Visit here for our full Google Professional Cloud Developer exam dumps and practice test questions.

Question 91

Which Google Cloud service provides a fully managed platform for building and deploying containerized applications without managing infrastructure?

A) Compute Engine

B) Cloud Run

C) Cloud Storage

D) Cloud DNS

Answer: B

Explanation:

Cloud Run is a fully managed serverless platform on Google Cloud that enables developers to build, deploy, and scale containerized applications without managing any underlying infrastructure, clusters, or servers. This service abstracts away all infrastructure complexity, automatically handling provisioning, scaling, load balancing, and maintenance, allowing developers to focus entirely on application code and business logic rather than operational concerns.

The platform accepts container images packaged according to the Open Container Initiative standard, which can be built from any programming language, framework, or runtime that can be containerized. Developers simply provide a container image, and Cloud Run handles deployment, automatically scaling from zero instances when no traffic exists to thousands of instances during peak demand. This automatic scaling occurs in seconds based on incoming request volume, with each container instance handling multiple concurrent requests efficiently. The service charges only for actual usage rounded to the nearest 100 milliseconds, making it extremely cost-effective for variable workloads.

Cloud Run provides enterprise-grade features including built-in load balancing distributing traffic across container instances, automatic HTTPS certificate provisioning and renewal for custom domains, integration with Cloud Build for continuous deployment pipelines, support for WebSocket and gRPC protocols, access control through Identity and Access Management, VPC connectivity for accessing private resources, and Cloud Run for Anthos enabling portable deployments across Google Cloud and on-premises environments. The platform maintains high availability through automatic redundancy and failover.

Compute Engine provides virtual machines requiring infrastructure management. Cloud Storage offers object storage for files and data. Cloud DNS provides domain name resolution services. Only Cloud Run delivers the fully managed serverless container platform that eliminates infrastructure management while providing automatic scaling and pay-per-use pricing for containerized applications.

Question 92

What is the primary purpose of Cloud Build in Google Cloud Platform?

A) To store application logs

B) To execute builds and continuous integration/continuous deployment pipelines

C) To manage DNS records

D) To provide virtual desktop infrastructure

Answer: B

Explanation:

Cloud Build is Google Cloud’s fully managed continuous integration and continuous deployment service that executes application builds, runs tests, creates container images, and deploys applications across various Google Cloud services through automated pipelines. This serverless build platform enables development teams to implement DevOps practices without maintaining build servers, providing fast reliable builds that scale automatically based on workload demands.

The service works by executing build steps defined in configuration files, with each step running in a Docker container providing isolated consistent build environments. Build configurations specify the sequence of operations such as compiling source code, running unit tests, performing security scans, building container images, pushing images to Container Registry or Artifact Registry, and deploying to Cloud Run, Google Kubernetes Engine, or other targets. Cloud Build supports multiple programming languages and frameworks through pre-built builder images while allowing custom builders for specialized requirements.

Integration with source code repositories enables automated build triggers that execute pipelines when code is committed to Cloud Source Repositories, GitHub, or Bitbucket. Developers can configure triggers based on branch patterns, tags, or pull requests, implementing continuous integration workflows that validate every code change. The service provides detailed build logs, execution history, and integration with Cloud Logging for troubleshooting. Build artifacts are cached intelligently to accelerate subsequent builds, and parallel execution of independent build steps reduces overall pipeline duration.

Advanced capabilities include vulnerability scanning for container images, binary authorization for deployment security, integration with Secret Manager for secure credential handling, and custom worker pools for executing builds in private networks or on specialized hardware. Cloud Build’s pay-per-use pricing model charges only for build execution time, making it cost-effective compared to maintaining dedicated build infrastructure.

Application logs are stored in Cloud Logging. DNS records are managed by Cloud DNS. Virtual desktops are not a Google Cloud service focus. Only Cloud Build provides managed CI/CD pipeline execution.

Question 93

Which Google Cloud service provides a managed relational database service compatible with MySQL, PostgreSQL, and SQL Server?

A) Cloud Spanner

B) Cloud SQL

C) Firestore

D) Bigtable

Answer: B

Explanation:

Cloud SQL is Google Cloud’s fully managed relational database service that provides MySQL, PostgreSQL, and SQL Server database instances without requiring manual administration of installation, maintenance, patching, or backups. This managed service enables developers to use familiar relational database systems while Google handles operational tasks including high availability, disaster recovery, security patching, and performance optimization, allowing teams to focus on application development rather than database administration.

