragmatically balances modernization benefits with operational overhead by migrating only stateless components to Cloud Run (a fully managed serverless platform that reduces operational complexity) while keeping stateful components on GKE with managed services like Cloud Spanner. This approach improves deployment frequency and resource utilization without requiring a full rewrite, and it leverages Cloud Run's automatic scaling and zero infrastructure management to minimize operational burden.

Exam trap

Google Cloud often tests the misconception that full microservices migration (Option C) is always the best modernization path, but the trap here is that candidates overlook the operational overhead of service mesh and full rewrites, failing to recognize that a hybrid approach using serverless for stateless components reduces complexity while still achieving modernization goals.

How to eliminate wrong answers

Option A is wrong because it fails to modernize the architecture—keeping the monolithic application on Compute Engine does not improve deployment frequency or resource utilization, and Cloud Monitoring alone cannot address the core issues of monolithic scaling and slow deployments. Option B is wrong because migrating all application components to Cloud Run is impractical for stateful workloads (Cloud Run is stateless by design, with no persistent local storage), and Cloud Tasks alone does not solve the complexity of managing stateful services or inter-service communication in a microservices architecture. Option C is wrong because rewriting the entire application as microservices and deploying on GKE with Istio introduces significant operational overhead (service mesh configuration, sidecar proxies, and increased complexity) that contradicts the goal of balancing modernization benefits with operational overhead, and it ignores the possibility of a phased migration.

45
MCQeasy

Refer to the exhibit. A DevOps engineer created this Terraform configuration to deploy a Compute Engine instance. After applying, they notice the instance is not accessible from the internet. What is the most likely cause?

A.The machine type e2-medium does not support public IP addresses.
B.The instance is not attached to a VPC network.
C.No firewall rule allows ingress traffic to the instance.
D.The boot disk size is too small to run the operating system.
AnswerC

Firewall rules are needed to allow inbound traffic; the default network may not have appropriate rules.

Why this answer

The most likely cause is that no firewall rule allows ingress traffic to the instance. By default, GCP instances are created with a VPC network that has implied deny-all ingress rules, and unless a specific firewall rule (e.g., allowing tcp:22 for SSH or tcp:80 for HTTP) is applied to the instance's network tags or service account, all inbound traffic from the internet is blocked. The Terraform configuration shown in the exhibit likely omitted a `google_compute_firewall` resource or did not assign the necessary network tags to the instance.

Exam trap

Google Cloud often tests the misconception that assigning a public IP automatically makes an instance internet-accessible, but the trap here is that without a corresponding ingress firewall rule, the instance remains isolated regardless of the public IP.

How to eliminate wrong answers

Option A is wrong because the machine type e2-medium fully supports public IP addresses; public IP assignment is controlled by the `access_config` block in the Terraform resource, not by the machine type. Option B is wrong because every Compute Engine instance is automatically attached to a default VPC network unless explicitly overridden; the exhibit does not indicate any misconfiguration that would leave the instance networkless. Option D is wrong because the boot disk size (e.g., 10 GB default) is sufficient for most operating systems; the issue is about network accessibility, not disk capacity.

46
MCQmedium

A company uses BigQuery for analytics and has a large number of ad-hoc queries from different teams. Costs are rising unpredictably. They want to control costs while maintaining query performance. What should they do?

A.Use partitioning and clustering to reduce data scanned.
B.Reduce the number of slots available to each team.
C.Require each team to include a cost code in their queries.
D.Purchase flat-rate slots and assign them to a reservation for each team.
AnswerD

Flat-rate provides predictable cost and performance isolation.

Why this answer

Option D is correct because purchasing flat-rate slots and assigning them to a reservation for each team provides predictable, fixed-cost capacity for BigQuery. This eliminates the unpredictability of on-demand pricing while allowing teams to share a dedicated pool of slots, ensuring consistent query performance without unexpected cost spikes.

Exam trap

Google Cloud often tests the misconception that performance optimization techniques (like partitioning/clustering) alone can control costs, when in fact they only reduce per-query data scanned but do not cap total spending under on-demand pricing.

How to eliminate wrong answers

Option A is wrong because partitioning and clustering reduce data scanned per query, which lowers on-demand costs, but they do not cap total spending or prevent cost spikes from high query volumes; costs remain unpredictable if usage surges. Option B is wrong because reducing the number of slots available to each team would degrade query performance and cause queuing, violating the requirement to maintain performance; slots are a resource, not a cost control mechanism. Option C is wrong because requiring a cost code in queries only adds metadata for tracking and chargeback, but does not control or cap the actual compute costs incurred; it provides visibility, not cost control.

47
Multi-Selecthard

A company wants to optimize their cloud spending on Google Cloud. They have a mix of workloads including batch processing, real-time analytics, and web serving. Which TWO strategies should they implement to reduce costs without significant architectural changes? (Choose two.)

Select 2 answers
A.Use sustained use discounts for short-lived instances.
B.Use preemptible VMs for batch processing jobs that are fault-tolerant.
C.Purchase committed use discounts for 1-year or 3-year terms for stable workloads.
D.Right-size all Compute Engine instances by analyzing utilization metrics.
E.Migrate all web serving workloads to Cloud Functions to benefit from pay-per-use pricing.
AnswersB, C

Preemptible VMs are cost-effective for fault-tolerant workloads.

Why this answer

Preemptible VMs are short-lived, fault-tolerant instances that cost significantly less than standard VMs, making them ideal for batch processing jobs that can handle interruptions. This strategy directly reduces compute costs without requiring architectural changes, as the workloads are already designed to be resilient to failures.

