CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. Professional Cloud Network Engineer

Free Professional Cloud Network Engineer Exam Braindumps (page: 5)

Page 4 of 55
PDF with 215 Questions

You want to deploy a VPN Gateway to connect your on-premises network to GCP. You are using a non BGP-capable on-premises VPN device. You want to minimize downtime and operational overhead when your network grows. The device supports only IKEv2, and you want to follow Google- recommended practices.

What should you do?

  1. · Create a Cloud VPN instance.· Create a policy-based VPN tunnel per subnet.· Configure the appropriate local and remote traffic selectors to match your local and remote networks.· Create the appropriate static routes.
  2. · Create a Cloud VPN instance.· Create a policy-based VPN tunnel.· Configure the appropriate local and remote traffic selectors to match your local and remote networks.· Configure the appropriate static routes.
  3. · Create a Cloud VPN instance.· Create a route-based VPN tunnel.· Configure the appropriate local and remote traffic selectors to match your local and remote networks.· Configure the appropriate static routes.
  4. · Create a Cloud VPN instance.· Create a route-based VPN tunnel.· Configure the appropriate local and remote traffic selectors to 0.0.0.0/0.· Configure the appropriate static routes.

Answer(s): B

Explanation:

https://cloud.google.com/network-connectivity/docs/vpn/how-to/creating-static-

vpns#creating_a_gateway_and_tunnel



Your company just completed the acquisition of Altostrat (a current GCP customer). Each company has a separate organization in GCP and has implemented a custom DNS solution. Each organization will retain its current domain and host names until after a full transition and architectural review is done in one year. These are the assumptions for both GCP environments.

· Each organization has enabled full connectivity between all of its projects by using Shared VPC. · Both organizations strictly use the 10.0.0.0/8 address space for their instances, except for bastion hosts (for accessing the instances) and load balancers for serving web traffic. · There are no prefix overlaps between the two organizations. · Both organizations already have firewall rules that allow all inbound and outbound traffic from the 10.0.0.0/8 address space.
· Neither organization has Interconnects to their on-premises environment.

You want to integrate networking and DNS infrastructure of both organizations as quickly as possible and with minimal downtime.

Which two steps should you take? (Choose two.)

  1. Provision Cloud Interconnect to connect both organizations together.
  2. Set up some variant of DNS forwarding and zone transfers in each organization.
  3. Connect VPCs in both organizations using Cloud VPN together with Cloud Router.
  4. Use Cloud DNS to create A records of all VMs and resources across all projects in both organizations.
  5. Create a third organization with a new host project, and attach all projects from your company and Altostrat to it using shared VPC.

Answer(s): B,C

Explanation:

https://cloud.google.com/dns/docs/best-practices



Your on-premises data center has 2 routers connected to your Google Cloud environment through a VPN on each router. All applications are working correctly; however, all of the traffic is passing across a single VPN instead of being load-balanced across the 2 connections as desired.

During troubleshooting you find:

· Each on-premises router is configured with a unique ASN. · Each on-premises router is configured with the same routes and priorities. · Both on-premises routers are configured with a VPN connected to a single Cloud Router. · BGP sessions are established between both on-premises routers and the Cloud Router. · Only 1 of the on-premises router's routes are being added to the routing table.

What is the most likely cause of this problem?

  1. The on-premises routers are configured with the same routes.
  2. A firewall is blocking the traffic across the second VPN connection.
  3. You do not have a load balancer to load-balance the network traffic.
  4. The ASNs being used on the on-premises routers are different.

Answer(s): D

Explanation:

https://cloud.google.com/network-connectivity/docs/router/support/troubleshooting#ecmp



You have ordered Dedicated Interconnect in the GCP Console and need to give the Letter of Authorization/Connecting Facility Assignment (LOA-CFA) to your cross-connect provider to complete the physical connection.

Which two actions can accomplish this? (Choose two.)

  1. Open a Cloud Support ticket under the Cloud Interconnect category.
  2. Download the LOA-CFA from the Hybrid Connectivity section of the GCP Console.
  3. Run gcloud compute interconnects describe <interconnect>.
  4. Check the email for the account of the NOC contact that you specified during the ordering process.
  5. Contact your cross-connect provider and inform them that Google automatically sent the LOA/CFA to them via email, and to complete the connection.

Answer(s): D,E

Explanation:

https://cloud.google.com/network-connectivity/docs/interconnect/how-to/dedicated/retrieving- loas






Post your Comments and Discuss Google Professional Cloud Network Engineer exam with other Community members:

Professional Cloud Network Engineer Discussions & Posts