PCD · topic practice

Designing highly scalable, available, and reliable cloud-native applications practice questions

Practise PCD NAT and PAT questions covering address translation types, inside/outside interface roles, static vs dynamic vs PAT, and troubleshooting missing or incorrect translations.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Designing highly scalable, available, and reliable cloud-native applications

What the exam tests

What to know about Designing highly scalable, available, and reliable cloud-native applications

Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.

IaaS, PaaS and SaaS responsibilities and examples.

Public, private, hybrid and community cloud deployment models.

On-premises vs cloud trade-offs: cost, control, scalability.

How cloud connectivity options (VPN, Direct Connect, ExpressRoute) work.

Why learners struggle

Why Designing highly scalable, available, and reliable cloud-native applications questions are commonly missed

NAT questions are missed when learners confuse the four address types (inside local, inside global, outside local, outside global) or misapply the interface direction. A translation rule can look correct but still fail if the ACL, interface, or direction is wrong.

  • ·Inside local vs inside global — inside local is the private source, inside global is the translated public address
  • ·PAT overloads — many sources share one public IP using unique port numbers
  • ·Interface direction — ip nat inside and ip nat outside must be on the correct interfaces
  • ·Static NAT vs dynamic NAT vs PAT — each serves a different use case
  • ·The NAT ACL identifies traffic to translate, not traffic to permit or deny
  • ·A missing translation can look like a routing problem if the interfaces are misconfigured

Watch out for

Common Designing highly scalable, available, and reliable cloud-native applications exam traps

  • IaaS gives you infrastructure control; SaaS gives you only the application.
  • Hybrid cloud combines on-premises and public cloud — not two public clouds.
  • Cloud does not automatically mean cheaper or more secure.
  • Management responsibility shifts with each service model (IaaSPaaSSaaS).

Practice set

Designing highly scalable, available, and reliable cloud-native applications questions

20 questions · select your answer, then reveal the explanation

Question 1easymultiple choice
Read the full NAT/PAT explanation →

A company is designing a cloud-native application on Google Cloud that requires low-latency access to a global user base. The application serves static content and dynamic APIs. Which strategy best minimizes latency while maintaining high availability?

Question 2mediummultiple choice
Read the full NAT/PAT explanation →

A team is migrating a monolithic application to a microservices architecture on Google Kubernetes Engine (GKE). They want to ensure that failures in one microservice do not cascade to others. Which design pattern should they implement?

Question 3hardmultiple choice
Read the full NAT/PAT explanation →

A company running a high-traffic e-commerce platform on Google Cloud experiences occasional data loss in their Cloud SQL database during failover events. The database is configured with a failover replica in a different zone. What is the most likely cause of the data loss?

Question 4easymultiple choice
Read the full NAT/PAT explanation →

An organization wants to design a serverless data processing pipeline that is highly available and can automatically scale based on the number of incoming requests. The pipeline processes JSON messages from a Cloud Pub/Sub topic and writes results to BigQuery. Which service should be used as the compute component?

Question 5mediummultiple choice
Read the full NAT/PAT explanation →

A company is building a real-time analytics application on Google Cloud that ingests data from thousands of IoT devices. The data must be processed with sub-second latency and stored in a time-series database for querying. Which combination of services provides the best scalability and availability?

Question 6hardmulti select
Read the full NAT/PAT explanation →

A team is designing a globally distributed application on Google Cloud that requires strong consistency for writes but can tolerate eventual consistency for reads. The application expects millions of concurrent users. Which two strategies should they implement? (Choose two.)

Question 7mediummulti select
Read the full NAT/PAT explanation →

An organization is migrating a critical application to Google Cloud and needs to ensure high availability and disaster recovery. The application runs on Compute Engine and uses a stateful database. Which three design choices should they make? (Choose three.)

Question 8mediummultiple choice
Read the full NAT/PAT explanation →

A developer runs the command shown in the exhibit. They need to ensure that the application running on instance-3 can be restored quickly if it fails. What should they do?

Exhibit

Refer to the exhibit.

gcloud compute instances list --format='table(name, zone, status, machineType, scheduling.preemptible)'

NAME        ZONE        STATUS    MACHINE_TYPE      PREEMPTIBLE
instance-1  us-central1-a RUNNING  n1-standard-1     false
instance-2  us-central1-b RUNNING  n1-standard-2     false
instance-3  us-central1-a TERMINATED n1-standard-1  false
instance-4  us-central1-c RUNNING  n1-standard-1     true
Question 9hardmultiple choice
Read the full NAT/PAT explanation →

A developer finds the JSON key shown in the exhibit in a Cloud Storage bucket that is publicly accessible. Which security best practice was violated?