Exam trap

The trap here is that candidates often confuse sustained use discounts (which require long-running instances) with preemptible VMs (which are for short-lived, fault-tolerant workloads), or they assume right-sizing is a 'no-change' strategy when it typically involves instance type modifications that affect architecture.

48
MCQeasy

A company runs a batch job every night that processes large CSV files stored in Cloud Storage. The job runs on a single Compute Engine VM and takes 4 hours to complete. The team wants to reduce execution time without increasing cost substantially. The job is CPU-intensive and can be parallelized. What should they do?

A.Migrate the job to Dataproc and run it as a Spark job.
B.Use Cloud Batch to run the job as a batch job that automatically scales.
C.Use a VM with more vCPUs and a higher CPU platform.
D.Split the input files into smaller chunks and use multiple VMs in a managed instance group with a job scheduler.
AnswerD

Parallelizing across multiple VMs reduces execution time with linear cost increase.

Why this answer

Option B is correct: splitting input files and using multiple VMs in a managed instance group leverages parallelism effectively. Option A (bigger VM) increases cost. Option C (Cloud Batch) still requires parallelization design.

Option D (Dataproc) may introduce overhead and cost.

49
Multi-Selectmedium

A company is using Cloud NAT to allow instances in a private subnet to access the internet for updates. The security team wants to audit outbound connections. Which TWO steps should be taken to enable flow logs for Cloud NAT?

Select 2 answers
A.Enable private Google access on the subnet
B.Configure a log sink to export Cloud NAT logs to BigQuery
C.Enable VPC Flow Logs on the subnet
D.Create a new Cloud NAT gateway with logging enabled
E.Update the existing Cloud NAT gateway to enable flow logs
AnswersB, E

Exporting to BigQuery enables analysis and auditing of the flow logs.

Why this answer

Cloud NAT flow logs provide detailed records of outbound connections and are enabled directly on the Cloud NAT gateway itself. Option B is correct because configuring a log sink to export Cloud NAT logs to BigQuery is a valid step to audit outbound connections, but the primary step to enable logging is to update the existing Cloud NAT gateway to enable flow logs (Option E). Together, these two steps (B and E) allow you to capture and analyze outbound traffic for auditing.

Exam trap

The trap here is that candidates often confuse VPC Flow Logs with Cloud NAT flow logs, thinking that enabling VPC Flow Logs on the subnet will capture NAT traffic, but Cloud NAT flow logs are a distinct feature that must be enabled specifically on the NAT gateway itself.

50
MCQhard

A financial services company uses Cloud SQL for MySQL for a critical application. They need zero downtime during maintenance and automatic failover across zones. They configured a Cloud SQL instance with high availability (HA). During a recent regional outage, the application experienced 10 minutes of downtime. What should they add to improve availability?

A.Configure a warm standby instance in another region using migration.
B.Create a cross-region replica and promote on failure.
C.Use Cloud SQL Proxy with multiple endpoints.
D.Enable database flags for faster failover detection.
AnswerB

Cross-region replica can be promoted to a new primary to handle regional failures.

Why this answer

Option B is correct because a cross-region replica provides a read-replica in a different region that can be promoted to a primary instance during a regional outage, enabling recovery with minimal downtime. This addresses the scenario where a single-region HA configuration (which uses zonal redundancy within the same region) cannot survive a full regional outage, as occurred in the question. Promoting the replica is a manual or automated failover action that restores write capability in the secondary region, reducing downtime from 10 minutes to seconds or minutes depending on replication lag.

Exam trap

The trap here is that candidates assume HA (zonal redundancy) protects against all outages, but the PCA exam tests understanding that HA is regional and cannot survive a full regional failure, requiring cross-region replicas for disaster recovery.

How to eliminate wrong answers

Option A is wrong because configuring a warm standby instance via migration implies a manual, non-automated process that does not provide automatic failover; it also requires additional setup and does not leverage Cloud SQL's built-in cross-region replica feature for seamless promotion. Option C is wrong because Cloud SQL Proxy is a tool for secure connectivity and connection pooling, not for failover or regional redundancy; multiple endpoints do not enable automatic failover across zones or regions. Option D is wrong because database flags for faster failover detection (e.g., innodb_flush_log_at_trx_commit) can improve performance but do not address regional outages; HA failover within a zone is already fast, but the issue is the entire region being unavailable.

51
MCQhard

Your company runs a multi-tier web application on Google Kubernetes Engine (GKE). The application consists of a frontend service, a backend API service, and a PostgreSQL database deployed using a StatefulSet with persistent volumes. The backend service exposes a gRPC endpoint. Recently, the team noticed that the backend service experiences intermittent high latency and occasional timeouts. The frontend service is stateless and scales well. The backend service is CPU-bound. The database is not the bottleneck. The cluster has three nodes of type n1-standard-4. The backend service is deployed with 10 replicas, each requesting 1 CPU and 2 Gi memory. Node utilization is around 70% CPU. The team suspects the network is the issue. However, after reviewing the GKE monitoring dashboard, they see that the network bytes sent/received per second for the backend pods is well below the node's network bandwidth limit. The latency spikes seem correlated with periods of high CPU throttling on the backend pods. The backend service's gRPC requests are small (under 1 KB), and the responses are also small. The team has already optimized the application code. What should the team do to reduce latency?

