• Home
  • Articles
  • Reliable Google Cloud Platform Professional-Cloud-Network-Engineer Dumps PDF Oct 22, 2021 Recently Updated Questions [Q27-Q44]

Reliable Google Cloud Platform Professional-Cloud-Network-Engineer Dumps PDF Oct 22, 2021 Recently Updated Questions [Q27-Q44]

Share

Reliable Google Cloud Platform Professional-Cloud-Network-Engineer Dumps PDF Oct 22, 2021 Recently Updated Questions

Pass Your  Google Professional-Cloud-Network-Engineer Exam with Correct 80 Questions and Answers

NEW QUESTION 27
Your company's web server administrator is migrating on-premises backend servers for an application to GCP. Libraries and configurations differ significantly across these backend servers. The migration to GCP will be lift-and-shift, and all requests to the servers will be served by a single network load balancer frontend. You want to use a GCP-native solution when possible.
How should you deploy this service in GCP?

  • A. Create a managed instance group from one of the images of the on-premises servers, and link this instance group to a target pool behind your load balancer.
  • B. Deploy a third-party virtual appliance as frontend to these servers that will accommodate the significant differences between these backend servers.
  • C. Use GCP's ECMP capability to load-balance traffic to the backend servers by installing multiple equal-priority static routes to the backend servers.
  • D. Create a target pool, add all backend instances to this target pool, and deploy the target pool behind your load balancer.

Answer: D

 

NEW QUESTION 28
You want to use Cloud Interconnect to connect your on-premises network to a GCP VPC. You cannot meet Google at one of its point-of-presence (POP) locations, and your on-premises router cannot run a Border Gateway Protocol (BGP) configuration.
Which connectivity model should you use?

  • A. Direct Peering
  • B. Partner Interconnect with a layer 2 partner
  • C. Dedicated Interconnect
  • D. Partner Interconnect with a layer 3 partner

Answer: D

Explanation:
https://cloud.google.com/network-connectivity/docs/interconnect/concepts/partner-overview For Layer 3 connections, your service provider establishes a BGP session between your Cloud Routers and their edge routers for each VLAN attachment. You don't need to configure BGP on your on-premises router. Google and your service provider automatically set the correct configurations.
https://cloud.google.com/network-connectivity/docs/interconnect/concepts/partner-overview#connectivity-type

 

NEW QUESTION 29
Your company's web server administrator is migrating on-premises backend servers for an application to GCP.
Libraries and configurations differ significantly across these backend servers. The migration to GCP will be lift- and-shift, and all requests to the servers will be served by a single network load balancer frontend. You want to use a GCP-native solution when possible.
How should you deploy this service in GCP?

  • A. Create a managed instance group from one of the images of the on-premises servers, and link this instance group to a target pool behind your load balancer.
  • B. Deploy a third-party virtual appliance as frontend to these servers that will accommodate the significant differences between these backend servers.
  • C. Create a target pool, add all backend instances to this target pool, and deploy the target pool behind your load balancer.
  • D. Use GCP's ECMP capability to load-balance traffic to the backend servers by installing multiple equal- priority static routes to the backend servers.

Answer: C

Explanation:
Explanation/Reference: https://cloud.google.com/compute/docs/instance-groups/adding-an-instance-group-to-a-load- balancer

 

NEW QUESTION 30
You are designing a Google Kubernetes Engine (GKE) cluster for your organization. The current cluster size is expected to host 10 nodes, with 20 Pods per node and 150 services. Because of the migration of new services over the next 2 years, there is a planned growth for 100 nodes, 200 Pods per node, and 1500 services. You want to use VPC-native clusters with alias IP ranges, while minimizing address consumption.
How should you design this topology?

  • A. Use gcloud container clusters create [CLUSTER NAME]--enable-ip-alias to create a VPC-native cluster.
  • B. Create a subnet of size/25 with 2 secondary ranges of: /17 for Pods and /21 for Services.
    Create a VPC-native cluster and specify those ranges.
  • C. Create a subnet of size/28 with 2 secondary ranges of: /24 for Pods and /24 for Services.
    Create a VPC-native cluster and specify those ranges. When the services are ready to be deployed, resize the subnets.
  • D. Use gcloud container clusters create [CLUSTER NAME] to create a VPC-native cluster.

Answer: C

Explanation:
https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters

 

NEW QUESTION 31
You need to restrict access to your Google Cloud load-balanced application so that only specific IP addresses can connect.
What should you do?

  • A. Create a secure perimeter using the Access Context Manager feature of VPC Service Controls and restrict access to the source IP range of the allowed clients and Google health check IP ranges.
  • B. Tag the backend instances "application," and create a firewall rule with target tag "application" and the source IP range of the allowed clients and Google health check IP ranges.
  • C. Label the backend instances "application," and create a firewall rule with the target label "application" and the source IP range of the allowed clients and Google health check IP ranges.
  • D. Create a secure perimeter using VPC Service Controls, and mark the load balancer as a service restricted to the source IP range of the allowed clients and Google health check IP ranges.

