Download Professional Cloud Network Engineer.Professional-Cloud-Network-Engineer.VCEDumps.2024-04-10.95q.vcex

Vendor: Google
Exam Code: Professional-Cloud-Network-Engineer
Exam Name: Professional Cloud Network Engineer
Date: Apr 10, 2024
File Size: 675 KB
Downloads: 3
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAMFILESCOM

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
You want to implement an IPSec tunnel between your on-premises network and a VPC via Cloud VPN. You need to restrict reachability over the tunnel to specific local subnets, and you do not have a device capable of speaking Border Gateway Protocol (BGP).
Which routing option should you choose?
  1. Dynamic routing using Cloud Router
  2. Route-based routing using default traffic selectors
  3. Policy-based routing using a custom local traffic selector
  4. Policy-based routing using the default local traffic selector
Correct answer: C
Explanation:
Reference: https://cloud.google.com/vpn/docs/concepts/overview
Reference: https://cloud.google.com/vpn/docs/concepts/overview
Question 2
You have enabled HTTP(S) load balancing for your application, and your application developers havereported that HTTP(S) requests are not being distributed correctly to your Compute Engine VirtualMachine instances. You want to find data about how the request are being distributed.
Which two methods can accomplish this? (Choose two.)
  1. On the Load Balancer details page of the GCP Console, click on the Monitoring tab, select your backend service, and look at the graphs.
  2. In Stackdriver Error Reporting, look for any unacknowledged errors for the Cloud Load Balancers service.
  3. In Stackdriver Monitoring, select Resources > Metrics Explorer and search for https/request_bytes_count metric.
  4. In Stackdriver Monitoring, select Resources > Google Cloud Load Balancers and review the Key Metrics graphs in the dashboard.
  5. In Stackdriver Monitoring, create a new dashboard and track the https/backend_request_countmetric for the load balancer.
Correct answer: AE
Question 3
You want to use Partner Interconnect to connect your on-premises network with your VPC. You already have an Interconnect partner.
What should you first?
  1. Log in to your partner's portal and request the VLAN attachment there.
  2. Ask your Interconnect partner to provision a physical connection to Google.
  3. Create a Partner Interconnect type VLAN attachment in the GCP Console and retrieve the pairing key.
  4. Run gcloud compute interconnect attachments partner update <attachment> / -- region <region> - -admin-enabled.
Correct answer: B
Explanation:
https://cloud.google.com/network-connectivity/docs/interconnect/concepts/partneroverview?hl=En#provisioning "To provision a Partner Interconnect connection with a serviceprovider, you start by connecting your on-premises network to a supported service provider. Work with the service provider to establish connectivity.
https://cloud.google.com/network-connectivity/docs/interconnect/concepts/partneroverview?hl=En#provisioning "
To provision a Partner Interconnect connection with a serviceprovider, you start by connecting your on-premises network to a supported service provider. Work with the service provider to establish connectivity.
Question 4
You need to centralize the Identity and Access Management permissions and email distribution for the WebServices Team as efficiently as possible.
What should you do?
  1. Create a Google Group for the WebServices Team.
  2. Create a G Suite Domain for the WebServices Team.
  3. Create a new Cloud Identity Domain for the WebServices Team.
  4. Create a new Custom Role for all members of the WebServices Team.
Correct answer: A
Question 5
You are using the gcloud command line tool to create a new custom role in a project by coping a predefined role. You receive this error message: INVALID_ARGUMENT: Permission resourcemanager.projects.list is not valid
What should you do?
  1. Add the resourcemanager.projects.get permission, and try again.
  2. Try again with a different role with a new name but the same permissions.
  3. Remove the resourcemanager.projects.list permission, and try again.
  4. Add the resourcemanager.projects.setIamPolicy permission, and try again.
Correct answer: C
Explanation:
Reference: https://cloud.google.com/iam/docs/understanding-custom-roles
Reference: https://cloud.google.com/iam/docs/understanding-custom-roles
Question 6
One instance in your VPC is configured to run with a private IP address only. You want to ensure that even if this instance is deleted, its current private IP address will not be automatically assigned to a different instance.
