CCNA Pcd Deploy Databases Questions

24 of 99 questions · Page 2/2 · Pcd Deploy Databases topic · Answers revealed

76
MCQeasy

A startup is building a mobile application with real-time synchronization across user devices. They expect millions of users and need a NoSQL database with offline support and real-time listeners. Which database should they choose?

A.Firestore
B.Cloud Bigtable
C.BigQuery
D.Cloud SQL
AnswerA

Firestore provides real-time sync, offline persistence, and is designed for mobile/web apps.

Why this answer

Firestore is a flexible, scalable NoSQL database for mobile, web, and server development. It offers real-time synchronization, offline data persistence, and integrates with Firebase and Google Cloud. It is designed for this exact use case.

77
MCQhard

An engineer needs to configure Firestore security rules for a mobile app where users can only read and write their own data. The user's UID is stored in the document field 'owner'. Which rule correctly restricts access?

A.allow read, write: if resource.data.owner == request.auth.name;
B.allow read, write: if resource.data.owner == request.auth.uid;
C.allow read, write: if resource.data.owner == request.auth.userId;
D.allow read, write: if resource.data.userId == request.auth.uid;
AnswerB

This is the correct rule: compares the document's 'owner' field to the authenticated user's UID.

Why this answer

The 'resource.data.owner' checks the document's 'owner' field, and 'request.auth.uid' is the authenticated user's UID. The condition ensures users can only access documents where they are the owner. Option A uses 'request.auth.uid' correctly.

Option B uses 'request.auth.userId' which is not valid. Option C incorrectly uses 'resource.data.userId'. Option D uses 'request.auth.name' which is not the UID.

78
Multi-Selecthard

A company uses Firestore for a mobile app. They want to implement security rules that allow users to create documents only if they are authenticated and the document's 'owner' field matches their UID. Additionally, they want to allow reads of any document where the 'visibility' field is 'public'. Which TWO conditions should the rules include?

Select 2 answers
A.allow create: if resource.data.owner == request.auth.uid;
B.allow read: if request.resource.data.visibility == 'public';
C.allow write: if request.auth.uid != null;
D.allow read: if resource.data.visibility == 'public';
E.allow create: if request.auth.uid != null && request.resource.data.owner == request.auth.uid;
AnswersD, E

This allows reads of documents where visibility is public.

Why this answer

The create rule should check authentication and that the incoming document's owner matches the UID. The read rule should allow if visibility is public. Using get() for the existing document is not needed for create because request.resource refers to the new document.

For read, resource.data refers to the existing document.

79
Multi-Selectmedium

An organization needs to secure their Cloud SQL for MySQL instance. They require that all connections use IAM for authentication and that the database is not accessible from the public internet. Which THREE actions should they take? (Choose 3.)

Select 3 answers
A.Enable IAM database authentication on the Cloud SQL instance.
B.Assign a private IP only, with no public IP.
C.Configure the Cloud SQL Auth Proxy for all connections.
D.Require SSL for all connections using the 'require_ssl' flag.
E.Assign a public IP and configure authorized networks.
AnswersA, B, D

This links IAM principals to database users, replacing database passwords.

Why this answer

IAM database authentication links IAM users to database logins. Private IP and no public IP ensure no internet access. Cloud SQL Auth Proxy uses IAM for authentication but does not directly enforce IAM DB auth; it provides a secure tunnel.

SSL encryption is separate from IAM authentication. Authorized networks are not needed with private IP.

80
MCQmedium

An engineer is monitoring Cloud Bigtable performance and notices high read latency. They suspect a hot spot issue. Which tool should they use to identify the hot spot?

A.The cbt command-line tool
B.Key Visualiser
C.Bigtable Studio
D.Cloud Monitoring (formerly Stackdriver)
AnswerB

Key Visualiser is purpose-built for identifying hot spots in Bigtable.

Why this answer

Cloud Bigtable's Key Visualiser is a tool specifically designed to detect and visualize hot spots (uneven distribution of read/write load across row keys). It helps identify row key patterns causing performance issues. Stackdriver is the legacy name for Cloud Monitoring; Cloud Monitoring can show overall metrics but not hot spot analysis.

Bigtable Studio does not exist. cbt is the CLI tool.