Network Topology
"private_key": "BEGIN PRIVATE KEYEND PRIVATE KEYRefer to the exhibit."type": "service_account","project_id": "my-project","private_key_id": "abc123",...","client_email": "sa@my-project.iam.gserviceaccount.com","client_id": "123456789","auth_uri": "https://accounts.google.com/o/oauth2/auth","token_uri": "https://oauth2.googleapis.com/token","auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs","client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/sa@my-project.iam.gserviceaccount.com"
Question 10easymultiple choice
Read the full NAT/PAT explanation →

A company is designing a global e-commerce platform on Google Cloud. The application requires low-latency access for users worldwide and must be highly available. Which load balancing solution should they use?

Question 11mediummultiple choice
Read the full NAT/PAT explanation →

A team is migrating a monolithic application to microservices on Google Kubernetes Engine (GKE). They want to ensure that if one microservice fails, it does not cascade to other services. Which design pattern should they implement?

Question 12hardmultiple choice
Read the full NAT/PAT explanation →

A company runs a stateful application on Compute Engine instances with local SSDs. They need to perform maintenance that requires stopping the instances. What is the best approach to ensure data durability and minimal downtime?

Question 13easymultiple choice
Read the full NAT/PAT explanation →

An application running on Cloud Run experiences cold starts causing latency spikes. What is the most cost-effective solution to reduce cold starts?

Question 14mediummultiple choice
Read the full NAT/PAT explanation →

A team is designing a disaster recovery plan for a critical application on Google Cloud. The application runs on Compute Engine with a regional persistent disk. They want to minimize data loss in case of a regional outage. Which strategy should they use?

Question 15hardmultiple choice
Read the full NAT/PAT explanation →

An administrator runs the above command to create a Compute Engine instance. However, the nginx service does not start. What is the most likely cause?

Exhibit

Refer to the exhibit.

gcloud compute instances create my-instance \
    --zone=us-central1-a \
    --machine-type=e2-medium \
    --image-family=debian-11 \
    --image-project=debian-cloud \
    --boot-disk-size=10GB \
    --boot-disk-type=pd-standard \
    --metadata=startup-script='#!/bin/bash
    apt-get update
    apt-get install -y nginx
    systemctl enable nginx
    systemctl start nginx'
Question 16mediummulti select
Read the full NAT/PAT explanation →

A company is designing a highly available application on Google Cloud using multiple regions. Which TWO strategies should they implement to achieve this?

Question 17hardmulti select
Read the full NAT/PAT explanation →

A team is deploying a critical application on Google Kubernetes Engine (GKE) and needs to ensure high availability and disaster recovery. Which THREE actions should they take?

Question 18mediummultiple choice
Read the full NAT/PAT explanation →

A company is deploying a microservices-based application on Google Kubernetes Engine (GKE). The application consists of several stateless services that experience unpredictable traffic spikes. The team wants to ensure high availability and scalability while minimizing costs. Which design should they implement?

Question 19hardmultiple choice
Read the full NAT/PAT explanation →

You are troubleshooting a web application deployed on Compute Engine instances behind a target pool. Users report intermittent timeouts when accessing the application via the forwarding rule's IP address. Based on the exhibit, what is the most likely cause of the issue?

Network Topology
gcloud compute forwarding-rules listformat jsonRefer to the exhibit."name": "web-frontend","region": "us-central1","IPAddress": "34.123.45.67","IPProtocol": "TCP","portRange": "80-80","target": "https://www.googleapis.com/compute/v1/projects/my-project/regions/us-central1/targetPools/web-pool"
Question 20easymulti select
Read the full NAT/PAT explanation →

A company is designing a globally distributed application using Cloud Spanner. The application requires strong consistency and the ability to handle high read/write throughput. The team is concerned about inter-continental latency. Which two design choices would optimize performance while maintaining strong consistency? (Choose two.)

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Designing highly scalable, available, and reliable cloud-native applications sessions

Start a Designing highly scalable, available, and reliable cloud-native applications only practice session

Every question in these sessions is drawn from the Designing highly scalable, available, and reliable cloud-native applications domain — nothing else.

Related practice questions

Related PCD topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the PCD exam test about Designing highly scalable, available, and reliable cloud-native applications?
Cloud concepts questions usually test the service model (IaaS/PaaS/SaaS) and deployment model (public/private/hybrid/community) appropriate for a given scenario.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Designing highly scalable, available, and reliable cloud-native applications questions in a focused session?
Yes — the session launcher on this page draws every question from the Designing highly scalable, available, and reliable cloud-native applications domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other PCD topics?
Use the topic links above to move to related areas, or go back to the PCD question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the PCD exam covers. They are not copied from any real exam or dump site.