Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Google Cloud Certified - Professional Cloud Network Engineer

Last Update 2 hours ago Total Questions : 233

The Google Cloud Certified - Professional Cloud Network Engineer content is now fully updated, with all current exam questions added 2 hours ago. Deciding to include Professional-Cloud-Network-Engineer practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our Professional-Cloud-Network-Engineer exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these Professional-Cloud-Network-Engineer sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Google Cloud Certified - Professional Cloud Network Engineer practice test comfortably within the allotted time.

Question # 61

You decide to set up Cloud NAT. After completing the configuration, you find that one of your instances is not using the Cloud NAT for outbound NAT.

What is the most likely cause of this problem?

A.

The instance has been configured with multiple interfaces.

B.

An external IP address has been configured on the instance.

C.

You have created static routes that use RFC1918 ranges.

D.

The instance is accessible by a load balancer external IP address.

Question # 62

You are configuring your Google Cloud environment to connect to your on-premises network. Your configuration must be able to reach Cloud Storage APIs and your Google Kubernetes Engine nodes across your private Cloud Interconnect network. You have already configured a Cloud Router with your Interconnect VLAN attachments. You now need to set up the appropriate router advertisement configuration on the Cloud Router. What should you do?

A.

Configure the route advertisement to the default setting.

B.

On the on-premises router, configure a static route for the storage API virtual IP address which points to the Cloud Router ' s link-local IP address.

C.

Configure the route advertisement to the custom setting, and manually add prefix 199.36.153.8/30 to the list of advertisements. Leave all other options as their default settings.

D.

Configure the route advertisement to the custom setting, and manually add prefix 199.36.153.8/30 to the list of advertisements. Advertise all visible subnets to the Cloud Router.

Question # 63

You are configuring a new HTTP application that will be exposed externally behind both IPv4 and IPv6 virtual IP addresses, using ports 80, 8080, and 443. You will have backends in two regions: us-west1 and us-east1. You want to serve the content with the lowest-possible latency while ensuring high availability and autoscaling, and create native content-based rules using the HTTP hostname and request path. The IP addresses of the clients that connect to the load balancer need to be visible to the backends. Which configuration should you use?

A.

Use Network Load Balancing

B.

Use TCP Proxy Load Balancing with PROXY protocol enabled

C.

Use External HTTP(S) Load Balancing with URL Maps and custom headers

D.

Use External HTTP(S) Load Balancing with URL Maps and an X-Forwarded-For header

Question # 64

Question:

Your organization has a new security policy that requires you to monitor all egress traffic payloads from your virtual machines in the us-west2 region. You deployed an intrusion detection system (IDS) virtual appliance in the same region to meet the new policy. You now need to integrate the IDS into the environment to monitor all egress traffic payloads from us-west2. What should you do?

A.

Enable firewall logging and forward all filtered egress firewall logs to the IDS.

B.

Create an internal HTTP(S) load balancer for Packet Mirroring, and add a packet mirroring policy filter for egress traffic.

C.

Create an internal TCP/UDP load balancer for Packet Mirroring, and add a packet mirroring policy filter for egress traffic.

D.

Enable VPC Flow Logs. Create a sink in Cloud Logging to send filtered egress VPC Flow Logs to the IDS.

Question # 65

You are troubleshooting an application in your organization ' s Google Cloud network that is not functioning as expected. You suspect that packets are getting lost somewhere. The application sends packets intermittently at a low volume from a Compute Engine VM to a destination on your on-premises network through a pair of Cloud Interconnect VLAN attachments. You validated that the Cloud Next Generation Firewall (Cloud NGFW) rules do not have any deny statements blocking egress traffic, and you do not have any explicit allow rules. Following Google-recommended practices, you need to analyze the flow to see if packets are being sent correctly out of the VM to isolate the issue. What should you do?

A.

Create a packet mirroring policy that is configured with your VM as the source and destined to a collector. Analyze the packet captures.

B.

Enable VPC Flow Logs on the subnet that the VM is deployed in with sample_rate = 1.0, and run a query in Logs Explorer to analyze the packet flow.

C.

Enable Firewall Rules Logging on your firewall rules and review the logs.

D.

Verify the network/attachment/egress_dropped_packet.s_count Cloud Interconnect VLAN attachment metric.

Question # 66

You need to create the technical architecture for hybrid connectivity from your data center to Google Cloud This will be managed by a partner. You want to follow Google-recommended practices for production-level applications. What should you do?

A.

Ask the partner to install two security appliances in the data center. Configure one VPN connection from each of these devices to Google

Cloud, and ensure that the VPN devices on-premises are in separate racks on separate power and cooling systems.

B.

Configure two Partner Interconnect connections in one metropolitan area (metro). Make sure the Interconnect connections are placed in

different metro edge availability domains. Configure two VLAN attachments in a single region, and configure regional dynamic routing on

the VPC

C.

Configure two Partner Interconnect connections in one metro and two connections in another metro Make sure the Interconnect

connections are placed in different metro edge availability domains. Configure two VLAN attachments in one region and two VLAN

attachments in another region, and configure global dynamic routing on the VPC

D.

Configure two Partner Interconnect connections in one metro and two connections in another metro. Make sure the Interconnect connections are placed in different metro edge availability domains. Configure two VLAN attachments in one region and two VLAN attachments in another region, and configure regional dynamic routing on the VPC.

Question # 67

Question:

Recently, your networking team enabled Cloud CDN for one of the external-facing services that is exposed through an external Application Load Balancer. The application team has already defined which content should be cached within the responses. Upon testing the load balancer, you did not observe any change in performance after the Cloud CDN enablement. You need to resolve the issue. What should you do?

A.

Configure the CACHE_MAX_STATIC caching mode on Cloud CDN to ensure Cloud CDN caches content depending on responses from the backends.

B.

Configure the USE_ORIGIN_HEADERS caching mode on Cloud CDN to ensure Cloud CDN caches content based on response headers from the backends.

C.

Configure the CACHE_ALL_STATIC caching mode on Cloud CDN to ensure Cloud CDN caches all static content as well as content defined by the backends.

D.

Configure the FORCE_CACHE_ALL caching mode on Cloud CDN to ensure all appropriate content is cached.

Question # 68

You want to configure load balancing for an internet-facing, standard voice-over-IP (VOIP) application.

Which type of load balancer should you use?

A.

HTTP(S) load balancer

B.

Network load balancer

C.

Internal TCP/UDP load balancer

D.

TCP/SSL proxy load balancer

Go to page: