[Aug 01, 2025] Professional-Cloud-Developer PDF Questions and Testing Engine With 265 Questions [Q53-Q78]

[Aug 01, 2025] Professional-Cloud-Developer PDF Questions and Testing Engine With 265 Questions

Updated Exam Engine for Professional-Cloud-Developer Exam Free Demo & 365 Day Updates

To become a Google Certified Professional - Cloud Developer, candidates must pass a rigorous exam that covers a broad range of topics related to Google Cloud Platform. Professional-Cloud-Developer exam consists of multiple-choice and scenario-based questions that assess one’s understanding of cloud-native application development, Google Cloud infrastructure, and various programming languages and tools.

Google Professional-Cloud-Developer exam is an essential certification for developers who want to demonstrate their expertise in developing applications on Google Cloud Platform. Google Certified Professional - Cloud Developer certification exam covers various topics related to Google Cloud Platform, and passing the exam is a great way for developers to advance their careers. As the demand for developers with expertise in Google Cloud Platform continues to grow, the Google Professional-Cloud-Developer certification is becoming increasingly valuable.

 

NEW QUESTION # 53
You are planning to deploy your application in a Google Kubernetes Engine (GKE) cluster. Your application can scale horizontally, and each instance of your application needs to have a stable network identity and its own persistent disk.
Which GKE object should you use?

• A. ReplicaSet
• B. StatefulSet
• C. ReplicaController
• D. Deployment

Answer: B

Explanation:
Reference:
https://livebook.manning.com/book/kubernetes-in-action/chapter-10/46

NEW QUESTION # 54
Your code is running on Cloud Functions in project A. It is supposed to write an object in a Cloud Storage bucket owned by project B. However, the write call is failing with the error "403 Forbidden".
What should you do to correct the problem?

• A. Grant your user account the roles/iam.serviceAccountUser role for the service-PROJECTA@gcf-admin- robot.iam.gserviceaccount.com service account.
• B. Grant the [email protected] service account the roles/ storage.objectCreator role for the Cloud Storage bucket.
• C. Grant your user account the roles/storage.objectCreator role for the Cloud Storage bucket.
• D. Enable the Cloud Storage API in project B.

Answer: A

NEW QUESTION # 55
For this question, refer to the HipLocal case study.
HipLocal's application uses Cloud Client Libraries to interact with Google Cloud. HipLocal needs to configure authentication and authorization in the Cloud Client Libraries to implement least privileged access for the application. What should they do?

• A. Create a service account for the application. Export and deploy the private key for the application. Use the service account to interact with Google Cloud.
• B. Create an API key. Use the API key to interact with Google Cloud.
• C. Use the default compute service account to interact with Google Cloud.
• D. Create a service account for the application and for each Google Cloud API used by the application.
  Export and deploy the private keys used by the application. Use the service account with one Google Cloud API to interact with Google Cloud.

Answer: B

NEW QUESTION # 56
You are designing an application that consists of several microservices. Each microservice has its own RESTful API and will be deployed as a separate Kubernetes Service. You want to ensure that the consumers of these APIs aren't impacted when there is a change to your API, and also ensure that third-party systems aren't interrupted when new versions of the API are released. How should you configure the connection to the application following Google-recommended best practices?

• A. Use multiple clusters, and use DNS entries to route requests to separate versioned backends.
• B. Combine multiple versions in the same service, and then specify the API version in the POST request.
• C. Leverage a Service Discovery system, and connect to the backend specified by the request.
• D. Use an Ingress that uses the API's URL to route requests to the appropriate backend.

Answer: B

NEW QUESTION # 57
You are developing a new web application using Cloud Run and committing code to Cloud Source Repositories. You want to deploy new code in the most efficient way possible. You have already created a Cloud Build YAML file that builds a container and runs the following command: gcloud run deploy. What should you do next?

