You support an application deployed on Compute Engine. The application connects to a Cloud SQL instance to store and retrieve dat a. After an update to the application, users report errors showing database timeout messages. The number of concurrent active users remained stable. You need to find the most probable cause of the database timeout. What should you do?

• A.Use Stackdriver Profiler to visualize the resources utilization throughout the application.
• B.Check the serial port logs of the Compute Engine instance.
• C.Determine whether there is an increased number of connections to the Cloud SQL instance.
• D.Use Cloud Security Scanner to see whether your Cloud SQL is under a Distributed Denial of Service (DDoS) attack.

Comment: *

Name: *

Email: *

Verification: *

You are performing a semiannual capacity planning exercise for your flagship service. You expect a service user growth rate of 10% month-over-month over the next six months. Your service is fully containerized and runs on Google Cloud Platform (GCP). using a Google Kubernetes Engine (GKE) Standard regional cluster on three zones with cluster autoscaler enabled. You currently consume about 30% of your total deployed CPU capacity, and you require resilience against the failure of a zone. You want to ensure that your users experience minimal negative impact as a result of this growth or as a result of zone failure, while avoiding unnecessary costs. How should you prepare to handle the predicted growth?

• A.Because you are deployed on GKE and are using a cluster autoscaler. your GKE cluster will scale automatically, regardless of growth rate.
• B.Because you are at only 30% utilization, you have significant headroom and you won't need to add any additional capacity for this rate of growth.
• C.Verity the maximum node pool size, enable a horizontal pod autoscaler, and then perform a load test to verity your expected resource needs.
• D.Proactively add 60% more node capacity to account for six months of 10% growth rate, and then perform a load test to make sure you have enough capacity.

Comment: *

Name: *

Email: *

Verification: *

You have a CI/CD pipeline that uses Cloud Build to build new Docker images and push them to Docker Hub. You use Git for code versioning. After making a change in the Cloud Build YAML configuration, you notice that no new artifacts are being built by the pipeline. You need to resolve the issue following Site Reliability Engineering practices. What should you do?

• A.Disable the CI pipeline and revert to manually building and pushing the artifacts.
• B.Change the CI pipeline to push the artifacts to Container Registry instead of Docker Hub.
• C.Upload the configuration YAML file to Cloud Storage and use Error Reporting to identify and fix the issue.
• D.Run a Git compare between the previous and current Cloud Build Configuration files to find and fix the bug.

Comment: *

Name: *

Email: *

Verification: *

You are running a real-time gaming application on Compute Engine that has a production and testing environment. Each environment has their own Virtual Private Cloud (VPC) network. The application frontend and backend servers are located on different subnets in the environment's VPC. You suspect there is a malicious process communicating intermittently in your production frontend servers. You want to ensure that network traffic is captured for analysis. What should you do?

• A.Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 1.0. Apply changes in testing before production.
• B.Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 0.5.
• C.Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 1.0.
• D.Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 0.5. Apply changes in testing before production.

Comment: *

Name: *

Email: *

Verification: *

Your organization recently adopted a container-based workflow for application development. Your team develops numerous applications that are deployed continuously through an automated build pipeline to a Kubernetes cluster in the production environment. The security auditor is concerned that developers or operators could circumvent automated testing and push code changes to production without approval. What should you do to enforce approvals?

• A.Configure the build system with protected branches that require pull request approval.
• B.Use an Admission Controller to verify that incoming requests originate from approved sources.
• C.Enable binary authorization inside the Kubernetes cluster and configure the build pipeline as an attestor.
• D.Leverage Kubernetes Role-Based Access Control (RBAC) to restrict access to only approved users.

Comment: *

Name: *

Email: *

Verification: *