CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. Professional Cloud Network Engineer

Free Professional Cloud Network Engineer Exam Braindumps (page: 28)

Page 27 of 55
PDF with 215 Questions

You are maintaining a Shared VPC in a host project. Several departments within your company have infrastructure in different service projects attached to the Shared VPC and use Identity and Access Management (IAM) permissions to manage the cloud resources in those projects. VPC Network Peering is also set up between the Shared VPC and a common services VPC that is not in a service project. Several users are experiencing failed connectivity between certain instances in different Shared VPC service projects and between certain instances and the internet. You need to validate the network configuration to identify whether a misconfiguration is the root cause of the problem.
What should you do?

  1. Review the VPC audit logs in Cloud Logging for the affected instances.
  2. Use Secure Shell (SSH) to connect to the affected Compute Engine instances, and run a series of PING tests to the other affected endpoints and the 8.8.8.8 IPv4 address.
  3. Run Connectivity Tests from Network Intelligence Center to check connectivity between the affected endpoints in your network and the internet.
  4. Enable VPC Flow Logs for all VPCs, and review the logs in Cloud Logging for the affected instances.

Answer(s): C



Your organization has Compute Engine instances in us-east1, us-west2, and us-central1. Your organization also has an existing Cloud Interconnect physical connection in the East Coast of the United States with a single VLAN attachment and Cloud Router in us-east1. You need to provide a design with high availability and ensure that if a region goes down, you still have access to all your other Virtual Private Cloud (VPC) subnets. You need to accomplish this in the most cost-effective manner possible.
What should you do?

  1. Configure your VPC routing in regional mode.
    Add an additional Cloud Interconnect VLAN attachment in the us-east1 region, and configure a Cloud Router in us-east1.
  2. Configure your VPC routing in global mode.
    Add an additional Cloud Interconnect VLAN attachment in the us-east1 region, and configure a Cloud Router in us-east1.
  3. Configure your VPC routing in global mode.
    Add an additional Cloud Interconnect VLAN attachment in the us-west2 region, and configure a Cloud Router in us-west2.
  4. Configure your VPC routing in regional mode.
    Add additional Cloud Interconnect VLAN attachments in the us-west2 and us-central1 regions, and configure Cloud Routers in us-west2 and us-central1.

Answer(s): B



You recently configured Google Cloud Armor security policies to manage traffic to your application. You discover that Google Cloud Armor is incorrectly blocking some traffic to your application. You need to identity the web application firewall (WAF) rule that is incorrectly blocking traffic.
What should you do?

  1. Enable firewall logs, and view the logs in Firewall Insights.
  2. Enable HTTP(S) Load Balancing logging with sampling rate equal to 1, and view the logs in Cloud Logging.
  3. Enable VPC Flow Logs, and view the logs in Cloud Logging.
  4. Enable Google Cloud Armor audit logs, and view the logs on the Activity page in the Google Cloud Console.

Answer(s): A



You are the Organization Admin for your company. One of your engineers is responsible for setting up multiple host projects across multiple folders and sharing subnets with service projects. You need to enable the engineer's Identity and Access Management (IAM) configuration to complete their task in the fewest number of steps.
What should you do?

  1. Set up the engineer with Compute Shared VPC Admin IAM role at the folder level.
  2. Set up the engineer with Compute Shared VPC Admin IAM role at the organization level.
  3. Set up the engineer with Compute Shared VPC Admin IAM role and Project IAM Admin role at the folder level.
  4. Set up the engineer with Compute Shared VPC Admin IAM role and Project IAM Admin role at the organization level.

Answer(s): B






Post your Comments and Discuss Google Professional Cloud Network Engineer exam with other Community members:

Professional Cloud Network Engineer Discussions & Posts