Month End Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Google
  3. Google Cloud Platform
  4. Professional-Cloud-Network-Engineer - Google Cloud Certified - Professional Cloud Network Engineer

Professional-Cloud-Network-Engineer Exam Dumps - Google Cloud Certified - Professional Cloud Network Engineer

Go to page:
Question # 57

You are creating a new application and require access to Cloud SQL from VPC instances without public IP addresses.

Which two actions should you take? (Choose two.)

A.

Activate the Service Networking API in your project.

B.

Activate the Cloud Datastore API in your project.

C.

Create a private connection to a service producer.

D.

Create a custom static route to allow the traffic to reach the Cloud SQL API.

E.

Enable Private Google Access.

Full Access
Question # 58

You recently deployed your application in Google Cloud. You need to verify your Google Cloud network configuration before deploying your on-premises workloads. You want to confirm that your Google Cloud network configuration allows traffic to flow from your cloud resources to your on- premises network. This validation should also analyze and diagnose potential failure points in your Google Cloud network configurations without sending any data plane test traffic. What should you do?

A.

Use Network Intelligence Center's Connectivity Tests.

B.

Enable Packet Mirroring on your application and send test traffic.

C.

Use Network Intelligence Center's Network Topology visualizations.

D.

Enable VPC Flow Logs and send test traffic.

Full Access
Question # 59

You work for a university that is migrating to GCP.

These are the cloud requirements:

• On-premises connectivity with 10 Gbps

• Lowest latency access to the cloud

• Centralized Networking Administration Team

New departments are asking for on-premises connectivity to their projects. You want to deploy the most cost-efficient interconnect solution for connecting the campus to Google Cloud.

What should you do?

A.

Use Shared VPC, and deploy the VLAN attachments and Interconnect in the host project.

B.

Use Shared VPC, and deploy the VLAN attachments in the service projects. Connect the VLAN attachment to the Shared VPC's host project.

C.

Use standalone projects, and deploy the VLAN attachments in the individual projects. Connect the VLAN attachment to the standalone projects' Interconnects.

D.

Use standalone projects and deploy the VLAN attachments and Interconnects in each of the individual projects.

Full Access
Question # 60

You just finished your company’s migration to Google Cloud and configured an architecture with 3 Virtual Private Cloud (VPC) networks: one for Sales, one for Finance, and one for Engineering. Every VPC contains over 100 Compute Engine instances, and now developers using instances in the Sales VPC and the Finance VPC require private connectivity between each other. You need to allow communication between Sales and Finance without compromising performance or security. What should you do?

A.

Configure an HA VPN gateway between the Finance VPC and the Sales VPC.

B.

Configure the instances that require communication between each other with an external IP address.

C.

Create a VPC Network Peering connection between the Finance VPC and the Sales VPC.

D.

Configure Cloud NAT and a Cloud Router in the Sales and Finance VPCs.

Full Access
Question # 61

You have the following firewall ruleset applied to all instances in your Virtual Private Cloud (VPC):

You need to update the firewall rule to add the following rule to the ruleset:

You are using a new user account. You must assign the appropriate identity and Access Management (IAM) user roles to this new user account before updating the firewall rule. The new user account must be able to apply the update and view firewall logs. What should you do?

A.

Assign the compute.securityAdmin and logging.viewer rule to the new user account. Apply the new firewall rule with a priority of 50.

B.

Assign the compute.securityAdmin and logging.bucketWriter role to the new user account. Apply the new firewall rule with a priority of 150.

C.

Assign the compute.orgSecurityPolicyAdmin and logging.viewer role to the new user account. Apply the new firewall rule with a priority of 50.

D.

Assign the compute.orgSecurityPolicyAdmin and logging.bucketWriter role to the new user account. Apply the new firewall rule with a priority of 150.

Full Access
Question # 62

Question:

Your organization wants to deploy HA VPN over Cloud Interconnect to ensure encryption in transit over the Cloud Interconnect connections. You have created a Cloud Router and two encrypted VLAN attachments that have a 5 Gbps capacity and a BGP configuration. The BGP sessions are operational. You need to complete the deployment of the HA VPN over Cloud Interconnect. What should you do?

A.

Enable MACsec on Partner Interconnect.

B.

Create an HA VPN gateway and associate the gateway with your two encrypted VLAN attachments. Configure the HA VPN Cloud Router, peer VPN gateway resources, and HA VPN tunnels. Use the same Cloud Router used for the Cloud Interconnect tier.

C.

Create an HA VPN gateway and associate the gateway with your two encrypted VLAN attachments. Create a new dedicated HA VPN Cloud Router peer VPN gateway resources and HA VPN tunnels.

D.

Enable MACsec for Cloud Interconnect on the VLAN attachments.

Full Access
Question # 63

You need to configure a static route to an on-premises resource behind a Cloud VPN gateway that is configured for policy-based routing using the gcloud command.

Which next hop should you choose?

A.

The default internet gateway

B.

The IP address of the Cloud VPN gateway

C.

The name and region of the Cloud VPN tunnel

D.

The IP address of the instance on the remote side of the VPN tunnel

Full Access
Question # 64

You need to establish network connectivity between three Virtual Private Cloud networks, Sales, Marketing, and Finance, so that users can access resources in all three VPCs. You configure VPC peering between the Sales VPC and the Finance VPC. You also configure VPC peering between the Marketing VPC and the Finance VPC. After you complete the configuration, some users cannot connect to resources in the Sales VPC and the Marketing VPC. You want to resolve the problem.

What should you do?

A.

Configure VPC peering in a full mesh.

B.

Alter the routing table to resolve the asymmetric route.

C.

Create network tags to allow connectivity between all three VPCs.

D.

Delete the legacy network and recreate it to allow transitive peering.

Full Access
Go to page:

Hot Exams

ADM-201 Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
350-701 Dumps
SY0-601 Dumps
NCSE-Core Dumps
PDP9 Dumps
DP-203 Dumps
AZ-700 Dumps
NSE7_EFW-7.0 Dumps
Integration-Architect Dumps
CS0-003 Dumps