ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud DevOps Engineer All Questions

View all questions & answers for the Professional Cloud DevOps Engineer exam
Go to Exam

Exam Professional Cloud DevOps Engineer topic 1 question 52 discussion

Actual exam question from Google's Professional Cloud DevOps Engineer
Question #: 52
Topic #: 1
[All Professional Cloud DevOps Engineer Questions]

You are running a real-time gaming application on Compute Engine that has a production and testing environment. Each environment has their own Virtual Private
Cloud (VPC) network. The application frontend and backend servers are located on different subnets in the environment's VPC. You suspect there is a malicious process communicating intermittently in your production frontend servers. You want to ensure that network traffic is captured for analysis. What should you do?

  • A. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 0.5.
  • B. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 1.0.
  • C. Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 0.5. Apply changes in testing before production.
  • D. Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 1.0. Apply changes in testing before production.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Alaaelanwr at Oct. 24, 2021, 6:48 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
NXD
Highly Voted 3 years, 3 months ago
B https://cloud.google.com/vpc/docs/flow-logs#log-sampling
upvoted 16 times
...
JonathanSJ
Highly Voted 2 years, 1 month ago
Selected Answer: B
B. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 1.0. VPC flow logs are a feature that allows you to capture network traffic data in your VPC network. To ensure that all network traffic is captured for analysis, you should enable VPC flow logs on the production VPC network frontend and backend subnets with a sample volume scale of 1.0. This will capture all network traffic data, including the potentially malicious process, for further analysis. Option A. Enable VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 0.5 is not adequate, as it captures only half of the network traffic, there is a chance that the logs of the malicious process are not captured. Option C and D, Enable VPC Flow Logs on the testing and production VPC network frontend and backend subnets with a volume scale of 0.5/1.0. Apply changes in testing before production, is not necessary, it's important to have the logs in production environment to detect and mitigate the problem.
upvoted 9 times
...
jomonkp
Most Recent 1 year, 2 months ago
Selected Answer: B
Option B
upvoted 1 times
...
maxdanny
1 year, 3 months ago
Selected Answer: B
B: enabling VPC Flow Logs on the production VPC network frontend and backend subnets only with a sample volume scale of 1.0. This means that all traffic will be logged, ensuring that all network traffic is captured for analysis.
upvoted 1 times
...
anshad666
1 year, 10 months ago
Selected Answer: D
App Engine grants the Error Reporting Writer role by default. The Error Reporting library for Python can be used without needing to explicitly provide credentials. Error Reporting is automatically enabled for App Engine flexible environment applications. No additional setup is required
upvoted 1 times
...
hello_aws
2 years ago
Selected Answer: D
in real project background, first we should keep the consistency of configuration between test env and prod env. second, we should apply changes in testing before production.
upvoted 1 times
Feliphus
1 year, 1 month ago
That is true, but the statement says the problem is only in the production frontend servers, maybe you are not going to find the malicious process in the testing frontend servers
upvoted 1 times
...
...
WhyIronMan
2 years, 2 months ago
Selected Answer: B
question saying test envs can be eliminated
upvoted 3 times
...
ramzez4815
2 years, 4 months ago
Selected Answer: B
Correct answer is B
upvoted 2 times
...
Ananda
2 years, 9 months ago
Selected Answer: B
Submitted B
upvoted 2 times
...
ric79
2 years, 11 months ago
B is better that A because you are filtering 1:20 instead of 1:10 and the malicious process generates very low traffic
upvoted 1 times
...
Sekierer
3 years ago
Selected Answer: B
Ans: B
upvoted 1 times
...
Suraj2611
3 years, 3 months ago
The Answer for this is B
upvoted 6 times
4246cd7
1 year ago
Most people rated D, sure that is better, but it will require re-deployment other than just changing the instance type. If a company doesn't have the capacity or resources to setup D, B is the quickly way to improve SLI. At the end of the day customer first, then you focus on how to do D or move things to serverless like Cloud Run
upvoted 1 times
...
...
Alaaelanwr
3 years, 3 months ago
i think Answer: D
upvoted 2 times
muk5658
3 years, 2 months ago
Question clearly says only in Production they suspect, so we can eliminate the C and D options.
upvoted 3 times
...
giammydell
3 years, 3 months ago
if there isnt problem in test environment why log it
upvoted 4 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel