Domain 4: Processes

**CASE STUDY: TechStream Gaming** **Company Overview:** TechStream Gaming is a global gaming company with 500 employees and $50M annual revenue. **Current Environment:** On-premises data centers in US and EU. 200 servers. MySQL databases (5 TB). Peak users: 2M. Cost: $100K/mo. **Business Requirements:** Reduce costs by 40%. Support 5x user growth. Launch in APAC, SA, Africa. Improve deployment to daily. **Executive Statements:** CEO: 'Scale rapidly.' CFO: 'Max $100K/mo, ROI 18mo.' CTO: 'Limited cloud exp, 99.95% uptime.' **Technical Requirements:** <100ms latency globally. Real-time analytics. 5x traffic spikes. EU data residency. DDoS protection. CI/CD. **Constraints:** 12-month migration. Max 4-hour downtime. 20 devs (Java/MySQL), 5 ops (limited cloud). Budget $2M. **QUESTION:** How should you design the real-time analytics pipeline for player behavior data?

**CASE STUDY: Dress4Win** **Company Overview:** Dress4Win is a web-based retail company that helps users organize their wardrobes. **Current Environment:** Colocated data center. Tomcat app servers, Nginx web servers, MySQL databases, Redis caching. 100TB of image data on SAN. **Business Requirements:** Migrate to cloud to handle seasonal spikes (Black Friday). Reduce CapEx. Enable rapid prototyping. **Executive Statements:** CEO: 'Innovate faster, stop worrying about servers.' CFO: 'Move to OpEx. Ensure PCI-DSS compliance.' CTO: 'Modernize stack but migrate quickly first.' **Technical Requirements:** Secure hybrid connectivity during migration. PCI-DSS compliance. Automated scaling. CI/CD for microservices. **Constraints:** Migration must be completed before Q4 holiday season (6 months). Limited budget for refactoring during initial migration. **QUESTION:** For the post-migration modernization phase, the CTO wants to implement CI/CD for new microservices. Which GCP services should you recommend?

**CASE STUDY: TerramEarth** **Company Overview:** TerramEarth manufactures heavy equipment. 2 million vehicles in the field. **Current Environment:** Vehicles send telemetry via cellular. Processing 100,000 msgs/sec. On-prem Hadoop cluster. **Business Requirements:** Predict equipment failure. Reduce warranty costs. Provide fleet dashboard. **Executive Statements:** CEO: 'Monetize data.' CFO: 'Storage costs spiraling.' CTO: 'Need scalable ingestion and ML.' **Technical Requirements:** Ingest 500,000 msgs/sec. Store petabytes cost-effectively. Train ML models. Real-time anomaly detection. **Constraints:** Intermittent connectivity. Strict vehicle authentication. **QUESTION:** Which THREE GCP services should you combine to build the pipeline for real-time anomaly detection and predictive maintenance ML training? (Select THREE)

**CASE STUDY: HealthCare360** **Company Overview:** HealthCare360 provides EHR systems to hospitals in NA and EU. **Current Environment:** Isolated on-prem deployments. Fragmented data. **Business Requirements:** Centralize EHR in cloud. Enable cross-hospital research. Ensure compliance. **Executive Statements:** CEO: 'Transforming to SaaS.' CFO: 'Need cost attribution per tenant.' CSO: 'Zero compromise on HIPAA/GDPR.' **Technical Requirements:** Multi-region active-active deployment. Microservices on GKE. End-to-end encryption (CMEK). Strict network perimeters. **Constraints:** Zero data loss (RPO=0). RTO < 15 minutes. HIPAA (US) and GDPR (EU) compliance. **QUESTION:** To achieve the RTO (Recovery Time Objective) of < 15 minutes in the event of a regional failure, how should traffic be routed?

Your company has a hybrid cloud architecture. You have internal applications running on-premises and on GCP. You want on-premises servers to be able to resolve the DNS names of GCP Compute Engine instances (e.g., `myserver.c.myproject.internal`). How should you configure Cloud DNS?

You need to back up a 500 GB Persistent Disk attached to a Compute Engine instance. The disk contains a highly active database. You want to minimize the time the database is locked during the backup process. What is the most efficient way to take the backup?

You are managing a fleet of Compute Engine instances in a Managed Instance Group (MIG). The application processes messages from a Cloud Pub/Sub topic. Traffic is highly variable. You want the MIG to scale out when there is a backlog of messages and scale in when the queue is empty. How should you configure the autoscaler?

A microservices application is experiencing high latency. The architecture consists of an API Gateway, an Authentication service, a Business Logic service, and a Database. You need to identify exactly which service is causing the bottleneck. Which TWO GCP observability tools should you use? (Select TWO)

Your organization wants to implement a robust disaster recovery strategy for a critical Cloud SQL database. The database is currently in `us-central1`. The RPO is 10 minutes, and the RTO is 1 hour. Which THREE configurations are required to achieve this? (Select THREE)

CASE STUDY: TechStream Gaming Overview: Gaming company, 500 employees, $100M revenue. 200 on-prem servers (US/EU), MySQL 5TB. 2M peak users. $150K/mo cost. Business Req: Reduce cost 40%, 5x growth, 3 new regions, daily deployments. Execs: CEO wants scale; CFO caps budget at $100K/mo; CTO needs 99.95% uptime, notes team has limited cloud skills. Tech Req: <100ms global latency, real-time analytics, 5x seasonal spikes, EU data residency, DDoS protection. Constraints: 12-month migration, max 4-hour downtime. QUESTION: How should you address the CTO's concern about the team's limited cloud experience while achieving the goal of daily deployments?

CASE STUDY: ShopGlobal Overview: Retailer, 2000 employees, $500M revenue. US-Central co-lo, Java/Tomcat monolith, Oracle RAC 20TB, batch inventory sync. Business Req: Handle 10x Black Friday spikes, personalized recommendations, modernize to microservices. Execs: CEO wants omnichannel; CFO needs predictable spend; CTO demands zero downtime cutover. Tech Req: PCI-DSS compliance, automated image processing, real-time inventory, CI/CD. Constraints: Complex Oracle stored procedures, team learning containers, strict bi-annual audits. QUESTION: How should you address the CTO's requirement for a zero-downtime cutover from the legacy monolith to the new microservices?

CASE STUDY: AeroMech Overview: Aviation manufacturer, 5000 employees, $2B revenue. 100 engines, 10k sensors/engine, 1GB data/flight. On-prem Hadoop. Business Req: Predictive maintenance, secure data sharing with airlines, monetize data. Execs: CEO wants new revenue; CFO demands ML ROI; CTO says on-prem storage unfeasible. Tech Req: High-throughput ingestion, PB-scale storage, train ML on historical data, deploy ML to edge (aircraft). Constraints: Intermittent low-bandwidth flight connectivity, aviation data compliance, data scientists use Python/Jupyter. QUESTION: Which GCP service should you recommend for the data scientists to explore data and train models, given their preference for Python and Jupyter?

CASE STUDY: MediSecure Overview: Telehealth provider, 1500 employees, $300M revenue. Core app on AWS, 3 acquired clinics on VMware, fragmented EHRs, Active Directory. Business Req: Unify patient records, integrate clinics in 90 days, launch patient portal. Execs: CEO wants rapid integration; CFO wants CapEx to OpEx; CISO demands strict HIPAA/GDPR compliance. Tech Req: End-to-end PHI encryption, comprehensive audit logging, hybrid connectivity to clinics, DR (RPO 5m, RTO 1h). Constraints: Clinics have low bandwidth, high staff turnover requires automated IAM, legacy EHRs cannot be modified immediately. QUESTION: Which database architecture meets the Disaster Recovery requirements of RPO 5 minutes and RTO 1 hour for the unified patient portal?

You are designing a secure CI/CD pipeline for Google Kubernetes Engine (GKE). You must ensure that only container images that have been scanned for vulnerabilities and explicitly approved by the QA team can be deployed to the production cluster. Which GCP service should you use?

Your company is planning a massive marketing campaign that will require spinning up 5,000 new Compute Engine instances in the us-central1 region. What should you do first to ensure the capacity is available?