• A. Create a Cron job that runs the following command every 24 hours: gcloud builds submit.
• B. Create a Pub/Sub topic to be notified when code is pushed to the repository. Create a Pub/Sub trigger that runs the build file when an event is published to the topic.
• C. Create a build trigger that runs the build file in response to a repository code being pushed to the development branch.
• D. Create a webhook build trigger that runs the build file in response to HTTP POST calls to the webhook URL.

Answer: C

Explanation:
https://cloud.google.com/build/docs/triggers
Cloud Build uses build triggers to enable CI/CD automation. You can configure triggers to listen for incoming events, such as when a new commit is pushed to a repository or when a pull request is initiated, and then automatically execute a build when new events come in. You can also configure triggers to build code on any changes to your source repository or only on changes that match certain criteria.

NEW QUESTION # 58
In order to meet their business requirements, how should HipLocal store their application state?

• A. Move the state storage to Cloud Spanner.
• B. Put a memcache layer in front of MySQL.
• C. Use local SSDs to store state.
• D. Replace the MySQL instance with Cloud SQL.

Answer: B

NEW QUESTION # 59
You are building a CI/CD pipeline that consists of a version control system, Cloud Build, and Container Registry. Each time a new tag is pushed to the repository, a Cloud Build job is triggered, which runs unit tests on the new code builds a new Docker container image, and pushes it into Container Registry. The last step of your pipeline should deploy the new container to your production Google Kubernetes Engine (GKE) cluster.
You need to select a tool and deployment strategy that meets the following requirements:
* Zero downtime is incurred
* Testing is fully automated
* Allows for testing before being rolled out to users
* Can quickly rollback if needed
What should you do?

• A. Trigger another Cloud Build job that uses the Kubernetes CLI tools to deploy your new container to your GKE cluster, where you can perform a shadow test.
• B. Trigger a Spinnaker pipeline configured as a canary test of your new code and, if it is successful, deploy the container to production.
• C. Trigger a Spinnaker pipeline configured as an A/B test of your new code and, if it is successful, deploy the container to production.
• D. Trigger another Cloud Build job that uses the Kubernetes CLI tools to deploy your new container to your GKE cluster, where you can perform a canary test.

Answer: A

Explanation:
Explanation
https://cloud.google.com/architecture/implementing-deployment-and-testing-strategies-on-gke#perform_a_shado With a shadow test, you test the new version of your application by mirroring user traffic from the current application version without impacting the user requests.

NEW QUESTION # 60
You are developing a corporate tool on Compute Engine for the finance department, which needs to authenticate users and verify that they are in the finance department. All company employees use G Suite.
What should you do?

• A. Configure Cloud Armor Security Policies to restrict access to only corporate IP address ranges. Verify the provided JSON Web Token within the application.
• B. Enable Cloud Identity-Aware Proxy on the HTTP(s) load balancer and restrict access to a Google Group containing users in the finance department. Issue client-side certificates to everybody in the finance team and verify the certificates in the application.
• C. Configure Cloud Armor Security Policies to restrict access to only corporate IP address ranges. Issue client side certificates to everybody in the finance team and verify the certificates in the application.
• D. Enable Cloud Identity-Aware Proxy on the HTTP(s) load balancer and restrict access to a Google Group containing users in the finance department. Verify the provided JSON Web Token within the application.

Answer: D

Explanation:
https://cloud.google.com/iap/docs/signed-headers-howto#securing_iap_headers (https://cloud.google.com/endpoints/docs/openapi/authenticating-users-google-id).
https://cloud.google.com/armor/docs/security-policy-overview#:~:text=Google%20Cloud%20Armor%20security%20policies%20enable%20you%20to%20allow%20or,Private%20Cloud%20(VPC)%20networks
"Google Cloud Armor security policies protect your application by providing Layer 7 filtering and by scrubbing incoming requests for common web attacks or other Layer 7 attributes to potentially block traffic before it reaches your load balanced backend services or backend buckets"

NEW QUESTION # 61
Your company has deployed a new API to a Compute Engine instance. During testing, the API is not behaving as expected. You want to monitor the application over 12 hours to diagnose the problem within the application code without redeploying the application. Which tool should you use?

