CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. Professional Cloud Network Engineer

Free Professional Cloud Network Engineer Exam Braindumps (page: 13)

Page 12 of 55
PDF with 215 Questions

You create a Google Kubernetes Engine private cluster and want to use kubectl to get the status of the pods. In one of your instances you notice the master is not responding, even though the cluster is up and running.

What should you do to solve the problem?

  1. Assign a public IP address to the instance.
  2. Create a route to reach the Master, pointing to the default internet gateway.
  3. Create the appropriate firewall policy in the VPC to allow traffic from Master node IP address to the instance.
  4. Create the appropriate master authorized network entries to allow the instance to communicate to the master.

Answer(s): D

Explanation:

https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters#cant_reach_cluster https://cloud.google.com/kubernetes-engine/docs/how-to/authorized-networks



Your company has a security team that manages firewalls and SSL certificates. It also has a networking team that manages the networking resources. The networking team needs to be able to read firewall rules, but should not be able to create, modify, or delete them.

How should you set up permissions for the networking team?

  1. Assign members of the networking team the compute.networkUser role.
  2. Assign members of the networking team the compute.networkAdmin role.
  3. Assign members of the networking team a custom role with only the compute.networks.* and the compute.firewalls.list permissions.
  4. Assign members of the networking team the compute.networkViewer role, and add the compute.networks.use permission.

Answer(s): B



You have created an HTTP(S) load balanced service. You need to verify that your backend instances are responding properly.

How should you configure the health check?

  1. Set request-path to a specific URL used for health checking, and set proxy-header to PROXY_V1.
  2. Set request-path to a specific URL used for health checking, and set host to include a custom host header that identifies the health check.
  3. Set request-path to a specific URL used for health checking, and set response to a string that the backend service will always return in the response body.
  4. Set proxy-header to the default value, and set host to include a custom host header that identifies the health check.

Answer(s): C

Explanation:

https://cloud.google.com/load-balancing/docs/health-check-concepts#content- based_health_checks



You need to give each member of your network operations team least-privilege access to create, modify, and delete Cloud Interconnect VLAN attachments.

What should you do?

  1. Assign each user the editor role.
  2. Assign each user the compute.networkAdmin role.
  3. Give each user the following permissions only: compute.interconnectAttachments.create, compute.interconnectAttachments.get.
  4. Give each user the following permissions only: compute.interconnectAttachments.create, compute.interconnectAttachments.get, compute.routers.create, compute.routers.get, compute.routers.update.

Answer(s): D

Explanation:

https://cloud.google.com/interconnect/docs/how-to/dedicated/creating-vlan-attachments






Post your Comments and Discuss Google Professional Cloud Network Engineer exam with other Community members:

Professional Cloud Network Engineer Discussions & Posts