81
MCQmedium

A company uses Cloud SQL for MySQL with a single zone. They need high availability with automatic failover in under 60 seconds. What configuration should they use?

A.Enable regional HA by adding a standby in a different zone
B.Configure zonal HA with a standby in the same zone
C.Use AlloyDB with cross-region replication
D.Create a read replica in a different region
AnswerA

Regional HA uses a synchronous standby in a different zone within the same region, providing automatic failover in under 60 seconds.

Why this answer

Cloud SQL HA configuration creates a primary and a standby instance in different zones within the same region, using synchronous replication. Automatic failover occurs in under 60 seconds. Zonal HA is not a valid concept, and cross-region failover is not automatic.

82
MCQmedium

A company is migrating a PostgreSQL application to Cloud SQL. They require automatic failover in under 60 seconds if the primary instance fails, and they want to minimize write latency. Which configuration should they choose?

A.Create a zonal Cloud SQL instance and set up a read replica in a different zone.
B.Create a Cloud SQL for PostgreSQL instance with high availability (HA) configuration.
C.Create a Cloud SQL for PostgreSQL instance with cross-region replication.
D.Configure a Cloud Spanner regional instance with multi-zone nodes.
AnswerB

HA uses a synchronous standby in a different zone, providing automatic failover in under 60 seconds with no data loss.

Why this answer

Cloud SQL HA uses a synchronous standby in a different zone within the same region, providing automatic failover in under 60 seconds and no data loss. Cross-region replicas are asynchronous and do not meet the failover time requirement. Zonal instances lack HA.

Regional clusters are for Spanner.

83
MCQhard

A company uses Cloud Spanner with an instance configured with 1000 processing units. They notice that high-priority CPU utilization consistently exceeds 65% during peak hours, causing increased latency. They want to auto-scale based on this metric. Which scaling configuration should they use?

A.Use autoscaling with a minimum of 1000 processing units, a maximum of 2000 processing units, and a target CPU utilization of 65%
B.Use autoscaling with a minimum of 1000 processing units, a maximum of 2000 processing units, and a target high-priority CPU utilization of 65%
C.Use autoscaling with a minimum of 1 node, a maximum of 2 nodes, and a target CPU utilization of 65%
D.Manually increase processing units to 2000
AnswerB

This configuration allows the instance to scale up from 1000 to 2000 processing units when high-priority CPU exceeds the target.

Why this answer

Cloud Spanner autoscaling uses processing units (not nodes) and allows setting a target for high-priority CPU utilization. Setting a minimum of 1000 processing units ensures a baseline, and a maximum of 2000 allows scaling up. The target high-priority CPU utilization (e.g., 65%) triggers scaling.

Node-based options are not used with processing units.

84
Multi-Selectmedium

An engineer is designing a disaster recovery strategy for a Cloud SQL for SQL Server instance. They need to be able to fail over to a different region with minimal data loss. Which TWO actions should they take? (Choose two.)

Select 2 answers
A.Create a cross-region read replica.
B.Configure point-in-time recovery (PITR) with a backup window.
C.Export the database daily to Cloud Storage.
D.Use an external replica in another region.
E.Enable high availability (regional) on the primary instance.
AnswersA, B

A cross-region replica can be promoted to primary in another region, providing DR.

Why this answer

Cross-region replicas provide asynchronous replication to another region, allowing promotion for DR. Point-in-time recovery can be used to restore to the latest state before a disaster, minimizing data loss. HA is zone-level, not cross-region.

Export/import is not real-time. Backup is point-in-time but not continuous replication.

85
MCQmedium

A Cloud Spanner instance has been running with 2 nodes. The team wants to migrate to processing units for more granular scaling. What is the equivalent number of processing units for 2 nodes?

A.1000 processing units
B.4000 processing units
C.500 processing units
D.2000 processing units
AnswerD

2 nodes = 2000 processing units.

Why this answer

In Cloud Spanner, 1 node equals 1000 processing units. Therefore, 2 nodes equal 2000 processing units. This conversion is standard, though the documentation may vary slightly (some sources say 1 node = 1000 PUs). 500 PUs would be half a node, and 4000 would be 4 nodes.