• A. Cloud Debugger logpoints
• B. Cloud Debugger snapshots
• C. Cloud Trace
• D. Cloud Monitoring

Answer: A

Explanation:
https://cloud.google.com/debugger/docs/using/logpoints
Logpoints allow you to inject logging into running services without restarting or interfering with the normal function of the service

NEW QUESTION # 62
Your team manages a Google Kubernetes Engine (GKE) cluster where an application is running. A different team is planning to integrate with this application. Before they start the integration, you need to ensure that the other team cannot make changes to your application, but they can deploy the integration on GKE. What should you do?

• A. Create a new namespace in the existing cluster. Using Identity and Access Management (IAM), grant the Editor role on the cluster project to the other team.
• B. Using Identity and Access Management (IAM), grant the Viewer IAM role on the cluster project to the other team.
• C. Create a new GKE cluster. Using Identity and Access Management (IAM), grant the Editor role on the cluster project to the other team.
• D. Create a new namespace in the existing cluster. Using Kubernetes role-based access control (RBAC), grant the Admin role on the new namespace to the other team.

Answer: D

NEW QUESTION # 63
This architectural diagram depicts a system that streams data from thousands of devices. You want to ingest data into a pipeline, store the data, and analyze the data using SQL statements. Which Google Cloud services should you use for steps 1, 2, 3, and 4?

• A. 1) App Engine
  2) Pub/Sub
  3) BigQuery
  4) Firestore
• B. 1) Pub/Sub
  2) Dataflow
  3) Firestore
  4) BigQuery
• C. 1) Pub/Sub
  2) Dataflow
  3) BigQuery
  4) Firestore
• D. 1) Dataflow
  2) Pub/Sub
  3) Firestore
  4) BigQuery

Answer: B

NEW QUESTION # 64
You are deploying a single website on App Engine that needs to be accessible via the URL http://www.altostrat.com/. What should you do?

• A. Verify domain ownership with Webmaster Central. Create a DNS CNAME record to point to the App Engine canonical name ghs.googlehosted.com.
• B. Define a mapping in dispatch.yaml to point the domain www.altostrat.com to your App Engine service. Create a DNS CNAME record to point to the App Engine canonical name ghs.googlehosted.com.
• C. Define a mapping in dispatch.yaml to point the domain www.altostrat.com to your App Engine service. Define an A record pointing to the single global App Engine IP address.
• D. Verify domain ownership with Webmaster Central. Define an A record pointing to the single global App Engine IP address.

Answer: A

Explanation:
Reference:
https://cloud.google.com/appengine/docs/flexible/dotnet/mapping-custom-domains?hl=fa

NEW QUESTION # 65
Your team is developing a Cloud Function triggered by Cloud Storage Events. You want to accelerate testing and development of your Cloud Function while following Google-recommended best practices. What should you do?

• A. Make a copy of the Cloud Function, and rewrite the code to be HTTP-triggered Edit and test the new version by triggering the HTTP endpoint. Send mock requests to the new function to evaluate the functionality.
• B. Create a new Cloud Function that is triggered when Cloud Audit Logs detects the cloudfunctions. functions. sourceCodeSet operation in the original Cloud Function Send mock requests to the new function to evaluate the functionality.
• C. Install the Functions Frameworks library, and configure the Cloud Function on localhost. Make a copy of the function, and make edits to the new version Test the new version using cur1.
• D. Make a copy of the Cloud Function in the Google Cloud Console Use the Cloud console's in-line editor to make source code changes to the new function Modify your web application to call the new function and test the new version in production.

Answer: C

NEW QUESTION # 66
Your application takes an input from a user and publishes it to the user's contacts. This input is stored in a table in Cloud Spanner. Your application is more sensitive to latency and less sensitive to consistency.
How should you perform reads from Cloud Spanner for this application?

• A. Perform stale reads using single-read methods.
• B. Perform strong reads using single-read methods.
• C. Perform Read-Only transactions.
• D. Perform stale reads using read-write transactions.

