CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. Professional Cloud Network Engineer

Free Professional Cloud Network Engineer Exam Braindumps (page: 17)

Page 16 of 55
PDF with 215 Questions

You want to establish a dedicated connection to Google that can access Cloud SQL via a public IP address and that does not require a third-party service provider.

Which connection type should you choose?

  1. Carrier Peering
  2. Direct Peering
  3. Dedicated Interconnect
  4. Partner Interconnect

Answer(s): B

Explanation:

When established, Direct Peering provides a direct path from your on-premises network to Google services, including Google Cloud products that can be exposed through one or more public IP

addresses. Traffic from Google's network to your on-premises network also takes that direct path, including traffic from VPC networks in your projects. Google Cloud customers must request that direct egress pricing be enabled for each of their projects after they have established Direct Peering with Google. For more information, see Pricing.


Reference:

https://cloud.google.com/interconnect/docs/how-to/direct-peering



You are configuring a new instance of Cloud Router in your Organization's Google Cloud environment to allow connection across a new Dedicated Interconnect to your data center Sales, Marketing, and IT each have a service project attached to the Organization's host project.

Where should you create the Cloud Router instance?

  1. VPC network in all projects
  2. VPC network in the IT Project
  3. VPC network in the Host Project
  4. VPC network in the Sales, Marketing, and IT Projects

Answer(s): C


Reference:

https://cloud.google.com/interconnect/docs/how-to/dedicated/using-interconnects- other-projects



You created a new VPC for your development team. You want to allow access to the resources in this VPC via SSH only.

How should you configure your firewall rules?

  1. Create two firewall rules: one to block all traffic with priority 0, and another to allow port 22 with priority 1000.
  2. Create two firewall rules: one to block all traffic with priority 65536, and another to allow port 3389 with priority 1000.
  3. Create a single firewall rule to allow port 22 with priority 1000.
  4. Create a single firewall rule to allow port 3389 with priority 1000.

Answer(s): C


Reference:

https://geekflare.com/gcp-firewall-configuration/



Your on-premises data center has 2 routers connected to your GCP through a VPN on each router. All applications are working correctly; however, all of the traffic is passing across a single VPN instead of being load-balanced across the 2 connections as desired.

During troubleshooting you find:

· Each on-premises router is configured with the same ASN. · Each on-premises router is configured with the same routes and priorities. · Both on-premises routers are configured with a VPN connected to a single Cloud Router. · The VPN logs have no-proposal-chosen lines when the VPNs are connecting. · BGP session is not established between one on-premises router and the Cloud Router.

What is the most likely cause of this problem?

  1. One of the VPN sessions is configured incorrectly.
  2. A firewall is blocking the traffic across the second VPN connection.
  3. You do not have a load balancer to load-balance the network traffic.
  4. BGP sessions are not established between both on-premises routers and the Cloud Router.

Answer(s): A

Explanation:

If the VPN logs show a no-proposal-chosen error, this error indicates that Cloud VPN and your peer VPN gateway were unable to agree on a set of ciphers. For IKEv1, the set of ciphers must match exactly. For IKEv2, there must be at least one common cipher proposed by each gateway. Make sure that you use supported ciphers to configure your peer VPN gateway.
https://cloud.google.com/network-
connectivity/docs/vpn/support/troubleshooting#:~:text=If%20the%20VPN%20logs%20show,of%20ci phers%20must%20match%20exactly.&text=Make%20sure%20that%20you%20use,configure%20your %20peer%20VPN%20gateway.






Post your Comments and Discuss Google Professional Cloud Network Engineer exam with other Community members:

Professional Cloud Network Engineer Discussions & Posts