Google Professional Cloud Database Engineer (PCDE) — Questions 826900

1000 questions total · 14pages · All types, answers revealed

Page 11

Page 12 of 14

Page 13
826
MCQhard

A team is setting up a Cloud Build private pool to build Docker images that need access to resources in a VPC. After creating the private pool, builds fail with network errors. What is the most likely missing step?

A.Grant the Cloud Build service account the 'compute.networkUser' role
B.Configure Service Directory (private connection) between the pool and the VPC
C.Enable Cloud NAT on the VPC
D.Assign a public IP to the build instances
AnswerB

A private pool needs a Service Directory connection to access VPC resources.

Why this answer

Private pools require a Service Directory private connection (or VPC peering) to access VPC resources. Without that, the pool cannot reach the VPC.

827
MCQmedium

An engineer wants to cache Docker layers in Cloud Build to speed up subsequent builds. The build uses Kaniko to build images. What should they include in the cloudbuild.yaml?

A.Set `--cache=true` and `--cache-repo` in the Kaniko builder arguments
B.Add a step that runs `docker save` and `docker load`
C.Use the `docker` builder instead of Kaniko and set `--cache-from`
D.Enable Cloud Build's built-in caching by setting `cache: true` in cloudbuild.yaml
AnswerA

Correct: Kaniko's `--cache` flag caches layers in the specified repo.

Why this answer

Kaniko uses `--cache=true` and `--cache-repo` to enable layer caching in a registry.

828
MCQeasy

A company uses BigQuery for BI dashboards. Users report that queries on the sales table take longer than expected. The table contains daily transaction data and is not partitioned. Which action will most improve query performance while minimizing cost?

A.Increase the BigQuery reservation slot count
B.Partition the table by the transaction date column
C.Cluster the table by the transaction date column
D.Denormalize the table by including dimension attributes
AnswerB

Partitioning limits data scanned to relevant partitions, improving performance and reducing cost.

Why this answer

Partitioning the table by the transaction date column allows BigQuery to perform partition pruning, scanning only the relevant date ranges instead of the entire table. This directly reduces the amount of data read, improving query performance and lowering costs since BigQuery charges based on the data scanned.

Exam trap

Cisco often tests the distinction between partitioning and clustering, where candidates mistakenly choose clustering because it also improves query performance, but fail to recognize that without partitioning, clustering on a date column still requires a full table scan for date-range queries.

How to eliminate wrong answers

Option A is wrong because increasing the reservation slot count only improves concurrency and query throughput, not the efficiency of individual queries; it does not reduce the amount of data scanned and increases cost without addressing the root cause. Option C is wrong because clustering organizes data within partitions or tables to improve filter and sort performance, but without partitioning first, clustering on the date column still requires scanning the entire table for date-range queries, offering minimal benefit. Option D is wrong because denormalization reduces joins but does not reduce the volume of data scanned for date-range filters; it can actually increase storage costs and data scanned if dimension attributes are repeated across rows.

829
MCQmedium

A team defines an SLO for a data pipeline: 99.9% of data records should be processed within 1 hour of ingestion. They need an SLI to measure this. Which SLI is most appropriate?

A.Pipeline freshness
B.Throughput
C.Error rate
D.Request latency
AnswerA

Freshness measures the age of data at processing time, suitable for batch pipelines.

Why this answer

Pipeline freshness measures the time it takes for data to be available after ingestion. This is commonly used for data processing SLOs.

830
MCQeasy

Which Cloud Monitoring feature allows you to group log entries from the same request across multiple services using a common identifier?

A.Cloud Trace
B.Cloud Profiler
C.Log-based metrics
D.Error Reporting
AnswerA

Cloud Trace uses trace IDs to correlate requests across services.

Why this answer

Cloud Trace uses trace IDs to correlate requests across services. Logs can include the trace ID to enable correlation between logs and traces.

831
MCQhard

Refer to the exhibit. The team notices high write latency on the Events table. They are inserting 1,000 events per second. The EventId is generated by a sequence. What is the most likely issue?

A.The sequential primary key creates a hotspot on a single split.
B.The allow_commit_timestamp option on CreatedAt column adds overhead.
C.The BYTES(MAX) data type causes excessive writing.
D.The node count is insufficient for the write throughput.
AnswerA

Sequential keys cause all writes to hit the same split, leading to contention and latency.

Why this answer

The sequential primary key (EventId generated by a sequence) causes all new writes to be directed to the last tablet or split in the table, creating a hotspot. In Cloud Spanner, this leads to contention on a single split, increasing write latency despite adequate overall throughput capacity.

Exam trap

Cisco often tests the misconception that high write latency is due to insufficient node count or data type choices, when the real issue is key design causing a hotspot on a single split.

How to eliminate wrong answers

Option B is wrong because allow_commit_timestamp on the CreatedAt column does not add significant overhead; it simply enables commit timestamp-based reads and does not affect write latency. Option C is wrong because BYTES(MAX) data type does not inherently cause excessive writing; the issue is write distribution, not column size. Option D is wrong because the node count may be sufficient for the write throughput; the problem is that writes are not distributed across nodes due to the sequential key, not that there are too few nodes.

832
MCQhard

A financial services company uses Cloud Spanner for a global transaction processing system. They notice that certain read queries on a table with frequent writes are returning stale data even though they use strong reads. The table has a primary key of (user_id, transaction_id) and a secondary index on (timestamp). What is the most likely cause of the stale reads?

A.The query is using a stale read timestamp.
B.The query is using a secondary index that has not yet been updated with the latest write.
C.The query is reading from a read-only replica.
D.Cloud Spanner is using eventual consistency for this query.
AnswerB

Secondary indexes can lag behind the base table; a strong read on the index may return stale data if the write committed after the index was last updated.

Why this answer

Option B is correct because in Cloud Spanner, secondary indexes are implemented as separate tables that are updated asynchronously relative to the base table. When a strong read uses a secondary index, the read may still see a stale version of the index if the write has not yet been fully replicated to the index table. This is a known behavior: strong reads guarantee consistency only when reading from the base table using the primary key, not when using a secondary index.

Exam trap

The trap here is that candidates assume 'strong reads' guarantee consistency for all queries, but Cloud Spanner's strong consistency guarantee applies only to reads that use the primary key; secondary index reads may return stale data because the index is updated asynchronously.

How to eliminate wrong answers

Option A is wrong because the question explicitly states that strong reads are used, which means the read timestamp is automatically set to the current timestamp, not a stale one. Option C is wrong because Cloud Spanner does not have read-only replicas; all replicas can serve reads, but strong reads are always served from the leader replica, so reading from a non-leader replica would not occur with strong reads. Option D is wrong because Cloud Spanner provides strong consistency for all reads by default; eventual consistency is not a mode that can be selected, and the issue is specific to secondary index staleness, not a general consistency model.

833
MCQeasy

An engineer wants to trigger a Cloud Build pipeline automatically whenever a pull request is created against the main branch of a GitHub repository. Which type of build trigger should they configure?

A.Scheduled trigger
B.Pull request trigger
C.Manual trigger
D.Push to branch trigger
AnswerB

Pull request triggers fire when a PR is created or updated.

Why this answer

Cloud Build supports push-to-branch and pull request triggers. For pull requests, the 'Pull Request' trigger type is used, which can be scoped to a specific branch like main.

834
MCQmedium

A Cloud SQL for PostgreSQL instance is experiencing high CPU usage during peak hours. Query Insights shows that a complex reporting query is causing full table scans on a large table. The query filters on a column used in JOINs. Which optimization should be applied first?

A.Increase the instance size.
B.Create a read replica for reporting.
C.Use query rewriting with materialized views.
D.Add a composite index on the filtered column and join columns.
AnswerD

Adding an index on the filtered and join columns allows the query to use index seek instead of full table scan, reducing CPU usage.

Why this answer

Option D is correct because adding a composite index on the filtered column and the join columns directly addresses the root cause of the full table scans. Query Insights indicates the query filters on a column used in JOINs; a composite index covering both the filter and join columns allows PostgreSQL to perform an Index Scan instead of a sequential scan, reducing CPU usage without requiring additional infrastructure or data duplication.

Exam trap

Google Cloud often tests the misconception that scaling up or offloading is the first optimization step, when in fact index tuning is the cheapest and most effective initial action for query performance issues caused by full table scans.

How to eliminate wrong answers

Option A is wrong because increasing the instance size (vertical scaling) only masks the symptom of high CPU usage without fixing the inefficient query plan; the full table scans will continue to consume resources, and costs increase without performance guarantee. Option B is wrong because creating a read replica for reporting offloads the query to another instance but does not eliminate the full table scan on the replica; the same inefficient query will still cause high CPU on the replica. Option C is wrong because query rewriting with materialized views pre-computes and stores the result set, which can improve performance for repeated complex queries, but it does not address the immediate full table scan caused by missing indexes; materialized views also require maintenance and may become stale.

835
MCQeasy

A data engineer needs to design a table to store time-series sensor data arriving every second. The data will be queried mainly for the last hour over a specific device. Which table design minimizes query costs?

A.Partition by ingestion_time, cluster by timestamp
B.Partition by ingestion_time, no clustering
C.No partitioning, cluster by device_id
D.Partition by ingestion_time, cluster by device_id
AnswerD

Partitioning enables time-range pruning; clustering on device_id speeds up per-device lookups.

Why this answer

Option D minimizes query costs because partitioning by ingestion_time allows the query engine to skip partitions outside the last hour, while clustering by device_id further narrows the scan to only the relevant device's data within those partitions. This combination reduces the amount of data read and the number of files scanned, which is critical for high-frequency time-series data.

Exam trap

Google Cloud often tests the misconception that clustering by the same column as partitioning provides extra benefit, but in reality it is redundant and can increase maintenance overhead without improving query performance.

How to eliminate wrong answers

Option A is wrong because clustering by timestamp within a partition by ingestion_time is redundant—since the partition already organizes data by time, clustering by the same column adds no additional pruning benefit and wastes clustering resources. Option B is wrong because without clustering, queries filtering on device_id must scan all rows in the relevant partitions, leading to full partition scans and higher query costs. Option C is wrong because no partitioning means every query must scan the entire table, even when filtering on the last hour, resulting in maximum data read and cost.

836
MCQmedium

A DevOps engineer is setting up a new Google Cloud organization for their company. They need to ensure that all projects are created within a structured hierarchy that separates production, staging, development, and sandbox environments. Which folder structure BEST supports this requirement?

