The constant restarting of instances in a Managed Instance Group (MIG) with a health check configured is characteristic of the autohealing feature. The MIG detects that the instances are unhealthy (failing the health check within 5 seconds) and attempts to "heal" the group by recreating them. To stop this restart loop and allow for debugging, the autohealing mechanism must be paused by disabling or removing the health check from the MIG. Once the instances are stable, adding the colleague's public SSH key to the project-wide metadata is a standard and effective method to grant them SSH access to all instances in the project for troubleshooting.

A. The IAM Viewer role is a read-only role and does not grant the necessary permissions (compute.instances.osLogin or compute.instances.setMetadata) to connect to a VM via SSH.

B. Performing a rolling restart will not solve the issue. The new instances created during the restart will still fail the health check and enter the same restart loop.

D. The question explicitly states that autoscaling is already disabled. The issue is caused by autohealing, which is a separate feature from autoscaling, even though both are part of MIGs.

1. Autohealing and Health Checks: Google Cloud documentation states

"Autohealing relies on a health check to determine if an application on an instance is responding as expected... If the health check determines that an application has failed

the group automatically recreates that instance." To stop this

the health check must be removed.

Source: Google Cloud Documentation

"Setting up health checking and autohealing

" Section: "How autohealing works."

2. Updating a Managed Instance Group: To disable the health check

you must update the instance group's configuration. The documentation outlines procedures for updating MIGs

which includes removing an associated health check.

Source: Google Cloud Documentation

"Updating managed instance groups (MIGs)

" Section: "Updating a health check for a MIG."

3. Managing SSH Keys: Project-wide public SSH keys can be used to grant access to all instances in a project. "When you add a public SSH key to a project

any user who has the private key can connect to any VM in that project that is configured to accept project-wide keys."

Source: Google Cloud Documentation

"Managing SSH keys in metadata

" Section: "Adding and removing project-wide public SSH keys."

4. IAM Roles for Compute Engine: The documentation for the Viewer role (roles/viewer) confirms it does not include permissions like compute.instances.setMetadata or IAP-based access

which are required for SSH connections.

Source: Google Cloud Documentation

"Compute Engine IAM roles

" Section: "Project roles."

This solution represents a reliable, cost-effective, and event-driven architecture using fully managed Google Cloud services. Cloud Monitoring uptime checks are specifically designed for externally monitoring URL availability from multiple global locations, ensuring high reliability. When a failure is detected, an alert is triggered. Using Pub/Sub as a notification channel decouples the monitoring system from the remediation action, providing durability. A Cloud Function is the ideal serverless, low-cost compute option to execute the remediation logic (switching the URL) and sending a notification to the Ops team. This serverless approach perfectly aligns with the "minimum cost" requirement as you only pay for execution time.

A. Create a scheduled job in Cloud Run...: While serverless, this is a polling mechanism you build yourself. Cloud Monitoring uptime checks are a more reliable, globally distributed, and purpose-built service for this exact task, making them the superior choice.

B. Create a cron job on a Compute Engine VM...: This is not a cost-effective or reliable solution. It requires a continuously running VM, incurring unnecessary costs and management overhead. The VM itself is a single point of failure.

D. Use Cloud Error Reporting...: This is the wrong tool. Cloud Error Reporting is designed to aggregate and analyze application-level errors and exceptions (e.g., stack traces), not to check for HTTP endpoint availability or reachability.

1. Cloud Monitoring Uptime Checks: Official documentation states

"Uptime checks let you verify that your resources are reachable... from locations around the world." This service is the correct tool for monitoring the legacy application's URL.

Source: Google Cloud Documentation

"Managing uptime checks

" Section: "About uptime checks."

2. Cloud Monitoring Alerting with Pub/Sub: Alerting policies can use Pub/Sub as a notification channel

enabling programmatic actions in response to alerts. This supports the event-driven architecture described in the correct answer.

Source: Google Cloud Documentation

"Notification options

" Section: "Pub/Sub."

3. Cloud Functions Triggers: Cloud Functions can be triggered by messages published to a Pub/Sub topic. This is the standard pattern for creating event-driven

serverless responses to system events.

