Common Technical Interview Questions and Answers Update on October 30, 2021

Exam Question 21

BankyBank wants to build an online transactional processing tool that requires a relational database with petabyte-scale data. What tool should you use?

A. BigQuery
B. Cloud SQL
C. Cloud Spanner
D. Cloud Bigtable
Correct Answer:
C. Cloud Spanner
Answer Description:
Cloud Spanner is the online transaction processing solution that is relational and offers petabyte scalability. Cloud SQL is not designed for petabyte-scale data.

Exam Question 22

A canary deployment:

A. Deploys a release to a subset of users
B. Deploys a release to a subset of servers
C. Deploys a release to a cloned production environment
D. Deploys a release to a percentage of your nonproduction traffic
Correct Answer:
A. Deploys a release to a subset of users
Answer Description:
A canary release deploys your releases to a subset of users so that you can test the deployment with these users before pushing the changes to everyone.

Exam Question 23

All the following are metrics except which one?

A. Average CPU utilization
B. Average memory utilization
C. HTTP load balancer requests per second
D. Average time to rehydrate AMIs
Correct Answer:
D. Average time to rehydrate AMIs
Answer Description:
AMI rehydration is not a metric, and AMIs do not exist in Google Cloud Platform — AMIs are from AWS.

Exam Question 24

You are designing a complex architecture that connects many services to a central database. How should you store the credentials securely?

A. Store the keys in the source code.
B. Leverage a secret management system.
C. Store them in a configuration file.
D. Memorize them.
Correct Answer:
B. Leverage a secret management system.
Answer Description:
Leverage a secrets manager if you need to store and manage your secret keys. Too often, developers run shortcuts and store their secrets in code during development, and then they forget to remove the secrets when they go to production — which are then gained by hackers scanning GitHub for the noobs who don’t secure their secrets! It’s one of the biggest attack vectors in the modern day!

Exam Question 25

Replatforming means:

A. Lifting and shifting your existing applications into GCP without making any changes to the platform or applications
B. Lifting and optimizing your applications and workloads without rewriting them, but running them on GCP cloud-native platforms
C. Moving and improving your existing applications and workloads to run on modern form factors without modifying code
D. Completely redesigning your entire application from scratch on GCP
Correct Answer:
B. Lifting and optimizing your applications and workloads without rewriting them, but running them on GCP cloud-native platforms
Answer Description:
Replatforming is basically lifting your applications from your existing platform and onto a new platform and then optimizing them without needing to rewrite them. If you have a bunch of VMs in VMware on premises, you can just run them on GCE and reap the benefits of using the Google GCE platform.

Exam Question 26

What is the most important security awareness training topic?

A. Physical security
B. Daily computing protections
C. Social engineering
D. Remote computing protections
E. All of the above
Correct Answer:
E. All of the above
Answer Description:
Security awareness programs’ main topics should include physical security and social engineering training, as well as routine security best practices for remote or on-premises work.

Exam Question 27

Which of the following is not a reason why security awareness training is essential for executives?

A. Corporate travel may expose executives to foreign government or commercial adversaries.
B. Greater access privileges make executives valuable targets for credential theft.
C. Executives are worse at retaining security basics than other employees.
D. Cyberespionage campaigns exploit executives who are privy to their organization’s sensitive trade secrets.
Correct Answer:
C. Executives are worse at retaining security basics than other employees.
Answer Description:
Security awareness training is essential for executives due to their privileged access, knowledge of trade secrets and increased exposure to risk during travel, making them high-value targets for attackers.

Exam Question 28

Why are humans still the weakest link despite security training and resources?

A. Threat actors spend their days thinking of new ways to exploit human vulnerabilities and are rewarded for their innovation.
B. Average people do not spend all their time thinking about security and may feel powerless in preventing attacks.
C. Cybersecurity practitioners may be the only people at their organizations who spend their workdays focused on prevention, protection and mitigation activities.
D. All of the above
Correct Answer:
D. All of the above
Answer Description:
Humans are still the weakest link because, if cybersecurity or cybercrime is not in their job description, security can become a minor concern relative to other work responsibilities.

Exam Question 29

True or false: IT leaders need to communicate the security risks of deepfake technology to all employees.

A. True
B. False
Correct Answer:
A. True
Answer Description:
Because of the security risks of deepfakes, IT leaders should create processes for identifying and reporting digital impersonations and encourage employees to think critically about potentially altered content.

Exam Question 30

Why is the phishing simulation fail rate — the percentage of users who click on a suspicious email — useful to security teams?

A. It is used to determine which employees should be promoted.
B. It is used to evaluate the efficacy of security awareness training.
C. It is used to name and shame users who failed the phishing test.
D. It is not useful to security teams.
Correct Answer:
B. It is used to evaluate the efficacy of security awareness training.
Answer Description:
The phishing simulation fail rate metric can be used to evaluate the effectiveness of security awareness training and provide insight on an organization’s overall risk level.