A.Increase the number of nodes in the cluster to reduce network contention.
B.Increase the number of backend replicas to 20.
C.Increase the CPU request for the backend pods to 2 CPUs.
D.Increase the memory request for the backend pods to 4 Gi.
AnswerC

More CPU will reduce throttling and latency.

Why this answer

The correct answer is C because the latency spikes correlate with CPU throttling, and increasing the CPU request to 2 CPUs ensures that each backend pod receives a guaranteed CPU share, reducing throttling under load. Since the backend is CPU-bound and node utilization is 70%, the current 1 CPU request may be insufficient, causing the Kubernetes CPU manager to throttle the pods when the node's CPU is contended. This directly addresses the root cause without adding unnecessary replicas or memory.

Exam trap

The trap here is that candidates may focus on network or scaling solutions (A or B) because the symptom is latency, but the monitoring data explicitly points to CPU throttling, not network saturation, making CPU request adjustment the precise fix.

How to eliminate wrong answers

Option A is wrong because network contention is not the issue—monitoring shows network bytes are well below node bandwidth limits, and the problem is CPU throttling, not network. Option B is wrong because increasing replicas to 20 would increase CPU contention on the existing nodes, worsening throttling and latency, and the frontend already scales well. Option D is wrong because the backend is CPU-bound, not memory-bound; increasing memory does not alleviate CPU throttling and would waste resources.

52
MCQmedium

Refer to the exhibit. This is an IAM policy for a BigQuery dataset. What does the policy allow?

A.Alice to view data and analysts to run jobs.
B.Alice and analysts to run jobs.
C.Alice to run jobs and analysts to view data.
D.Alice and analysts to view data.
AnswerA

dataViewer allows viewing, jobUser allows running jobs.

Why this answer

The policy grants the `roles/bigquery.dataViewer` role to Alice, which allows her to view dataset metadata and query data, and the `roles/bigquery.jobUser` role to analysts, which allows them to run jobs (queries, load, export) but not view data directly. This combination matches option A.

Exam trap

Google Cloud often tests the distinction between data viewing and job execution permissions in BigQuery, trapping candidates who assume that running a job automatically includes the ability to see the data.

How to eliminate wrong answers

Option B is wrong because Alice is assigned `roles/bigquery.dataViewer`, not `roles/bigquery.jobUser`, so she cannot run jobs; only analysts have the jobUser role. Option C is wrong because it reverses the permissions: Alice can view data (not run jobs) and analysts can run jobs (not view data). Option D is wrong because analysts are granted `roles/bigquery.jobUser`, which does not include data viewing permissions; only Alice has data viewing access.

53
MCQmedium

A developer ran the command `gcloud compute instances describe instance-1 --zone us-central1-a` and received the above output. They want to create another instance with the same configuration, except with a different external IP. Which action should they take?

A.Reserve a new static external IP address and assign it to the new instance.
B.Create a new instance without specifying a static IP, so it receives an ephemeral IP.
C.Use the same static IP address by releasing and reassigning it.
D.None of the above.
AnswerB

Ephemeral IPs are different from the static IP shown.

Why this answer

The `gcloud compute instances describe` output shows the instance has an external IP that is ephemeral (not reserved). To create a new instance with the same configuration but a different external IP, the simplest approach is to create a new instance without specifying a static IP, which will automatically assign a new ephemeral IP. This avoids the overhead of reserving and managing a static IP when only a temporary, different address is needed.

Exam trap

Google Cloud often tests the distinction between ephemeral and static IPs, and the trap here is that candidates assume any external IP must be static, leading them to unnecessarily reserve a new static IP instead of simply creating an instance without specifying one.

How to eliminate wrong answers

Option A is wrong because reserving a new static external IP and assigning it would give the instance a permanent, unchanging IP, which is unnecessary and incurs additional cost if the IP is not used; the goal is simply a different IP, not a static one. Option C is wrong because releasing and reassigning the same static IP would result in the same IP address, not a different one, and the describe output shows the current IP is ephemeral, not static. Option D is wrong because option B provides a valid and correct action.

54
Multi-Selectmedium

A company is designing a disaster recovery plan for a critical application running on Compute Engine with a regional persistent disk. They want to minimize recovery time objective (RTO) and recovery point objective (RPO). Which TWO strategies should they implement? (Choose two.)

Select 2 answers
A.Use snapshot replication to a secondary region.
B.Take manual snapshots after a failure occurs.
C.Create an instance template in the same region.
D.Store backups in Cloud Storage with a lifecycle policy.
E.Create a custom image of the boot disk and copy it to another region.
AnswersA, E

Snapshots can be replicated to another region for quick restore.

Why this answer

Option A is correct because snapshot replication to a secondary region allows you to create and store disk snapshots in a different region, enabling rapid recovery of the application in that secondary region. This minimizes RTO by having the snapshots readily available for creating new disks and instances, and minimizes RPO by scheduling frequent, automated snapshots that capture incremental changes, ensuring data loss is limited to the snapshot interval.

Exam trap

Google Cloud often tests the distinction between regional persistent disks (which are synchronous within a region) and cross-region disaster recovery strategies, leading candidates to mistakenly think that a regional persistent disk alone provides cross-region redundancy, when in fact you must explicitly replicate snapshots or images to another region.

55
MCQhard

A company runs a streaming data pipeline using Dataflow to process real-time data and insert into BigQuery. Recently, workers are frequently failing with out-of-memory errors and the pipeline latency is increasing. What should they do to resolve the issue?

A.Increase the worker machine type and memory
B.Use Cloud Pub/Sub for buffering and then load into BigQuery in batches
C.Enable autoscaling and increase the maximum number of workers
D.Enable Dataflow Streaming Engine
AnswerD

Streaming Engine moves state to a backend service, reducing memory usage per worker.

Why this answer

Dataflow Streaming Engine offloads the streaming data processing state and shuffle data from worker memory to a backend service, reducing memory pressure on workers. This directly addresses out-of-memory errors and latency increases without requiring manual scaling or machine type changes. It is the recommended solution for streaming pipelines experiencing memory bottlenecks.

Exam trap

Google Cloud often tests the misconception that scaling up resources (more memory or more workers) is the primary fix for streaming pipeline memory issues, when the real solution is to offload state management using Streaming Engine.

How to eliminate wrong answers

Option A is wrong because simply increasing worker machine type and memory does not resolve the root cause of state management overhead in streaming pipelines; it only delays the failure and increases cost without optimizing data flow. Option B is wrong because adding Pub/Sub buffering does not fix the memory issue within Dataflow workers; it shifts the problem to a different layer and may introduce additional latency and complexity. Option C is wrong because enabling autoscaling and increasing max workers can help with throughput but does not reduce per-worker memory consumption; workers may still fail with OOM errors if the pipeline's state or shuffle data exceeds available memory.

56
MCQeasy

A startup runs a web application on Google Kubernetes Engine (GKE) with 3 replicas serving user traffic. They use Cloud SQL for the database. Recently, the application experienced intermittent timeouts during peak hours. Monitoring shows high CPU usage on the GKE nodes and increased database connection pool exhaustion. The team is looking for a cost-effective solution that minimizes architectural changes. The application is stateless. What should they do?

A.Add more nodes to the GKE cluster and enable cluster autoscaling
B.Increase the number of pod replicas and configure a connection pooler like PgBouncer for Cloud SQL
C.Vertically scale the GKE node pool to larger machine types and increase Cloud SQL tier
D.Set up a Cloud SQL read replica and route read queries to it
AnswerB

More pods distribute CPU load, and a connection pooler reduces database connections, addressing both issues cost-effectively.

Why this answer

The application is stateless and experiencing database connection pool exhaustion alongside high CPU on GKE nodes. Increasing pod replicas distributes the CPU load across more pods, while adding a connection pooler like PgBouncer reduces the number of direct connections to Cloud SQL, preventing pool exhaustion without requiring database tier changes. This approach is cost-effective because it optimizes existing resources rather than scaling infrastructure.

Exam trap

Google Cloud often tests the misconception that scaling compute resources (nodes or pods) alone fixes database connection issues, but the trap here is that connection pool exhaustion is a database-layer problem requiring a connection pooler, not just more application instances.

How to eliminate wrong answers

Option A is wrong because adding more nodes and enabling cluster autoscaling addresses node CPU pressure but does not solve database connection pool exhaustion, which is a separate bottleneck at the database layer. Option C is wrong because vertically scaling both the GKE node pool and Cloud SQL tier is expensive and over-provisions resources, whereas the real issue is connection management, not raw compute or database capacity. Option D is wrong because setting up a Cloud SQL read replica only helps with read-heavy workloads, but the problem is connection pool exhaustion and high CPU on GKE nodes, not read scaling; the application is stateless and the bottleneck is at the database connection layer, not query distribution.

57
MCQmedium

Refer to the exhibit. A Cloud Run service is experiencing high latency and returns 502 errors when traffic spikes. What should the team adjust first?

A.Decrease containerConcurrency to 10
B.Increase the maximum number of instances
C.Increase the CPU limit to 2000m
D.Increase the memory limit to 512Mi
AnswerA

Lowering concurrency reduces the number of simultaneous requests per container, preventing overload and 502s.

Why this answer

The 502 errors and high latency during traffic spikes indicate that the Cloud Run service is overwhelmed by concurrent requests. Decreasing `containerConcurrency` to 10 limits the number of simultaneous requests each container instance can handle, which reduces the likelihood of request timeouts and 502 errors by forcing Cloud Run to scale out more instances sooner. This directly addresses the root cause—excessive concurrency per container—without incurring additional cost or requiring code changes.

Exam trap

Google Cloud often tests the misconception that scaling out (increasing max instances) or scaling up (increasing CPU/memory) is the immediate fix for latency and errors, when the real issue is often the concurrency limit per container.

How to eliminate wrong answers

Option B is wrong because increasing the maximum number of instances does not fix the per-container overload; it only allows more instances to be created, but if each instance still handles too many concurrent requests, they will still time out and return 502 errors. Option C is wrong because increasing the CPU limit to 2000m may improve processing speed but does not reduce the number of concurrent requests each container must handle; the bottleneck is concurrency, not raw CPU. Option D is wrong because increasing the memory limit to 512Mi addresses out-of-memory issues, not the high latency and 502 errors caused by excessive concurrent request handling.

58
MCQhard

A company is using BigQuery for analytics and wants to optimize query costs. They have many ad-hoc queries that scan large tables. What is the best practice?

A.Use clustering and partitioning on tables.
B.Use flat-rate pricing.
C.Use BI Engine.
D.Use materialized views.
AnswerA

Clustering and partitioning organize data to minimize scanned bytes, lowering per-query cost.

Why this answer

Clustering and partitioning reduce the amount of data scanned by BigQuery for each query, directly lowering query costs (which are based on bytes processed). Partitioning allows queries to skip entire partitions based on a date or timestamp column, while clustering sorts data within partitions, enabling block-level pruning for filter predicates. This is the most effective and scalable way to optimize ad-hoc queries on large tables without changing the query logic.