Source: Google Cloud Documentation

"Cloud Pub/Sub triggers."

4. Serverless Cost Model: The pay-per-use pricing model of Cloud Functions and other serverless components makes them highly cost-effective for workloads that are not continuously active

such as responding to an infrequent failure event.

Source: Google Cloud Functions Documentation

"Google Cloud Functions pricing

" Section: "Pricing details."

The provided stack trace shows a java.lang.SecurityException with two key messages: "digest ... does not match the digest specified in the manifest" and "has unsigned entries." This indicates that a signed JAR file has been tampered with or improperly packaged after its manifest and signature were created. The Java runtime, as part of the Google App Engine security sandbox, verifies the integrity of signed code upon deployment. It found that the content of a class file does not match the cryptographic hash stored in the JAR's manifest, and that an unsigned class was present in a signed JAR. Digitally signing all JAR files correctly will regenerate the manifests and signatures, ensuring the integrity of the package and resolving this security exception.

A. Upload missing JAR files and redeploy your application.

The stack trace indicates a SecurityException due to a file integrity issue, not a ClassNotFoundException or NoClassDefFoundError, which would signal a missing file.

C. Recompile the CLoakedServlet class using and MD5 hash instead of SHA1.

The problem is with the JAR package's digital signature and manifest, not the compilation of an individual class file or the specific hash algorithm used.

1. Oracle

The Java™ Tutorials

"Signing and Verifying JAR Files": This document explains the purpose of JAR signing. The runtime verifies that the JAR file has not been altered since it was signed. The error "digest ... does not match" is a direct result of a failed integrity check

which this verification process performs. The tutorial states

"When a signed JAR file is being verified

the digests of each of its entries are re-computed and compared with the digests recorded in the manifest."

Source: Oracle Java Documentation

https://docs.oracle.com/javase/tutorial/deployment/jar/signing.html

Section: "Verifying a Signed JAR File".

2. Google Cloud Documentation

"The Java 8 runtime environment": The App Engine standard environment runs applications in a security sandbox. This restricted environment enforces strict security checks

including the verification of code integrity from signed JARs

which is why this SecurityException is thrown during deployment.

Source: Google Cloud Documentation

https://cloud.google.com/appengine/docs/standard/java/runtime

Section: "The sandbox".

3. Oracle

Java SE Tools Reference

"jarsigner": The jarsigner tool is used to sign JAR files and verify their signatures. The error message "has unsigned entries" is a common problem when a signed JAR is modified without being re-signed. Using jarsigner to properly sign all application JARs is the correct procedure to fix this issue.

Source: Oracle Java Documentation

https://docs.oracle.com/en/java/javase/17/docs/specs/man/jarsigner.html

Description section.

This combination of services directly addresses all of Dress4Win's requirements.

Cloud Monitoring provides the performance metrics (e.g., CPU utilization, request count) necessary to inform infrastructure autoscaling decisions, satisfying the need to handle traffic spikes.

Cloud Logging aggregates logs from all hosts, and its powerful filtering capabilities allow developers to isolate and analyze logs from a specific piece of the application for debugging purposes.

Cloud Alerting (a feature within Cloud Monitoring) and Error Reporting work together to meet the notification requirement. Error Reporting automatically aggregates and surfaces application errors, while Alerting can be configured to send notifications to administrators when specific errors or metric thresholds are detected.

A: "Insights" is a general term, not a specific product, and Cloud Debugger is used for inspecting the live state of an application, not for filtering aggregated logs as the requirement specifies.

B: Cloud Trace is for latency analysis, and Cloud Debugger is for live-state inspection. Neither directly addresses the requirement of debugging by filtering aggregated logs.

D: Cloud Debugger is incorrect for this scenario. The requirement is to debug by filtering logs, which is a core function of Cloud Logging, not the live-state inspection provided by Cloud Debugger.

1. Cloud Monitoring for Autoscaling: Official Google Cloud Documentation

"Autoscaling based on Cloud Monitoring metrics." This document states

"You can create an autoscaler that scales a managed instance group (MIG) based on a Cloud Monitoring metric." This directly supports using Monitoring for the first requirement.

