Win IT Exam with Last Dumps 2025

You are designing a microservices architecture for a new application that will be deployed on Cloud Run. The application requires high-throughput communication between the internal microservices. You want to use the most effective, lowest latency communication protocol for this application. What should you do?

A. Configure the Cloud Run service to use HTTP/2. Implement gRPC for communication between the microservices. Use streaming gRPCs when a large amount of data has to be sent. B. Implement the microservices with the REST API communication protocol. Use Apigee with rate-limiting to provide the best QoS for high-priority services. C. Use SOAP to build the microservices API, and use XML as the data format for communication across the microservices. Define SOAP data contracts for each microservice. D. Use HTTP REST to communicate across the microservices. Implement pagination and add indexing to your database.

Your company recently modernized their monolith ecommerce site to a microservices application in GKE. Your team uses Google Cloud's operations suite for monitoring and logging. You want to improve the logging indexing and searchabilty in Cloud Logging across your microservices with the least amount of effort. What should you do?

A. Ask the SRE team to enable Managed Service for Prometheus on your GKE cluster. B. Reconfigure your applications to write logs to an emptyDir volume. Configure a sidecar agent to read the logs and send them to the Cloud Logging API. C. Update your microservices code to emit logs in JSON format. D. Instrument your microservices code with OpenTelemetry libraries.

You recently developed an application that will be hosted on Cloud Run. You need to conduct a load test. You want to analyze the load test logs second by second to understand your Cloud Run service's response to rapid traffic spikes. You want to minimize effort. How should you analyze the logs?

A. Use estimation to extrapolate performance from summary monitoring charts. B. Analyze the log data in BigQuery by configuring a BigQuery log sink with the appropriate inclusion filter for your application. C. Use Cloud Monitoring’s default log console for analysis. D. Analyze the log data in Cloud SQL for PostgreSQL by pushing logs to a Pub/Sub topic. Use Dataflow to process and ingest the logs.

You are a developer of a new customer-facing help desk chat service that is built on Cloud Run. Your customers use the chat option on your website to get support. The application saves each transcript as a text file with a unique identifier in a Cloud Storage bucket. After the conversation is done and before the chat window is closed, the customer receives a link to the chat transcript. You want to provide access to the chat transcript link for 2 hours. You need to configure this access using an approach that prioritizes security and follows Google-recommended practices. What should you do?

A. Set the ACL permission on the Cloud Storage bucket. Set the permission of each text file to allUsers with READER access. Delete each text file 2 hours after itis created. B. Set the permission on the Cloud Storage bucket with the text files to allUsers. Delete each text file 2 hours after itis created. C. Create a new Cloud Storage bucket for each user. Grant the user access to the bucket with a conditional IAM role that expires after 2 hours. D. Create a signed URL for each text file that expires after 2 hours.

You are responsible for managing the security of internal applications in your company. The applications are deployed on Cloud Run, and use Secret Manager to store passwords needed to access internal databases. Each application can cache secrets for up to 15 minutes. You need to determine how to rotate the secrets. You want to avoid application downtime. What should you do?

A. Store the new username and password in the secret. Reference the latest version of any secret required, and cache the secret for 15 minutes. B. Design the applications to retrieve the Latest secret payload on application startup, and continue to use the secret for the duration of the application run. C. Store the new password in the secret. Reference the latest version of any secret required, and cache the secret for 15 minutes. D. Store the new password in the secret. Design the applications to reference a specific secret version. Change the code to reference the new version, and schedule the deployment of the application during a maintenance window.

You are developing a new ecommerce application that uses Cloud Functions. You want to expose your application's APIs to public users while maintaining a high level of security. You need to ensure that only authorized users can access your APIs and that all API traffic is encrypted and protected from unauthorized access. You want to use the most scalable and secure approach. What should you do?

A. Deploy your Cloud Functions behind Cloud Load Balancing, and use Cloud Armor to protect your APIs from distributed denial of service (DDoS) attacks. B. Deploy your Cloud Functions with Security Command Center enabled, and use IAM to manage access to your APIs. C. Deploy your Cloud Functions behind an Apigee proxy and use Apigee’s authentication and authorization features to secure your APIs. D. Deploy your Cloud Functions behind a Cloud API Gateway proxy. Create and use an API key to authorize users to access your APIs.

You are deploying a microservices application to GKE. One microservice needs to download files from a Cloud Storage bucket. You have an IAM service account with the Storage Object Viewer role on the project with the bucket. You need to configure your application to access the Cloud Storage bucket while following Google-recommended practices. What should you do?

A. Assign the IAM service account to the cluster’s node pool. Configure the application to authenticate to the bucket by using Application Default Credentials. B. Assign the IAM service account to the cluster’s node pool. Encrypt the IAM service account key file by using a symmetric block cipher, and store the encrypted file on a persistent volume. Store the encryption key in Secret Manager. C. Create a Kubernetes service account. Create a Kubernetes secret with a base64-encoded IAM service account key file. Annotate the Kubernetes secret with the Kubernetes service account. Assign the Kubernetes ServiceAccount to the Pods that need to access the bucket. D. Create a Kubernetes service account. Use an IAM policy to bind the IAM service account to a Kubernetes service account. Annotate the Kubernetes ServiceAccount object with the name of the bound IAM service account. Assign the Kubernetes ServiceAccount to the Pods that need to access the bucket.

You are developing a short-term image hosting service where end users around the world can upload images that are up to 20MB, and the images will be automatically deleted after 10 days. You need to determine how the images should be stored while minimizing cost. How should you store the images?

A. Write the image to a Cloud Storage bucket. Create a lifecycle configuration that deletes objects 10 days older than their creation date. B. Write the images to Spanner. Configure a row deletion policy on the table that deletes rows 10 days older than their creation date. C. Write the images to Firestore. Deploy a Cloud Scheduler-invoked Cloud Run service that queries for documents written 10 days prior to today and deletes them. D. Write the images to Bigtable. Configure a garbage collection policy for the column family that deletes cells 10 days older than their creation date.

You are developing a new ecommerce website for your company. You want customers to receive a customized email notification when they place an order. You need to configure this email service while minimizing deployment effort. What should you do?

A. Create a Cloud Function that is triggered by a create type event in Firestore, B. Create an email-sending application hosted on Compute Engine that is invoked by an HTTP request. C. Create an email notification channel, and set up an alerting policy that is based on log metrics from a create type event. D. Use Pub/Sub to send an email when the orders/ API returns an HTTP response of 200 OK.

You are developing an online chat application where users can upload profile pictures. Uploaded profile pictures must comply with content policies. You need to detect inappropriate images and label those images automatically when they are uploaded. In the future, this process will need to be expanded to include additional processing tasks such as watermarking and image compression.
You want to simplify orchestration and minimize operational overhead of the image scanning and labeling steps while also ensuring that additional steps can be added and removed easily later on. What should you do?

A. Save user-uploaded images to a temporary Cloud Storage bucket. Implement code on the backend server to retrieve the image content and call the Vision API to process each new uploaded image. B. Save user-uploaded images to a Cloud Storage bucket. Configure a Cloud Function that is triggered when a new image is uploaded and calls one or more Cloud Run services. Create additional Cloud Run services that call the Vision API to process each new uploaded image. C. Save user-uploaded images to a Cloud Storage bucket. Configure a Cloud Function that is triggered when a new image is uploaded and publishes a message to a Pub/Sub topic. Deploy microservices in GKE that subscribe to the Pub/Sub topic and call the Vision API to process each new uploaded image. D. Save user-uploaded images to a Cloud Storage bucket. Create an Eventarc trigger that connects the bucket to the Workflows event receiver when a new image is uploaded. Create a workflow in Workflows with multiple Cloud Functions that call the Vision API to process each new uploaded image.