A.Create a folder for each product under the organization node, and within each product folder, create subfolders for environments.
B.Create a flat folder structure under the organization node with one folder per team, and place all projects in their team folder regardless of environment.
C.Create a folder for each environment (prod, staging, dev, sandbox) directly under the organization node. Within each environment folder, create subfolders for teams or products, and place projects in those subfolders.
D.Create a flat folder structure with one folder per project type (shared VPC, logging, security) and place all projects in those folders.
AnswerC

This is the standard landing zone design that separates environments and allows inheritance.

Why this answer

The recommended landing zone design uses top-level folders for environments (prod, staging, dev, sandbox) under the organization node, with team/product subfolders inside each environment folder. This allows IAM and org policies to be inherited appropriately.

837
MCQmedium

Your Cloud Run service processes requests from an external API that sends a burst of up to 100 requests per second. You want to maximize throughput while minimizing instances. The service is CPU-bound. What configuration should you use?

A.Use the Gen2 execution environment with higher memory.
B.Set concurrency to 1 to give each request full CPU, and enable CPU always-on.
C.Set concurrency to 1000 to handle burst efficiently.
D.Set concurrency to 80 (default) and CPU always-on.
AnswerB

Concurrency 1 ensures each instance handles one request at a time, maximizing CPU per request.

Why this answer

For CPU-bound services, the default concurrency of 80 may be too high, causing resource contention and slowing down each request. Reducing concurrency to a lower value, such as 1, dedicates the entire CPU to each request, potentially improving throughput per instance. CPU always-on is needed for background tasks but not necessarily for request handling.

Gen2 execution environment can help with higher memory but not CPU-bound throughput directly.

838
MCQhard

A social media platform uses Cloud SQL for PostgreSQL for its user and post data. The schema has a normalized design with separate 'users' and 'posts' tables. Queries that fetch a user's timeline (joining users and posts) are slow due to heavy read volume. The team wants to optimize the schema for this read-heavy workload without changing the application logic significantly. What schema design change is most appropriate?

A.Migrate to a NoSQL database like Firestore for better read performance.
B.Create a materialized view that joins users and posts, refreshed periodically.
C.Add GIN indexes on the posts table for faster full-text search.
D.Denormalize by embedding commonly accessed user fields (e.g., username, avatar URL) into the posts table.
AnswerD

Denormalization reduces joins, improving read performance for read-heavy workloads.

Why this answer

Option D is correct because denormalizing by storing relevant user data (e.g., username, avatar) directly in the posts table reduces the need for JOINs, significantly improving read performance. Option A (materialized view) could help but may introduce staleness and overhead; Option B (NoSQL) is a major architectural change; Option C (GIN indexes) are for full-text search, not join performance.

839
Multi-Selecteasy

A company wants to create a BI dashboard that shows daily active users. The data is stored in a BigQuery table with columns: user_id, activity_date, and event_type. Which two optimizations would help reduce query costs? (Choose two.)

Select 2 answers
A.Cluster the table by event_type.
B.Use SELECT * and filter in the BI tool.
C.Use a materialized view with COUNT(DISTINCT user_id) grouped by activity_date.
D.Avoid using the LIMIT clause.
E.Partition the table by activity_date.
AnswersC, E

A materialized view caches the aggregation, avoiding repeated computation.

Why this answer

Option C is correct because a materialized view precomputes the COUNT(DISTINCT user_id) grouped by activity_date, so queries against it read only the pre-aggregated results rather than scanning the entire base table. This drastically reduces the amount of data processed, lowering query costs in BigQuery's on-demand pricing model where cost is proportional to bytes processed.

Exam trap

Google Cloud often tests the misconception that clustering alone reduces query cost for any aggregation, but clustering only reduces cost when the query filters or groups by the cluster key, not when the aggregation is on a different column like activity_date.

840
Multi-Selecthard

A team uses Cloud Build to build and push Docker images to Artifact Registry. They need to ensure that only images built from the main branch and signed by a trusted key can be deployed to GKE using Binary Authorization. Which THREE components must be in place?

Select 3 answers
A.A Binary Authorization attestor configured to verify the attestation key
B.A Cloud Build step that creates a signed attestation using KMS
C.A Cloud Deploy delivery pipeline with a canary strategy
D.An Artifact Registry repository configured with vulnerability scanning
E.A Binary Authorization policy that requires at least one attestation
AnswersA, B, E

The attestor holds the public key to verify attestations.

Why this answer

Option A is correct because a Binary Authorization attestor is the component that defines the trusted key(s) used to verify that an image has been signed. Without an attestor configured with the correct public key, Binary Authorization cannot validate the attestation signature, and the policy cannot enforce that only signed images are deployed.

Exam trap

Cisco often tests the misconception that vulnerability scanning or deployment strategies are part of Binary Authorization enforcement, when in fact only attestors, signed attestations, and a policy requiring attestations are the mandatory components.

841
MCQmedium

A company runs a Cloud SQL PostgreSQL instance for a SaaS application. They notice that the database CPU is consistently above 90% during peak hours, and queries slow down. The application is read-heavy and can tolerate some replication lag. Which action would MOST effectively reduce CPU load on the primary?

A.Use EXPLAIN ANALYZE to optimize the slowest queries
B.Create read replicas and route read-only queries to them
C.Increase the number of vCPUs on the primary instance
D.Enable connection pooling with PgBouncer via Cloud SQL Auth Proxy
AnswerB

Read replicas offload read traffic from the primary, reducing its CPU utilization effectively.

Why this answer

Creating one or more read replicas and offloading SELECT queries to them reduces CPU load on the primary instance. Adding more vCPU to the primary (scaling up) increases capacity but is more expensive and may not be as cost-effective as read replicas. PgBouncer helps with connection overhead but not CPU load from queries.

Query optimization helps but may not reduce load enough if the volume is high.

842
MCQhard

A company's BI dashboard queries a BigQuery table that is 20 TB and uses clustering on date and country. The query filters on date and country and also aggregates by category. The query takes 30 seconds. They want to reduce latency to under 5 seconds. What should they do?

A.Partition the table by date.
B.Add clustering by category.
C.Increase query priority.
D.Create a materialized view that aggregates by date, country, and category.
AnswerD

Materialized view stores the aggregated result, so query scans only the view.

Why this answer

The correct answer is D because a materialized view precomputes and stores the aggregation by date, country, and category, eliminating the need to scan the full 20 TB table on every query. This reduces query latency dramatically by serving pre-aggregated results, directly addressing the filter and aggregation requirements. Partitioning or clustering alone cannot achieve sub-5-second latency on a 20 TB table because they still require scanning all matching partitions or clusters and performing the aggregation at query time.

Exam trap

The trap here is that candidates often assume partitioning or clustering alone can achieve drastic latency reductions, but they overlook that aggregation over a large dataset still requires significant computation, whereas a materialized view precomputes the result, which is the only way to guarantee sub-5-second latency for this workload.

How to eliminate wrong answers

Option A is wrong because partitioning by date only limits the scan to the relevant date range, but the query still must aggregate 20 TB of data across all countries and categories, which cannot reduce latency to under 5 seconds. Option B is wrong because adding clustering by category improves the efficiency of the aggregation step by co-locating data, but it does not precompute the aggregation; the query still must scan and aggregate all rows in the filtered partition, which is too slow for a 20 TB table. Option C is wrong because increasing query priority does not change the amount of data scanned or the computational work required; it only affects scheduling and resource allocation, not the fundamental latency of scanning and aggregating 20 TB.

843
MCQmedium

A Firestore application stores user profiles that must be queried by any of multiple attributes (age, city, last_login). What is the best schema design to support these queries efficiently?

A.Store attributes in an array field and query with array-contains
B.Create a composite index on the attributes in a single collection
C.Use subcollections per attribute value
D.Create separate documents for each attribute value
AnswerB

Composite indexes enable efficient multi-attribute queries in Firestore.

Why this answer

Option B is correct because Firestore requires composite indexes to efficiently query documents across multiple fields (age, city, last_login) in a single collection. Without a composite index, Firestore would need to perform a full collection scan or merge results from separate index scans, which is inefficient and can lead to high latency or query failures. Creating a composite index on the three attributes allows Firestore to use a single index scan to satisfy queries filtering on any combination of these fields.

Exam trap

Cisco often tests the misconception that array-contains or subcollections can replace composite indexes for multi-attribute filtering, but Firestore's query engine requires explicit composite indexes for any query that combines fields with inequality or equality filters.

How to eliminate wrong answers

Option A is wrong because array-contains queries only check for the presence of a single value in an array field, not for equality or range comparisons on multiple distinct attributes; it cannot support queries like 'age > 30 AND city == 'NYC''. Option C is wrong because using subcollections per attribute value would require multiple queries and client-side merging to filter on multiple attributes, leading to poor performance and complexity; Firestore subcollections are designed for hierarchical data, not multi-attribute filtering. Option D is wrong because creating separate documents for each attribute value would require multiple reads and client-side joins to reconstruct a user profile, violating Firestore's document-oriented model and causing excessive read costs and latency.

844
MCQhard

A Cloud Spanner instance is experiencing increased latency during peak hours. Monitoring shows CPU utilization nearing 70%. How should they scale?

A.Add more nodes.
B.Change to a higher-tier machine type.
C.Increase the number of splits.
D.Add more processing units.
AnswerA

Adding nodes increases CPU capacity and reduces latency due to high CPU.

Why this answer

Adding more nodes is the correct scaling approach for a Cloud Spanner instance experiencing high CPU utilization and latency. Cloud Spanner distributes data and query processing across nodes; each node provides a fixed amount of compute and storage capacity. Increasing the number of nodes directly increases the available CPU resources, reducing per-node utilization and improving query throughput and latency.

Exam trap

The trap here is that candidates confuse Cloud Spanner's node-based scaling with the machine type scaling used in other Google Cloud services like Cloud SQL or Compute Engine, leading them to select 'Change to a higher-tier machine type' instead of adding nodes.

How to eliminate wrong answers

Option B is wrong because changing to a higher-tier machine type is not a valid scaling mechanism in Cloud Spanner; Spanner uses homogeneous nodes, not machine tiers, and scaling is done by adding or removing nodes. Option C is wrong because increasing the number of splits does not directly add CPU capacity; splits are automatically managed by Spanner for load distribution, and manually increasing them without adding nodes can lead to inefficiency and does not address high CPU utilization. Option D is wrong because 'processing units' is a concept from Cloud Spanner's serverless configuration (fine-grained scaling), but the question describes a standard instance with nodes; adding processing units is not applicable to node-based instances, and even in serverless mode, processing units are a capacity unit, not a direct scaling action for CPU utilization.