2. Cloud Logging for Debugging: Official Google Cloud Documentation

"Log Explorer overview." The documentation explains

"The Log Explorer page lets you retrieve

view

and analyze log data... When you build a query

you can select one or more projects..." This confirms its use for filtering aggregated logs from many hosts for debugging.

3. Error Reporting for Notifications: Official Google Cloud Documentation

"Error Reporting overview." This page states

"Error Reporting counts

analyzes

and aggregates the crashes in your running cloud services... When a new error is identified... Error Reporting sends a notification." This directly addresses the requirement for automatic error notifications.

4. Cloud Alerting for Notifications: Official Google Cloud Documentation

"How alerting works." It details that "Cloud Monitoring alerting notifies you in a timely manner when performance criteria that you specify are met." This covers the general notification requirement.

5. Cloud Debugger (Incorrect for this scenario): Official Google Cloud Documentation

"Cloud Debugger overview." The documentation clarifies its purpose: "Cloud Debugger... lets you inspect the state of a running application

at any code location

without stopping or slowing it down." This is a different function from analyzing historical

aggregated logs.

This architecture represents a canonical, scalable pattern for IoT data ingestion and analysis on Google Cloud. Cloud IoT Core provides secure device management and telemetry ingestion. Data is passed to Cloud Pub/Sub, a scalable messaging service that decouples ingestion from processing. Cloud Dataflow performs stream and batch processing, preparing the data for analysis. Finally, data is loaded into BigQuery, a petabyte-scale data warehouse, which allows analysts to run complex SQL queries centrally. This directly fulfills the requirement for a central query system for analysts to perform predictive failure analysis on raw vehicle data.

B: Cloud SQL is a relational database designed for transactional workloads (OLTP), not for storing and querying petabytes of raw telemetry data for analytics. It would not scale appropriately.

C: Cloud Datastore is a NoSQL transactional database not optimized for large-scale analytical queries. Using Compute Engine for ingestion also adds unnecessary operational overhead compared to a managed service like IoT Core.

D: Cloud Spanner is a globally distributed, strongly consistent relational database for mission-critical transactional workloads. It is not a cost-effective or suitable choice for ingesting and analyzing high-volume telemetry data.

1. Google Cloud Solutions

"Predictive maintenance on Google Cloud": This official solution guide presents a reference architecture that is nearly identical to Option A. It details using IoT Core for ingestion

Pub/Sub for messaging

Dataflow for processing

and BigQuery for analytics and feeding data to AI Platform for model training. This validates the entire pipeline shown in Option A as a best practice.

2. Google Cloud Documentation

"What is BigQuery?": "BigQuery is a fully managed enterprise data warehouse that helps you manage and analyze your data with built-in features like machine learning... BigQuery's serverless architecture lets you use SQL queries to answer your organization's biggest questions". This supports BigQuery's role as the central query engine for analysts.

3. Google Cloud Documentation

"Choosing a storage option": This documentation page compares database services. It positions BigQuery for "Analytics data warehousing" and Cloud SQL/Spanner for "Transactional workloads (OLTP)". This clarifies why Cloud SQL (Option B) and Cloud Spanner (Option D) are incorrect choices for this analytical use case.

4. Google Cloud Documentation

"Cloud IoT Core overview": "Cloud IoT Core... allows you to easily and securely connect

manage

and ingest data from millions of globally dispersed devices... you can use it to establish two-way communication with your devices... In conjunction with other services in Google Cloud IoT platform

you can build a complete IoT solution". This confirms IoT Core as the appropriate entry point for the telemetry data.

This option presents a comprehensive and practical strategy for scaling a Cloud SQL instance according to the specified requirements.

1. Enable automatic storage increase: This is the recommended best practice for managing storage in Cloud SQL. It proactively prevents the instance from running out of disk space by automatically adding capacity when usage reaches a threshold, thus avoiding downtime and manual intervention.

