Hard PCDE practice questions
Challenge — multi-step scenarios, trade-offs, and subtle distinctions. 24 hard questions available — no sign-up, always free.
Your data analytics team runs BigQuery workloads that have grown unpredictably. Finance reports that on-demand query costs have tripled over three months, with large spikes during monthly reporting cycles but low steady usage otherwise. A few ad-hoc analyst queries occasionally scan enormous tables and cause bill surprises. You must implement a FinOps approach that controls cost while keeping predictable baseline performance for scheduled reporting jobs. What should you do?
Your platform team runs an automated project factory using Terraform. A new business unit requests projects, and finance requires that every newly provisioned project is automatically linked to a specific billing account and cannot be moved to a different billing account by project-level users. Which approach best enforces this requirement while keeping the factory fully automated?
Your FinOps team wants to catch cost overruns before they occur rather than after the fact. Each of your 40 project owners currently receives a monthly invoice but no proactive signal. Leadership requires that when a project's spending is trending toward exceeding its monthly budget, an automated workflow disables non-essential resources without any human reading an email. Which Cloud Billing budget configuration best meets this requirement?
Your platform team is designing a CI/CD architecture for a company with separate Google Cloud projects for dev, staging, and production. The security team mandates that a container image which is deployed to production must be the exact same artifact that was tested in staging, and that no image should be rebuilt between environments. You are using Cloud Build and Artifact Registry. Which approach best satisfies these requirements?
Your team uses Cloud Deploy to release a payments microservice to GKE. The delivery pipeline defines a canary strategy with three phases (10%, 50%, 100%). Compliance requires that a smoke test runs against every phase's canary before that phase's traffic percentage is applied, and the release must automatically halt if any smoke test fails. Which Cloud Deploy configuration meets these requirements?
Your team uses Cloud Deploy to roll out a Cloud Run service using a canary strategy with 25% and 50% phases. Product management requires that promotion beyond the first canary phase must only occur if application-level error rates (measured via Cloud Monitoring) stay below a threshold for 15 minutes. The built-in verify step only runs a synthetic smoke test and does not evaluate this metric. What is the most appropriate way to enforce this metric-based gate within the Cloud Deploy pipeline?
Your platform team uses Google Cloud Deploy to manage progressive delivery for containerized workloads. A new business unit needs to deploy artifacts to an on-premises Kubernetes cluster that is not registered as a GKE or Anthos target and requires invoking a proprietary internal CLI to apply manifests. The team wants to keep using the same Cloud Deploy pipeline model (delivery pipeline, targets, promotion, and rollback) rather than building a separate custom tool. What should you do?
Your team uses Cloud Deploy to release a microservice to GKE across dev, staging, and prod targets. A recent production incident was caused by a bad Kubernetes manifest that referenced a nonexistent ConfigMap; the error was only discovered after the rollout began. The manifests are generated by Skaffold using Kustomize overlays that differ per target. You want to catch rendering and manifest correctness issues for the exact production configuration BEFORE any pipeline promotion reaches the production target, without deploying to prod. What should you do?
Your team runs a fleet of 40 Compute Engine instances behind a managed instance group serving a REST API. You create a Cloud Monitoring alerting policy on the metric compute.googleapis.com/instance/cpu/utilization to page on-call when CPU is sustained above 85%. During a real incident where several individual instances spiked to 95% while the group average stayed near 60%, the alert never fired. You inspected the policy and found it aligns the series and then applies a cross-series reducer of 'mean' before evaluating the threshold. What change will make the alert correctly detect per-instance saturation?
Your team runs a payments API with a 99.9% availability SLO measured over a rolling 30-day window. The on-call engineers complain that their current alert—which pages whenever the instantaneous error rate exceeds 0.1%—generates frequent noisy pages for brief, self-recovering blips, yet occasionally fails to warn them about slow, sustained degradations that quietly consume the monthly error budget. You are asked to redesign the alerting to page only when the budget is genuinely at risk. Which approach best meets this goal?
A payments service reports 99.95% availability against its SLO, and the error budget shows healthy headroom for the quarter. However, the support team is fielding a steady stream of user complaints about failed checkout attempts, and executives are frustrated that the SLI dashboards look green while customers are clearly unhappy. As the SRE reviewing this discrepancy, what is the most appropriate first action?
A retail company runs a stateless web frontend on a GKE Standard cluster. Traffic is highly variable, with sharp spikes during flash sales. The team observes that during off-peak hours the cluster keeps many partially-utilized nodes running, but during spikes the Horizontal Pod Autoscaler adds pods faster than the cluster can schedule them because CPU-based scaling reacts too slowly. Leadership wants to reduce steady-state cost while ensuring the frontend can absorb sudden spikes without request failures. What should the DevOps engineer implement?