845
MCQmedium

An SRE team wants to reduce toil associated with manual database schema migrations. They currently run SQL scripts manually during maintenance windows. Which Google Cloud service is most appropriate to automate this process in a repeatable way?

A.Cloud Scheduler
B.Cloud Build
C.Workflows
D.Cloud Functions
AnswerB

Cloud Build can run custom steps (e.g., SQL scripts) and is designed for automated, repeatable tasks.

Why this answer

Cloud Build is a CI/CD platform that can execute SQL migration scripts as part of a build pipeline. It integrates with Cloud Source Repositories and can trigger on schema changes. Cloud Functions and Workflows are more for event-driven workflows, not typical for database migrations.

846
MCQeasy

An organization is deploying a containerized application to Cloud Run. They want to gradually roll out a new revision to 10% of traffic, monitor for errors, and then fully promote if stable. Which Cloud Run feature should they use?

A.Use the --to-revisions flag with gcloud run deploy to assign traffic percentages.
B.Deploy two separate Cloud Run services and use a global load balancer.
C.Use Cloud Deploy with a canary strategy.
D.Use Cloud Load Balancing with a backend bucket to split traffic.
AnswerA

This allows sending a percentage of traffic to the new revision for canary testing.

Why this answer

The `--to-revisions` flag with `gcloud run deploy` allows you to specify traffic percentages for revisions in a single Cloud Run service. This enables a gradual rollout by sending 10% of traffic to the new revision, monitoring for errors, and then promoting it to 100% without deploying a separate service or using external load balancers.

Exam trap

Cisco often tests the distinction between native Cloud Run traffic splitting and external tools like Cloud Deploy or Load Balancers, expecting candidates to recognize that Cloud Run's built-in `--to-revisions` flag is the simplest and most direct method for gradual rollouts.

How to eliminate wrong answers

Option B is wrong because deploying two separate Cloud Run services and using a global load balancer adds unnecessary complexity and cost; Cloud Run natively supports traffic splitting between revisions within a single service, making this approach overengineered. Option C is wrong because Cloud Deploy is designed for continuous delivery to GKE or GKE Autopilot clusters, not for Cloud Run; it does not directly manage Cloud Run revision traffic splits. Option D is wrong because Cloud Load Balancing with a backend bucket is used for serving static content (e.g., from Cloud Storage), not for splitting traffic between application revisions in Cloud Run.

847
MCQeasy

What is the primary purpose of including a runbook URL in an alert policy's documentation?

A.To link to a dashboard that shows the alert's metric
B.To automatically trigger a Cloud Function when the alert fires
C.To provide a direct link to the source code repository
D.To give responders immediate access to troubleshooting steps and escalation procedures
AnswerD

Runbook URL provides actionable guidance for alert responders.

848
MCQmedium

An organization uses Config Sync to manage Kubernetes resources across multiple GKE clusters. They want to automatically remediate configuration drift. What must they ensure?

A.Set the Config Sync policy to 'allow-drift'
B.Enable 'sync' and set 'sync-repo' to the desired repository
C.Configure 'source-format' as 'structured'
D.Use a GitOps tool like Config Sync with 'sync-mode' set to 'force'
AnswerD

Config Sync's force mode automatically reverts any manual changes to match the repo.

Why this answer

Config Sync's 'sync-mode' set to 'force' ensures that any manual changes to the cluster (configuration drift) are automatically reverted to match the desired state defined in the Git repository. This mode overwrites any modifications made outside of Config Sync, enforcing strict reconciliation. Without 'force', Config Sync may detect drift but not automatically correct it, leaving the cluster in a non-compliant state.

Exam trap

Cisco often tests the misconception that simply enabling Config Sync with a repository (Option B) is sufficient for drift remediation, but candidates must recognize that the 'sync-mode' parameter must be explicitly set to 'force' to enforce automatic correction of unauthorized changes.

How to eliminate wrong answers

Option A is wrong because 'allow-drift' is not a valid Config Sync policy; Config Sync does not have such a setting, and allowing drift would defeat the purpose of automatic remediation. Option B is wrong because enabling 'sync' and setting 'sync-repo' only establishes the initial synchronization source but does not specify how drift should be handled; it lacks the enforcement mechanism needed for automatic remediation. Option C is wrong because 'source-format' as 'structured' refers to the format of the configuration files (e.g., using Namespace configs) and has no impact on drift remediation behavior.

849
MCQeasy

Refer to the exhibit. The BI team creates a view to summarize sales. When they query the view with an additional WHERE clause on region, they notice that the underlying query still processes the same amount of data regardless of the filter. What is the most likely reason?

A.The view is a materialized view that refreshes every 30 minutes.
B.The view's WHERE clause on date is too restrictive, causing a full scan.
C.The view uses authorized views, which prevent predicate pushdown.
D.The view is a logical view, not a materialized view, so filters on the view do not reduce the scanned data.
AnswerD

Logical views execute the defining query each time; filters are applied after the view query.

Why this answer

Option D is correct because a logical view (also known as a standard or non-materialized view) in BigQuery does not store data; it merely stores the SQL query definition. When you query a logical view with an additional WHERE clause, BigQuery does not automatically push that filter down into the view's underlying query unless the view is defined with a specific optimization like a parameterized view or uses a scripting approach. By default, the view's query is executed first, and then the outer filter is applied to the result set, meaning the same amount of underlying data is scanned regardless of the outer filter.

Exam trap

The trap here is that candidates confuse logical views with materialized views, assuming that any view automatically reduces scanned data when filtered, but in BigQuery, only materialized views or tables with partitioning/clustering support efficient predicate pushdown.

How to eliminate wrong answers

Option A is wrong because a materialized view stores precomputed results and refreshes periodically; querying a materialized view with an additional WHERE clause can reduce scanned data if the filter matches the partitioning or clustering of the materialized view, so this would not cause the same amount of data to be processed. Option B is wrong because a restrictive WHERE clause on date would typically reduce the data scanned, not cause a full scan; a full scan is more likely due to missing partitioning or clustering, not because the filter is too restrictive. Option C is wrong because authorized views in BigQuery are used for sharing data with specific users without granting direct table access; they do not inherently prevent predicate pushdown—predicate pushdown is a query engine optimization that is independent of view authorization.

850
Multi-Selectmedium

A company uses BigQuery for BI analytics. They want to improve query performance for a table with 10 TB of data. Which two actions should they take? (Choose two.)

Select 2 answers
A.Limit the number of columns queried using SELECT * with EXCEPT.
B.Use a wildcard table to combine multiple tables.
C.Partition by a column with a high granularity.
D.Cluster on columns used in filters and aggregations.
E.Use a clustered column as the partition key.
AnswersA, D

Reducing columns scanned decreases processed bytes and cost.

Why this answer

Option A is correct because using SELECT * with EXCEPT limits the number of columns scanned, reducing I/O and improving query performance in BigQuery. BigQuery charges by the amount of data processed, so reading fewer columns directly lowers both cost and query execution time.

Exam trap

Google Cloud often tests the distinction between partitioning and clustering, where candidates mistakenly think that high-granularity partitioning or using a clustered column as a partition key improves performance, when in fact it introduces overhead and defeats the purpose of each feature.

851
MCQhard

A developer reports that an application cannot connect to a Cloud SQL SQL Server instance. The error log shows the message in the exhibit. The instance exists and the user credentials are correct. What is the most likely cause?

A.The Cloud SQL instance has reached its maximum number of connections.
B.The database name specified in the connection string is incorrect.
C.The Cloud SQL proxy is not running.
D.The Cloud SQL instance is not in the same VPC network as the application.
AnswerB

This error commonly occurs when the database name is misspelled or does not exist.

Why this answer

The error message in the exhibit indicates that the login failed for the user, which is a common symptom when the database name in the connection string does not match an existing database on the Cloud SQL SQL Server instance. Even though the user credentials are correct, SQL Server requires a valid database context to establish the connection; an incorrect database name causes the server to reject the login attempt. This is a configuration issue, not an authentication or network problem.

Exam trap

Google Cloud often tests the distinction between authentication errors and database context errors, leading candidates to incorrectly blame network or proxy issues when the actual problem is a simple misconfiguration in the connection string's database name.

How to eliminate wrong answers

Option A is wrong because reaching the maximum number of connections would produce a different error, such as 'Cannot open server connection' or 'Connection limit exceeded', not a login failure for a specific database. Option C is wrong because if the Cloud SQL proxy were not running, the application would not be able to reach the Cloud SQL instance at all, resulting in a network timeout or connection refused error, not a SQL Server login error. Option D is wrong because if the instance were not in the same VPC network, the application would experience a network connectivity failure (e.g., timeout or unreachable host), not a SQL Server authentication error that includes a database name reference.

852
MCQhard

Your company runs a large e-commerce application on Google Cloud using Cloud SQL for MySQL (version 8.0) with 2 TB of data. The database experiences intermittent performance degradation during peak hours (10am-2pm). Cloud Monitoring shows a spike in CPU utilization to 90% and increased query latency. The database has been running for 6 months with default settings. You notice many slow queries like "SELECT * FROM orders WHERE customer_id=12345 ORDER BY order_date DESC LIMIT 10" that take 5-10 seconds. The orders table has 50 million rows, customer_id has a B-tree index, and order_date is not indexed. The query execution plan indicates a full table scan and a filesort. What is the most effective course of action to resolve the performance issue?

A.Add a composite index on (customer_id, order_date)
B.Create multiple read replicas to offload read traffic
C.Partition the orders table by month using range partitioning
D.Increase the memory size of the Cloud SQL instance to 30 GB
AnswerA

A composite index on both columns enables the query to use index for filtering and sorting, eliminating the full table scan and filesort.

Why this answer

The slow query uses a WHERE clause on customer_id (which is indexed) and an ORDER BY on order_date (not indexed). The index on customer_id alone is insufficient because the query still requires sorting, leading to a filesort. Adding a composite index on (customer_id, order_date) allows the database to retrieve rows for a specific customer in sorted order without a full scan or filesort.

Option B (increasing memory) may help but does not address the root cause. Option C (read replicas) offloads read traffic but does not fix the query plan. Option D (partitioning) might help with data management but is not as direct or efficient as adding the appropriate index.

853
MCQhard

A company has multiple GCP projects and wants to audit all IAM policy changes. They need a solution that captures who made the change, what was changed, and when. The solution should be cost-effective and require minimal setup. What should they use?

A.Enable Access Transparency logs.
B.Use Cloud Asset Inventory to export IAM policies daily.
C.Set up Stackdriver (now Cloud Monitoring) alerts on IAM changes.
D.Enable Cloud Audit Logs for Admin Activity for all projects.
AnswerD

Admin Activity logs are enabled by default and capture IAM changes.

Why this answer

Cloud Audit Logs for Admin Activity automatically captures all API calls that modify IAM policies, including the identity of the caller, the change made, and the timestamp. This is enabled by default for all GCP projects at no additional cost, making it the most cost-effective and minimal-setup solution for auditing IAM changes.

Exam trap

The trap here is that candidates confuse Access Transparency (for Google support actions) with Cloud Audit Logs (for user actions), or think that monitoring alerts provide an audit trail when they only provide real-time notifications.

How to eliminate wrong answers

Option A is wrong because Access Transparency logs are designed to show actions taken by Google support personnel on your data, not internal IAM policy changes made by your own users. Option B is wrong because Cloud Asset Inventory exports are snapshots of current IAM policies, not a real-time audit trail of who made changes and when; they also require additional setup and incur costs for export operations. Option C is wrong because Stackdriver (Cloud Monitoring) alerts can notify you of IAM changes but do not provide a historical audit log of who made the change and what exactly was changed; they are for alerting, not auditing.

854
MCQhard

An online advertising platform uses Cloud Spanner for ad impression tracking. The table 'ad_impressions' has a primary key (ad_id, timestamp). The table receives millions of writes per minute. A secondary index on (campaign_id, timestamp) was created to support queries that sum impressions per campaign. During high traffic, the team notices increased write latency and hotspotting on the index (the campaign_id has low cardinality, causing all writes to a campaign to hit the same index split). They need to redesign the schema to avoid hotspotting on the index while still supporting the campaign aggregation queries. What is the best solution?

A.Modify the secondary index to include a hash prefix (e.g., use 'hash(campaign_id)' as the first column of the index).
B.Migrate the ad_impressions table to Cloud Bigtable with row key 'campaign_id#timestamp'.
C.Change the primary key of the base table to include campaign_id as the first column.
D.Create a separate table that stores per-campaign aggregations, updated in real time.
AnswerA

A hash prefix distributes index writes evenly across splits, preventing hotspotting.

Why this answer

Option A is correct. Adding a hash prefix to the index key (e.g., using a hash of campaign_id as the leading column) distributes index writes across multiple splits, eliminating the hotspot. Option B (changing primary key) would affect the base table distribution but not necessarily the index.

Option C (separate table) adds complexity and still may have indexing issues. Option D (Bigtable) is a different database.

855
MCQmedium

Refer to the exhibit. You are reviewing the following Cloud Spanner DDL statement for a table storing customer orders. What potential performance issue will arise with this schema?

A.The primary key includes two columns which reduces insert performance
B.The TotalAmount column should be INTEGER for performance
C.The table lacks a foreign key constraint
D.The OrderId is likely to be sequentially generated, causing write hotspots
AnswerD

Sequential keys lead to hotspotting; consider using a hash prefix or UUID.

Why this answer

Option D is correct because Cloud Spanner uses a distributed architecture that splits data across splits based on the primary key range. If OrderId is sequentially generated (e.g., auto-increment), all new inserts will target the same split, creating a write hotspot that degrades throughput and latency. This is a well-known anti-pattern in Spanner; the recommended approach is to use a UUID or a monotonically increasing key with a hash prefix to distribute writes evenly.

Exam trap

Cisco often tests the misconception that composite primary keys or missing foreign keys are the main performance culprits, when in fact the critical issue is write hotspotting caused by monotonically increasing primary keys in a distributed database like Cloud Spanner.

How to eliminate wrong answers

Option A is wrong because having two columns in the primary key does not inherently reduce insert performance; Spanner can efficiently handle composite primary keys as long as they are not monotonically increasing. Option B is wrong because using INTEGER vs FLOAT64 for TotalAmount is a data type choice, not a performance issue; Spanner handles both efficiently, and the real concern is write distribution, not column type. Option C is wrong because foreign key constraints are optional in Spanner and their absence does not cause performance issues; they are used for data integrity, not write throughput.

856
MCQeasy

You want to ensure that a critical deployment on GKE has minimal downtime during rolling updates. You also want to ensure that at least 2 pods are always available. Which Kubernetes resource should you configure?

A.Cluster autoscaler with minNodes: 2
B.HorizontalPodAutoscaler with minReplicas: 2
C.VerticalPodAutoscaler with updateMode: Auto
D.PodDisruptionBudget with minAvailable: 2
AnswerD

PDB ensures at least 2 pods remain available during voluntary disruptions.

Why this answer

PodDisruptionBudget (PDB) specifies the minimum number or percentage of pods that must be available during voluntary disruptions like rolling updates. Setting minAvailable: 2 ensures at least 2 pods are running during updates. HPA, VPA, and cluster autoscaler do not control pod availability during updates.

857
MCQmedium

A retail company uses BigQuery to store sales transactions. The BI team needs to create a monthly customer lifetime value (CLV) report that aggregates purchase history across multiple tables. Which BigQuery feature should they use to define the data structure for this report?

A.Create a materialized view with the aggregation query
B.Create a view that joins and aggregates the tables
C.Create an external table pointing to the raw data files
D.Create a new table to store the aggregated data using INSERT SELECT
AnswerB

A view provides a logical virtual table that hides complexity and ensures the BI team always sees the latest data.

Why this answer

Option B is correct because a view in BigQuery allows the BI team to define a logical data structure that joins and aggregates multiple tables without storing the results. This ensures the monthly CLV report always reflects the latest data, as views are re-evaluated at query time, which is ideal for recurring reports that need up-to-date aggregations.

Exam trap

Google Cloud often tests the distinction between views and materialized views, trapping candidates who assume materialized views are always better for performance without considering the need for real-time data freshness in recurring reports.

How to eliminate wrong answers

Option A is wrong because a materialized view stores pre-computed results, which can become stale and require manual or automatic refreshes, making it unsuitable for a report that must reflect the most recent purchase history without latency. Option C is wrong because an external table points to raw data files (e.g., in Cloud Storage) and does not support SQL joins or aggregations natively; it is designed for querying external data without loading it into BigQuery, not for defining a structured report. Option D is wrong because creating a new table with INSERT SELECT stores a static snapshot of the data, which would require manual re-execution to update the CLV report, defeating the purpose of a dynamic, recurring report.

858
MCQmedium

A data analyst runs a query joining several large tables and gets 'Resources exceeded' error. They need to reduce memory usage without changing the query logic. What should they do?

A.Use a subquery to pre-aggregate the largest table before joining
B.Use APPROX_COUNT_DISTINCT for counting distinct values
C.Increase the slot reservation
D.Use SELECT * in the subquery to ensure all columns are available
AnswerA

Pre-aggregation reduces the row count and columns, decreasing shuffle and memory.

Why this answer

Option A is correct because pre-aggregating the largest table in a subquery reduces the amount of data that needs to be shuffled and joined in memory. In BigQuery, this minimizes the bytes processed and the memory footprint of the join operation, directly addressing the 'Resources exceeded' error without altering the overall query logic.

Exam trap

The trap here is that candidates often confuse increasing resources (slots) with reducing memory usage, or they think that approximate functions like APPROX_COUNT_DISTINCT can fix join memory errors, when in fact they only affect aggregation accuracy.

How to eliminate wrong answers

Option B is wrong because APPROX_COUNT_DISTINCT reduces the accuracy of distinct counts but does not reduce the memory usage of a join operation; it only optimizes a specific aggregation function. Option C is wrong because increasing the slot reservation increases the available compute resources (slots) but does not reduce the memory usage per query; it may delay the error but does not fix the underlying memory bottleneck. Option D is wrong because using SELECT * in a subquery retrieves all columns, which increases the data volume and memory consumption, making the 'Resources exceeded' error worse.

859
Multi-Selectmedium

Which TWO metrics are appropriate for defining a request-based SLI for a web service? (Choose 2)

Select 2 answers
A.Latency: proportion of requests under a threshold
B.Throughput: requests per second
C.Error count: number of 5xx responses
D.Availability: successful requests / total requests
E.Uptime: minutes service is up
AnswersA, D

Standard latency SLI.

Why this answer

Request-based SLIs include availability (successful/total) and latency (proportion under threshold). Throughput and error count are not SLIs themselves but can be used in SLO definitions. Uptime is a window-based metric.

860
MCQhard

A company has a Spanner instance with 5 nodes serving a global application. They receive alerts that write latency has increased significantly during business hours in the Asia-Pacific region. The team confirms that no application changes have been made. What is the most likely cause and recommended action?

A.Writes are hitting a hot spot due to monotonically increasing keys; consider using a hash prefix or bit-reversed key
B.CPU utilization is above 70%; enable Spanner fine-grained access control
C.Set up interleaved indexes to speed up writes
D.The instance is under-provisioned; increase the number of nodes
AnswerA

Using a hash prefix or bit-reversed key distributes writes across splits, reducing hot spots.

Why this answer

Monotonically increasing keys (e.g., timestamps or auto-increment IDs) cause all new writes to target the same tablet leader in Spanner, creating a hot spot. This increases write latency because the single node becomes a bottleneck, especially during peak business hours in the Asia-Pacific region. Using a hash prefix or bit-reversed key distributes writes evenly across nodes, resolving the contention.

Exam trap

Google Cloud often tests the misconception that adding nodes (scaling out) always fixes write latency, but the real issue is often a hot spot from poor key design, which requires schema-level changes rather than infrastructure scaling.

How to eliminate wrong answers

Option B is wrong because CPU utilization above 70% is a symptom, not a root cause, and enabling fine-grained access control does not reduce write latency. Option C is wrong because interleaved indexes optimize read performance by colocating parent and child rows, but they do not speed up writes; in fact, they can add overhead to write operations. Option D is wrong because the instance has 5 nodes and no application changes were made, so under-provisioning is unlikely; the issue is a hot spot from key design, not insufficient capacity.

