Practice Exams:

Free Professional-Cloud-Network-Engineer Exam Braindumps

Pass your Google Cloud Certified - Professional Cloud Network Engineer exam with these free Questions and Answers

Page 2 of 31
PDF with 153 Questions
QUESTION 1

You have configured a service on Google Cloud that connects to an on-premises service via a Dedicated Interconnect. Users are reporting recent connectivity issues. You need to determine whether the traffic is being dropped because of firewall rules or a routing decision. What should you do?

  1. A. Use the Network Intelligence Center Connectivity Tests to test the connectivity between the VPC and the on-premises network.
  2. B. Use Network Intelligence Center Network Topology to check the traffic flow, and replay the traffic from the time period when the connectivity issue occurred.
  3. C. Configure VPC Flow Log
  4. D. Review the logs by filtering on the source and destination.
  5. E. Configure a Compute Engine instance on the same VPC as the service running on Google Cloud to run a traceroute targeted at the on-premises service.

Correct Answer: B

QUESTION 2

You need to create the network infrastructure to deploy a highly available web application in the us-east1 and us-west1 regions. The application runs on Compute Engine instances, and it does not require the use of a database. You want to follow Google-recommended practices. What should you do?

  1. A. Create one VPC with one subnet in each region.Create a regional network load balancer in each region with a static IP addres
  2. B. Enable Cloud CDN on the load balancers.Create an A record in Cloud DNS with both IP addresses for the load balancers.
  3. C. Create one VPC with one subnet in each region.Create a global load balancer with a static IP address.Enable Cloud CDN and Google Cloud Armor on the load balancer.Create an A record using the IP address of the load balancer in Cloud DNS.
  4. D. Create one VPC in each region, and peer both VPCs.Create a global load balancer.Enable Cloud CDN on the load balancer.Create a CNAME for the load balancer in Cloud DNS.
  5. E. Create one VPC with one subnet in each region.Create an HTTP(S) load balancer with a static IP address.Choose the standard tier for the networ
  6. F. Enable Cloud CDN on the load balancer.Create a CNAME record using the load balancer’s IP address in Cloud DNS.

Correct Answer: C

QUESTION 3

In your company, two departments with separate GCP projects (code-dev and data-dev) in the same organization need to allow full cross-communication between all of their virtual machines in GCP. Each department has one VPC in its project and wants full control over their network. Neither department intends to recreate its existing computing resources. You want to implement a solution that minimizes cost.
Which two steps should you take? (Choose two.)

  1. A. Connect both projects using Cloud VPN.
  2. B. Connect the VPCs in project code-dev and data-dev using VPC Network Peering.
  3. C. Enable Shared VPC in one project (
  4. D. g., code-dev), and make the second project (
  5. E. g., data-dev) a service project.
  6. F. Enable firewall rules to allow all ingress traffic from all subnets of project code-dev to all instances in project data-dev, and vice versa.
  7. G. Create a route in the code-dev project to the destination prefixes in project data-dev and use nexthop as the default gateway, and vice versa.

Correct Answer: BD

QUESTION 4

You want to establish a dedicated connection to Google that can access Cloud SQL via a public IP address and that does not require a third-party service provider.
Which connection type should you choose?

  1. A. Carrier Peering
  2. B. Direct Peering
  3. C. Dedicated Interconnect
  4. D. Partner Interconnect

Correct Answer: B
When established, Direct Peering provides a direct path from your on-premises network to Google services, including Google Cloud products that can be exposed through one or more public IP addresses. Traffic from Google's network to your on-premises network also takes that direct path, including traffic from VPC networks in your projects. Google Cloud customers must request that direct egress pricing be enabled for each of their projects after they have established Direct Peering with Google. For more information, see Pricing.

QUESTION 5

You have deployed a proof-of-concept application by manually placing instances in a single Compute Engine zone. You are now moving the application to production, so you need to increase your application availability and ensure it can autoscale.
How should you provision your instances?

  1. A. Create a single managed instance group, specify the desired region, and select Multiple zones for the location.
  2. B. Create a managed instance group for each region, select Single zone for the location, and manuallydistribute instances across the zones in that region.
  3. C. Create an unmanaged instance group in a single zone, and then create an HTTP load balancer for the instance group.
  4. D. Create an unmanaged instance group for each zone, and manually distribute the instances across the desired zones.

Correct Answer: A
https://cloud.google.com/compute/docs/instance-groups/creating-groups-of-managed-instances

Page 2 of 31
PDF with 153 Questions

Post your Comments and Discuss Google Professional-Cloud-Network-Engineer exam with other Community members: