PROFESSIONAL-CLOUD-NETWORK-ENGINEER Exam Questions
262 real PROFESSIONAL-CLOUD-NETWORK-ENGINEER exam questions with expert-verified answers and explanations. Page 3 of 6.
- Question #101Configuring network services
You recently deployed Cloud VPN to connect your on-premises data canter to Google Cloud. You need to monitor the usage of this VPN and set up alerts in case traffic exceeds the max...
Cloud MonitoringMonitoring Query Language (MQL)VPN monitoringAlerting - Question #102Designing, planning, and prototyping a Google Cloud network
You have applications running in the us-west1 and us-east1 regions. You want to build a highly available VPN that provides 99.99% availability to connect your applications from you...
HA VPNCloud RouterCross-project connectivityNetwork design - Question #103Designing, planning, and prototyping a Google Cloud network
You need to create the network infrastructure to deploy a highly available web application in the us-east1 and us-west1 regions. The application runs on Compute Engine instances, a...
VPC networkingMulti-region deploymentHigh AvailabilityNetwork architecture - Question #104Configuring network services
You are the network administrator responsible for hybrid connectivity at your organization. Your developer team wants to use Cloud SQL in the us-west1 region in your Shared VPC. Yo...
Cloud SQL Private Services AccessVPC Network PeeringHybrid ConnectivityRouting - Question #105Implementing a Google Cloud network
Your company has separate Virtual Private Cloud (VPC) networks in a single region for two departments: Sales and Finance. The Sales department's VPC network already has connectivit...
VPC Network PeeringCloud RouterHA VPNRoute Propagation - Question #106Configuring network services
You recently noticed a recurring daily spike in network usage in your Google Cloud project. You need to identify the virtual machine (VM) instances and type of traffic causing the...
VPC Flow LogsNetwork MonitoringTraffic AnalysisCost Optimization - Question #107Configuring network services
You need to enable Private Google Access for use by some subnets within your Virtual Private Cloud (VPC). Your security team set up the VPC to send all internet-bound traffic back...
Private Google AccessVPC Service ControlsCloud DNSAPI Connectivity - Question #108Implementing network security
You have deployed an HTTP(s) load balancer, but health checks to port 80 on the Compute Engine virtual machine instance are failing, and no traffic is sent to your instances. You w...
Firewall RulesHealth ChecksLoad BalancerNetwork Troubleshooting - Question #109Implementing network security
You deployed a hub-and-spoke architecture in your Google Cloud environment that uses VPC Network Peering to connect the spokes to the hub. For security reasons, you deployed a priv...
GKEAuthorized NetworksVPC Network PeeringNetwork Security - Question #110Implementing a Google Cloud network
You recently deployed your application in Google Cloud. You need to verify your Google Cloud network configuration before deploying your on-premises workloads. You want to confirm...
Network Intelligence CenterNetwork TopologyNetwork Configuration ValidationHybrid Connectivity - Question #111Implementing network security
In your Google Cloud organization, you have two folders: Dev and Prod. You want a scalable and consistent way to enforce the following firewall rules for all virtual machines (VMs)...
Hierarchical Firewall PoliciesNetwork SecurityFolder-level EnforcementScalable Network Policies - Question #113Implementing a Google Cloud network
Your company's on-premises network is connected to a VPC using a Cloud VPN tunnel. You have a static route of 0.0.0.0/0 with the VPN tunnel as its next hop defined in the VPC. All...
Cloud NATVPC RoutingDefault RouteCloud VPN - Question #114Designing, planning, and prototyping a Google Cloud network
You are designing a Partner Interconnect hybrid cloud connectivity solution with geo-redundancy across two metropolitan areas. You want to follow Google-recommended practices to se...
Partner InterconnectHybrid CloudHigh AvailabilityCloud Router - Question #115Designing, planning, and prototyping a Google Cloud network
You are designing the network architecture for your organization. Your organization has three developer teams: Web, App, and Database. All of the developer teams require access to...
Shared VPCNetwork ArchitectureOrganizational DesignCentralized Network Control - Question #116Designing, planning, and prototyping a Google Cloud network
Your company has 10 separate Virtual Private Cloud (VPC) networks, with one VPC per project in a single region in Google Cloud. Your security team requires each VPC network to have...
Network HubCentralized Security InspectionVPC PeeringHybrid Connectivity - Question #117Configuring network services
You have just deployed your infrastructure on Google Cloud. You now need to configure the DNS to meet the following requirements: Your on-premises resources should resolve your Goo...
Hybrid DNSCloud DNSDNS forwardingNetwork resolution - Question #118Designing, planning, and prototyping a Google Cloud network
Your organization uses a hub-and-spoke architecture with critical Compute Engine instances in your Virtual Private Clouds (VPCs). You are responsible for the design of Cloud DNS in...
