Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Google
  5. PROFESSIONAL-CLOUD-DEVOPS-ENGINEER

Google PROFESSIONAL-CLOUD-DEVOPS-ENGINEER Exam
Professional Cloud DevOps Engineer (Page 4 )

Updated On: 12-Feb-2026
Page 4 of 37
PDF with 201 Questions

Your organization recently adopted a container-based workflow for application development. Your team develops numerous applications that are deployed continuously through an automated build pipeline to a Kubernetes cluster in the production environment. The security auditor is concerned that developers or operators could circumvent automated testing and push code changes to production without approval.
What should you do to enforce approvals?

  1. Configure the build system with protected branches that require pull request approval.
  2. Use an Admission Controller to verify that incoming requests originate from approved sources.
  3. Leverage Kubernetes Role-Based Access Control (RBAC) to restrict access to only approved users.
  4. Enable binary authorization inside the Kubernetes cluster and configure the build pipeline as an attestor.

Answer(s): D

Explanation:

The keywords here is "developers or operators". Option A the operators could push images to production without approval (operators could touch the cluster directly and the cluster cannot do any action against them). Rest same as francisco_guerra.



You support an application running on App Engine. The application is used globally and accessed from various device types. You want to know the number of connections. You are using Stackdriver Monitoring for App Engine.
What metric should you use?

  1. flex/connections/current
  2. tcp_ssl_proxy/new_connections
  3. tcp_ssl_proxy/open_connections
  4. flex/instance/connections/current

Answer(s): A

Explanation:

https://cloud.google.com/monitoring/api/metrics_gcp#gcp-appengine



You support a production service that runs on a single Compute Engine instance. You regularly need to spend time on recreating the service by deleting the crashing instance and creating a new instance based on the relevant image. You want to reduce the time spent performing manual operations while following Site Reliability Engineering principles.
What should you do?

  1. File a bug with the development team so they can find the root cause of the crashing instance.
  2. Create a Managed Instance Group with a single instance and use health checks to determine the system status.
  3. Add a Load Balancer in front of the Compute Engine instance and use health checks to determine the system status.
  4. Create a Stackdriver Monitoring dashboard with SMS alerts to be able to start recreating the crashed instance promptly after it has crashed.

Answer(s): B



You are managing the production deployment to a set of Google Kubernetes Engine (GKE) clusters. You want to make sure only images which are successfully built by your trusted CI/CD pipeline are deployed to production.
What should you do?

  1. Enable Cloud Security Scanner on the clusters.
  2. Enable Vulnerability Analysis on the Container Registry.
  3. Set up the Kubernetes Engine clusters as private clusters.
  4. Set up the Kubernetes Engine clusters with Binary Authorization.

Answer(s): D

Explanation:

https://cloud.google.com/binary-authorization/docs/overview



You support a high-traffic web application with a microservice architecture. The home page of the application displays multiple widgets containing content such as the current weather, stock prices, and news headlines. The main serving thread makes a call to a dedicated microservice for each widget and then lays out the homepage for the user. The microservices occasionally fail; when that happens, the serving thread serves the homepage with some missing content. Users of the application are unhappy if this degraded mode occurs too frequently, but they would rather have some content served instead of no content at all. You want to set a Service Level Objective (SLO) to ensure that the user experience does not degrade too much.
What Service Level Indicator {SLI) should you use to measure this?

  1. A quality SLI: the ratio of non-degraded responses to total responses
  2. An availability SLI: the ratio of healthy microservices to the total number of microservices
  3. A freshness SLI: the proportion of widgets that have been updated within the last 10 minutes
  4. A latency SLI: the ratio of microservice calls that complete in under 100 ms to the total number of microservice calls

Answer(s): B

Explanation:

https://cloud.google.com/blog/products/gcp/available-or-not-that-is-the-question-cre-life-lessons






Post your Comments and Discuss Google PROFESSIONAL-CLOUD-DEVOPS-ENGINEER exam prep with other Community members:

Join the PROFESSIONAL-CLOUD-DEVOPS-ENGINEER Discussion