Professional-Cloud-Developer 試験問題を無料オンラインアクセス

Your company's development teams want to use various open source operating systems in their Docker builds.
When images are created in published containers in your company's environment, you need to scan them for Common Vulnerabilities and Exposures (CVEs). The scanning process must not impact software development agility. You want to use managed services where possible. What should you do?

• A.Enable the Vulnerability scanning setting in the Container Registry.
• B.Disallow the use of non-commercially supported base images in your development environment.
• C.Use Cloud Monitoring to review the output of Cloud Build to determine whether a vulnerable version has been used.
• D.Create a Cloud Function that is triggered on a code check-in and scan the code for CVEs.

Your team is developing unit tests for Cloud Function code. The code is stored in a Cloud Source Repositories repository. You are responsible for implementing the tests. Only a specific service account has the necessary permissions to deploy the code to Cloud Functions. You want to ensure that the code cannot be deployed without first passing the tests. How should you configure the unit testing process?

• A.Configure Cloud Build to run the unit tests. If the code passes the tests, the developer deploys the Cloud Function.
• B.Configure Cloud Build to deploy the Cloud Function. If the code passes the tests, a deployment approval is sent to you.
• C.Configure Cloud Build to deploy the Cloud Function, using the specific service account as the build agent. Run the unit tests after successful deployment.
• D.Configure Cloud Build to run the unit tests, using the specific service account as the build agent. If the code passes the tests, Cloud Build deploys the Cloud Function.

You have containerized a legacy application that stores its configuration on an NFS share. You need to deploy this application to Google Kubernetes Engine (GKE) and do not want the application serving traffic until after the configuration has been retrieved. What should you do?

• A.Use the COPY statement in the Dockerfile to load the configuration into the container image. Verify that the configuration is available, and start the service using an ENTRYPOINT script.
• B.Add a startup script to the GKE instance group to mount the NFS share at node startup. Copy the configuration files into the container, and start the service using an ENTRYPOINT script.
• C.Use the gsutil utility to copy files from within the Docker container at startup, and start the service using an ENTRYPOINT script.
• D.Create a PersistentVolumeClaim on the GKE cluster. Access the configuration files from the volume, and start the service using an ENTRYPOINT script.

For this question refer to the HipLocal case study.
HipLocal wants to reduce the latency of their services for users in global locations. They have created read replicas of their database in locations where their users reside and configured their service to read traffic using those replicas. How should they further reduce latency for all database interactions with the least amount of effort?

• A.Migrate the database to Firestore in Datastore mode and use it to serve all global user traffic.
• B.Migrate the database to Bigtable and use it to serve all global user traffic.
• C.Migrate the services to Google Kubernetes Engine and use a load balancer service to better scale the application.
• D.Migrate the database to Cloud Spanner and use it to serve all global user traffic.

Your application is deployed in a Google Kubernetes Engine (GKE) cluster. You want to expose this application publicly behind a Cloud Load Balancing HTTP(S) load balancer. What should you do?

• A.Configure a GKE Service resource with type: LoadBalancer.
• B.Configure a GKE Ingress resource with type: LoadBalancer.
• C.Configure a GKE Ingress resource.
• D.Configure a GKE Service resource.