A retail company runs a chatty microservices application on a regional GKE cluster spread across three zones. The finance team flags a steadily rising 'inter-zone data transfer' line item in the billing export, even though overall traffic volume is flat. The services communicate heavily via Kubernetes Services, and pods are scheduled arbitrarily across zones. You must reduce the inter-zone egress cost without sacrificing the resilience of a multi-zone deployment. What should you do?
Your organization runs an on-premises data center and a Google Cloud environment. The platform team must bootstrap a CI/CD architecture where Cloud Build pipelines deploy artifacts to both GKE clusters on Google Cloud and Kubernetes clusters running in the on-premises data center. The on-premises clusters are not reachable over the public internet, and security policy forbids exposing them with public endpoints. Which approach lets the same Cloud Build pipeline reliably deploy to both environments?
Your company acquired a smaller firm that runs workloads in a separate Google Cloud organization. Leadership wants to consolidate the acquired workloads under your existing organization's resource hierarchy while minimizing downtime. Several projects in the acquired org contain running Compute Engine and Cloud SQL resources with dependent IAM bindings. What is the recommended approach to bring these projects into your organization?
Your platform team runs a CI/CD pipeline in a dedicated 'ci-tools' project. The pipeline must deploy resources into multiple environment projects (dev, staging, prod), each in different folders. Security policy forbids downloading or storing service account JSON key files anywhere, and each environment must have distinct permissions that can be audited. How should you configure the service accounts so the CI/CD workload can deploy across the environment projects?
An SRE team runs a payments API with a well-defined availability SLO. Recently, on-call engineers are paged frequently for brief blips that recover within a minute and never threaten the error budget, causing alert fatigue. Meanwhile, a slow, sustained burn last quarter went unnoticed until users complained. The team wants to redesign paging so that engineers are only woken up when a problem meaningfully threatens the SLO, while still tracking slower degradations. What should they implement?
Your SRE team is preparing a new payments API for general availability. The product team has committed to an availability SLO of 99.9% measured over a rolling 28-day window. During load testing, the service handles 2,000 requests per second at target latency, but at 2,600 requests per second, the p99 latency doubles and error rates climb above the SLO threshold. Marketing projects a launch-day peak of 2,400 requests per second, with sustained growth afterward. As part of the service lifecycle and launch-readiness review, what should the team do BEFORE approving GA?
Your team runs a checkout service with a 99.9% monthly availability SLO. The checkout service depends on a downstream payments API that another team operates and that has a published SLO of 99.5% availability. During your reliability review, an engineer proposes that your team can safely commit to a 99.95% SLO because your own code has been very stable this quarter. What is the most accurate reliability principle to apply here?
Your team runs a checkout API. A single user-facing 'complete purchase' journey involves three internal calls: cart validation, payment authorization, and order confirmation. Leadership set a 99.9% SLO for the overall purchase journey, but your current SLIs measure availability of each of the three backend services independently, and each individually reports around 99.9%. Users still complain that purchases frequently fail. What is the most appropriate SRE action to align your measurement with the user experience?
Your team runs a payment API and has defined an availability SLO measured from server-side HTTP response codes at the load balancer. During a recent incident, users reported widespread payment failures for nearly 20 minutes, yet your SLI dashboard showed availability well within the SLO the entire time. Investigation revealed the load balancer returned HTTP 200 responses containing application-level error payloads generated when a downstream fraud-check dependency timed out. What is the most appropriate change to make your SLI reflect the actual user experience?
Your organization is adopting Infrastructure as Code and you must create the very first Terraform bootstrap configuration that will provision the foundational resource hierarchy (folders, shared VPC host project, and org-level policies) for a brand-new Google Cloud organization. No projects, service accounts, or remote state backends exist yet. Following Google's recommended bootstrapping approach, how should you initially execute this first Terraform run and set up ongoing automation?
Your platform team runs all infrastructure changes through a Terraform pipeline in Cloud Build. Auditors require that no human can directly apply changes to production, that every production apply is preceded by a reviewed plan, and that the credentials used to apply have only the permissions needed for the target resources. Developers currently trigger builds by pushing to a shared branch, and the Cloud Build service account holds Owner on the production project. Which change best satisfies all three requirements?
Your platform team runs Terraform from a Cloud Build pipeline in a dedicated CI/CD project. The Terraform configuration needs a database password to provision a Cloud SQL instance, and this password must never appear in the Terraform state that is stored in a GCS remote backend, in build logs, or in the repository. Your security team also requires that the secret be centrally rotated. Which approach best meets all these requirements?