861
Multi-Selectmedium

An application is emitting custom metrics using OpenTelemetry. You want to collect and export these metrics to Cloud Monitoring. Which TWO components are required? (Select 2)

Select 2 answers
A.Cloud Logging Agent
B.Cloud Monitoring Agent
C.Pub/Sub topic
D.OpenTelemetry SDK in the application
E.OpenTelemetry Collector
AnswersD, E

The SDK instruments the application to emit metrics.

Why this answer

The OpenTelemetry Collector can receive metrics from the application and export them to Cloud Monitoring using the Google Cloud Monitoring exporter.

862
MCQmedium

A GKE cluster runs a stateful workload that requires persistent volumes. The nodes are managed by a node pool with autoscaling enabled. During scale-down, the cluster autoscaler sometimes removes nodes that host critical pods with local data. How can the team prevent this?

A.Set a PodDisruptionBudget with maxUnavailable=0 for the critical workloads
B.Use node taints and tolerations to pin pods to specific nodes
C.Set the cluster autoscaler flag --scale-down-delay to a high value
D.Configure Vertical Pod Autoscaler to increase pod resources
AnswerA

A PDB ensures that the cluster autoscaler does not remove nodes that would cause too many pods to be unavailable.

Why this answer

PodDisruptionBudgets (PDB) allow specifying the minimum number of available pods during voluntary disruptions like cluster autoscaler scale-down. By setting a PDB with maxUnavailable=0, the autoscaler will not drain nodes that would violate the budget. Node taints and tolerations control scheduling but not disruption.

Cluster autoscaler flags like scale-down-delay only delay scale-down, not prevent it for specific pods. VPA does not affect node selection.

863
MCQeasy

A company wants to use Cloud Monitoring dashboards to display real-time metrics for their application, but they also need to version control the dashboard configurations. Which approach should they use?

A.Define dashboards as code using the Cloud Monitoring API and store the configuration in a Git repository.
B.Manually create dashboards in the Cloud Monitoring console and export them periodically.
C.Use Grafana with the Cloud Monitoring data source and export dashboard JSON.
D.Use Cloud Monitoring's built-in 'Clone' feature to backup dashboards.
AnswerA

This allows declarative management, review, and version control of dashboard configurations.

Why this answer

Cloud Monitoring dashboards can be defined as JSON or YAML and managed via the Monitoring API or Terraform. This allows version control and CI/CD. Manually creating dashboards in the console is not reproducible.

864
MCQmedium

A Pub/Sub subscription is processing messages but the subscriber cannot keep up. The team notices that many messages are being resent. Which parameter should they adjust to reduce duplicate processing?

A.Decrease the acknowledgement deadline
B.Increase the retention duration
C.Enable ordering keys
D.Increase the acknowledgement deadline
AnswerD

A longer deadline allows subscribers more time to process, reducing redelivery.

Why this answer

Increasing the acknowledgement deadline gives the subscriber more time to process and ack messages, reducing the chance that they expire and are redelivered.

865
Multi-Selectmedium

A company wants to implement a CI/CD pipeline for a multi-service application where each service is built from a separate repository. They need to run unit tests, build container images, and deploy to both Cloud Run and GKE. Which two Google Cloud services should be combined to achieve this?

Select 2 answers
A.Config Sync
B.Artifact Registry
C.Cloud Build
D.Cloud Source Repositories
E.Cloud Deploy
AnswersC, E

Cloud Build can be configured with triggers from multiple repos to build and test.

Why this answer

Cloud Build is correct because it is a fully managed CI/CD platform that can pull source code from multiple repositories (including Cloud Source Repositories, GitHub, or Bitbucket), run unit tests, build container images, and push them to Artifact Registry. Cloud Deploy is correct because it provides managed continuous delivery to both Cloud Run and GKE, supporting progressive delivery strategies like canary and blue-green deployments, and integrates directly with Cloud Build as a delivery pipeline target.

Exam trap

The trap here is that candidates often confuse artifact storage (Artifact Registry) or source control (Cloud Source Repositories) with CI/CD pipeline services, leading them to select those as the primary pipeline components instead of the correct build and deploy services.

866
Drag & Dropmedium

Arrange the steps to configure high availability for a Cloud SQL for MySQL instance.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

Create instance first, then enable HA and set standby zone, then verify and test.

867
MCQhard

A team uses Cloud Deploy with a delivery pipeline that deploys to GKE clusters across dev, staging, and prod targets. They want to automatically roll back a release if the canary deployment in staging fails to meet a defined service-level objective (SLO) for error rate. Which Cloud Deploy feature enables this?

A.Use preDeploy and postDeploy hooks to run Cloud Run jobs that check error rate and roll back.
B.Configure canary deployment with the '--canary-percentage' flag and enable SLO verification in the delivery pipeline.
C.Use Binary Authorization with a custom attestor that checks error rate.
D.Set an approval gate on the staging target that requires manual review.
AnswerB

Cloud Deploy supports metrics-based canary verification and automatic rollback when SLOs are not met.

Why this answer

Option B is correct because Cloud Deploy's canary deployment strategy supports SLO verification via the `--canary-percentage` flag combined with a `canaryDeployment` configuration that includes a `verify` phase. This allows the pipeline to automatically roll back the release if the canary fails to meet the defined error rate SLO, without manual intervention or external services.

Exam trap

Cisco often tests the distinction between Cloud Deploy's built-in canary SLO verification and external mechanisms like hooks or Binary Authorization, leading candidates to overcomplicate the solution when a native feature exists.

How to eliminate wrong answers

Option A is wrong because preDeploy and postDeploy hooks are designed for custom actions like running Cloud Run jobs, but they do not natively integrate with canary SLO verification or automatic rollback; they require custom scripting and lack the built-in SLO monitoring and rollback logic of Cloud Deploy's canary strategy. Option C is wrong because Binary Authorization with a custom attestor is used for verifying container image provenance and enforcing deployment policies based on attestations, not for monitoring real-time error rates during a canary deployment or triggering automatic rollbacks. Option D is wrong because an approval gate on the staging target requires manual review, which contradicts the requirement for an automatic rollback based on SLO failure; it introduces human delay and does not provide automated SLO verification.

868
MCQhard

A BI manager needs to restrict access to sensitive sales data so that salespeople can only see their own region's data. Which BigQuery feature should be used to implement row-level security without duplicating tables?

A.Use column-level security to hide sensitive columns
B.Use BigQuery row-level access policies
C.Create an authorized view that uses SESSION_USER() in a WHERE clause to filter rows
D.Create separate IAM roles for each region
AnswerC

Authorized views can leverage the current user identity to dynamically filter rows, enabling row-level security.

Why this answer

Option C is correct because an authorized view with SESSION_USER() in a WHERE clause dynamically filters rows based on the caller's identity, providing row-level security without duplicating tables. This approach leverages BigQuery's ability to share a single view with different users, each seeing only their authorized subset of data, which aligns with the requirement to restrict salespeople to their own region's data.

Exam trap

The trap here is that candidates confuse 'row-level access policies' (a conceptual term) with a native BigQuery feature, leading them to select Option B, when in fact BigQuery implements row-level security through authorized views with SESSION_USER() or similar dynamic filtering, not a dedicated policy object.

How to eliminate wrong answers

Option A is wrong because column-level security hides entire columns (e.g., salary), not rows, so it cannot restrict which rows a salesperson sees based on region. Option B is wrong because BigQuery does not have a native 'row-level access policies' feature; the correct term is row-level security implemented via authorized views or row-level access policies (which are not a distinct BigQuery feature). Option D is wrong because IAM roles control access at the dataset or table level, not at the row level, and creating separate roles per region would require duplicating tables or complex, unscalable management.

869
MCQeasy

Which Cloud Monitoring metric indicates the number of queries waiting for locks in Cloud SQL?

A.Lock waits
B.Active connections
C.CPU utilization
D.Queries
AnswerA

This metric measures the number of queries waiting for locks.

Why this answer

The 'Lock waits' metric in Cloud SQL (for MySQL, PostgreSQL, or SQL Server) directly tracks the number of queries that are blocked because they are waiting for a lock held by another transaction. This is the correct indicator of query contention, as it measures the count of statements currently in a lock-wait state, not the total queries or connections.

Exam trap

The trap here is that candidates confuse 'Queries' (total throughput) with 'Lock waits' (blocked queries), assuming that a high query count implies lock contention, when in fact lock waits are a specific subset of queries that are actively waiting for locks.

How to eliminate wrong answers

Option B is wrong because 'Active connections' shows the total number of open connections to the database, not queries waiting for locks; a high active connection count does not necessarily indicate lock contention. Option C is wrong because 'CPU utilization' measures processor usage, which may be high due to many reasons (e.g., heavy queries, indexing issues) but does not specifically indicate queries waiting for locks. Option D is wrong because 'Queries' typically refers to the total number of queries executed per second, not the subset of queries that are blocked waiting for locks.

870
MCQeasy

A developer runs the command shown in the exhibit and wants to verify that replication is enabled on the Bigtable instance. Where should they look for this information in the output?

A.Examine the 'instanceType' field for 'MULTI_CLUSTER'.
B.Look for a 'replication' field in the JSON.
C.View the 'clusters' list within the instance description.
D.Check the 'state' field for 'REPLICATED'.
AnswerC

Clusters indicate replication if multiple clusters exist.

Why this answer

Option C is correct because the `gcloud bigtable instances describe` command returns a JSON representation of the instance, which includes a `clusters` list. Each cluster object in that list contains a `replication` field (e.g., `defaultStorageType` and `nodes`), and the presence of multiple clusters in the list indicates that replication is configured. Replication in Cloud Bigtable is enabled by adding more than one cluster to the instance, so examining the `clusters` list directly shows whether replication is active.

Exam trap

The trap here is that candidates confuse the `instanceType` field (which is `PRODUCTION` or `DEVELOPMENT`) with replication status, or expect a dedicated `replication` boolean field, when in fact replication is indicated by the presence of multiple clusters in the `clusters` list.

How to eliminate wrong answers

Option A is wrong because `instanceType` in Cloud Bigtable is either `PRODUCTION` or `DEVELOPMENT`, not `MULTI_CLUSTER`; the term 'MULTI_CLUSTER' is used for routing options, not instance type. Option B is wrong because there is no top-level `replication` field in the JSON output of `gcloud bigtable instances describe`; replication status is derived from the number of clusters in the `clusters` list. Option D is wrong because the `state` field in the instance description indicates the lifecycle state (e.g., `READY`, `CREATING`), not replication status; there is no `REPLICATED` state value.