86
Multi-Selectmedium

A company is deploying a production Cloud Bigtable instance for time-series data. They want high availability across zones and the ability to serve reads from a secondary location. Which TWO configurations should they implement?

Select 2 answers
A.Create a development instance type
B.Disable replication to avoid conflicts
C.Add a second cluster in a different zone within the same region
D.Use HDD storage to reduce costs
E.Add a cluster in a different region
AnswersC, E

This provides zone-level HA and read scaling.

Why this answer

To achieve high availability across zones, you add a second cluster in a different zone within the same region. For read scaling or cross-region DR, you can add a cluster in another region. A production instance is required for multi-cluster.

Replication is asynchronous, so eventual consistency. A development instance does not support multiple clusters.

87
MCQhard

A manufacturing company collects sensor data from thousands of devices. They need a database that can handle a write throughput of 100,000 rows per second and read latency under 10ms. Data is keyed by device ID and timestamp. Which Google Cloud database should they choose?

A.Cloud Bigtable
B.Cloud Spanner
C.Cloud SQL
D.Firestore
AnswerA

Bigtable is built for high-throughput, low-latency time-series data.

Why this answer

Cloud Bigtable is designed for high-throughput writes and low-latency reads for time-series data. It can handle 100k rows/sec with appropriate node count. Cloud Spanner has lower write throughput per dollar.

Cloud SQL is not designed for such high write throughput. Firestore has limits on write throughput per collection.

88
Multi-Selectmedium

A company is deploying a three-node Bigtable cluster for production. They anticipate growth in read throughput and want to plan for scaling. Which two actions can they take to increase read throughput? (Choose TWO.)

Select 2 answers
A.Add more nodes to the existing cluster
B.Switch to a development instance type
C.Change storage to HDD
D.Use Key Visualizer to increase performance
E.Add a second cluster in a different zone
AnswersA, E

More nodes increase read capacity.

Why this answer

Adding nodes increases overall throughput, and adding a secondary cluster in a different zone allows reads to be served from both clusters, improving read throughput and availability. Changing to HDD would reduce performance. The development instance is not for production.

Key Visualizer is for analysis only.

89
MCQmedium

An organization has a Cloud SQL for MySQL instance with 500 GB of data. They want to offload reporting queries that scan large portions of the database without impacting the primary instance's performance. Which solution should they implement?

A.Use Cloud SQL connection pooling to share connections
B.Upgrade the primary instance to a high-memory machine type
C.Enable automatic storage increase on the primary instance
D.Create a cross-region Cloud SQL read replica and direct reporting queries to it
AnswerD

A read replica offloads read traffic; cross-region provides additional DR benefits.

Why this answer

Creating a cross-region read replica distributes read traffic and isolates reporting workloads from the primary. Cloud SQL read replicas are asynchronous and can be promoted if needed. For read-only queries, this is the correct approach.

90
Multi-Selecteasy

A company is using Cloud SQL for PostgreSQL and wants to offload read traffic and improve performance. They also want a disaster recovery option in a different region. Which TWO configurations should they implement? (Choose 2.)

Select 2 answers
A.Configure a same-region read replica.
B.Set up pgpool-II for load balancing.
C.Create a cross-region read replica in another region.
D.Use the cross-region replica to serve read traffic.
E.Enable HA configuration on the primary instance.
AnswersC, D

Cross-region replicas can serve reads and be promoted for DR.

Why this answer

A cross-region read replica (Option C) allows you to offload read traffic from the primary instance, improving performance by distributing query load. Additionally, because the replica is in a different region, it provides a disaster recovery option: if the primary region fails, you can promote the cross-region replica to a new primary, ensuring business continuity. This directly meets both requirements of offloading reads and providing cross-region DR.

Exam trap

Cisco often tests the distinction between high availability (HA) within a region and disaster recovery (DR) across regions; the trap here is that candidates confuse HA (which provides automatic failover within the same region) with cross-region DR, leading them to select Option E instead of understanding that cross-region replicas are required for regional disaster recovery.

91
MCQhard

An engineer is deploying AlloyDB for PostgreSQL and needs to support read scaling with automatic scaling of read replicas based on load. They also want to ensure minimal operational overhead. What should they use?