In the GCP Console, what should you do?
  1. Assign a public IP address to the instance.
  2. Assign a new reserved internal IP address to the instance.
  3. Change the instance's current internal IP address to static.
  4. Add custom metadata to the instance with key internal-address and value reserved.
Correct answer: C
Explanation:
https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ipaddress#reservenewip Since here https://cloud.google.com/compute/docs/ip-addresses/reservestatic-internal-ip-address#reservenewip it is written that "automatically allocated or an unused address from an existing subnet".
https://cloud.google.com/compute/docs/ip-addresses/reserve-static-internal-ipaddress#reservenewip Since here https://cloud.google.com/compute/docs/ip-addresses/reservestatic-internal-ip-address#reservenewip it is written that "automatically allocated or an unused address from an existing subnet".
Question 7
After a network change window one of your company's applications stops working. The application uses an on-premises database server that no longer receives any traffic from the application. The database server IP address is 10.2.1.25.
You examine the change request, and the only change is that 3 additional VPC subnets were created. The new VPC subnets created are 10.1.0.0/16, 10.2.0.0/16, and 10.3.1.0/24/ The on-premises router is advertising 10.0.0.0/8.
What is the most likely cause of this problem?
  1. The less specific VPC subnet route is taking priority.
  2. The more specific VPC subnet route is taking priority.
  3. The on-premises router is not advertising a route for the database server.
  4. A cloud firewall rule that blocks traffic to the on-premises database server was created during the change.
Correct answer: B
Question 8
You need to create a new VPC network that allows instances to have IP addresses in both the 10.1.1.0/24 network and the 172.16.45.0/24 network.
What should you do?
  1. Configure global load balancing to point 172.16.45.0/24 to the correct instance.
  2. Create unique DNS records for each service that sends traffic to the desired IP address.
  3. Configure an alias-IP range of 172.16.45.0/24 on the virtual instances within the VPC subnet of 10.1.1.0/24.
  4. Use VPC peering to allow traffic to route between the 10.1.0.0/24 network and the 172.16.45.0/24 network.
Correct answer: C
Question 9
You are deploying a global external TCP load balancing solution and want to preserve the source IP address of the original layer 3 payload.
Which type of load balancer should you use?
  1. HTTP(S) load balancer
  2. Network load balancer
  3. Internal load balancer
  4. TCP/SSL proxy load balancer
Correct answer: D
Explanation:
By default TCP/SSL proxy load balancer original client IP address and port information is not preserved, but it can be preserved using the PROXY protocol: https://cloud.google.com/loadbalancing/ docs/tcp#target-proxieshttps://medium.com/google-cloud/preserving-client-ips-through-google-clouds-global-tcp-and-sslproxy-load-balancers-3697d76feeb1Reference: https://cloud.google.com/load-balancing/docs/network
By default TCP/SSL proxy load balancer original client IP address and port information is not preserved, but it can be preserved using the PROXY protocol: https://cloud.google.com/loadbalancing/ docs/tcp#target-proxies
https://medium.com/google-cloud/preserving-client-ips-through-google-clouds-global-tcp-and-sslproxy-load-balancers-3697d76feeb1
Reference: https://cloud.google.com/load-balancing/docs/network
Question 10
Your company has a single Virtual Private Cloud (VPC) network deployed in Google Cloud with access from your on-premises network using Cloud Interconnect. You must configure access only to Google APIs and services that are supported by VPC Service Controls through hybrid connectivity with a service level agreement (SLA) in place. What should you do?
  1. Configure the existing Cloud Routers to advertise the Google API's public virtual IP addresses.
  2. Use Private Google Access for on-premises hosts with restricted.googleapis.com virtual IP addresses.
  3. Configure the existing Cloud Routers to advertise a default route, and use Cloud NAT to translate traffic from your on-premises network.
  4. Add Direct Peering links, and use them for connectivity to Google APIs that use public virtual IP addresses.
Correct answer: B
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!