2. Alert on CPU usage and resize: Creating a Cloud Monitoring (formerly Stackdriver) alert for CPU usage exceeding 75% allows for a reactive, just-in-time approach to scaling. When the threshold is breached, an administrator can vertically scale the instance by changing the machine type to one with more vCPUs, thereby maintaining the desired performance level.

3. Alert on replication lag and shard: High replication lag is often a symptom of a primary instance being overwhelmed with write operations. Monitoring this metric is crucial. Sharding is an advanced database scaling technique that horizontally partitions data across multiple databases, distributing the write load and effectively reducing replication lag for very large-scale systems.

B: Preemptively changing to a 32-core machine is inefficient overprovisioning. It does not follow the principle of scaling as usage increases and leads to unnecessary costs.

C: Relying on manual alerts for storage is less reliable than the built-in automatic increase feature. Deploying memcached is an application-level caching strategy, not a direct scaling action for the Cloud SQL instance itself.

D: This option also incorrectly suggests manual storage management and proposes an application-level change (memcached) instead of a direct database scaling action for CPU management.

1. Automatic Storage Increase: Google Cloud Documentation

"Edit instance settings

" under the "Storage" section. It states

"To prevent your instance from running out of storage... you can configure your instance to automatically increase its storage capacity when you are close to the limit." This supports step 1 of the correct answer.

Source: Google Cloud Documentation

"Cloud SQL for MySQL > How-to guides > Edit an instance".

2. CPU Monitoring and Scaling: Google Cloud Documentation

"Metrics for Cloud SQL

" lists cloudsql.googleapis.com/database/cpu/utilization as a key metric to monitor. The "Editing an instance" documentation details how to change the machine type (vCPUs and memory) to scale vertically. This combination supports the monitor-and-scale approach in step 2.

Source: Google Cloud Documentation

"Cloud SQL > Monitoring > Metrics".

Source: Google Cloud Documentation

"Cloud SQL for MySQL > How-to guides > Edit an instance".

3. Replication Lag and Sharding: Google Cloud Documentation

"Diagnosing issues with Cloud SQL read replicas

" identifies high write activity on the primary as a cause for replication lag. For handling such high throughput

sharding is a recognized horizontal scaling pattern.

Source: Google Cloud Documentation

"Cloud SQL for MySQL > Concepts > Replication > Diagnosing issues with Cloud SQL read replicas".

Source: Google Cloud Architecture Center

"Design patterns for scale

" discusses sharding as a pattern to "partition a data store into a number of horizontal shards" to improve scalability.

This combination of services directly addresses all of Mountkirk Games' requirements. Google Kubernetes Engine (GKE) is the ideal platform for deploying and managing containerized microservices, enabling rapid updates and rollbacks. Google Container Registry (now part of Artifact Registry) provides a private, secure location to store the immutable container images used as deployment artifacts. The Google HTTP(S) Load Balancer is a global service that provides a single Anycast IP address to distribute traffic to backends in multiple regions (US and Europe), satisfying the multi-region and single frontend IP requirements. It can be configured to expose only the frontend services to the public internet.

A. Google Cloud Storage, Google Cloud Dataflow, Google Compute Engine: Google Cloud Dataflow is a data processing service and is irrelevant for deploying a continuous delivery pipeline for microservices.

B. Google Cloud Storage, Google App Engine, Google Network Load Balancer: The Google Network Load Balancer is a regional service and cannot provide a single IP address for services deployed across multiple regions like the US and Europe.

D. Google Cloud Functions, Google Cloud Pub/Sub, Google Cloud Deployment Manager: This set of tools does not provide a complete runtime and networking solution for the described stateful microservices architecture; it's more suited for event-driven, serverless patterns.

1. Google HTTP(S) Load Balancer: Official Google Cloud documentation states

"The External HTTP(S) Load Balancer is a global load balancer... It can balance HTTP and HTTPS traffic to backends hosted on Compute Engine and Google Kubernetes Engine (GKE)... With the Premium Tier

you can configure a global load balancing service. You get a single global IP address for your application."