Exam trap

Google Cloud often tests the misconception that flat-rate pricing or BI Engine directly reduce per-query costs, when in fact they address capacity or latency, not the fundamental cost driver of bytes scanned.

How to eliminate wrong answers

Option B is wrong because flat-rate pricing (slot-based reservations) does not reduce the amount of data scanned; it only provides predictable costs for a fixed number of slots, and ad-hoc queries still incur slot usage but do not reduce per-query bytes processed. Option C is wrong because BI Engine is an in-memory acceleration service for interactive dashboards and repeated queries, not for optimizing ad-hoc analytical queries that scan large tables; it caches results but does not reduce scan bytes for new queries. Option D is wrong because materialized views precompute and store query results, which can speed up repeated queries but do not help with arbitrary ad-hoc queries that may not match the view definition; they also incur storage costs and require maintenance.

59
MCQmedium

A company is using Cloud CDN to accelerate content delivery. They notice increased costs from cache misses. What can they do?

A.Pre-cache popular content.
B.Use a larger cache size.
C.Increase cache TTL.
D.Use compression.
AnswerA

Pre-caching ensures popular content is always in the cache, reducing misses and cost.

Why this answer

Pre-caching popular content ensures that the most frequently requested objects are already stored in Cloud CDN edge caches before users request them. This directly reduces cache misses because the content is proactively loaded, eliminating the need for the first user to trigger a fetch from the origin. By targeting high-demand assets, you minimize origin requests and lower the cost associated with cache misses.

Exam trap

Google Cloud often tests the misconception that increasing cache TTL or cache size can fix cache misses, when in reality these settings only affect how long content stays fresh or how much can be stored, not whether the content is present in the first place.

How to eliminate wrong answers

Option B is wrong because cache size in Cloud CDN is not a configurable parameter; the service automatically manages cache storage based on usage and does not allow manual resizing, so increasing cache size is not a valid action. Option C is wrong because increasing cache TTL (Time-To-Live) only extends how long a cached object is considered fresh, but it does not address the root cause of cache misses—objects that are not in the cache at all will still miss regardless of TTL. Option D is wrong because compression reduces the size of objects transferred but does not affect cache hit ratio; it can even increase CPU load at the origin and edge without preventing cache misses.

60
MCQeasy

A startup deploys a web application on Compute Engine instances behind an HTTP load balancer. They need to handle unpredictable spikes in traffic with minimal operational overhead. What is the simplest scaling approach?

A.Set up a Kubernetes cluster with horizontal pod autoscaling
B.Use a managed instance group with autoscaling based on CPU utilization
C.Migrate the application to Cloud Run
D.Add more instances manually during peak hours
AnswerB

This is the simplest approach; it scales automatically with minimal configuration.

Why this answer

Using a managed instance group with autoscaling automatically adds/removes instances based on demand, requiring minimal manual intervention. Other options either require more complex setup or are not optimal.

61
MCQmedium

A company wants to implement a CI/CD pipeline for a microservices application on GKE. They require automated canary deployments with gradual traffic shifting and automatic rollback on metric failure. Which Google Cloud service is most suitable?

A.Cloud Deploy with Skaffold.
B.Cloud Build with Deployment Manager.
C.Spinnaker on GKE.
D.Istio with manual traffic management.
AnswerA

Cloud Deploy provides built-in canary strategies and automatic rollback when combined with Skaffold.

Why this answer

Cloud Deploy with Skaffold is the most suitable because it provides native support for progressive delivery on GKE, including automated canary deployments with gradual traffic shifting (using Service Mesh or Ingress) and automatic rollback based on Cloud Monitoring metrics. Skaffold handles the build and deploy configuration, while Cloud Deploy manages the rollout pipeline, approval gates, and metric-driven rollback logic without requiring manual intervention.

Exam trap

The trap here is that candidates often confuse a traffic management tool (like Istio) with a full CI/CD pipeline service, overlooking that Istio alone cannot automate rollback decisions based on metrics without extensive custom integration.

How to eliminate wrong answers

Option B is wrong because Cloud Build is a CI/CD orchestration service for building and testing, but it does not natively support canary deployments or automatic rollback based on metrics; Deployment Manager is an infrastructure-as-code tool, not a deployment pipeline manager. Option C is wrong because Spinnaker on GKE is a valid alternative but requires significant operational overhead to install, configure, and maintain, and it is not a fully managed Google Cloud service, making it less suitable for a company seeking a native, low-maintenance solution. Option D is wrong because Istio with manual traffic management provides the traffic shifting capability but lacks automated rollback on metric failure; it requires custom scripting and external monitoring integration to achieve the desired automation, which contradicts the requirement for an automated CI/CD pipeline.

62
MCQhard

Refer to the exhibit. The log entry is from Cloud Logging for a VPC subnetwork. What is the most likely cause of this error?

A.A firewall rule blocking ingress on port 80.
B.The subnetwork default has no internet gateway.
C.The VM at 10.0.0.2 is not running.
D.The packet is malformed.
AnswerA

The error message attributes the drop to firewall policy 'default-deny-ingress'.

Why this answer

The log entry indicates a packet was dropped by a firewall rule. Since the destination is 10.0.0.2 on port 80 (HTTP), the most likely cause is a firewall rule blocking ingress traffic on port 80. In Google Cloud VPC, firewall rules are stateful and evaluated before any routing decisions, so a missing or misconfigured ingress rule for TCP port 80 would cause this drop.