A.Manually create additional read replicas and set up a load balancer.
B.Create multiple cross-region replicas.
C.Create a read pool instance with autoscaling enabled.
D.Use AlloyDB Omni to deploy replicas on-premises.
AnswerC

AlloyDB read pools with autoscaling automatically adjust the number of read replicas based on load.

Why this answer

AlloyDB read pool instances provide a set of read replicas that can be configured with autoscaling. The pool manages the number of replicas based on load (e.g., CPU utilization). 'Read pool autoscaling' is the feature. Cross-region replication is for disaster recovery, not read scaling.

AlloyDB Omni is for on-premises. Manual read replicas require operational overhead.

92
MCQeasy

A developer needs to connect a Cloud SQL MySQL instance from an application running on Compute Engine without whitelisting IP addresses. Which method should they use?

A.Connect via Cloud Shell using the mysql client.
B.Configure the application to use Cloud SQL Auth Proxy.
C.Set up a Cloud SQL private IP connection.
D.Use SSL/TLS connection with the public IP address.
AnswerB

Auth Proxy uses IAM for authentication and encrypts connections without IP allowlisting.

Why this answer

Cloud SQL Auth Proxy provides secure access using IAM permissions, avoiding the need to whitelist IP addresses. SSL without proxy still requires IP allowlisting. Private IP requires VPC peering and is not automatically connected.

Cloud Shell is not for application connectivity.

93
MCQeasy

A developer needs to connect a Cloud Run application to a Cloud SQL for MySQL database securely without managing IP allowlists or SSL certificates. Which method should they use?

A.Create a Compute Engine instance with a VPN to Cloud SQL and connect from Cloud Run via VPC peering.
B.Use the public IP of the Cloud SQL instance and add the Cloud Run service's IP range to the authorized networks.
C.Enable the 'require_ssl' flag and distribute the server certificate to the Cloud Run service.
D.Deploy the Cloud SQL Auth Proxy as a sidecar container in Cloud Run.
AnswerD

The Cloud SQL Auth Proxy runs as a sidecar and provides secure, IAM-authenticated connections without IP allowlisting or SSL config.

Why this answer

The Cloud SQL Auth Proxy provides secure authentication and encryption without requiring authorized networks or SSL certificate management. It uses IAM for authentication and encrypts connections.

94
MCQmedium

A company needs to run AlloyDB for PostgreSQL with a read pool that can automatically scale based on load. They also need to run a local instance on-premises for disaster recovery. Which features should they use?

A.Use AlloyDB with read replicas in the same region and Cloud SQL for on-premises
B.Use AlloyDB with a single instance and use Bigtable for on-premises
C.Use AlloyDB with cross-region replication to another cloud region
D.Use AlloyDB with auto-scaling read pool and AlloyDB Omni for on-premises
AnswerD

AlloyDB read pools auto-scale, and AlloyDB Omni can replicate to on-premises.

Why this answer

AlloyDB read pools support auto-scaling. For on-premises disaster recovery, AlloyDB Omni provides a downloadable version that can run on-premises and replicate from the cloud. Cross-region replication is for cloud-to-cloud, not on-premises.

95
MCQeasy

An engineer needs to create a Cloud SQL instance with SSD storage. Which storage type should they select for best performance?

A.HDD (hard disk drive)
B.Local SSD
C.Persistent disk standard
D.SSD (solid-state drive)
AnswerD

SSD provides the best performance for databases.

Why this answer

Option D is correct because SSD (solid-state drive) is the recommended storage type for Cloud SQL instances when best performance is required. SSD provides lower latency and higher IOPS compared to HDD, making it suitable for transactional workloads and real-time applications. Cloud SQL supports both SSD and HDD, but SSD is the default and optimal choice for production databases.

Exam trap

Cisco often tests the misconception that Local SSD is available for Cloud SQL, but it is only an option for Compute Engine instances, not for managed database services like Cloud SQL.

How to eliminate wrong answers

Option A is wrong because HDD (hard disk drive) offers significantly lower IOPS and higher latency than SSD, making it unsuitable for performance-sensitive database workloads in Cloud SQL. Option B is wrong because Local SSD is not supported as a storage type for Cloud SQL instances; it is used with Compute Engine instances for ephemeral, high-performance scratch storage. Option C is wrong because Persistent disk standard is a general-purpose block storage option for Compute Engine, but Cloud SQL does not offer it as a selectable storage type; Cloud SQL only provides SSD and HDD options.