The service provides enterprise-grade reliability through automated backups with point-in-time recovery enabling restoration to any moment within the retention period, high availability configurations with automatic failover to standby replicas in different zones, read replicas for scaling read workloads and geographic distribution, and automatic storage increases when databases approach capacity limits. Cloud SQL instances can scale vertically to significant CPU and memory resources, supporting databases from small development environments to large production workloads handling thousands of connections.

Security features include encryption at rest using Google-managed or customer-managed encryption keys, encryption in transit using TLS, private IP connectivity through Virtual Private Cloud for isolated network access, Identity and Access Management integration for fine-grained access control, and audit logging tracking all database access and administrative operations. Automated maintenance windows apply patches and updates with minimal disruption, while configurable backup windows and replication lag monitoring ensure data protection.

Cloud SQL integrates seamlessly with other Google Cloud services including App Engine, Cloud Run, Google Kubernetes Engine, and Compute Engine through standard database connection protocols. The service supports standard SQL operations, stored procedures, triggers, and database features specific to each engine, maintaining compatibility with existing applications. Migration tools facilitate moving on-premises databases to Cloud SQL with minimal code changes.

Cloud Spanner provides globally distributed databases. Firestore offers NoSQL document storage. Bigtable provides wide-column NoSQL storage. Only Cloud SQL delivers managed MySQL, PostgreSQL, and SQL Server relational databases.

Question 94

What is the primary function of Cloud Pub/Sub in Google Cloud Platform?

A) To provide file storage

B) To enable asynchronous messaging and event-driven architectures

C) To manage SSL certificates

D) To compile source code

Answer: B

Explanation:

Cloud Pub/Sub is Google Cloud’s fully managed messaging service that enables asynchronous communication between independent applications through publish-subscribe patterns, supporting event-driven architectures, real-time data streaming, and decoupled microservices communication. This scalable reliable messaging platform handles millions of messages per second, providing guaranteed delivery, automatic scaling, and global message routing without requiring infrastructure management.

The service implements a publisher-subscriber model where publishers send messages to topics without knowledge of subscribers, and subscribers receive messages from topics through subscriptions without knowing about publishers. This decoupling allows independent development, deployment, and scaling of system components. Multiple subscribers can receive the same messages through separate subscriptions on a single topic, enabling fan-out patterns where events trigger multiple downstream processes. Messages are retained until acknowledged by subscribers, with configurable retention periods for message replay and reprocessing.

Cloud Pub/Sub provides exactly-once or at-least-once message delivery guarantees depending on configuration, ordered delivery within message keys for maintaining sequence, dead-letter topics for handling messages that fail processing repeatedly, and message filtering allowing subscribers to receive only relevant subsets of published messages. The service integrates with Cloud Functions for serverless event processing, Dataflow for stream processing pipelines, and various other Google Cloud services for comprehensive data processing workflows.

Enterprise features include global message routing with topics and subscriptions spanning regions for disaster recovery, push and pull subscription modes supporting both event-driven triggers and polling patterns, authentication and authorization through Identity and Access Management, encryption at rest and in transit, schema validation ensuring message format consistency, and detailed monitoring through Cloud Monitoring. The service automatically handles load balancing, replication, and scaling without requiring capacity planning.

File storage uses Cloud Storage. SSL certificate management uses Certificate Manager. Source code compilation uses Cloud Build. Only Cloud Pub/Sub provides managed asynchronous messaging for event-driven architectures.

Question 95

Which tool is used for deploying and managing infrastructure as code in Google Cloud?

A) Cloud Deployment Manager

B) Cloud Scheduler

C) Cloud Armor

D) Cloud Endpoints

Answer: A

Explanation:

Cloud Deployment Manager is Google Cloud’s infrastructure as code service that enables developers and operators to define, deploy, and manage Google Cloud resources through declarative configuration files rather than manual console operations or imperative scripts. This approach treats infrastructure as version-controlled code, enabling consistent repeatable deployments, automated environment provisioning, and infrastructure changes through standard development workflows including code review and testing.

The service uses configuration files written in YAML syntax defining resources and their properties, with support for parameterization through templates and properties that enable reusable infrastructure patterns. Configurations can define entire application stacks including compute instances, networks, load balancers, databases, and storage resources in a single deployment, with Deployment Manager handling dependency resolution and proper resource creation ordering. Jinja or Python templates enable programmatic generation of configurations for complex scenarios, allowing loops, conditionals, and variable substitution.

Deployment Manager provides preview functionality showing planned changes before execution, allowing validation without impacting existing resources. Deployments track all resources created and managed as a unit, enabling coordinated updates or complete teardown. The service automatically handles resource dependencies, waits for resources to become ready before proceeding to dependent resources, and provides detailed error reporting when provisioning fails. Deployments maintain state, enabling updates that add, modify, or remove resources while preserving unchanged components.

Integration with Cloud Source Repositories enables version control of infrastructure definitions, while Cloud Build can automate deployment execution in continuous delivery pipelines. The service supports composite types for packaging reusable infrastructure components, configuration registry for sharing common templates, and extensive documentation of supported resource types and properties. This infrastructure automation reduces manual errors, accelerates environment provisioning, and ensures consistency across development, staging, and production environments.

Cloud Scheduler triggers scheduled jobs. Cloud Armor provides DDoS protection. Cloud Endpoints manages APIs. Only Cloud Deployment Manager provides infrastructure as code deployment and management capabilities.

Question 96

What is the primary purpose of Cloud Functions in Google Cloud Platform?

A) To manage virtual machines

B) To execute event-driven serverless code without managing servers

C) To provide object storage

D) To configure network firewalls

Answer: B

Explanation:

Cloud Functions is Google Cloud’s serverless execution environment that runs individual functions in response to events without requiring server provisioning, management, or scaling operations. This event-driven computing service enables developers to build applications by writing single-purpose functions that automatically execute when triggered by events from Google Cloud services, HTTP requests, or external systems, paying only for actual function execution time rather than idle server capacity.

The platform supports multiple programming languages including Node.js, Python, Go, Java, .NET, Ruby, and PHP, allowing developers to write functions in familiar languages using standard libraries and frameworks. Functions are triggered by various event sources such as HTTP requests for API endpoints and webhooks, Cloud Pub/Sub messages for asynchronous processing, Cloud Storage object changes for file processing, Firestore document modifications for database triggers, and Cloud Scheduler for time-based execution. Each function executes independently, automatically scaling from zero to thousands of concurrent executions based on incoming event volume.

Cloud Functions provides fully managed infrastructure including automatic deployment from source code or container images, environment variable configuration for runtime parameters, secret management integration for secure credential handling, networking options including VPC connectors for private resource access, and identity-based invocation control restricting function execution to authorized callers. Functions can call other Google Cloud APIs, external web services, or trigger additional functions creating sophisticated event-driven workflows.

The service includes comprehensive monitoring through Cloud Logging and Cloud Monitoring with automatic log capture of function output, error tracking for exception handling, and performance metrics tracking execution count, duration, and memory usage. Cold start optimization techniques and provisioned instances minimize latency for latency-sensitive applications. Cloud Functions integrates with development tools including local emulators for testing, continuous deployment from source repositories, and frameworks like Firebase Functions for mobile and web backend development.

Virtual machine management uses Compute Engine. Object storage is provided by Cloud Storage. Network firewalls use VPC firewall rules. Only Cloud Functions delivers event-driven serverless function execution.

Question 97

Which Google Cloud service provides a managed Kubernetes platform for containerized applications?

A) Google Kubernetes Engine

B) Cloud Storage

C) BigQuery

D) Cloud IAM

Answer: A

Explanation:

Google Kubernetes Engine is Google Cloud’s managed Kubernetes service that provides a production-grade platform for deploying, managing, and scaling containerized applications using Kubernetes orchestration without the complexity of manually installing, configuring, and maintaining Kubernetes clusters. GKE handles cluster infrastructure including master nodes, etcd databases, and networking, while providing enterprise features, security hardening, and automatic updates, enabling teams to focus on application development rather than cluster operations.

The service offers two operational modes: Standard mode providing maximum flexibility and control over cluster configuration for experienced Kubernetes users, and Autopilot mode offering a fully managed hands-off experience where Google manages all cluster infrastructure, node configuration, and capacity planning. GKE automatically provisions worker nodes, configures networking, sets up load balancing, and integrates with Google Cloud services. Clusters scale automatically based on workload demands using horizontal pod autoscaling for applications and cluster autoscaling for infrastructure capacity.