Exam trap

Google Cloud often tests the distinction between firewall drops and routing failures; the trap here is that candidates may confuse a firewall rule drop with a missing internet gateway or an unreachable VM, but the log entry's 'firewall' field explicitly indicates a firewall decision, not a routing or connectivity issue.

How to eliminate wrong answers

Option B is wrong because the absence of an internet gateway would not cause a packet drop logged by a firewall rule; it would result in a routing failure (e.g., no route to internet), which is logged differently. Option C is wrong because if the VM at 10.0.0.2 were not running, the packet would be dropped at the hypervisor level (e.g., ICMP unreachable or no ARP response), not by a firewall rule. Option D is wrong because a malformed packet would typically be dropped at a lower network layer (e.g., by the NIC or kernel) and would not generate a firewall rule log entry; firewall rules inspect valid packets against policy.

63
MCQhard

A company has a multi-region deployment of App Engine and wants to optimize request routing for latency and cost. Which GCP service should they use?

A.Cloud Endpoints.
B.Cloud Load Balancing with global anycast.
C.Cloud DNS with latency-based routing.
D.Cloud Traffic Director.
AnswerB

Global load balancing directs users to the closest healthy backend, minimizing latency and balancing cost.

Why this answer

Cloud Load Balancing with global anycast uses Google's global network and anycast IP addresses to route user traffic to the nearest healthy backend, minimizing latency. It also supports premium tier routing for lower latency and standard tier for lower cost, directly addressing the optimization goals for a multi-region App Engine deployment.

Exam trap

The trap here is that candidates often confuse Cloud DNS latency-based routing (a DNS-level, cache-prone approach) with true anycast-based global load balancing, which provides immediate, health-aware routing without DNS caching delays.

How to eliminate wrong answers

Option A is wrong because Cloud Endpoints is an API management service for securing, monitoring, and managing APIs, not a global load balancer for routing traffic across regions based on latency and cost. Option C is wrong because Cloud DNS with latency-based routing is a DNS-level feature that can direct traffic based on latency, but it lacks the fine-grained health checking, anycast IP, and traffic splitting capabilities of a global load balancer, and DNS caching can cause routing delays. Option D is wrong because Cloud Traffic Director is a traffic management service for service mesh (e.g., with Istio on GKE), not designed for global HTTP(S) load balancing to App Engine; it operates at the service mesh layer, not the edge.

64
MCQmedium

A company is using Cloud Spanner to serve a global gaming application. They have a single instance in us-central1. Players in Asia experience high latency. The application reads and writes player profiles. The team wants to reduce latency for Asian players while keeping write latency low for global consistency. They need a solution that minimizes operational overhead and uses native Spanner capabilities. What should they do?

A.Configure a multi-region instance configuration that includes us-central1 and an Asian region.
B.Add read replicas in Asia using Spanner's read-only replicas.
C.Use Cloud CDN to cache player profiles at the edge.
D.Create a new instance in asia-east1 and use Directed Read options to route reads from Asia.
AnswerA

Multi-region configuration provides read-write replicas in Asia, reducing both read and write latency.

Why this answer

A multi-region instance configuration in Cloud Spanner is the correct solution because it provides a single writable instance that spans multiple geographic regions, allowing reads and writes to be served locally in each region while maintaining strong global consistency. This minimizes latency for Asian players by enabling local reads and writes, and it uses native Spanner capabilities without additional operational overhead. Option A directly addresses the requirement for low write latency and global consistency by leveraging Spanner's built-in multi-region replication.

Exam trap

The trap here is that candidates may confuse Spanner's multi-region configuration with read replicas or separate instances, not realizing that Spanner's native multi-region setup provides both local reads and writes with strong consistency, unlike other databases that require separate read replicas or caching layers.

How to eliminate wrong answers

Option B is wrong because Spanner does not support read-only replicas; it uses a single writable instance with synchronous replication across regions, and adding read-only replicas is not a native Spanner capability. Option C is wrong because Cloud CDN caches static content at the edge, but player profiles are dynamic, frequently updated data that requires strong consistency, which CDN cannot provide. Option D is wrong because creating a separate instance in Asia would require cross-instance replication and would not maintain global consistency; Directed Read options are for read-only replicas in Bigtable, not Spanner.

65
Multi-Selecteasy

A startup deploys a microservices application on GKE. They need to ensure high availability of the services. Which two strategies should they implement? (Choose TWO.)

Select 2 answers
A.Use horizontal pod autoscaling
B.Use regional persistent disks for stateful components
C.Use node auto-repair
D.Deploy the application across multiple zones in a region
E.Use cluster autoscaler
AnswersB, D

Regional PDs replicate data synchronously across zones.

Why this answer

Option B is correct because regional persistent disks provide synchronous replication across two zones within a region, ensuring that stateful workloads (e.g., databases) remain available even if an entire zone fails. This is critical for high availability of stateful components in a GKE cluster, as it prevents data loss and allows pods to be rescheduled in another zone with the same persistent volume.

Exam trap

The trap here is that candidates often confuse auto-scaling mechanisms (HPA, cluster autoscaler) with high availability, failing to recognize that true HA requires redundancy across failure domains (zones) and persistent storage that survives zone outages.

66
Multi-Selecteasy

A company uses Cloud Build to automate their CI/CD pipeline. They want to optimize the build process for a Java application. Which three practices should they adopt? (Choose three.)

