PROFESSIONAL-CLOUD-NETWORK-ENGINEER Exam Questions
262 real PROFESSIONAL-CLOUD-NETWORK-ENGINEER exam questions with expert-verified answers and explanations. Page 4 of 6.
- Question #152Configuring network services
You configured Cloud VPN with dynamic routing via Border Gateway Protocol (BGP). You added a custom route to advertise a network that is reachable over the VPN tunnel. However, the...
Cloud VPNBGPCloud RouterLogging - Question #153Designing, planning, and prototyping a Google Cloud network
Your company has a single Virtual Private Cloud (VPC) network deployed in Google Cloud with access from on-premises locations using Cloud Interconnect connections. Your company mus...
Private Service ConnectCloud InterconnectHybrid NetworkingGoogle API Access - Question #154Configuring network services
Your organization has a Google Cloud Virtual Private Cloud (VPC) with subnets in us-east1, us- west4, and europe-west4 that use the default VPC configuration. Employees in a branch...
VPC Dynamic RoutingHA VPNCloud RouterMulti-region connectivity - Question #155Configuring network services
Your organization uses a Shared VPC architecture with a host project and three service projects. You have Compute Engine instances that reside in the service projects. You have cri...
Cloud DNSShared VPCHybrid ConnectivityDNS Forwarding - Question #156Implementing network security
Your organization is implementing a new security policy to control how firewall rules are applied to control flows between virtual machines (VMs). Using Google-recommended practice...
Firewall rulesVPC NetworkNetwork securityTraffic control - Question #157Implementing a Google Cloud network
You have configured a service on Google Cloud that connects to an on-premises service via a Dedicated Interconnect. Users are reporting recent connectivity issues. You need to dete...
Network DiagnosticsTroubleshootingConnectivity TestsHybrid Connectivity - Question #158Designing, planning, and prototyping a Google Cloud network
You are configuring a new HTTP application that will be exposed externally behind both IPv4 and IPv6 virtual IP addresses, using ports 80, 8080, and 443. You will have backends in...
Load BalancingExternal HTTP(S) Load BalancerURL MapsX-Forwarded-For - Question #159Designing, planning, and prototyping a Google Cloud network
You need to define an address plan for a future new Google Kubernetes Engine (GKE) cluster in your Virtual Private Cloud (VPC). This will be a VPC-native cluster, and the default P...
GKE networkingVPC-native clustersIP address planningSubnetting - Question #160Designing, planning, and prototyping a Google Cloud network
You are responsible for designing a new connectivity solution for your organization's enterprise network to access and use Google Workspace. You have an existing Shared VPC with Co...
Direct PeeringGoogle Workspace connectivityHybrid connectivityEnterprise networking - Question #161Implementing network security
You suspect that one of the virtual machines (VMs) in your default Virtual Private Cloud (VPC) is under a denial-of-service attack. You need to analyze the incoming traffic for the...
VPC Flow LogsNetwork MonitoringTraffic AnalysisNetwork Troubleshooting - Question #162Implementing network security
You are responsible for configuring firewall policies for your company in Google Cloud. Your security team has a strict set of requirements that must be met to configure firewall r...
Hierarchical Firewall PolicyOrganization PolicyFirewall Rules PrecedenceNetwork Security Enforcement - Question #163Designing, planning, and prototyping a Google Cloud network
You are designing a new application that has backends internally exposed on port 800. The application will be exposed externally using both IPv4 and IPv6 via TCP on port 700. You w...
Load BalancingExternal TCP/UDP Network Load BalancerHigh AvailabilityBackend Services - Question #164Configuring network services
You have several microservices running in a private subnet in an existing Virtual Private Cloud (VPC). You need to create additional serverless services that use Cloud Run and Clou...
Serverless VPC AccessCloud RunCloud FunctionsVPC connectivityCost optimization - Question #165Configuring network services
You have provisioned a Dedicated Interconnect connection of 20 Gbps with a VLAN attachment of 10 Gbps. You recently noticed a steady increase in ingress traffic on the Interconnect...
Dedicated InterconnectVLAN attachmentNetwork throughputConnectivity scaling - Question #166Configuring network services
Your company has a Virtual Private Cloud (VPC) with two Dedicated Interconnect connections in two different regions: us-west1 and us-east1. Each Dedicated Interconnect connection i...
Dedicated InterconnectCloud RouterBGP MEDGlobal Routing - Question #167Implementing network security
You have the following private Google Kubernetes Engine (GKE) cluster deployment: You have a virtual machine (VM) deployed in the same VPC in the subnetwork kubernetes- management...