871
Multi-Selectmedium

A DevOps team is designing a landing zone on GCP. They want to centralize networking, logging, and security. Which TWO projects should they create? (Choose 2)

Select 2 answers
A.A project for IAM roles
B.A central Logging project
C.A Shared VPC project for networking
D.A project for each environment
E.A separate project per application
AnswersB, C

Centralized logging and billing export.

Why this answer

In a GCP landing zone, centralizing logging into a dedicated project ensures that audit logs, VPC flow logs, and other operational logs are aggregated in a single, secure location. This project is used to configure log sinks, export logs to BigQuery or Cloud Storage, and enforce retention policies across the organization, which is a best practice for compliance and troubleshooting.

Exam trap

The trap here is that candidates often confuse the landing zone's centralized infrastructure projects (Shared VPC and Logging) with environment-specific or application-specific projects, which are separate concerns in the GCP resource hierarchy.

872
Multi-Selecthard

A company is experiencing slow query performance on Cloud Spanner. They have identified a query that joins a parent table with a child table frequently. Which THREE design choices can improve the performance of this join? (Choose three.)

Select 3 answers
A.Split the child table into multiple smaller tables.
B.Create a secondary index on the parent table's primary key.
C.Use interleaved tables to store child rows within the parent row.
D.Use `spanner_interleave_in_parent` option when creating the secondary index on the child table.
E.Add a secondary index on the foreign key of the child table.
AnswersC, D, E

Interleaved tables co-locate parent and child data, improving join performance.

Why this answer

Interleaved tables physically store child rows with the parent, reducing cross-node communication. Secondary indexes help with non-key lookups. Using `spanner_interleave_in_parent` on indexes stores index entries with the parent.

Splitting tables into smaller tables does not help joins. Bit-reversed keys prevent hotspots but not join performance.

873
MCQmedium

A financial services company runs a Cloud SQL for PostgreSQL instance for transactional data. They need to conduct regular security audits and compliance checks. The database engineer must ensure that all connections to the database are encrypted and that access is restricted to authorized VMs only. The database is currently accessible from the internet via an authorized network with a public IP. What should the database engineer do to meet these requirements?

A.Create a Cloud SQL proxy instance in the same VPC and force all clients to connect through the proxy.
B.Configure SSL/TLS for all connections and use an authorized network with a specific CIDR range.
C.Enable Cloud SQL private IP and disable public IP. Use VPC Service Controls and Cloud Identity-Aware Proxy for access.
D.Enable Cloud SQL public IP with SSL/TLS and restrict access using Cloud Armor.
AnswerC

Private IP eliminates internet exposure; VPC Service Controls and IAP enforce access control.

Why this answer

Option C is correct because it addresses both requirements: encryption and access restriction. Enabling Cloud SQL private IP ensures that the database is only reachable from within the VPC, eliminating internet exposure. VPC Service Controls provide a security perimeter to prevent data exfiltration, and Cloud Identity-Aware Proxy (IAP) enables fine-grained, identity-based access to the database without requiring a public IP or VPN.

Exam trap

The trap here is that candidates often confuse Cloud SQL proxy with a network-level access control solution, or they assume that SSL/TLS and authorized networks are sufficient for VM-only access, overlooking the fact that authorized networks still expose a public IP and do not enforce VM identity.

How to eliminate wrong answers

Option A is wrong because Cloud SQL proxy is a client-side tool for encrypting connections and simplifying authentication, but it does not restrict access to authorized VMs only; it still requires a public IP or a private IP with appropriate network configuration, and it does not enforce VM-level authorization. Option B is wrong because while SSL/TLS encrypts connections, using an authorized network with a public IP still exposes the database to the internet, violating the requirement to restrict access to authorized VMs only; authorized networks are IP-based and do not enforce VM-level identity. Option D is wrong because Cloud Armor is a web application firewall for HTTP(S) traffic, not for database connections; it cannot restrict access to Cloud SQL PostgreSQL instances, and using a public IP with SSL/TLS still leaves the database internet-facing.

874
Multi-Selectmedium

A company wants to enforce that only approved images from Artifact Registry can be deployed to their GKE clusters. They also want to ensure that images are scanned for vulnerabilities. Which TWO services should they use together?

Select 2 answers
A.Cloud IAM
B.Binary Authorization
C.Cloud Build
D.Container Analysis
E.Artifact Registry
AnswersB, D

Enforces that only signed/approved images are deployed.

Why this answer

Binary Authorization enforces deployment policies based on attestations; Container Analysis scans images for vulnerabilities. Artifact Registry stores images; Cloud Build builds them; IAM controls access.

875
MCQmedium

A global e-commerce company is designing a Cloud Spanner schema for order processing. They need strong consistency across regions and high write throughput. Orders are identified by a globally unique order ID (UUID). Currently, they use the UUID as the primary key, but they observe write hotspots during peak hours. What primary key design change should they make to distribute writes more evenly?

A.Use the timestamp of order creation as the primary key.
B.Use a sequential integer primary key with auto-increment.
C.Use a composite primary key starting with a hash of the order ID, followed by the order ID.
D.Keep UUID as primary key but add a secondary index on a hash of the UUID.
AnswerC

A hash prefix ensures writes are distributed across all splits, avoiding hotspots.

Why this answer

Option C is correct because using a composite primary key starting with a hash of the order ID distributes writes evenly across all Cloud Spanner nodes, preventing hotspots. Cloud Spanner uses the first column of the primary key to determine row distribution; a monotonically increasing UUID as the first column causes all new writes to land on the same tablet, creating a hotspot. By hashing the UUID first, writes are spread uniformly across the key space, while the order ID ensures uniqueness.

Exam trap

The trap here is that candidates often think secondary indexes or adding a hash anywhere in the schema will fix distribution, but Cloud Spanner only distributes rows based on the first column of the primary key, so the hash must be the leading column.

How to eliminate wrong answers

Option A is wrong because using a timestamp as the primary key is monotonically increasing, which causes all new writes to be directed to the same tablet, creating severe write hotspots and defeating the purpose of distribution. Option B is wrong because a sequential integer primary key with auto-increment is also monotonically increasing, leading to the same hotspot problem as timestamps, and it introduces contention on the auto-increment mechanism. Option D is wrong because keeping the UUID as the primary key does not solve the hotspot issue; adding a secondary index on a hash of the UUID does not change the physical distribution of rows, and Cloud Spanner distributes data based on the primary key, not secondary indexes.

876
MCQmedium

A developer needs to manually instrument a Go application with distributed tracing and send traces to Cloud Trace. Which approach should they use?

A.Enable automatic instrumentation by adding a Cloud Trace agent to the application.
B.Write logs with trace IDs and use log-based metric to track traces.
C.Add trace statements using the Cloud Trace API directly.
D.Use the OpenTelemetry Go SDK and configure the Cloud Trace exporter.
AnswerD

OpenTelemetry is the recommended vendor-neutral approach for manual instrumentation.

877
Multi-Selectmedium

Which TWO statements are true about designing a star schema for BI reporting?

Select 2 answers
A.Fact tables store descriptive attributes like product names
B.Dimension tables are denormalized to reduce the number of joins
C.Fact tables use natural keys to enforce referential integrity
D.Fact tables contain quantitative measures
E.Dimension tables are normalized to minimize redundancy
AnswersB, D

Denormalized dimensions allow joining directly to the fact table without additional joins.

Why this answer

Option B is correct because dimension tables in a star schema are intentionally denormalized to reduce the number of joins required for BI queries. This denormalization improves query performance by allowing fact tables to join directly to dimension tables without traversing multiple normalized tables, which is a key design principle for OLAP reporting.

Exam trap

Google Cloud often tests the misconception that dimension tables should be normalized for data integrity, but in star schemas for BI, denormalization is intentional to optimize query performance over normalization.

878
MCQmedium

A team uses Cloud Build with a private pool to access resources in a VPC. After configuring the private pool, builds fail with a timeout error when pulling images from Artifact Registry. What is the most likely cause?

A.The Artifact Registry repository is in a different region than the private pool
B.The image name contains a typo
C.The Cloud Build service account lacks permissions to pull images from Artifact Registry
D.The private pool is not peered with the VPC that contains Artifact Registry
AnswerD

Private pools require VPC peering to access resources in the VPC; without it, network timeout occurs.

Why this answer

When using a Cloud Build private pool, the pool runs in a Google-managed environment that must be peered with your VPC to access internal resources. If the private pool is not peered with the VPC that contains Artifact Registry (which is a regional service accessible via Private Service Connect or VPC peering), the build worker cannot reach the Artifact Registry API endpoint over the private network, causing a timeout when pulling images. Option D directly addresses this missing network connectivity.

Exam trap

Cisco often tests the distinction between permission errors (which produce explicit denial messages) and network connectivity errors (which produce timeouts), tempting candidates to select IAM-related options when the symptom is a timeout.

How to eliminate wrong answers

Option A is wrong because Artifact Registry is a regional service, and a private pool can pull images from any region as long as network connectivity exists; the timeout is not caused by a region mismatch. Option B is wrong because a typo in the image name would result in an 'image not found' error, not a timeout error. Option C is wrong because insufficient permissions would produce a 'denied' or 'unauthorized' error, not a timeout; the timeout indicates a network connectivity issue, not an IAM failure.

879
Drag & Dropmedium

Arrange the steps to perform a point-in-time recovery (PITR) for a Cloud SQL instance.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order
1Step 1
2Step 2
3Step 3
4Step 4

Why this order

PITR requires backups and binary logs enabled; then you create a new instance from backup at the specific time.

880
MCQmedium

A company uses BigQuery for real-time BI. They have a table with streaming inserts. Analysts run queries that need to see data within seconds. However, they notice that streaming data appears with a delay of up to 2 minutes. What is the most likely reason?

A.The query uses cached results.
B.The table is partitioned by hour.
C.The streaming buffer's flush interval is set to 2 minutes.
D.The table has a clustering key.
AnswerC

By default, BigQuery flushes streaming buffers every 90 seconds; configuration can change this.

Why this answer

Option C is correct because BigQuery's streaming buffer has a default flush interval of up to 90 seconds, but it can be configured. When the flush interval is set to 2 minutes, data written via streaming inserts remains in the buffer for that duration before being committed to the table, causing a delay of up to 2 minutes before it becomes visible to queries. This matches the symptom described in the question.

Exam trap

Google Cloud often tests the misconception that partitioning or clustering directly affects data freshness, when in fact they only impact storage organization and query performance, not the latency of streaming data visibility.