Select 3 answers
A.Parallelize independent build steps by using Cloud Build's step parallelism or by splitting into multiple builds.
B.Store Maven dependencies in a private repository in Artifact Registry for faster access.
C.Use Docker layer caching with Cloud Build by specifying a cached image.
D.Use a custom build step that downloads all tools from the internet each time.
E.Use a high-CPU machine type (e.g., n1-highcpu-64) for faster compilation.
AnswersA, B, C

Reduces overall build time.

Why this answer

Option A is correct because Cloud Build allows you to define build steps that run sequentially by default, but you can parallelize independent steps by using the `waitFor` field to specify dependencies. This reduces total build time by running non-dependent steps concurrently, which is a key optimization for CI/CD pipelines. Splitting into multiple builds is also a valid approach for parallel execution.

Exam trap

Google Cloud often tests the misconception that you can arbitrarily choose high-CPU machine types in Cloud Build, but Cloud Build does not support custom machine types in its standard configuration—this is a trap where candidates confuse Cloud Build with Compute Engine or other GCP services.

67
Multi-Selectmedium

A data analytics team uses BigQuery to run large queries. They want to reduce query costs. Which three practices should they adopt? (Choose THREE.)

Select 3 answers
A.Use query caching
B.Use clustered tables on commonly filtered columns
C.Partition tables by date
D.Create materialized views for frequent aggregations
E.Always use SELECT * to ensure all columns are available
AnswersB, C, D

Clustering improves query performance and reduces cost by limiting scans.

Why this answer

Option B is correct because clustering tables on commonly filtered columns in BigQuery allows the query engine to prune blocks of data that don't match the filter, reducing the amount of data scanned and thus lowering query costs. This is especially effective when combined with partitioning, as it further narrows the scan to relevant clusters within a partition.

Exam trap

Google Cloud often tests the misconception that query caching is a cost-reduction technique, but candidates must remember that caching only avoids reprocessing identical queries and does not reduce the cost of the initial query or queries with different filters.

68
MCQeasy

A company is using Cloud Storage for backups and wants to minimize costs. The backups are accessed infrequently and can tolerate retrieval delays. Which storage class is most appropriate?

A.Standard
B.Archive
C.Coldline
D.Nearline
AnswerB

Archive is the cheapest option for long-term backups with rare access and retrieval delays acceptable.

Why this answer

Archive storage class is the most cost-effective option for backups that are accessed infrequently and can tolerate retrieval delays. It offers the lowest storage cost among Google Cloud Storage classes, with a default retrieval time of minutes to hours, making it ideal for long-term backup data that does not require immediate access.

Exam trap

Google Cloud often tests the misconception that 'Coldline' is the cheapest storage class, but Archive is actually the lowest-cost option for data that can tolerate retrieval delays of minutes to hours, not just for data that is rarely accessed.

How to eliminate wrong answers

Option A is wrong because Standard storage class is designed for frequently accessed data with no retrieval delay, and its higher cost makes it unsuitable for infrequently accessed backups. Option C is wrong because Coldline storage, while cheaper than Standard, is still more expensive than Archive and has a 90-day minimum storage duration, which may not be optimal for long-term backups with very low access frequency. Option D is wrong because Nearline storage is intended for data accessed less than once a month, but it has a 30-day minimum storage duration and higher cost compared to Archive, making it less cost-efficient for backups that can tolerate retrieval delays.

69
MCQhard

A company runs a large-scale data processing pipeline using Dataflow with streaming data from Pub/Sub. They notice increasing costs due to high data shuffle operations. They want to optimize the pipeline performance and cost. Which approach should they take?

A.Use a larger machine type for workers.
B.Increase the number of workers to reduce shuffle.
C.Optimize the pipeline by partitioning data and using Combine transforms.
D.Switch to batch mode overnight.
AnswerC

Partitioning and Combine reduce the amount of data shuffled, lowering cost and improving performance.

Why this answer

Optimizing pipeline logic to minimize shuffle reduces resource usage and cost. Increasing workers or using larger machine types may improve performance but increase cost. Switching to batch mode would lose real-time processing capability.

70
MCQmedium

A company uses BigQuery for analytics. They have a large partitioned table that is queried frequently. The query performance has degraded over time. Which optimization should they try first?

A.Create a materialized view for each frequent query.
B.Increase the number of slots for the project.
C.Apply clustering on frequently filtered columns.
D.Denormalize the table to reduce joins.
AnswerC

Clustering sorts data, reducing scanned data for filters.

Why this answer

Clustering on frequently filtered columns reorganizes the data within partitions based on the values of those columns, which allows BigQuery to prune blocks more effectively during queries. This directly addresses the performance degradation by reducing the amount of data scanned, without requiring additional storage or compute resources.

Exam trap

Google Cloud often tests the misconception that adding more slots (Option B) is the default performance fix, when in reality the first step should be to reduce data scanned through clustering or partitioning optimization.

How to eliminate wrong answers

Option A is wrong because creating materialized views for each frequent query would increase storage costs and maintenance overhead, and they are not the first optimization to try for a partitioned table with degraded performance; clustering addresses the root cause of excessive data scanning. Option B is wrong because increasing the number of slots only improves concurrency and throughput, not the efficiency of individual queries; it does not reduce the amount of data read per query. Option D is wrong because denormalizing the table to reduce joins is a schema design change that may help with join-heavy workloads, but it does not address the core issue of scanning too many rows in a large partitioned table; clustering is a more targeted and less disruptive first step.

71
Multi-Selectmedium

Which TWO strategies should a company implement to optimize costs for a production GKE cluster? (Choose two.)

