CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Google
  5. Professional Cloud Network Engineer

Free Professional Cloud Network Engineer Exam Braindumps (page: 8)

Page 7 of 55
PDF with 215 Questions

You have a web application that is currently hosted in the us-central1 region. Users experience high latency when traveling in Asi

  1. You've configured a network load balancer, but users have not experienced a performance improvement. You want to decrease the latency.
    What should you do?
  2. Configure a policy-based route rule to prioritize the traffic.
  3. Configure an HTTP load balancer, and direct the traffic to it.
  4. Configure Dynamic Routing for the subnet hosting the application.
  5. Configure the TTL for the DNS zone to decrease the time between updates.

Answer(s): B



You have an application running on Compute Engine that uses BigQuery to generate some results that are stored in Cloud Storage. You want to ensure that none of the application instances have external IP addresses.

Which two methods can you use to accomplish this? (Choose two.)

  1. Enable Private Google Access on all the subnets.
  2. Enable Private Google Access on the VPC.
  3. Enable Private Services Access on the VP
  4. Create network peering between your VPC and BigQuery.
  5. Create a Cloud NAT, and route the application traffic via NAT gateway.

Answer(s): A,E

Explanation:

https://cloud.google.com/nat/docs/overview#interaction-pga Specifications https://cloud.google.com/vpc/docs/configure-private-google-access#specifications



You are designing a shared VPC architecture. Your network and security team has strict controls over which routes are exposed between departments. Your Production and Staging departments can communicate with each other, but only via specific networks. You want to follow Google-

recommended practices.

How should you design this topology?

  1. Create 2 shared VPCs within the shared VPC Host Project, and enable VPC peering between them.
    Use firewall rules to filter access between the specific networks.
  2. Create 2 shared VPCs within the shared VPC Host Project, and create a Cloud VPN/Cloud Router between them. Use Flexible Route Advertisement (FRA) to filter access between the specific networks.
  3. Create 2 shared VPCs within the shared VPC Service Project, and create a Cloud VPN/Cloud Router between them. Use Flexible Route Advertisement (FRA) to filter access between the specific networks.
  4. Create 1 VPC within the shared VPC Host Project, and share individual subnets with the Service Projects to filter access between the specific networks.

Answer(s): D



You are adding steps to a working automation that uses a service account to authenticate. You need to drive the automation the ability to retrieve files from a Cloud Storage bucket. Your organization requires using the least privilege possible.

What should you do?

  1. Grant the compute.instanceAdmin to your user account.
  2. Grant the iam.serviceAccountUser to your user account.
  3. Grant the read-only privilege to the service account for the Cloud Storage bucket.
  4. Grant the cloud-platform privilege to the service account for the Cloud Storage bucket.

Answer(s): C






Post your Comments and Discuss Google Professional Cloud Network Engineer exam with other Community members:

Professional Cloud Network Engineer Discussions & Posts