Source: Google Cloud Documentation

"External HTTP(S) Load Balancing overview

" Section: "Global versus regional."

2. Google Kubernetes Engine (GKE): GKE is designed for deploying and operating applications using a microservices architecture. It automates deployment

scaling

and management of containerized applications

which facilitates quick updates and rollbacks.

Source: Google Cloud Documentation

"Google Kubernetes Engine (GKE) overview

" Section: "Features."

3. Google Container Registry (GCR): GCR is used to "Store

manage

and secure your Docker container images." Container images are immutable artifacts

which aligns with the requirement.

Source: Google Cloud Documentation

"Container Registry

" Product Overview.

4. Google Network Load Balancer (Regional Nature): The documentation for the external TCP/UDP Network Load Balancer specifies its regional scope: "External TCP/UDP Network Load Balancers are regional. This means that an external TCP/UDP Network Load Balancer cannot span more than one region."

Source: Google Cloud Documentation

"External TCP/UDP Network Load Balancing overview

" Section: "Regional scope."

For testing a disaster recovery (DR) plan using Google-recommended practices, automation and observability are key. Cloud Deployment Manager is Google Cloud's native, declarative Infrastructure as Code (IaC) service, ideal for automating the repeatable and reliable provisioning of a DR environment. This ensures consistency between tests. Once the DR environment is active, the Cloud Operations suite (formerly Stackdriver) provides the necessary native capabilities for comprehensive monitoring, logging, and debugging. It allows you to verify that the application is performing correctly, meets its recovery time objective (RTO) and recovery point objective (RPO), and to diagnose any issues that arise during the test. This combination represents a robust, native, and recommended approach.

A. Activity Logs (now part of Cloud Audit Logs) are primarily for auditing administrative actions and security events, not for monitoring application health or performance during a DR test.

C. While gcloud scripts can automate provisioning, they are imperative. Declarative tools like Deployment Manager are generally recommended for managing complex infrastructure states. This option also incorrectly suggests Activity Logs for monitoring.

D. This option is too generic ("automated scripts") and incorrectly specifies Activity Logs for monitoring and debugging the application's operational state.

1. Disaster recovery planning guide (Google Cloud Documentation): This guide explicitly recommends using IaC and monitoring. It states

"Use tools such as Deployment Manager or Terraform to automate the creation of your infrastructure... After you've failed over to your recovery site

it's critical that you can monitor the components that you've deployed." This supports the combination of an automation tool (Deployment Manager) and a monitoring solution (Cloud Operations/Stackdriver).

2. Cloud Deployment Manager Overview (Google Cloud Documentation): "Cloud Deployment Manager is an infrastructure deployment service that automates the creation and management of Google Cloud resources... [It] allows you to specify all the resources needed for your application in a declarative format". This confirms its role as the recommended native tool for automated

declarative provisioning.

3. Cloud Monitoring Overview (Google Cloud Documentation): "Cloud Monitoring collects metrics

events

and metadata from Google Cloud services... to generate insights via dashboards and charts and through alerts." This establishes its function as the primary tool for observing the health and performance of applications and infrastructure

which is essential for debugging a DR test.

4. Cloud Audit Logs Overview (Google Cloud Documentation): "Google Cloud services write audit logs to help you answer the questions

'who did what

where

and when?' within your Google Cloud resources." This clarifies that its purpose is for auditing administrative activity

not for performance monitoring as required by the scenario.

For transferring large datasets (tens of terabytes to petabytes), Google's recommended practice is to use an offline transfer method to avoid the time and cost constraints of network transfers. Transfer Appliance is specifically designed for this purpose. The process involves receiving a physical appliance, copying the 75 TB of data to it, and shipping it back to Google. At the Google ingestion facility, the encrypted data is decrypted and transferred (a process sometimes referred to as rehydration) into the designated Cloud Storage bucket. This method is significantly faster and more reliable than uploading 75 TB over a standard internet connection.

B: Cloud Dataprep is a service for visually exploring, cleaning, and preparing structured and unstructured data for analysis and machine learning. It is not used for data transfer or decryption from a Transfer Appliance.