Cloud DNSHybrid NetworkingDNS ForwardingPrivate DNS Zones - Question #119Designing, planning, and prototyping a Google Cloud network
You have a Cloud Storage bucket in Google Cloud project XYZ. The bucket contains sensitive data. You need to design a solution to ensure that only instances belonging to VPCs under...
VPC Service ControlsData Exfiltration PreventionCloud Storage SecurityNetwork Perimeter - Question #120Configuring network services
You are maintaining a Shared VPC in a host project. Several departments within your company have infrastructure in different service projects attached to the Shared VPC and use Ide...
Shared VPCVPC Network PeeringNetwork TroubleshootingConnectivity Tests - Question #121Designing, planning, and prototyping a Google Cloud network
Your organization has Compute Engine instances in us-east1, us-west2, and us-central1. Your organization also has an existing Cloud Interconnect physical connection in the East Coa...
VPC routing modeCloud InterconnectMulti-region networkingHigh availability - Question #122Implementing network security
You recently configured Google Cloud Armor security policies to manage traffic to your application. You discover that Google Cloud Armor is incorrectly blocking some traffic to you...
Google Cloud ArmorLoggingTroubleshootingWAF - Question #123Implementing a Google Cloud network
You are the Organization Admin for your company. One of your engineers is responsible for setting up multiple host projects across multiple folders and sharing subnets with service...
Shared VPCIAM RolesOrganization HierarchyNetwork Administration - Question #124Designing, planning, and prototyping a Google Cloud network
You recently deployed Compute Engine instances in regions us-west1 and us-east1 in a Virtual Private Cloud (VPC) with default routing configurations. Your company security policy m...
Cloud NATPrivate IPNetwork egressRegional services - Question #125Implementing network security
You are designing a new global application using Compute Engine instances that will be exposed by a global HTTP(S) load balancer. You need to secure your application from distribut...
Cloud ArmorDDoS ProtectionWAFHTTP(S) Load Balancer Security - Question #126Implementing a Google Cloud network
Your organization's security policy requires that all internet-bound traffic return to your on- premises data center through HA VPN tunnels before egressing to the internet, while...
VPC RoutingBGPCloud RouterOn-premises Egress - Question #127Designing, planning, and prototyping a Google Cloud network
Your company has defined a resource hierarchy that includes a parent folder with subfolders for each department. Each department defines their respective project and VPC in the ass...
Hierarchical Firewall PoliciesNetwork SecurityResource HierarchyFirewall Rule Delegation - Question #128Implementing network security
You have two Google Cloud projects in a perimeter to prevent data exfiltration. You need to move a third project inside the perimeter; however, the move could negatively impact the...
VPC Service ControlsSecurity PerimeterDry Run ModeImpact Analysis - Question #129Implementing network security
You are configuring an HA VPN connection between your Virtual Private Cloud (VPC) and on- premises network. The VPN gateway is named VPN_GATEWAY_1. You need to restrict VPN tunnels...
Resource Manager ConstraintsOrganization PolicyHA VPN ConfigurationNetwork Security Policies - Question #130Configuring network services
Your company has recently installed a Cloud VPN tunnel between your on-premises data center and your Google Cloud Virtual Private Cloud (VPC). You need to configure access to the C...
Private Google AccessVPC Service ControlsHybrid ConnectivityDNS - Question #131Designing, planning, and prototyping a Google Cloud network
You need to configure a Google Kubernetes Engine (GKE) cluster. The initial deployment should have 5 nodes with the potential to scale to 10 nodes. The maximum number of Pods per n...
GKE IP AddressingSubnettingNetwork DesignCluster Sizing - Question #132Implementing network security
You are migrating a three-tier application architecture from on-premises to Google Cloud. As a first step in the migration, you want to create a new Virtual Private Cloud (VPC) wit...
Google Cloud ArmorExternal HTTP(S) Load BalancerInternet Network Endpoint Group (NEG)Web Application Firewall (WAF) - Question #133Configuring network services
You just finished your company's migration to Google Cloud and configured an architecture with 3 Virtual Private Cloud (VPC) networks: one for Sales, one for Finance, and one for E...
VPC Network PeeringPrivate ConnectivityInter-VPC Communication - Question #134Configuring network services
You have provisioned a Partner Interconnect connection to extend connectivity from your on- premises data center to Google Cloud. You need to configure a Cloud Router and create a...
Partner InterconnectCloud RouterASNHybrid Connectivity - Question #135Configuring network services
You are configuring a new application that will be exposed behind an external load balancer with both IPv4 and IPv6 addresses and support TCP pass-through on port 443. You will hav...