Answer: D

Explanation:
Reference: https://cloud.google.com/solutions/best-practices-cloud-spanner-gaming-database
Topic 1, HipLocal Case StudyCompany Overview
HipLocal is a community application designed to facilitate communication between people in close proximity.
It is used for event planning and organizing sporting events, and for businesses to connect with their local communities. HipLocal launched recently in a few neighborhoods in Dallas and is rapidly growing into a global phenomenon. Its unique style of hyper-local community communication and business outreach is in demand around the world.
Executive statement
We are the number one local community app; it's time to take our local community services global. Our venture capital investors want to see rapid growth and the same great experience for new local and virtual communities that come online, whether their members are 10 or 10,000 miles away from each other.
Solution concept
HipLocal wants to expand their existing service, with updated functionality, in new regions to better serve their global customers. They want to hire and train a new team to support these regions in their time zones.
They will need to ensure that the application scales smoothly and provides clear uptime data.
Existing technical environment
HipLocal's environment is a mix of on-premises hardware and infrastructure running in Google Cloud Platform. The HipLocal team understands their application well but has limited experience in global scale applications. Their existing technical environment is as follows:
* Existing APIs run on Compute Engine virtual machine instances hosted in GCP
* State is stored in a single instance MySQL database in GCP
* Data is exported to an on-premises Teradata/Vertica data warehouse
* Data analytics is performed in an on-premises Hadoop environment
* The application has no logging
* There are basic indicators of uptime; alerts are frequently fired when the APIs are unresponsive Business requirements HipLocal's investors want to expand their footprint and support the increase in demand they are seeing. Their requirements are:
* Expand availability of the application to new regions
* Increase the number of concurrent users that can be supported
* Ensure a consistent experience for users when they travel to different regions
* Obtain user activity metrics to better understand how to monetize their product
* Ensure compliance with regulations in the new regions (for example, GDPR)
* Reduce infrastructure management time and cost
* Adopt the Google-recommended practices for cloud computing
Technical requirements
* The application and backend must provide usage metrics and monitoring
* APIs require strong authentication and authorization
* Logging must be increased, and data should be stored in a cloud analytics platform
* Move to serverless architecture to facilitate elastic scaling
* Provide authorized access to internal apps in a secure manner

NEW QUESTION # 67
Your application is running on Compute Engine and is showing sustained failures for a small number of requests. You have narrowed the cause down to a single Compute Engine instance, but the instance is unresponsive to SSH. What should you do next?

• A. Enable and check the serial port output.
• B. Take a snapshot of the disk and attach it to a new machine.
• C. Reboot the machine.
• D. Delete the machine and create a new one.

Answer: C

NEW QUESTION # 68
Your company's development teams want to use various open source operating systems in their Docker builds.
When images are created in published containers in your company's environment, you need to scan them for Common Vulnerabilities and Exposures (CVEs). The scanning process must not impact software development agility. You want to use managed services where possible. What should you do?

• A. Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.
• B. Disallow the use of non-commercially supported base images in your development environment.
• C. Enable the Vulnerability scanning setting in the Container Registry.
• D. Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.

Answer: C

Explanation:
https://cloud.google.com/container-analysis/docs/os-overview

NEW QUESTION # 69
You plan to make a simple HTML application available on the internet. This site keeps information about FAQs for your application. The application is static and contains images, HTML, CSS, and Javascript. You want to make this application available on the internet with as few steps as possible.
What should you do?

• A. Upload your application to Cloud Storage.
• B. Create a Compute Engine instance with Apache web server installed. Configure Apache web server to host the application.
• C. Upload your application to an App Engine environment.
• D. Containerize your application first. Deploy this container to Google Kubernetes Engine (GKE) and assign an external IP address to the GKE pod hosting the application.

Answer: A

NEW QUESTION # 70
You need to configure a Deployment on Google Kubernetes Engine (GKE). You want to include a check that verifies that the containers can connect to the database. If the Pod is failing to connect, you want a script on the container to run to complete a graceful shutdown. How should you configure the Deployment?