C: Using gsutil for a 75 TB transfer would be extremely slow and unreliable over most internet connections, potentially taking weeks or months. While resumable transfers add reliability, Transfer Appliance is the recommended solution for this data volume.

D: This option is incorrect for the same reason as C; the data volume is too large for an online transfer to be the recommended practice. Additionally, streaming transfers are typically used for data from stdin, not for uploading a large set of existing files.

1. Google Cloud Documentation

"Choosing a transfer option": The official decision tree recommends Transfer Appliance for transferring more than 20 TB of data if the transfer would take more than one week online. For 75 TB

this is almost always the case.

Source: Google Cloud Documentation

"Data Transfer"

Section: "Choosing a transfer option".

2. Google Cloud Documentation

"Transfer Appliance overview": This document explicitly states

"Transfer Appliance is a hardware appliance you can use to securely migrate large amounts of data... to Google Cloud Storage." It is recommended for data sizes from hundreds of terabytes up to 1 petabyte.

Source: Google Cloud Documentation

"Transfer Appliance"

Section: "Overview".

3. Google Cloud Documentation

"How Transfer Appliance works": The process is detailed as: 1. Request appliance

2. Copy data to appliance

3. Ship appliance back to Google

4. Google uploads your data to Cloud Storage. This confirms that Google handles the final decryption and upload step.

Source: Google Cloud Documentation

"Transfer Appliance"

Section: "How Transfer Appliance works".

This design adheres to Google's best practices for both cost optimization and compliance. For non-time-critical batch workloads, Preemptible VMs (now called Spot VMs) provide the same machine types as standard VMs but at a much lower price (up to 91% discount), directly addressing the cost management requirement.

For HIPAA compliance, a procedural policy to "discontinue use" is insufficient. The best practice is to implement a technical, preventative control. Using the Organization Policy Service with the gcp.restrictServiceUsage constraint allows administrators to programmatically disable all services and APIs not covered under Google's HIPAA Business Associate Addendum (BAA), thereby enforcing compliance and preventing accidental use of non-compliant services.

A. This option is weaker because it relies only on a procedural control ("discontinue use") for compliance, which is prone to human error, instead of a technical enforcement mechanism.

C. This option is incorrect because it uses more expensive standard VMs for workloads that are ideal for cost-effective Preemptible/Spot VMs and uses a weak procedural compliance control.

D. This option is incorrect because it uses standard VMs, which are not the most cost-effective choice for non-time-critical batch workloads, failing to meet the cost management goal optimally.

1. Google Cloud Documentation

"Spot VMs": "Spot VMs are highly affordable compute instances suitable for batch jobs and fault-tolerant workloads. Spot prices are up to 91% lower than on-demand prices." This supports using preemptible/spot VMs for cost-effective batch processing.

Source: https://cloud.google.com/compute/docs/instances/spot

Introduction section.

2. Google Cloud Documentation

"Organization Policy Service

Service restrictions": "The Resource Service Usage restriction allows you to define the set of Google Cloud services that can be used in a resource hierarchy... This is often used in the context of regulatory compliance to prevent the use of services that do not meet the requirements." This supports the practice of disabling non-compliant services.

Source: https://cloud.google.com/resource-manager/docs/organization-policy/service-restrictions

Overview section.

3. Google Cloud Documentation

"HIPAA Compliance on Google Cloud": This document outlines Google's approach to HIPAA and lists the specific products covered under the BAA. It states

"Customers who are subject to HIPAA and wish to use any Google Cloud products in connection with PHI must sign a Business Associate Addendum (BAA) with Google." This establishes the need to restrict usage to only these covered services.

Source: https://cloud.google.com/security/compliance/hipaa

"Products in scope" section.

4. Google Cloud Architecture Framework

"Design for compliance": "Use preventative controls to enforce compliance boundaries. For example

you can use organization policies to restrict which Google Cloud services are available for use..." This reinforces that disabling services via policy is a recommended best practice for compliance.

Source: https://cloud.google.com/architecture/framework/security/design-for-compliance

"Enforce compliance boundaries" section.