You are running a containerized application on Google Kubernetes Engine. Your container images are stored in Container Registry. Your team uses CI/CD practices. You need to prevent the deployment of containers with known critical vulnerabilities. What should you do?

A. Use Web Security Scanner to automatically crawl your application Review your application logs for scan results, and provide an attestation that the container is free of known critical vulnerabilities Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed

B. Use Web Security Scanner to automatically crawl your application Review the scan results in the scan details page in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed

C. Enable the Container Scanning API to perform vulnerability scanning Review vulnerability reporting in Container Registry in the Cloud Console, and provide an attestation that the container is free of known critical vulnerabilities Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed

D. Enable the Container Scanning API to perform vulnerability scanning Programmatically review vulnerability reporting through the Container Scanning API, and provide an attestation that the container is free of known critical vulnerabilities Use Binary Authorization to implement a policy that forces the attestation to be provided before the container is deployed

You recently deployed your application in Google Kubernetes Engine, and now need to release a new version of your application. You need the ability to instantly roll back to the previous version in case there are issues with the new version. Which deployment model should you use?

A. Perform a rolling deployment, and test your new application after the deployment is complete.

B. Perform A/B testing, and test your application periodically after the new tests are implemented.

C. Perform a blue/green deployment, and test your new application after the deployment is complete.

D. Perform a canary deployment, and test your new application periodically after the new version is deployed.

Your existing application keeps user state information in a single MySQL database. This state information is very user-specific and depends heavily on how long a user has been using an application.

The MySQL database is causing challenges to maintain and enhance the schema for various users.

Which storage option should you choose?

A. Cloud SQL

B. Cloud Storage

C. Cloud Spanner

D. Cloud Datastore/Firestore

You manage an application that runs in a Compute Engine instance. You also have multiple backend services executing in stand-alone Docker containers running in Compute Engine instances. The Compute Engine instances supporting the backend services are scaled by managed instance groups in multiple regions. You want your calling application to be loosely coupled. You need to be able to invoke distinct service implementations that are chosen based on the value of an HTTP header found in the request. Which Google Cloud feature should you use to invoke the backend services?

A. Traffic Director

B. Service Directory

C. Anthos Service Mesh

D. Internal HTTP(S) Load Balancing

HipLocal's.net-based auth service fails under intermittent load. What should they do?

A. Use App Engine for autoscaling.

B. Use Cloud Functions for autoscaling.

C. Use a Compute Engine cluster for the service.

D. Use a dedicated Compute Engine virtual machine instance for the service.