How to eliminate wrong answers

Option A is wrong because cached results only affect query performance, not the freshness of streaming data; cached results are served from a temporary cache and do not delay the visibility of newly streamed data. Option B is wrong because partitioning by hour does not inherently introduce a delay; it organizes data into partitions but does not control when streaming data becomes available for queries. Option D is wrong because a clustering key improves query performance by sorting data within partitions, but it has no impact on the latency of streaming data appearing in query results.

881
MCQeasy

A company is designing a schema for time-series sensor data in Cloud Spanner. They need to efficiently query the latest reading for each sensor. Which schema design is most appropriate?

A.Use a single table with columns for each sensor and wide rows
B.Use Cloud SQL with a normalized schema
C.Create a Sensors table and an interleaved Readings table with primary key (SensorId, Timestamp DESC)
D.Use Cloud Bigtable with row keys (SensorId#Timestamp)
AnswerC

Correct: Interleaved hierarchy with descending timestamp allows efficient latest row retrieval per sensor.

Why this answer

Option A is correct because interleaving the Readings table under Sensors allows efficient parent-child joins and retrieval of the latest reading per sensor using the primary key ordering. Option B (single wide table) leads to large rows and poor performance. Option C (Cloud SQL) is not optimized for time-series at scale.

Option D (Bigtable) is better for time-series but the question specifies Spanner.

882
MCQmedium

A company is using BigQuery for BI and needs to reduce costs for a large historical dataset that is infrequently queried. Which approach should they take?

A.Use materialized views for common aggregations.
B.Use clustered tables.
C.Partition by ingestion time and set expiration on partitions older than 90 days.
D.Use a view with a WHERE clause filtering recent data.
AnswerC

Expired partitions are deleted, reducing storage costs.

Why this answer

Option C is correct because partitioning by ingestion time allows BigQuery to automatically manage data lifecycle by setting partition expiration. This reduces storage costs for historical data that is infrequently queried, as partitions older than 90 days are deleted without manual intervention. This approach directly addresses the need to reduce costs for a large historical dataset while maintaining query performance on recent data.

Exam trap

Google Cloud often tests the distinction between cost reduction and performance optimization, leading candidates to choose clustering or materialized views (which improve query speed) instead of the storage lifecycle management solution that directly reduces costs.

How to eliminate wrong answers

Option A is wrong because materialized views improve query performance for common aggregations but do not reduce storage costs for historical data; they actually incur additional storage costs for the precomputed results. Option B is wrong because clustered tables optimize query performance by sorting data within partitions but do not reduce storage costs or automatically expire old data. Option D is wrong because a view with a WHERE clause filtering recent data only limits the data scanned at query time, but the underlying historical data remains in storage and continues to incur costs.

883
MCQhard

A Bigtable cluster has 10 nodes and is experiencing 90% CPU utilization, causing increased latency. The workload is mostly random reads (70%) and writes (30%). The table has 50TB of data, and the row key design is efficient. What is the best way to reduce CPU utilization?

A.Increase the number of nodes to 20.
B.Add SSDs instead of HDDs.
C.Enable replication for read offloading.
D.Compact the table to reduce SSTable count.
AnswerA

Adding nodes increases total throughput and reduces per-node CPU, alleviating the bottleneck.

Why this answer

Increasing the number of nodes distributes the load and reduces CPU per node, directly addressing the high utilization. Adding SSDs or compaction may help marginally but not as effectively as adding nodes.

884
MCQeasy

Based on the exhibit, what is the primary key of the Readings table?

A.(SensorId, Timestamp)
B.(SensorId, SensorType)
C.(SensorId)
D.(ReadingsId)
AnswerA

The DDL explicitly defines this as the primary key.

Why this answer

The Readings table captures sensor measurements over time, so the natural primary key is the combination of SensorId and Timestamp, which uniquely identifies each reading. This is a classic example of a composite primary key in relational database design, ensuring that no two readings from the same sensor at the same time can exist.

Exam trap

Cisco often tests the misconception that a single column like SensorId can serve as a primary key, when in fact the combination of SensorId and Timestamp is required to guarantee uniqueness in a time-series table.

How to eliminate wrong answers

Option B is wrong because (SensorId, SensorType) is not unique — a sensor has a fixed SensorType, so multiple readings for that sensor would have the same pair, violating primary key uniqueness. Option C is wrong because (SensorId) alone cannot be a primary key — a single sensor produces many readings over time, so SensorId is not unique across rows. Option D is wrong because ReadingsId is not mentioned in the exhibit; the table likely does not include a surrogate key, and the question asks for the primary key based on the given schema, not an artificial one.

885
Multi-Selecthard

A company runs a Bigtable instance for time-series data. They need to reduce storage costs without compromising query performance for the most recent 30 days. Which three strategies should they implement?

Select 2 answers
A.Increase the number of cluster nodes to improve compaction
B.Use Cloud Storage as a cold storage tier for historical data
C.Enable Bigtable replication and delete data from one cluster
D.Set garbage collection to delete data older than 30 days
E.Reduce the number of cluster nodes to save costs
AnswersB, D

Export old data to Cloud Storage and delete from Bigtable.

Why this answer

Option B is correct because moving historical data (older than 30 days) to Cloud Storage as a cold storage tier reduces Bigtable storage costs while keeping the most recent 30 days in Bigtable for fast queries. Option D is correct because setting garbage collection (GC) to delete data older than 30 days automatically removes stale data, reducing storage footprint without impacting query performance for recent data. Both strategies directly address cost reduction while preserving performance for the required time window.

Exam trap

Google Cloud often tests the misconception that reducing cluster nodes or increasing nodes is a direct cost-saving strategy, but candidates must remember that performance requirements (especially for recent data) dictate node count, and cost savings must come from data lifecycle management, not infrastructure scaling.

886
MCQmedium

A company uses Cloud Build to deploy to Google Kubernetes Engine (GKE). They want to use a Helm chart stored in a Cloud Storage bucket. What should they do in the cloudbuild.yaml?

A.Use `kubectl apply -f` with the Helm chart URL
B.Use `helm repo add` with a GCS bucket URL
C.Store the chart in Artifact Registry and use `helm install` from there
D.Use the `gcloud storage cp` command to copy the chart, then run `helm upgrade`
AnswerD

Correct: download chart from GCS, then use Helm.

Why this answer

Option D is correct because Cloud Build cannot directly access a Helm chart stored in a Cloud Storage bucket. You must first copy the chart to the build environment using `gcloud storage cp`, then run `helm upgrade` to deploy it to GKE. This ensures the chart is locally available for Helm to process.

Exam trap

Cisco often tests the misconception that Helm can directly consume a chart from a URL or cloud storage without explicit download, or that `kubectl apply` can interpret Helm charts as Kubernetes manifests.

How to eliminate wrong answers

Option A is wrong because `kubectl apply -f` expects a Kubernetes manifest (YAML/JSON), not a Helm chart URL; Helm charts are not raw Kubernetes resources. Option B is wrong because `helm repo add` with a GCS bucket URL is not supported by Helm natively; Helm does not have a built-in GCS repository protocol. Option C is wrong because while Artifact Registry can host Helm charts, the question explicitly states the chart is stored in a Cloud Storage bucket, so migrating to Artifact Registry is not the required action.

887
Multi-Selecthard

A company wants to reduce BigQuery query costs for their BI workloads. Which THREE actions effectively lower the amount of data processed per query? (Choose THREE.)

Select 3 answers
A.Use partitioned tables on date column
B.Use LIMIT in subqueries to reduce output
C.Use clustered tables on frequently filtered columns
D.Use SELECT * to avoid missing columns
E.Use materialized views that match common query patterns
AnswersA, C, E

Partitioning limits query scans to relevant partitions, cutting bytes.

Why this answer

Partitioned tables in BigQuery allow queries to use the WHERE clause to filter on the partition column (e.g., a date column), so BigQuery can prune entire partitions from the scan. This directly reduces the amount of data read and billed, lowering query costs. Option A is correct because it is a primary cost-control mechanism in BigQuery.

Exam trap

Google Cloud often tests the misconception that row-limiting clauses like LIMIT reduce data processing costs, but in BigQuery, only column and partition pruning reduce the bytes scanned.

888
MCQeasy

Your organization requires that all database backups be stored in a different region for disaster recovery. You are using Cloud SQL for MySQL. What backup configuration should you use?

A.Enable automated backups and select the same region as the instance.
B.Enable automated backups and select a different region for the backup location.
C.Use on-demand exports to Cloud Storage in the same region.
D.Configure a multi-region Cloud Storage bucket and point automated backups there.
AnswerB

This meets the cross-region DR requirement.

Why this answer

Cloud SQL for MySQL allows you to specify a different region for automated backup storage, which satisfies the disaster recovery requirement of storing backups in a separate region. By selecting a different region for the backup location, you ensure that if the primary region fails, the backups remain accessible for recovery. This is the only built-in option that directly meets the cross-region backup requirement without additional manual steps.

Exam trap

Google Cloud often tests the misconception that automated backups can be directed to a multi-region Cloud Storage bucket, but Cloud SQL only supports a single-region backup location for automated backups, not multi-region or dual-region buckets.

How to eliminate wrong answers

Option A is wrong because selecting the same region as the instance does not provide disaster recovery isolation; a regional failure would affect both the instance and its backups. Option C is wrong because on-demand exports to Cloud Storage in the same region also lack cross-region redundancy; the backups remain vulnerable to the same regional outage. Option D is wrong because Cloud SQL automated backups cannot be pointed to a multi-region Cloud Storage bucket; automated backups are stored in Cloud SQL's internal backup storage, not in a user-managed bucket, and the backup location must be a single region.

889
MCQhard

A company uses Cloud Monitoring SLO monitoring with error budget alerts. They set a slow burn alert with a 5x burn rate over a 6-hour window. If the error budget is 0.1% over 30 days, approximately how long would it take to exhaust the budget at a 5x burn rate?

A.12 hours
B.6 hours
C.6 days
D.30 days
AnswerC

Correct: 30 days / 5 = 6 days.

Why this answer

At 5x burn rate, the budget lasts 1/5 of the SLO period. 30 days / 5 = 6 days. The 6-hour window is used to detect this burn rate early.

890
Multi-Selectmedium

A company is migrating their on-premises Oracle database to Cloud SQL for PostgreSQL. They want to minimize downtime during the cutover. Which two strategies should the database engineer recommend? (Choose 2.)