Answer: B

Explanation:
https://link.springer.com/chapter/10.1007/978-1-4842-1004-8_4

 

NEW QUESTION 32
You have configured a Compute Engine virtual machine instance as a NAT gateway. You execute the following command:
gcloud compute routes create no-ip-internet-route \
--network custom-network1 \
--destination-range 0.0.0.0/0 \
--next-hop instance nat-gateway \
--next-hop instance-zone us-central1-a \
--tags no-ip --priority 800
You want existing instances to use the new NAT gateway. Which command should you execute?

  • A. sudo sysctl -w net.ipv4.ip_forward=1
  • B. gcloud builds submit --config=cloudbuild.waml --substitutions=TAG_NAME=no-ip
  • C. gcloud compute instances add-tags [existing-instance] --tags no-ip
  • D. gcloud compute instances create example-instance --network custom-network1 \
    --subnet subnet-us-central \
    --no-address \
    --zone us-central1-a \
    --image-family debian-9 \
    --image-project debian-cloud \
    --tags no-ip

Answer: C

Explanation:
https://cloud.google.com/sdk/gcloud/reference/compute/routes/create
In order to apply a route to an existing instance we should use a tag to bind the route to it.

 

NEW QUESTION 33
You want to create a service in GCP using IPv6.
What should you do?

  • A. Configure a TCP Proxy with the designated IPv6 address.
  • B. Create the instance with the designated IPv6 address.
  • C. Configure an internal load balancer with the designated IPv6 address.
  • D. Configure a global load balancer with the designated IPv6 address.

Answer: D

 

NEW QUESTION 34
You want to implement an IPSec tunnel between your on-premises network and a VPC via Cloud VPN. You need to restrict reachability over the tunnel to specific local subnets, and you do not have a device capable of speaking Border Gateway Protocol (BGP).
Which routing option should you choose?

  • A. Route-based routing using default traffic selectors
  • B. Policy-based routing using a custom local traffic selector
  • C. Policy-based routing using the default local traffic selector
  • D. Dynamic routing using Cloud Router

Answer: B

 

NEW QUESTION 35
Your company's Google Cloud-deployed, streaming application supports multiple languages. The application development team has asked you how they should support splitting audio and video traffic to different backend Google Cloud storage buckets. They want to use URL maps and minimize operational overhead. They are currently using the following directory structure:
/fr/video
/en/video
/es/video
/../video
/fr/audio
/en/audio
/es/audio
/../audio
Which solution should you recommend?

  • A. Rearrange the directory structure, create DNS hostname entries for video and audio and leverage a path rule such as /video/* and /audio/*.
  • B. Leave the directory structure as-is, create a URL map and leverage a path rule such as /*/video and /*/ audio.
  • C. Rearrange the directory structure, create a URL map and leverage a path rule such as /video/* and /audio/*.
  • D. Leave the directory structure as-is, create a URL map and leverage a path rule such as \/[a-z]{2}\/video and
    \/[a-z]{2}\/audio.

Answer: C

Explanation:
https://cloud.google.com/load-balancing/docs/url-map#configuring_url_maps Path matcher constraints Path matchers and path rules have the following constraints: A path rule can only include a wildcard character (*) after a forward slash character (/). For example, /videos/* and /videos/hd/* are valid for path rules, but /videos* and /videos/hd* are not. Path rules do not use regular expression or substring matching. For example, path rules for either /videos/hd or /videos/hd/* do not apply to a URL with the path /video/hd-abcd. However, a path rule for /video/* does apply to that path. https://cloud.google.com/load-balancing/docs/url-map-concepts#pm-constraints

 

NEW QUESTION 36
You need to configure a static route to an on-premises resource behind a Cloud VPN gateway that is configured for policy-based routing using the gcloud command.
Which next hop should you choose?

  • A. The IP address of the instance on the remote side of the VPN tunnel
  • B. The IP address of the Cloud VPN gateway
  • C. The name and region of the Cloud VPN tunnel
  • D. The default internet gateway

Answer: C

Explanation:
Reference:
https://cloud.google.com/vpn/docs/how-to/creating-static-vpns

 

NEW QUESTION 37
Your on-premises data center has 2 routers connected to your Google Cloud environment through a VPN on each router. All applications are working correctly; however, all of the traffic is passing across a single VPN instead of being load-balanced across the 2 connections as desired.
During troubleshooting you find:
* Each on-premises router is configured with a unique ASN.
* Each on-premises router is configured with the same routes and priorities.
* Both on-premises routers are configured with a VPN connected to a single Cloud Router.
* BGP sessions are established between both on-premises routers and the Cloud Router.
* Only 1 of the on-premises router's routes are being added to the routing table.
What is the most likely cause of this problem?

  • A. The ASNs being used on the on-premises routers are different.
  • B. A firewall is blocking the traffic across the second VPN connection.
  • C. You do not have a load balancer to load-balance the network traffic.
  • D. The on-premises routers are configured with the same routes.

Answer: A

 

NEW QUESTION 38
You converted an auto mode VPC network to custom mode. Since the conversion, some of your Cloud Deployment Manager templates are no longer working. You want to resolve the problem.
What should you do?

  • A. Explicitly reference the custom mode networks in the Cloud Armor whitelist.
  • B. Apply an additional IAM role to the Google API's service account to allow custom mode networks.
  • C. Update the VPC firewall to allow the Cloud Deployment Manager to access the custom mode networks.
  • D. Explicitly reference the custom mode networks in the Deployment Manager templates.

Answer: D

 

NEW QUESTION 39
You need to enable Cloud CDN for all the objects inside a storage bucket. You want to ensure that all the object in the storage bucket can be served by the CDN.
What should you do in the GCP Console?

  • A. Create a new cloud storage bucket, and then enable Cloud CDN on it.
  • B. Create a new SSL proxy load balancer, select the storage bucket as a backend, and then enable Cloud CDN on the backend.
  • C. Create a new HTTP load balancer, select the storage bucket as a backend, enable Cloud CDN on the backend, and make sure each object inside the storage bucket is shared publicly.
  • D. Create a new TCP load balancer, select the storage bucket as a backend, and then enable Cloud CDN on the backend.

Answer: A

 

NEW QUESTION 40
You create a Google Kubernetes Engine private cluster and want to use kubectl to get the status of the pods.
In one of your instances you notice the master is not responding, even though the cluster is up and running.
What should you do to solve the problem?

  • A. Create a route to reach the Master, pointing to the default internet gateway.
  • B. Create the appropriate firewall policy in the VPC to allow traffic from Master node IP address to the instance.
  • C. Assign a public IP address to the instance.
  • D. Create the appropriate master authorized network entries to allow the instance to communicate to the master.

Answer: B

 

NEW QUESTION 41
You need to establish network connectivity between three Virtual Private Cloud networks, Sales, Marketing, and Finance, so that users can access resources in all three VPCs. You configure VPC peering between the Sales VPC and the Finance VPC. You also configure VPC peering between the Marketing VPC and the Finance VPC. After you complete the configuration, some users cannot connect to resources in the Sales VPC and the Marketing VPC. You want to resolve the problem.
What should you do?

  • A. Configure VPC peering in a full mesh.
  • B. Alter the routing table to resolve the asymmetric route.
  • C. Delete the legacy network and recreate it to allow transitive peering.
  • D. Create network tags to allow connectivity between all three VPCs.

Answer: A

Explanation:
https://cloud.google.com/vpc/docs/using-vpc-peering

 

NEW QUESTION 42
You are creating an instance group and need to create a new health check for HTTP(s) load balancing.
Which two methods can you use to accomplish this? (Choose two.)

  • A. Create a new legacy health check using the gcloud command line tool.
  • B. Create a new health check, or select an existing one, when you complete the load balancer's backend configuration in the GCP Console.
  • C. Create a new legacy health check using the Health checks section in the GCP Console.
  • D. Create a new health check using the VPC Network section in the GCP Console.
  • E. Create a new health check using the gcloud command line tool.

Answer: B,E

Explanation:
https://cloud.google.com/load-balancing/docs/health-checks#creating_and_modifying_health_checks

 

NEW QUESTION 43
Your company is running out of network capacity to run a critical application in the on-premises data center. You want to migrate the application to GCP. You also want to ensure that the Security team does not lose their ability to monitor traffic to and from Compute Engine instances.
Which two products should you incorporate into the solution? (Choose two.)

  • A. Cloud Audit logs
  • B. Compute Engine instance system logs
  • C. VPC flow logs
  • D. Firewall logs
  • E. Stackdriver Trace

Answer: A,E

Explanation:
https://cloud.google.com/docs/enterprise/best-practices-for-enterprise-organizations

 

NEW QUESTION 44
......


How to book Google Professional Cloud Network Engineer Exams

The registration for the Google Professional Cloud Network Engineer Exam follows the steps given below.

  • Step 1: Visit the Google Cloud Webassessor Website
  • Step 2: Sign in or sign up to your Google Cloud Webassessor account
  • Step 3: Search for the exam name Google Professional Cloud Network Engineer
  • Step 4: Take the date of the exam, choose exam center and make further payment using payment method like credit/debit etc.

 

Latest 2021 Realistic Verified Professional-Cloud-Network-Engineer Dumps: https://www.passtestking.com/Google/Professional-Cloud-Network-Engineer-practice-exam-dumps.html

Pass Professional-Cloud-Network-Engineer Exam Updated 80 Questions: https://drive.google.com/open?id=197n_ChY53bcqIzwTlm-T2KhAvxXMYmuy

Related Articles

more
Go To Professional-Cloud-Network-Engineer Questions