Advanced features include release channels providing automated Kubernetes version upgrades with different stability levels, binary authorization enforcing deployment policies requiring cryptographic verification of container images, Workload Identity enabling pod-level service account authentication with Google Cloud services, GKE Sandbox providing enhanced container isolation using gVisor, multi-cluster management through Anthos for hybrid and multi-cloud deployments, and network policies for fine-grained pod communication control. The service supports stateful applications through persistent volumes, batch processing with Kubernetes jobs, and service mesh integration for advanced traffic management.

Security capabilities include node auto-repair detecting and replacing unhealthy nodes, node auto-upgrade keeping nodes current with security patches, private clusters isolating master endpoints from public internet, Shielded GKE nodes with secure boot and integrity monitoring, and vulnerability scanning identifying security issues in container images. Comprehensive monitoring integrates with Cloud Logging and Cloud Monitoring providing visibility into cluster health and application performance.

Cloud Storage provides object storage. BigQuery offers data analytics. Cloud IAM manages access control. Only GKE provides managed Kubernetes orchestration for containerized applications.

Question 98

What is the primary purpose of Cloud Storage in Google Cloud Platform?

A) To execute serverless functions

B) To store and retrieve unstructured object data

C) To manage relational databases

D) To provide virtual machine instances

Answer: B

Explanation:

Cloud Storage is Google Cloud’s object storage service designed for storing and retrieving any amount of unstructured data including images, videos, backups, log files, application assets, and other objects with high durability, scalability, and global accessibility. This service provides a unified storage platform that scales automatically to exabytes of data while maintaining consistent performance, offering multiple storage classes optimized for different access patterns and cost requirements.

The service organizes data into buckets serving as containers for objects, with globally unique bucket names and configurable locations spanning single regions for low latency, dual-regions for high availability, or multi-regions for maximum geographic distribution. Objects stored in buckets are immutable once written, with versioning capabilities maintaining historical versions of objects and retention policies preventing premature deletion. Cloud Storage supports objects from bytes to terabytes in size, with no limit on the number of objects stored.

Multiple storage classes optimize cost for different usage patterns: Standard storage for frequently accessed data requiring low latency, Nearline storage for data accessed less than once per month, Coldline storage for data accessed less than once per quarter, and Archive storage for long-term retention accessed less than once per year. Lifecycle management policies automatically transition objects between storage classes or delete objects based on age or version count, optimizing costs without manual intervention.

Advanced features include strong consistency for read-after-write operations, customer-managed encryption keys for cryptographic control, object holds and retention policies for compliance requirements, signed URLs for temporary authenticated access, Cloud CDN integration for content delivery, Pub/Sub notifications triggering events on object changes, and parallel composite uploads for large file transfers. The service provides 99.999999999 percent annual durability through automatic replication and erasure coding, ensuring data protection against hardware failures and disasters.

Serverless functions use Cloud Functions. Relational databases use Cloud SQL. Virtual machines use Compute Engine. Only Cloud Storage provides scalable object storage for unstructured data.

Question 99

Which Google Cloud service provides real-time data streaming and processing capabilities?

A) Cloud Dataflow

B) Cloud CDN

C) Cloud NAT

D) Cloud Interconnect

Answer: A

Explanation:

Cloud Dataflow is Google Cloud’s fully managed stream and batch data processing service that executes Apache Beam pipelines for transforming, enriching, and analyzing data at scale. This serverless platform handles real-time streaming data and batch processing workloads, automatically managing resource provisioning, optimization, and scaling, enabling data engineers to focus on pipeline logic rather than infrastructure operations.

The service processes streaming data from sources such as Cloud Pub/Sub, Apache Kafka, or custom streaming APIs, applying transformations including filtering, aggregation, windowing, joining, and enrichment before writing results to destinations like BigQuery, Cloud Storage, Bigtable, or external systems. Dataflow provides exactly-once processing semantics ensuring data accuracy even during failures, windowing strategies for grouping streaming data into time-based or session-based windows, and watermark handling for managing late-arriving data in streaming scenarios.

Pipeline development uses Apache Beam SDKs supporting Java, Python, and Go, providing a unified programming model that works identically for batch and streaming data. Dataflow automatically optimizes pipeline execution through fusion combining multiple operations, dynamic work rebalancing distributing processing across workers, and vertical and horizontal autoscaling adjusting resources based on workload. The service provides comprehensive monitoring including pipeline visualization showing data flow and transformation steps, worker utilization metrics, and detailed job execution logs.