96
MCQmedium

An engineer notices high CPU utilization on a Cloud Spanner instance and wants to identify the queries consuming the most resources. Which tool should they use?

A.Cloud Monitoring (Stackdriver) dashboards for Spanner.
B.Key Visualizer for Bigtable.
C.Cloud Logging with query logs.
D.Query Insights for Spanner.
AnswerD

Query Insights provides detailed per-query metrics including CPU and latency.

Why this answer

Cloud Spanner's Query Insights provides query performance statistics, including CPU usage, latency, and execution counts. It helps identify problematic queries. Stackdriver (Cloud Monitoring) shows overall metrics but not per-query details.

Key Visualizer is for Bigtable. Cloud Logging can show logs but not specific query resource consumption.

97
MCQmedium

A company is evaluating Cloud Bigtable for a high-throughput write workload. They need to monitor disk usage and request latency. Which metrics should they monitor? (Select the best combination.)

A.disk/bytes_used and request_latency
B.cpu/utilisation and database/queries
C.disk/bytes_used and rows_deleted
D.request_latency and database/memory/utilisation
AnswerA

These are the correct Bigtable metrics for disk usage and request latency.

Why this answer

Bigtable provides 'disk/bytes_used' for disk usage and 'request_latency' for latency. 'cpu/utilisation' is not a Bigtable metric; Bigtable uses 'cpu_load' and 'server_latency' but request latency is the key metric. 'database/queries' is a Cloud SQL metric. 'rows_deleted' is a Spanner metric.

98
MCQmedium

A developer wants to enable IAM database authentication for Cloud SQL for PostgreSQL. Which IAM role must be granted to a user or service account to allow login?

A.Cloud SQL Admin
B.Cloud SQL Connect
C.Cloud SQL Instance User
D.Cloud SQL Client
AnswerC

This role allows a user to connect to Cloud SQL using IAM database authentication.

Why this answer

Cloud SQL IAM database authentication for PostgreSQL requires the Cloud SQL Instance User role (roles/cloudsql.instanceUser) to be granted to a user or service account. This role allows the principal to log in to the database instance using IAM credentials, while the Cloud SQL Admin, Connect, and Client roles do not grant the specific login privilege needed for IAM-based database authentication.

Exam trap

The trap here is that candidates often confuse the Cloud SQL Client or Cloud SQL Connect roles with the ability to log in to the database, but those roles only allow network-level connectivity (e.g., via Cloud SQL Proxy) and do not grant the IAM login permission required for database authentication.

How to eliminate wrong answers

Option A is wrong because Cloud SQL Admin (roles/cloudsql.admin) grants full administrative control over Cloud SQL instances (create, modify, delete) but does not include the permission to log in to the database via IAM authentication. Option B is wrong because Cloud SQL Connect (roles/cloudsql.connect) allows connecting to Cloud SQL instances using Cloud SQL Proxy or private IP, but it does not grant the cloudsql.instances.login permission required for IAM database authentication. Option D is wrong because Cloud SQL Client (roles/cloudsql.client) provides permissions to connect to Cloud SQL instances and use Cloud SQL Proxy, but it lacks the specific cloudsql.instances.login permission needed for IAM-based database login.

99
MCQhard

A company is using Cloud Bigtable to serve real-time analytics. They notice that some queries are slow, and the Key Visualizer shows a narrow row key range receiving the majority of reads and writes. What is the most likely cause and recommended action?

A.The cluster has too few nodes; add more nodes to the cluster
B.Enable replication to a secondary cluster to offload reads
C.The storage type is HDD; switch to SSD to improve latency
D.A single row key prefix is being accessed heavily, causing a hot spot; redesign the row key to distribute load
AnswerD

The Key Visualizer indicates a hot spot, so row key design should be improved.

Why this answer

Hot spotting occurs when a small range of row keys is heavily accessed, causing uneven load distribution. Using a well-distributed row key design (e.g., salting) is the recommended solution.

← PreviousPage 2 of 2 · 99 questions total

Ready to test yourself?

Try a timed practice session using only Pcd Deploy Databases questions.