Q1
Professional Cloud Developer Free Practice Questions
View all Google practice testsSample Questions
Q2
A development team is using Cloud Build for their CI/CD pipeline. To improve security, they need to ensure that only container images that have passed a specific 'QA-Approved' vulnerability scan level in Artifact Analysis are allowed to be deployed to their production GKE cluster. Any attempt to deploy an image that does not have this attestation should be blocked. What should the team implement to enforce this policy?
Q3
You are instrumenting a Node.js application deployed on Cloud Run to send custom metrics to Cloud Monitoring. After deploying your code, you notice that no data appears in Metrics Explorer for your custom metric. The application logs in Cloud Logging show no errors related to authentication or metric publishing. You have already verified that the Cloud Monitoring API is enabled for the project. Which of the following is the most likely cause of the issue?
Q4
A developer is building an event-driven processing pipeline. The architecture requires that when a file is uploaded to a Cloud Storage bucket, a message containing the file's metadata is sent to a Pub/Sub topic. This message should then trigger a Cloud Run service for processing. The developer wants to set this up using a direct, event-based mechanism without writing custom trigger code. Which Google Cloud service should be used to connect the Cloud Storage event to the Pub/Sub topic?
Q5
A developer needs to deploy a containerized application to a new GKE cluster. The application has a web frontend and a backend processing service that communicate with each other. For security, the developer must prevent all other pods in the cluster from communicating with the backend service, while still allowing the frontend pods to reach it. Which Kubernetes object should be created to enforce this traffic rule?
Q6
You are building a CI/CD pipeline using Cloud Build. The build process requires a specific version of a proprietary code analysis tool that is not available in the standard Cloud Build builder images. You want to make this tool available to your build steps while following security best practices and ensuring build reproducibility. What is the recommended approach?
Q7Multiple answers
A new developer on your team is using Gemini Code Assist in their IDE. They want to generate unit tests for a complex function they have written in Python. Which TWO of the following actions are best practices for effectively using Gemini Code Assist for this task? (Select TWO).
Q8
You are deploying a new version of a critical microservice to Cloud Run. To minimize the risk of a faulty deployment affecting all users, you want to first deploy the new version without sending it any production traffic. After verifying its health through internal tests, you then want to gradually shift 100% of the traffic to it. Which deployment command sequence should you use?
Q9
Your application, running on Compute Engine, needs to read sensitive configuration data stored in Secret Manager. To adhere to the principle of least privilege and avoid managing service account keys, what is the most secure method for the application to authenticate to the Secret Manager API?
Q10