Advanced capabilities include Dataflow SQL enabling pipeline creation using SQL syntax without programming, Dataflow templates providing reusable pipeline patterns for common use cases, Dataflow Shuffle for improved scalability of large shuffles, Streaming Engine separating compute from storage for better resource utilization, and FlexRS for batch processing using preemptible VMs reducing costs. Integration with BigQuery enables seamless data warehousing, while Cloud ML Engine integration supports machine learning inference within pipelines.

Cloud CDN provides content delivery. Cloud NAT enables outbound internet access. Cloud Interconnect provides dedicated network connections. Only Cloud Dataflow delivers managed stream and batch data processing capabilities.

Question 100

What is the primary function of Identity and Access Management (IAM) in Google Cloud?

A) To store application data

B) To control who has access to resources and what actions they can perform

C) To compile application code

D) To provide DNS resolution

Answer: B

Explanation:

Identity and Access Management is Google Cloud’s unified security and access control system that manages authentication and authorization across all Google Cloud services, defining who can access which resources and what operations they can perform. IAM provides fine-grained access control enabling organizations to implement least privilege principles, meet compliance requirements, and maintain security while allowing necessary operations for legitimate users and services.

The IAM model consists of three key components: identities representing who is making requests including Google accounts for individual users, service accounts for applications and compute resources, Google Groups for collections of users, and Cloud Identity or Google Workspace domains for organizational accounts; resources representing Google Cloud assets such as projects, folders, compute instances, storage buckets, and databases; and permissions defining specific operations that can be performed on resources such as compute.instances.create or storage.objects.get.

Permissions are bundled into roles which come in three types: basic roles providing broad project-level access as Owner, Editor, or Viewer; predefined roles offering granular service-specific permissions curated by Google such as Compute Admin or Storage Object Creator; and custom roles enabling organizations to define precise permission combinations matching specific job functions. Roles are granted to identities at various hierarchy levels including organization, folder, project, or individual resource, with permissions inherited down the resource hierarchy.

IAM policy bindings associate identities with roles on specific resources, with conditions enabling attribute-based access control considering factors like time of day, IP address, or resource attributes. Policy management supports policy inheritance, allow-only policies preventing privilege escalation, and organization policy service constraints limiting configuration options across the organization. Audit logging tracks all access attempts and administrative changes, supporting security monitoring and compliance reporting. Service account key management, workload identity federation for external identity providers, and context-aware access controls provide comprehensive security capabilities.

Data storage uses Cloud Storage or databases. Code compilation uses Cloud Build. DNS resolution uses Cloud DNS. Only IAM manages access control and authorization across Google Cloud.

Question 101

Which Google Cloud service provides a fully managed NoSQL document database?

A) Cloud SQL

B) Cloud Spanner

C) Firestore

D) Cloud Storage

Answer: C

Explanation:

Firestore is Google Cloud’s fully managed serverless NoSQL document database that stores data in flexible JSON-like documents organized into collections, providing real-time synchronization, offline support, and automatic scaling for web, mobile, and server applications. This cloud-native database eliminates infrastructure management while delivering low latency, strong consistency, and seamless integration with Firebase and Google Cloud services, making it ideal for applications requiring flexible schema, real-time updates, and global distribution.

The database organizes data hierarchically with documents containing fields mapping to values, and collections grouping related documents. Documents can contain subcollections creating nested data structures that model complex relationships naturally. Firestore supports rich data types including strings, numbers, booleans, maps, arrays, timestamps, geopoints, and references to other documents. Queries filter and sort data using compound conditions, with index support enabling efficient query execution even on large datasets. The service automatically creates indexes for simple queries while requiring explicit composite indexes for complex multi-field queries.

Real-time listeners enable applications to subscribe to document or query changes, receiving instant updates when data modifications occur. This real-time synchronization keeps application state current across all connected clients without polling. Offline persistence caches data locally on mobile and web clients, allowing applications to function without network connectivity and automatically synchronizing changes when connections restore. Transactions provide atomic operations ensuring data consistency when multiple documents must be updated together, while batch operations enable efficient bulk modifications.

Security rules provide declarative access control defining who can read or write specific documents based on authentication state, document content, or custom logic. The service offers automatic multi-region replication for high availability and low latency global access, with configurable read and write patterns. Integration with Firebase Authentication simplifies user management, while Cloud Functions triggers enable server-side reactions to database changes. Firestore scales automatically handling millions of concurrent connections and operations without capacity planning.