Load BalancingTCP Proxy Load BalancerGlobal Load BalancingNetwork Services - Question #136Implementing network security
In your project my-project, you have two subnets in a Virtual Private Cloud (VPC): subnet-a with IP range 10.128.0.0/20 and subnet-b with IP range 172.16.0.0/24. You need to deploy...
Firewall RulesNetwork SecurityService AccountsVPC Networking - Question #137Designing, planning, and prototyping a Google Cloud network
You are planning a large application deployment in Google Cloud that includes on-premises connectivity. The application requires direct connectivity between workloads in all region...
Hybrid ConnectivityIP AddressingVPC NetworkingNetwork Design - Question #138Implementing network security
Your company's security team wants to limit the type of inbound traffic that can reach your web servers to protect against security threats. You need to configure the firewall rule...
Firewall RulesVPC NetworkNetwork SecurityIngress Traffic - Question #139Designing, planning, and prototyping a Google Cloud network
You successfully provisioned a single Dedicated Interconnect. The physical connection is at a colocation facility closest to us-west2. Seventy-five percent of your workloads are in...
Dedicated InterconnectVLAN attachmentData transfer costsNetwork architecture - Question #140Designing, planning, and prototyping a Google Cloud network
You are designing a hybrid cloud environment. Your Google Cloud environment is interconnected with your on-premises network using HA VPN and Cloud Router in a central transit hub V...
Cloud DNSHybrid DNSVPC NetworkingDNS Resolution - Question #141Implementing network security
You have the following firewall ruleset applied to all instances in your Virtual Private Cloud (VPC): You need to update the firewall rule to add the following rule to the ruleset:...
IAM RolesNetwork SecurityFirewall RulesCloud Logging - Question #142Implementing network security
Your organization has a single project that contains multiple Virtual Private Clouds (VPCs). You need to secure API access to your Cloud Storage buckets and BigQuery datasets by al...
VPC Service ControlsAccess Context ManagerAPI SecurityPerimeter Security - Question #143Configuring network services
Your company has provisioned 2000 virtual machines (VMs) in the private subnet of your Virtual Private Cloud (VPC) in the us-east1 region. You need to configure each VM to have a m...
Cloud NATOutbound ConnectivityPort AllocationNAT IP Management - Question #144Designing, planning, and prototyping a Google Cloud network
You have the following routing design. You discover that Compute Engine instances in Subnet-2 in the asia-southeast1 region cannot communicate with compute resources on-premises. W...
Hybrid NetworkingCloud RouterVPC Dynamic RoutingNetwork Connectivity - Question #145Configuring network services
You are designing a hybrid cloud environment for your organization. Your Google Cloud environment is interconnected with your on-premises network using Cloud HA VPN and Cloud Route...
Cloud DNSHybrid DNSPrivate Forwarding ZoneVPC Network - Question #146Designing, planning, and prototyping a Google Cloud network
Your company has a single Virtual Private Cloud (VPC) network deployed in Google Cloud with on-premises connectivity already in place. You are deploying a new application using Goo...
GKE private clustersControl plane accessHybrid connectivityVPC networking - Question #147Designing, planning, and prototyping a Google Cloud network
You built a web application with several containerized microservices. You want to run those microservices on Cloud Run. You must also ensure that the services are highly available...
Cloud RunHigh AvailabilityLow LatencyMulti-region Deployment - Question #148Designing, planning, and prototyping a Google Cloud network
You have an HA VPN connection with two tunnels running in active/passive mode between your Virtual Private Cloud (VPC) and on-premises network. Traffic over the connection has rece...
HA VPN scalingVPN bandwidthNetwork performanceHybrid connectivity - Question #149Designing, planning, and prototyping a Google Cloud network
You recently deployed two network virtual appliances in us-central1. Your network appliances provide connectivity to your on-premises network, 10.0.0.0/8. You need to configure the...
Internal Load BalancerNetwork Virtual Appliance (NVA)Custom Static RoutesHigh Availability - Question #150Designing, planning, and prototyping a Google Cloud network
You are responsible for enabling Private Google Access for the virtual machine (VM) instances in your Virtual Private Cloud (VPC) to access Google APIs. All VM instances have only...
VPC RoutingPrivate Google AccessCloud InterconnectDefault Routes - Question #151Designing, planning, and prototyping a Google Cloud network
You are designing a hub-and-spoke network architecture for your company's cloud-based environment. You need to make sure that all spokes are peered with the hub. The spokes must us...
VPC RoutingHub-and-SpokeInternal Load BalancerNetwork Virtual Appliance