GKE Private ClusterMaster Authorized NetworksNetwork Access Controlkubectl Connectivity - Question #168Configuring network services
Your company's logo is published as an image file across multiple websites that are hosted by your company. You have implemented Cloud CDN; however, you want to improve the perform...
Cloud CDNCache keysCache hit ratioCDN optimization - Question #169Configuring network services
Your company recently migrated to Google Cloud in a single region. You configured separate Virtual Private Cloud (VPC) networks for two departments: Department A and Department B....
Internal Load BalancerManaged Instance GroupsInter-VPC ConnectivityAutomated Failover - Question #170Designing, planning, and prototyping a Google Cloud network
You are designing an IP address scheme for new private Google Kubernetes Engine (GKE) clusters. Due to IP address exhaustion of the RFC 1918 address space in your enterprise, you p...
GKE NetworkingIP Address ManagementPrivate IP SpaceSubnetting - Question #171Configuring network services
file that is hosted in a private Cloud Storage bucket. You are using the USE_ORIGIN_HEADERS cache mode. You receive an HTTP 403 error when opening the file in your browser, and you...
Cloud Storage PermissionsCloud CDNHTTP 403 ErrorBackend Bucket Configuration - Question #172Configuring network services
You are deploying an application that runs on Compute Engine instances. You need to determine how to expose your application to a new customer. You must ensure that your applicatio...
Protocol ForwardingESP TrafficExternal IP AddressesCompute Engine Networking - Question #173Designing, planning, and prototyping a Google Cloud network
Your product team has web servers running on both us-east1 and us-west1 regions in the prod- servers project. Your security team plans to install an intrusion detection system (IDS...
Google Cloud ProjectVPCNetwork SecurityIDS - Question #174Configuring network services
You are in the process of deploying an internal HTTP(S) load balancer for your web server virtual machine (VM) instances. What two prerequisite tasks must be completed before creat...
Internal Load BalancersLoad Balancer PrerequisitesHealth ChecksProxy-only Subnets - Question #175Configuring network services
You have the networking configuration shown in the diagram. A pair of redundant Dedicated Interconnect connections (int-Iga1 and int-Iga2) terminate on the same Cloud Router. The I...
Dedicated InterconnectCloud RouterBGPActive/Passive Configuration - Question #176Designing, planning, and prototyping a Google Cloud network
You are a network administrator at your company planning a migration to Google Cloud and you need to finish the migration as quickly as possible. To ease the transition, you decide...
Hub-and-spoke networkCloud VPNThird-party network applianceVPC Peering limitations - Question #177Configuring network services
You have the networking configuration shown in the diagram. Two VLAN attachments associated with two Dedicated Interconnect connections terminate on the same Cloud Router (mycloudr...
Dedicated InterconnectCloud RouterBGPTroubleshooting - Question #178Designing, planning, and prototyping a Google Cloud network
You are responsible for designing a new connectivity solution between your organization's on- premises data center and your Google Cloud Virtual Private Cloud (VPC) network. Curren...
HA VPNHigh AvailabilityHybrid ConnectivitySLA - Question #179Designing, planning, and prototyping a Google Cloud network
Your company is planning a migration to Google Kubernetes Engine. Your application team informed you that they require a minimum of 60 Pods per node and a maximum of 100 Pods per n...
GKE networkingIP addressingSubnettingPod CIDR - Question #180Designing, planning, and prototyping a Google Cloud network
You are designing a packet mirroring policy as part of your network security architecture for your gaming workload. Your infrastructure is located in the us-west2 region and deploy...
Packet MirroringNetwork SecurityCost OptimizationNetwork Design - Question #181Designing, planning, and prototyping a Google Cloud network
Your company recently migrated to Google Cloud. You configured separate Virtual Private Cloud (VPC) networks for Department A and Department B. You need to configure both VPC netwo...
Cloud DNSVPC PeeringConditional ForwardingHybrid Connectivity - Question #182Designing, planning, and prototyping a Google Cloud network
You are planning to use Terraform to deploy the Google Cloud infrastructure for your company. The design must meet the following requirements: - Each Google Cloud project must repr...
Shared VPCMulti-project architectureNetwork designTerraform - Question #183Configuring network services
You have the following Shared VPC design. VPC Flow Logs is configured for Subnet-1 in the host VPC. You also want to monitor flow logs for Subnet-2. What should you do?
Shared VPCVPC Flow LogsNetwork Monitoring - Question #184Designing, planning, and prototyping a Google Cloud network
You are configuring your organization's Google Cloud environment to connect to your on- premises network, which does not support Border Gateway Protocol (BGP). Your on-premises net...