Cloud SQL provides managed relational databases. Cloud Spanner offers globally distributed relational databases. Cloud Storage provides object storage. Only Firestore delivers managed NoSQL document database capabilities.

Question 102

What is the primary purpose of Cloud Armor in Google Cloud Platform?

A) To store encryption keys

B) To provide DDoS protection and web application firewall capabilities

C) To manage container registries

D) To execute batch processing jobs

Answer: B

Explanation:

Cloud Armor is Google Cloud’s security service that provides distributed denial-of-service protection, web application firewall capabilities, and adaptive protection against network and application-layer attacks targeting applications running behind Google Cloud Load Balancing. This defense system leverages Google’s global infrastructure and intelligence from protecting its own services to protect customer applications against the largest and most sophisticated attacks, ensuring application availability and protecting against common web vulnerabilities.

The service defends against volumetric DDoS attacks that attempt to overwhelm applications with massive traffic volumes, protocol attacks exploiting weaknesses in network protocols, and application-layer attacks targeting specific vulnerabilities in web applications. Cloud Armor operates at Google’s network edge, filtering malicious traffic before it reaches applications or consumes resources. The globally distributed architecture absorbs large-scale attacks leveraging Google’s massive network capacity, while adaptive protection automatically detects and mitigates novel attacks using machine learning.

Security policies define rules controlling which traffic reaches applications, with conditions matching IP addresses or CIDR ranges for geographic or network-based filtering, expressions using Common Expression Language for complex matching logic based on HTTP headers, cookies, user agents, or request attributes, and preconfigured rules protecting against OWASP Top 10 vulnerabilities including SQL injection and cross-site scripting. Rate limiting throttles excessive requests from individual sources preventing abuse, while bot management identifies and handles automated traffic.

Integration with Cloud Load Balancing enables transparent deployment without application changes, with security policies attached to backend services. Custom rules complement Google’s managed protection rules, which are continuously updated based on emerging threats. Detailed logging records all blocked and allowed requests enabling security analysis, with export to Cloud Logging and BigQuery for long-term retention and investigation. Preview mode allows testing rules without enforcing them, and gradual rollouts minimize risk when deploying new security policies.

Encryption key storage uses Cloud KMS. Container registries use Artifact Registry. Batch processing uses Cloud Dataflow or Batch. Only Cloud Armor provides DDoS protection and web application firewall capabilities.

Question 103

Which Google Cloud service provides a managed Redis and Memcached in-memory data store?

A) Cloud Memorystore

B) Cloud SQL

C) BigQuery

D) Cloud Tasks

Answer: A

Explanation:

Cloud Memorystore is Google Cloud’s fully managed in-memory data store service providing Redis and Memcached instances for caching, session storage, real-time analytics, and other applications requiring sub-millisecond data access latency. This managed service eliminates the operational complexity of deploying, configuring, and maintaining in-memory caching infrastructure while providing high availability, automatic failover, and seamless scaling capabilities.

The service offers two engines: Redis supporting rich data structures including strings, hashes, lists, sets, sorted sets, bitmaps, and geospatial indexes, with features like persistence for data durability, replication for high availability, Pub/Sub for messaging, transactions for atomic operations, and Lua scripting for server-side logic; and Memcached providing simple key-value caching with multi-threading for high throughput. Both engines accelerate application performance by caching frequently accessed data, reducing database load, and providing fast session storage for stateless applications.

Cloud Memorystore instances are configured with specific memory sizes and tiering options, with Basic Tier providing a single Redis node suitable for development and caching use cases, and Standard Tier offering high availability through automatic replication and failover to standby replicas. The service handles all infrastructure management including provisioning, patching, monitoring, and backup restoration for Redis instances. Private IP connectivity through Virtual Private Cloud ensures secure access without exposing instances to the public internet.

Performance features include sub-millisecond latency for most operations, support for millions of operations per second depending on instance size, and read replicas for Redis to scale read workloads. Integration with Cloud Monitoring provides visibility into cache hit rates, memory usage, CPU utilization, and operation latency. Import and export functionality enables data migration from external Redis instances or backup creation. The service supports Redis versions with configurable eviction policies, maxmemory settings, and Redis configuration parameters.

Cloud SQL provides relational databases. BigQuery offers data warehousing and analytics. Cloud Tasks manages task queues. Only Cloud Memorystore delivers managed Redis and Memcached in-memory caching services.

Question 104

What is the primary function of Cloud Scheduler in Google Cloud Platform?