Select 2 answers
A.Use a Cloud VPN tunnel for data transfer.
B.Use Database Migration Service with continuous replication.
C.Use a third-party tool like pglogical for replication.
D.Use Cloud SQL for PostgreSQL with read replicas and promote.
E.Perform an export using pg_dump and import using psql.
AnswersB, C

DMS allows continuous replication with minimal downtime.

Why this answer

Database Migration Service (DMS) with continuous replication is correct because it supports minimal-downtime migrations from Oracle to Cloud SQL for PostgreSQL by continuously replicating changes from the source to the target until cutover. This allows the source database to remain operational during most of the migration, with only a brief pause to finalize the switch.

Exam trap

Google Cloud often tests the misconception that any replication tool (like pglogical) can be used across heterogeneous databases, but pglogical only works between PostgreSQL instances, not from Oracle to PostgreSQL.

891
MCQhard

A company uses BigQuery BI Engine for sub-second query performance. However, some queries are hitting the BI Engine memory limit. Which action should be taken?

A.Cluster the tables more granularly.
B.Increase BI Engine capacity allocation.
C.Use a reservation with a higher slot count.
D.Optimize the dimension tables by denormalizing.
AnswerB

Allocating more memory to BI Engine allows caching larger datasets.

Why this answer

BI Engine is an in-memory analysis service that accelerates queries by caching data in memory. When queries exceed the allocated memory, they spill to disk, causing performance degradation. Increasing the BI Engine capacity allocation directly addresses this by providing more memory for caching, enabling sub-second query performance for larger datasets.

Exam trap

Google Cloud often tests the misconception that increasing slot count (compute) solves memory bottlenecks, but BI Engine memory is a separate resource that must be explicitly allocated; candidates confuse slot-based reservations with in-memory caching.

How to eliminate wrong answers

Option A is wrong because clustering tables more granularly improves partition pruning and data skipping but does not increase the memory available to BI Engine; it may even increase memory pressure by creating more fine-grained data segments. Option C is wrong because a reservation with a higher slot count increases query concurrency and compute resources, not the in-memory cache size for BI Engine; slots and BI Engine memory are separate resources. Option D is wrong because denormalizing dimension tables reduces join complexity but does not expand BI Engine's memory limit; it could actually increase the data volume cached, exacerbating the memory issue.

892
MCQeasy

An SRE team wants to track the amount of toil their team performs each week. According to SRE best practices, what is the recommended maximum percentage of time that should be spent on toil?

A.25%
B.10%
C.50%
D.75%
AnswerC

Correct: SRE practice suggests a 50% toil budget.

Why this answer

Google SRE recommends that teams spend no more than 50% of their time on toil, leaving the rest for engineering work that reduces future toil or improves the service.

893
MCQhard

An organization uses GitOps with Config Sync to manage multiple GKE clusters. They want to automatically deploy a new version of a microservice by pushing to a Git repository. Which component validates and applies the changes to the clusters?

A.Cloud Build trigger
B.Admission webhook
C.Anthos Service Mesh
D.Config Sync reconciler
AnswerD

The reconciler continuously syncs the cluster state with the Git repository.

Why this answer

Config Sync's core component is the 'reconciler', which runs in each cluster, watches the Git repo, and applies changes to ensure cluster state matches the repo. The 'admission webhook' provides validation but does not apply.

894
MCQmedium

Refer to the exhibit. The query joins two large tables and aggregates results. Which optimization would most likely reduce the high shuffle bytes in Stage 3?

A.Add a WHERE clause to filter rows before the join.
B.Ensure both tables are clustered on the join key.
C.Use a broadcast join hint to force one table to be broadcast.
D.Add an ORDER BY clause to sort the data before aggregation.
AnswerA

Filtering early reduces the data that needs to be shuffled.

Why this answer

Option A is correct because adding a WHERE clause before the join reduces the amount of data that needs to be shuffled across the network in Stage 3. In Spark SQL (the engine behind Databricks and many PCDE scenarios), predicate pushdown filters rows early, minimizing the input to the join and subsequent aggregation, which directly reduces shuffle bytes.

Exam trap

Cisco often tests the misconception that clustering or broadcast hints are universal solutions, but the trap here is that candidates overlook the simplest and most effective optimization—filtering early—and instead choose more complex or inappropriate techniques that do not address the root cause of high shuffle bytes.

How to eliminate wrong answers

Option B is wrong because clustering on the join key can improve join performance by reducing data movement, but it does not reduce shuffle bytes in Stage 3 if the tables are already large and the join still requires a full shuffle; clustering helps with file skipping and bucketing but not with filtering data volume before the join. Option C is wrong because a broadcast join hint forces one table to be sent to all executors, which can reduce shuffle for small tables, but if both tables are large, broadcasting one will cause out-of-memory errors and does not reduce shuffle bytes—it actually increases network traffic. Option D is wrong because adding an ORDER BY clause before aggregation introduces an additional full sort operation, which increases shuffle bytes and processing time, rather than reducing them.

895
MCQhard

You are designing a distributed tracing strategy for a multi-service application deployed on Cloud Run and GKE. You need to ensure that all traces are captured with 100% sampling for the first 10 minutes after a new deployment, and then reduce to 10% sampling to control costs. Which approach should you use?

A.Use OpenTelemetry SDK with a custom sampler that checks the deployment timestamp stored in an environment variable, and send traces to the OpenTelemetry Collector configured to export to Cloud Trace.
B.Use Stackdriver Trace's automatic instrumentation on GKE and Cloud Run, and adjust the sampling rate via the Cloud Trace API after deployment.
C.Use Cloud Trace's built-in probabilistic sampler and configure it with 10% sampling in the configuration file.
D.Enable Cloud Trace on all services and use Cloud Monitoring alert on trace count to trigger a Cloud Function that changes the sampling rate.
AnswerA

This allows dynamic sampling rules based on deployment time. The custom sampler can implement the required logic.

Why this answer

Cloud Trace supports probability-based sampling, but to change the sampling rate based on time since deployment, you need more control. Using OpenTelemetry with a custom sampler in the application allows you to implement a rule: sample 100% if the deployment timestamp is within the last 10 minutes, else sample 10%. The OTel Collector can then export to Cloud Trace.

Cloud Trace's built-in sampling is static.

896
MCQmedium

A company uses Cloud Spanner with a schema that has a table 'Orders' with primary key (CustomerId, OrderDate, OrderId). They notice hotspots on a specific customer. Which schema change would best distribute load?

A.Use a secondary index on CustomerId.
B.Split the table into multiple tables per region.
C.Add a hash of CustomerId as a prefix to the primary key.
D.Change primary key to OrderId only.
AnswerC

Hash prefix distributes writes evenly across nodes, reducing hotspots.

Why this answer

Hotspots occur due to monotonically increasing or high-traffic keys. Adding a hash prefix to the primary key (Option A) distributes writes across nodes. Option B (OrderId only) loses ordering and may cause hotspots elsewhere.

Option C (secondary index) helps reads but not writes. Option D (split by region) is overly complex.

897
MCQmedium

A BI analyst wrote a query that computes the running total of sales over time for each product. The query uses a window function with an ORDER BY clause. The results are correct, but the query processes a large amount of data and is slow. What is the most efficient way to optimize this query?

A.Use the LAG function instead of a window function.
B.Materialize the running total in a separate table using a scheduled query.
C.Use the ROWS BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW frame.
D.Add a PARTITION BY clause to the window function.
AnswerD

Partitioning by product limits the window operation to individual product groups, reducing sorting and shuffle.

Why this answer

Option D is correct because adding a PARTITION BY clause to the window function allows the running total to be computed independently for each product, which reduces the data set the window function must sort and aggregate over. Without PARTITION BY, the query computes a single running total across all products, forcing the database engine to process the entire table as one partition, which is inefficient for large datasets. Partitioning by product ensures that the ORDER BY and frame operations are scoped to each product group, significantly reducing memory and CPU usage.

Exam trap

Google Cloud often tests the misconception that explicitly specifying the default frame (ROWS BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW) improves performance, when in fact the key optimization for a running total over multiple groups is to add a PARTITION BY clause to limit the scope of the window function.

How to eliminate wrong answers

Option A is wrong because the LAG function accesses a previous row's value but does not compute a running total; it would require additional logic to accumulate values, which would be even less efficient and more complex. Option B is wrong because materializing the running total in a separate table with a scheduled query does not optimize the existing query; it introduces data staleness and maintenance overhead, and the original query still runs slowly until the materialized table is built. Option C is wrong because ROWS BETWEEN UNBOUNDED PRECEDING AND CURRENT ROW is the default frame for a running total when ORDER BY is used; explicitly specifying it does not change the execution plan or improve performance, as the database already uses that frame by default.

898
MCQhard

An application running on Cloud Run is automatically instrumented with Cloud Trace, but the trace sampling rate is too high, causing excessive costs. How can the engineer reduce the sampling rate?

A.Set the environment variable TRACE_SAMPLE_RATE to a value between 0 and 1.
B.Disable Cloud Trace and use only Cloud Monitoring metrics.
C.Modify the Cloud Trace API quota to limit trace ingestion.
D.Configure the trace sampling rate in the Cloud Monitoring alert policy.
AnswerA

Cloud Run uses the OpenTelemetry environment variable for sampling rate.

899
Multi-Selectmedium

Which TWO components are essential for setting up an incident management on-call rotation in Google Cloud? (Choose 2)

Select 2 answers
A.Cloud Monitoring alert notification channels
B.On-call schedule defined in PagerDuty or OpsGenie
C.Cloud Build trigger for incidents
D.Cloud Functions to handle alerts
E.Traffic Director routing rules
AnswersA, B

Used to send alerts to on-call tools.

Why this answer

Cloud Monitoring alert notification channels are used to route alerts to on-call tools like PagerDuty or OpsGenie. An on-call schedule defines who is on call. The other options are not directly related.

900
MCQeasy

What is the primary purpose of an error budget?

A.To measure team performance for annual reviews
B.To define the maximum acceptable downtime in a contract
C.To track the total number of errors in a system
D.To balance reliability and innovation by allowing a controlled amount of failure
AnswerD

Error budgets enable teams to decide when to slow down deployments.

Why this answer

Error budgets are the permissible amount of unreliability (100% - SLO). They allow teams to balance reliability with feature velocity: if budget remains, teams can deploy new features; if depleted, focus on reliability.

Page 11

Page 12 of 14

Page 13