• A. Create two jobs: one that checks whether the container can connect to the database, and another that runs the shutdown script if the Pod is failing.
• B. Create the Deployment with a PostStart lifecycle handler that checks the service availability. Configure a PreStop lifecycle handler that runs the shutdown script if the container is failing.
• C. Create the Deployment with a livenessProbe for the container that will fail if the container can't connect to the database. Configure a Prestop lifecycle handler that runs the shutdown script if the container is failing.
• D. Create the Deployment with an initContainer that checks the service availability. Configure a Prestop lifecycle handler that runs the shutdown script if the Pod is failing.

Answer: C

Explanation:
Explanation
https://cloud.google.com/architecture/best-practices-for-running-cost-effective-kubernetes-applications-on-gke#m

NEW QUESTION # 71
You have an application controlled by a managed instance group. When you deploy a new version of the application, costs should be minimized and the number of instances should not increase. You want to ensure that, when each new instance is created, the deployment only continues if the new instance is healthy. What should you do?

• A. Perform a rolling-action with maxHealthy set to 0, maxUnhealthy set to 1.
• B. Perform a rolling-action with maxSurge set to 1, maxUnavailable set to 0.
• C. Perform a rolling-action with maxHealthy set to 1, maxUnhealthy set to 0.
• D. Perform a rolling-action with maxSurge set to 0, maxUnavailable set to 1

Answer: B

Explanation:
Reference:
https://cloud.google.com/compute/docs/instance-groups/rolling-out-updates-to-managed-instance-groups

NEW QUESTION # 72
Your application is deployed in a Google Kubernetes Engine (GKE) cluster. You want to expose this application publicly behind a Cloud Load Balancing HTTP(S) load balancer. What should you do?

• A. Configure a GKE Ingress resource.
• B. Configure a GKE Service resource with type: LoadBalancer.
• C. Configure a GKE Service resource.
• D. Configure a GKE Ingress resource with type: LoadBalancer.

Answer: A

Explanation:
Reference:
https://cloud.google.com/kubernetes-engine/docs/concepts/ingress

NEW QUESTION # 73
Your development team is using Cloud Build to promote a Node.js application built on App Engine from your staging environment to production. The application relies on several directories of photos stored in a Cloud Storage bucket named webphotos-staging in the staging environment. After the promotion, these photos must be available in a Cloud Storage bucket named webphotos-prod in the production environment. You want to automate the process where possible. What should you do?
A)
Manually copy the photos to webphotos-prod.
B)
Add a startup script in the application's app.yami file to move the photos from webphotos-staging to webphotos-prod.
C)
Add a build step in the cloudbuild.yaml file before the promotion step with the arguments:

D)
Add a build step in the cloudbuild.yaml file before the promotion step with the arguments:

• A. Option B
• B. Option C
• C. Option D
• D. Option A

Answer: B

Explanation:
https://cloud.google.com/storage/docs/gsutil/commands/cp

NEW QUESTION # 74
You are designing a chat room application that will host multiple rooms and retain the message history for each room. You have selected Firestore as your database. How should you represent the data in Firestore?

• A. Create a collection for the rooms. For each room, create a document that lists the contents of the messages
  
• B. Create a collection for the rooms, and create a document for each room. Create a separate collection for messages, with one document per message. Each room's document contains a list of references to the messages.
  
• C. Create a collection for the rooms. For each room, create a document that contains a collection for documents, each of which contains a message.
  
• D. Create a collection for the rooms. For each room, create a collection that contains a document for each message
  

Answer: C

Explanation:
Explanation
https://firebase.google.com/docs/firestore/data-model#hierarchical-data

NEW QUESTION # 75
You are developing a Java Web Server that needs to interact with Google Cloud services via the Google Cloud API on the user's behalf. Users should be able to authenticate to the Google Cloud API using their Google Cloud identities. Which workflow should you implement in your web application?