Select 2 answers
A.Use Istio for traffic management.
B.Use a regional cluster.
C.Enable GKE usage metering.
D.Use cluster autoscaler with preemptible node pools.
E.Use node local DNS cache.
AnswersC, D

Usage metering helps allocate costs per namespace and identify waste.

Why this answer

Option C is correct because GKE usage metering provides detailed cost allocation by breaking down cluster resource consumption (CPU, memory, storage) per Kubernetes namespace or label. This enables teams to track and optimize spending across different projects or departments, directly supporting cost optimization for a production cluster.

Exam trap

Google Cloud often tests the distinction between cost optimization and other operational goals like high availability or performance; candidates mistakenly choose regional clusters (high availability) or Istio (traffic management) as cost-saving measures when they are not.

72
MCQhard

An e-commerce platform uses Cloud Spanner for order processing. Recently, latency spikes have occurred during flash sales. The team suspects hot spots due to monotonically increasing order IDs. Which table design change would best solve this?

A.Remove the primary key and let Spanner auto-generate it.
B.Use interleaved tables to store orders under customers.
C.Add a random prefix to the order ID primary key.
D.Create a secondary index on the timestamp column.
AnswerC

Randomizing the first part of the key distributes writes across splits.

Why this answer

Monotonically increasing primary keys (like sequential order IDs) cause hot spots in Cloud Spanner because all writes are directed to a single split (tablet), overwhelming that node. Adding a random prefix (e.g., a hash of the customer ID) distributes writes across multiple splits, eliminating the hot spot and reducing latency spikes during high-throughput flash sales.

Exam trap

Google Cloud often tests the misconception that secondary indexes or interleaved tables can fix write hot spots, when in reality only primary key distribution strategies (like hash prefixes) address the root cause of split-level contention.

How to eliminate wrong answers

Option A is wrong because removing the primary key and relying on auto-generation still produces monotonically increasing values (e.g., Spanner's auto-generated keys are sequential), which does not solve the hot spot issue. Option B is wrong because interleaved tables organize child rows under a parent row, but if the parent key is monotonically increasing, writes still concentrate on the same split, failing to distribute load. Option D is wrong because a secondary index on the timestamp column does not affect the distribution of primary key writes; it only helps query performance, not write hot spots.

73
Multi-Selecteasy

A company is using BigQuery for data analytics. They want to optimize costs while maintaining query performance. Which TWO actions should they take? (Choose 2.)

Select 2 answers
A.Use reserved slots with flat-rate pricing.
B.Always use SELECT *.
C.Partition tables by date.
D.Materialize frequently used queries as tables.
E.Use clustering on frequently filtered columns.
AnswersC, E

Partitioning reduces the amount of data scanned, lowering costs.

Why this answer

Partitioning tables by date (Option C) is correct because it allows BigQuery to prune partitions during query execution, scanning only the relevant date ranges instead of the entire table. This reduces the amount of data processed, directly lowering query costs under on-demand pricing while maintaining performance through reduced I/O.

Exam trap

Google Cloud often tests the distinction between cost optimization and performance optimization, and the trap here is that candidates might choose reserved slots (Option A) thinking it always reduces costs, when in fact it is a pricing model that only benefits sustained high usage, not a direct cost-reduction technique for typical query patterns.

74
MCQhard

An organization runs a Kubernetes cluster on GKE with cluster autoscaling enabled. They notice that pods are frequently in 'Pending' state due to insufficient CPU, but the cluster autoscaler does not add nodes quickly enough. What is the most likely cause?

A.The cluster autoscaler is using the 'least-waste' expander.
B.The horizontal pod autoscaler (HPA) is misconfigured.
C.The pod disruption budget (PDB) is too restrictive.
D.The node pool has reached the maximum node count limit.
AnswerD

Cluster autoscaler cannot exceed max node limit.

Why this answer

Option D is correct because the cluster autoscaler cannot add new nodes if the node pool has already reached its maximum node count limit. This limit is configured at the node pool level in GKE, and once reached, the autoscaler will not scale up further, leaving pods in 'Pending' state due to insufficient CPU resources.

Exam trap

Google Cloud often tests the distinction between pod-level scaling (HPA) and node-level scaling (cluster autoscaler), and the trap here is that candidates confuse a restrictive PDB with a node pool limit, or assume the expander strategy directly causes scaling delays.

How to eliminate wrong answers

Option A is wrong because the 'least-waste' expander selects a node pool that minimizes resource waste after scaling, but it does not prevent the autoscaler from adding nodes; it only affects which node pool is chosen. Option B is wrong because the HPA scales pods based on CPU or memory utilization, not nodes; a misconfigured HPA would cause incorrect pod scaling, not a delay in node addition by the cluster autoscaler. Option C is wrong because a pod disruption budget (PDB) controls the number of pods that can be voluntarily disrupted during maintenance or upgrades, not the ability of the cluster autoscaler to add nodes.

75
MCQeasy

A development team uses Cloud Build for their CI/CD pipeline. They want to reduce build times. Which action is most effective?

A.Store build artifacts in a Cloud Storage bucket and reuse them
B.Enable parallel builds by separating build steps into multiple jobs
C.Use more powerful build machines by specifying larger machine types
D.Use a Cloud Run service to run builds asynchronously
AnswerB

Parallelizing independent steps reduces overall build duration.

Why this answer

Enabling parallel builds by separating build steps into multiple jobs reduces total build time by running independent steps concurrently. Other options are less effective or add complexity.

Page 1 of 2 · 77 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Analyze and optimize technical and business processes questions.