You are setting up a CI/CD pipeline using Cloud Build. You want the pipeline to automatically trigger whenever a developer pushes code to the 'main' branch in Cloud Source Repositories. Which TWO components must you configure? (Select TWO)

Your SRE team wants to implement Chaos Engineering to test the resilience of a microservices application running on GKE. Which THREE actions represent valid chaos engineering experiments in GCP? (Select THREE)

You need to design a logging architecture. Security audit logs must be retained for 3 years for compliance. Application error logs need to be analyzed in real-time to trigger alerts. Which TWO Cloud Logging export destinations should you configure? (Select TWO)

CASE STUDY: TechStream Gaming Overview: Industry: Gaming Size: 500 employees, $100M revenue Environment: - On-prem US/EU - 200 servers - MySQL (5 TB) - 2M peak users - $100K/mo cost Requirements: - Reduce costs 40% - 5x growth - Launch APAC/SA/Africa - Daily deployments Exec Statements: - CEO: Scale rapidly. - CFO: Max $100K/mo, 18mo ROI. - CTO: Limited cloud exp, 99.95% uptime. Tech Reqs: - <100ms latency globally - Real-time analytics - 5x seasonal spikes - EU data residency - DDoS protection - CI/CD Constraints: - 12mo migration - <4hr downtime - 20 Java/MySQL devs, 5 ops - $2M budget QUESTION: How should you design the real-time analytics pipeline for player behavior?

CASE STUDY: HealthData Inc Overview: Industry: Healthcare Analytics Size: 1000 employees Environment: - Co-located data center - Hadoop cluster - SFTP servers - 50 TB patient data Requirements: - ML models for diagnostics - Secure data sharing portals - Break data silos Exec Statements: - CEO: Need compute for ML. - CRO: HIPAA compliance is top priority. - CTO: Managed services needed to replace Hadoop. Tech Reqs: - Strict HIPAA compliance - Automated PHI de-identification - Comprehensive audit logging - CMEK - Network isolation (no public internet) Constraints: - US data sovereignty - 7-year retention (immutable) - Easy auditor access QUESTION: To satisfy the requirement for 'easy auditor access' to comprehensive audit logs, how should you configure Cloud Logging?

CASE STUDY: ManuIoT Overview: Industry: Manufacturing Size: 100 factories globally Environment: - 100,000 sensors - Local SCADA - Fragmented SQL Server DBs - No central analytics Requirements: - Predictive maintenance - Real-time global dashboards - Edge computing Exec Statements: - CEO: Monetize telemetry. - CFO: Costs must scale linearly. - VP Ops: Factory lines need local control if internet drops. Tech Reqs: - Ingest 1M msgs/sec - Stream processing - Offline factory capabilities - Train ML centrally, deploy to edge Constraints: - Low bandwidth/high latency at factories - Legacy MQTT protocol - Zero IT staff at factories QUESTION: To satisfy the VP of Operations' requirement for offline factory capabilities and local control, which solution should you deploy at the factories?

CASE STUDY: ManuIoT Overview: Industry: Manufacturing Size: 100 factories globally Environment: - 100,000 sensors - Local SCADA - Fragmented SQL Server DBs - No central analytics Requirements: - Predictive maintenance - Real-time global dashboards - Edge computing Exec Statements: - CEO: Monetize telemetry. - CFO: Costs must scale linearly. - VP Ops: Factory lines need local control if internet drops. Tech Reqs: - Ingest 1M msgs/sec - Stream processing - Offline factory capabilities - Train ML centrally, deploy to edge Constraints: - Low bandwidth/high latency at factories - Legacy MQTT protocol - Zero IT staff at factories QUESTION: Which service should you use to perform real-time anomaly detection on the streaming sensor data before it is stored?

A highly regulated financial institution uses GKE to run its applications. The security team mandates that only container images that have been scanned for vulnerabilities and explicitly signed by the QA team can be deployed to the production cluster. How should you enforce this policy?

Your company is designing a disaster recovery (DR) plan for a critical application. The business requirements state a Recovery Time Objective (RTO) of 15 minutes and a Recovery Point Objective (RPO) of 5 minutes. Which DR architecture should you implement?

Your team is planning a massive load testing event for a new application. You anticipate needing to provision 5,000 Compute Engine instances with GPUs in the `us-central1` region for a 48-hour period next weekend. What must you do to ensure the resources are available?

Your SRE team wants to implement Chaos Engineering to test the resilience of a microservices architecture running on GKE. Which TWO practices align with Chaos Engineering principles? (Select TWO)

Your team wants to deploy a new version of a critical application. They want to minimize risk by routing only 5% of user traffic to the new version initially, monitoring it for errors, and then gradually increasing the traffic to 100%. If errors occur, they want to instantly route all traffic back to the old version. Which TWO deployment strategies support this requirement? (Select TWO)

During a major incident where the primary database goes down, the incident response team is struggling to communicate. Multiple engineers are making uncoordinated changes, and stakeholders are constantly interrupting the engineers for updates. According to Google's Incident Response framework, which TWO roles should be explicitly assigned to resolve this chaos? (Select TWO)

A microservices application is experiencing performance degradation. Users report that certain API requests take over 5 seconds to complete. The architecture consists of an API Gateway, several Cloud Run services, and a Cloud SQL database. Which TWO GCP operations tools should the development team use to identify the bottleneck? (Select TWO)

CASE STUDY: ShopGlobal Company Overview: ShopGlobal is an international e-commerce retailer. They are preparing for their largest annual sales event (Black Friday) and want to migrate off their aging on-premises infrastructure. Current Technical Environment: - 3 on-premises data centers (US-East, US-West, EU-Central). - VMware vSphere environment with 500 VMs. - Monolithic Java application running on Tomcat. - Oracle RAC database for transactions. - 50 TB of product images on SAN storage. Business Requirements: - Ensure 100% availability during the upcoming holiday season. - Modernize the application architecture over the next 3 years. - Reduce capital expenditure (CapEx) by shifting to an OpEx model. Executive Statements: - CEO: "Downtime during Black Friday costs us $1M per hour. We need bulletproof reliability." - CFO: "We want to stop buying hardware. Move everything to a pay-as-you-go model." - CTO: "We want to eventually move to microservices, but we don't have time to rewrite the app before the holidays." Technical Requirements: - Migrate the existing VMs to the cloud with minimal changes initially. - Implement a global CDN for product images to reduce latency. - Set up disaster recovery with an RPO of 15 minutes and RTO of 1 hour. - Ensure PCI-DSS compliance for payment processing. Constraints: - The migration must be completed in 4 months (before the code freeze). - The Oracle database license cannot be easily transferred to the cloud. - The team has no experience with Kubernetes or containers yet. QUESTION: To meet the Disaster Recovery requirements (RPO of 15 minutes, RTO of 1 hour), how should you configure the architecture?

Your company is adopting a DevSecOps culture. The security team wants to ensure that only container images that have been built by the official CI/CD pipeline and scanned for vulnerabilities can be deployed to the production GKE cluster. How should you enforce this?

A startup is building a new mobile application. They need a backend to handle user authentication, store user profiles, and send push notifications. The engineering team consists of three frontend developers with no backend or infrastructure experience. The CEO wants the app launched in 2 months. Which approach should you recommend?

Your organization has adopted Site Reliability Engineering (SRE) practices. The development team wants to push a major new feature to production, but the operations team notes that the application has consumed 110% of its error budget for the current 30-day window due to recent outages. According to SRE principles, what should happen next?

Your company generates massive amounts of application logs across hundreds of Compute Engine VMs. The security team needs to retain all logs for 7 years for compliance. The operations team needs to query the last 30 days of logs in real-time to troubleshoot production issues. How should you configure Cloud Logging to meet BOTH requirements cost-effectively? (Select TWO)

Your organization is moving from a monolithic architecture with quarterly manual deployments to a microservices architecture with daily automated deployments. The Change Advisory Board (CAB) is concerned about losing control and visibility over what is being deployed. Which TWO practices should you implement to satisfy the CAB while maintaining deployment velocity? (Select TWO)

Your team is responsible for a highly available microservices application running on GKE. You want to proactively identify weaknesses in the system's resilience by intentionally injecting failures into the production environment. Which TWO practices or tools should you utilize? (Select TWO)