• A. 1) When a user arrives at your application, prompt them for their Google username and password.
  2) Store an SHA password hash in your application's database along with the user's username.
  3) The application authenticates to the Google Cloud API using HTTPs requests with the user's username and password hash in the Authorization request header.
• B. 1) When a user arrives at your application, route them to a Google Cloud consent screen with a list of requested permissions that prompts the user to sign in with SSO to their Google Account.
  2) After the user signs in and provides consent, your application receives an authorization code from a Google server.
  3) The Google server returns the authorization code to the user, which is stored in the browser's cookies.
  4) The user authenticates to the Google Cloud API using the authorization code in the cookie.
• C. 1) When a user arrives at your application, route them to a Google Cloud consent screen with a list of requested permissions that prompts the user to sign in with SSO to their Google Account.
  2) After the user signs in and provides consent, your application receives an authorization code from a Google server.
  3) The application requests a Google Server to exchange the authorization code with an access token.
  4) The Google server responds with the access token that is used by the application to call the Google Cloud API.
• D. 1) When a user arrives at your application, prompt them for their Google username and password.
  2) Forward the user's username and password in an HTTPS request to the Google Cloud authorization server, and request an access token.
  3) The Google server validates the user's credentials and returns an access token to the application.
  4) The application uses the access token to call the Google Cloud API.

Answer: C

Explanation:
https://developers.google.com/identity/protocols/oauth2#webserver
The Google OAuth 2.0 endpoint supports web server applications that use languages and frameworks such as PHP, Java, Python, Ruby, and ASP.NET. The authorization sequence begins when your application redirects a browser to a Google URL; the URL includes query parameters that indicate the type of access being requested. Google handles the user authentication, session selection, and user consent. The result is an authorization code, which the application can exchange for an access token and a refresh token.

NEW QUESTION # 76
You are a developer at a large organization Your team uses Git for source code management (SCM). You want to ensure that your team follows Google-recommended best practices to manage code to drive higher rates of software delivery. Which SCM process should your team use?

• A. Each developer creates a branch for their own work, commits their changes to their branch, and merges their code into the main branch daily.
• B. Each group of developers copies the repository, commits their changes to their repository, and merges their code into the main repository before each product release.
• C. Each group of developers creates a feature branch from the main branch for their work, commits their changes to their branch, and merges their code into the main branch after the change advisory board approves it.
• D. Each developer commits their code to the main branch before each product release, conducts testing, and rolls back if integration issues are detected.

Answer: C

Explanation:
Use a centralized repository. A centralized repository is a single location where all of your team's code is stored. This makes it easy for everyone to access the latest code, and it also helps to prevent conflicts. Use branches. Branches are a way to create a separate version of the code for development purposes. This allows developers to work on new features or bug fixes without affecting the main branch of the code.

NEW QUESTION # 77
In the systematic troubleshooting approach, which of the following statements is true about isolating an issue?

• A. Asking the customer to reproduce an issue can help determine if the issue is with the device.
• B. If an issue cannot be reproduced, it is likely a hardware issue.
• C. Replacing an internal component will determine if the issue is related to environment.
• D. Basing a conclusion on past experience with similar issues is a proven troubleshooting method.

Answer: A

NEW QUESTION # 78
......

Section 3: Deploying Apps

This topic evaluates the ability of the students to recommend the relevant deployment strategies with the help of the appropriate tools, such as Spinnaker, Cloud Build, Anthos Configuration Manager, and Tekton, for a certain compute environment (for instance, Google Kubernetes Engine, Compute Engine, etc.). The individuals should also possess the skills in deploying apps & services on Compute Engine; deploying apps & services to Google Kubernetes Engine (GKE); deploying Cloud Function. Lastly, they must have the proficiency in utilizing service accounts.

 

Exam Passing Guarantee Professional-Cloud-Developer Exam with Accurate Quastions: https://www.practicedump.com/Professional-Cloud-Developer_actualtests.html

Test Engine to Practice Test for Professional-Cloud-Developer Valid and Updated Dumps: https://drive.google.com/open?id=10QjetIE0lcRIUvUslJQxe83amz8F8RwG