A) To provide load balancing

B) To trigger scheduled jobs and tasks on a cron-like schedule

C) To manage SSL certificates

D) To store application secrets

Answer: B

Explanation:

Cloud Scheduler is Google Cloud’s fully managed enterprise-grade cron job scheduler that reliably triggers jobs and tasks according to defined schedules, enabling automation of recurring operations such as data processing, backup operations, report generation, system maintenance, and periodic application logic execution. This serverless scheduling service eliminates the need to maintain dedicated cron servers while providing high reliability, monitoring, and integration with Google Cloud services.

The service supports flexible scheduling using Unix cron syntax enabling precise timing specifications including specific times, intervals, day-of-week patterns, and complex recurrence rules. Jobs can target multiple endpoints including HTTP/HTTPS endpoints for triggering webhooks or APIs, Cloud Pub/Sub topics for event-driven processing, and App Engine applications for legacy application integration. Each job specifies a target, schedule, time zone, and optional payload data, with retry configuration controlling failure handling behavior.

Cloud Scheduler provides enterprise reliability through automatic execution at specified times with guaranteed-at-least-once delivery, retry policies with configurable attempts and backoff strategies for handling transient failures, and monitoring integration showing job execution history, success and failure rates, and performance metrics. Authentication and authorization use OAuth tokens or OIDC tokens for securing access to HTTP endpoints, while IAM controls which identities can create and manage scheduled jobs.

Common use cases include triggering Cloud Functions for periodic serverless execution, publishing Pub/Sub messages for asynchronous processing workflows, initiating Cloud Dataflow or Cloud Composer pipelines for data processing, calling Cloud Run services for containerized scheduled tasks, and invoking external APIs for integration with third-party systems. The service handles time zone conversions, daylight saving adjustments, and schedule computation automatically. Jobs can be paused, resumed, or executed immediately for testing, with detailed execution logs available through Cloud Logging.

Load balancing uses Cloud Load Balancing. SSL certificate management uses Certificate Manager or Cloud Load Balancing. Secret storage uses Secret Manager. Only Cloud Scheduler provides managed cron-like job scheduling capabilities.

Question 105

Which Google Cloud service provides a managed Apache Spark and Hadoop platform for big data processing?

A) Cloud Dataproc

B) Cloud Functions

C) Cloud NAT

D) Cloud VPN

Answer: A

Explanation:

Cloud Dataproc is Google Cloud’s fully managed service for running Apache Spark, Apache Hadoop, and related big data processing frameworks with fast cluster creation, automatic scaling, and per-second billing. This managed platform eliminates the operational complexity of deploying and maintaining Hadoop and Spark clusters while preserving full compatibility with open-source tools, enabling data engineers and scientists to focus on data processing logic rather than infrastructure management.

The service creates clusters in seconds rather than the minutes or hours typically required for manual cluster provisioning, with preconfigured installations of Apache Spark for distributed in-memory processing, Apache Hadoop YARN for resource management, HDFS for distributed storage, Apache Hive for SQL queries, Apache Pig for data flow scripting, and dozens of other ecosystem tools. Clusters can be ephemeral, created for specific jobs and deleted upon completion, or persistent for interactive analysis and multiple workloads. This flexibility combined with per-second billing makes Dataproc cost-effective for variable workloads.

Autoscaling capabilities automatically adjust cluster size based on YARN metrics, adding workers during high utilization and removing them when idle, optimizing costs without manual intervention. Integration with Cloud Storage enables separation of compute and storage, allowing clusters to be deleted while preserving data and enabling multiple clusters to share datasets. Workflows orchestrate multi-step data processing pipelines with dependency management, while scheduled jobs enable recurring processing on defined schedules.

Enhanced flexibility features include initialization actions for customizing cluster configuration, optional components for adding specific tools, and support for GPU workers for machine learning workloads. Security includes encryption at rest and in transit, Kerberos authentication for secure clusters, and VPC Service Controls for data exfiltration protection. Integration with other Google Cloud services includes BigQuery connectors for data warehousing, Cloud Monitoring for operational visibility, and Cloud Composer for complex workflow orchestration. Migration assistance helps transition on-premises Hadoop and Spark workloads to Dataproc with minimal code changes.

Cloud Functions provides serverless function execution. Cloud NAT enables internet access from private instances. Cloud VPN provides secure network connectivity. Only Cloud Dataproc delivers managed Spark and Hadoop big data processing capabilities.