Your organization recently adopted a container-based workflow for application development. Your team develops numerous applications that are deployed continuously through an automated build pipeline to the production environment. A recent security audit alerted your team that the code pushed to production could contain vulnerabilities and that the existing tooling around virtual machine (VM) vulnerabilities no longer applies to the containerized environment. You need to ensure the security and patch level of all code running through the pipeline. What should you do?

• A.Set up Container Analysis to scan and report Common Vulnerabilities and Exposures.
• B.Configure the containers in the build pipeline to always update themselves before release.
• C.Reconfigure the existing operating system vulnerability software to exist inside the container.
• D.Implement static code analysis tooling against the Docker files used to create the containers.

Comment: *

Name: *

Email: *

Verification: *

Your company follows Site Reliability Engineering practices. You are the person in charge of Communications for a large, ongoing incident affecting your customer-facing applications. There is still no estimated time for a resolution of the outage. You are receiving emails from internal stakeholders who want updates on the outage, as well as emails from customers who want to know what is happening. You want to efficiently provide updates to everyone affected by the outage. What should you do?

• A.Delegate the responding to internal stakeholder emails to another member of the Incident Response Team. Focus on providing responses directly to customers.
• B.Focus on responding to internal stakeholders at least every 30 minutes. Commit to "next update" times.
• C.Provide all internal stakeholder emails to the Incident Commander, and allow them to manage internal communications. Focus on providing responses directly to customers.
• D.Provide periodic updates to all stakeholders in a timely manner. Commit to a "next update" time in all communications.

Comment: *

Name: *

Email: *

Verification: *

You are managing an application that exposes an HTTP endpoint without using a load balancer. The latency of the HTTP responses is important for the user experience. You want to understand what HTTP latencies all of your users are experiencing. You use Stackdriver Monitoring. What should you do?

• A.* In your application, create a metric with a metricKind set to DELTA and a valueType set to DOUBLE.
  * In Stackdriver's Metrics Explorer, use a Slacked Bar graph to visualize the metric.
• B.* In your application, create a metric with a metricKind set to CUMULATIVE and a valueType set to DOUBLE.
  * In Stackdriver's Metrics Explorer, use a Line graph to visualize the metric.
• C.* In your application, create a metric with a metricKind set to gauge and a valueType set to distribution.
  * In Stackdriver's Metrics Explorer, use a Heatmap graph to visualize the metric.
• D.* In your application, create a metric with a metricKind. set toMETRlc_KIND_UNSPECIFIEDanda valueType set to INT64.
  * In Stackdriver's Metrics Explorer, use a Stacked Area graph to visualize the metric.

Comment: *

Name: *

Email: *

Verification: *

Your CTO has asked you to implement a postmortem policy on every incident for internal use. You want to define what a good postmortem is to ensure that the policy is successful at your company. What should you do?
Choose 2 answers

• A.Ensure that all postmortems include what caused the incident, identify the person or team responsible for causing the incident. and how to prevent a future occurrence of the incident.
• B.Ensure that all postmortems include what caused the incident, how the incident could have been worse, and how to prevent a future occurrence of the incident.
• C.Ensure that all postmortems include the severity of the incident, how to prevent a future occurrence of the incident. and what caused the incident without naming internal system components.
• D.Ensure that all postmortems include how the incident was resolved and what caused the incident without naming customer information.
• E.Ensure that all postmortems include all incident participants in postmortem authoring and share postmortems as widely as possible,

Comment: *

Name: *

Email: *

Verification: *

You manage an application that is writing logs to Stackdriver Logging. You need to give some team members the ability to export logs. What should you do?

• A.Grant the team members the IAM role of logging.configWriter on Cloud IAM.
• B.Configure Access Context Manager to allow only these members to export logs.
• C.Create an Organizational Policy in Cloud IAM to allow only these members to create log exports.
• D.Create and grant a custom IAM role with the permissions logging.sinks.list and logging.sink.get.

Comment: *

Name: *

Email: *

Verification: *