Cloud VPNPolicy-based VPNRoute-based VPNHybrid Connectivity - Question #185Configuring network services
You have two VPCs: VPC A in Project A and VPC B in Project B. The VPCs are peered, and each VPC has VM instances in four zones. You are using the Network Intelligence Center Perfor...
Network Intelligence CenterPerformance DashboardVPC PeeringMonitoring Metrics - Question #186Designing, planning, and prototyping a Google Cloud network
You are designing a new network infrastructure for your customer in Google Cloud. Your customer requires a connection between two Google Cloud VPCs that must include a VPN tunnel....
HA VPNBGPVPN ConfigurationNetwork Availability - Question #187Designing, planning, and prototyping a Google Cloud network
Your company is moving to a hybrid cloud environment and needs to connect two on-premises data centers to Google Cloud. Your company has opted for no service level agreement (SLA)...
Dedicated InterconnectVLAN AttachmentsHigh AvailabilityHybrid Cloud Connectivity - Question #188Designing, planning, and prototyping a Google Cloud network
Your company runs an enterprise platform on-premises using virtual machines (VMs). Your internet customers have created tens of thousands of DNS domains pointing to your public IP...
Bring Your Own IPPublic IP addressesNetwork migrationCompute Engine - Question #189Designing, planning, and prototyping a Google Cloud network
You need to create the technical architecture for hybrid connectivity from your data center to Google Cloud. This will be managed by a partner. You want to follow Google-recommende...
Hybrid ConnectivityPartner InterconnectHigh AvailabilityNetwork Architecture - Question #190Designing, planning, and prototyping a Google Cloud network
You are deploying your infrastructure in the us-central1 region. Your on-premises data center is located in New York City, and the Google Cloud region closest to New York City is u...
Cloud InterconnectHybrid ConnectivityNetwork DesignLatency Optimization - Question #191Configuring network services
You have provisioned a Cloud Interconnect connection with a VLAN attachment. You configured Border Gateway Protocol (BGP) between your on-premises router and your Cloud Router. Aft...
Cloud InterconnectBGPTroubleshootingNetwork Configuration - Question #192Designing, planning, and prototyping a Google Cloud network
Your company has a single on-premises data center that needs to be connected to a VPC in Google Cloud. The total bandwidth requirement is 10Gbps. The connection must be redundant a...
Dedicated InterconnectHybrid ConnectivityNetwork ArchitectureHigh Availability - Question #193Designing, planning, and prototyping a Google Cloud network
Your company deployed a hub and spoke architecture in Google Cloud to host their workloads. They use VPC network peerings to connect the hub and the spokes. You need to replicate t...
Network Connectivity CenterHub and SpokeStar TopologyVPC Networking - Question #194Implementing a Google Cloud network
You are deploying HA VPN within Google Cloud. You need to exchange routes dynamically between your on-premises gateway and Google Cloud. You have already created a HA VPN gateway a...
HA VPNCloud RouterBGPDynamic Routing - Question #195Implementing a Google Cloud network
You are implementing a VPC architecture for your organization by using a Network Connectivity Center hub and spoke topology: - There is one Network Connectivity Center hybrid spoke...
Private NATNetwork Connectivity CenterHybrid ConnectivityIP Addressing - Question #196Configuring network services
You have several VMs across multiple VPCs in your cloud environment, which require access to internet endpoints. These VMs cannot have public IP addresses due to security policies,...
Cloud NAT ConfigurationOutbound Access ControlVPC NetworkingNetwork Security - Question #197Designing, planning, and prototyping a Google Cloud network
Your organization has five different VPCs across different projects in y our Google Cloud organization that need high-throughput connectivity. You have performed an audit of the IP...
Network Connectivity CenterMulti-VPC connectivityVPC Network Peering limitationsRouting design - Question #198Configuring network services
You are attempting to establish a HA VPN to your on-premises network; however, the VPN connection is not establishing successfully. You have full administrative control over the Go...
VPN troubleshootingIPSec VPNIKE Phase 2Cloud Logging - Question #199Configuring network services
Your team deployed two applications in GKE that are exposed through an external Application error. What should you do?
GKE IngressDefault BackendApplication Load BalancerNetwork Troubleshooting - Question #200Designing, planning, and prototyping a Google Cloud network
Your multi-region VPC has had a long-standing HA VPN configured in "region 1" connected to your corporate network. You are planning to add two 10 Gbps Dedicated Interconnect connec...
Dedicated InterconnectHA VPNGlobal dynamic routing modeRoute preference - Question #201Designing, planning, and prototyping a Google Cloud network
Your organization is developing a landing zone architecture with the following requirements: - There should be no communication possible between production and non- production envi...
Shared VPCNetwork isolationCentralized network managementLanding Zone design