Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
MuleSoft
Okta
Palo Alto Networks
Salesforce
SAP
All Vendors
  1. Home
  2. Google
  3. Professional Cloud Network Engineer

Google Professional Cloud Network Engineer Exam (page: 1)
Google Professional Cloud Network Engineer
Updated on: 11-Aug-2025

Viewing Page 1 of 44
Professional Cloud Network Engineer PDF 248 Questions

You need to restrict access to your Google Cloud load-balanced application so that only specific IP addresses can connect.

What should you do?

  1. Create a secure perimeter using the Access Context Manager feature of VPC Service Controls and restrict access to the source IP range of the allowed clients and Google health check IP ranges.
  2. Create a secure perimeter using VPC Service Controls, and mark the load balancer as a service restricted to the source IP range of the allowed clients and Google health check IP ranges.
  3. Tag the backend instances "application," and create a firewall rule with target tag "application" and the source IP range of the allowed clients and Google health check IP ranges.
  4. Label the backend instances "application," and create a firewall rule with the target label "application" and the source IP range of the allowed clients and Google health check IP ranges.

Answer(s): C

Explanation:

https://cloud.google.com/load-balancing/docs/https/setting-up-https#sendtraffic



Your end users are located in close proximity to us-east1 and europe-west1. Their workloads need to communicate with each other. You want to minimize cost and increase network efficiency.

How should you design this topology?

  1. Create 2 VPCs, each with their own regions and individual subnets. Create 2 VPN gateways to establish connectivity between these regions.
  2. Create 2 VPCs, each with their own region and individual subnets. Use external IP addresses on the instances to establish connectivity between these regions.
  3. Create 1 VPC with 2 regional subnets. Create a global load balancer to establish connectivity between the regions.
  4. Create 1 VPC with 2 regional subnets. Deploy workloads in these subnets and have them communicate using private RFC1918 IP addresses.

Answer(s): D

Explanation:

https://cloud.google.com/vpc/docs/using-vpc#create-auto-network We create one VPC network in auto mode that creates one subnet in each Google Cloud region automatically. So, region us-east1 and europe-west1 are in the same network and they can communicate using their internal IP address even though they are in different Regions. They take advantage of Google's global fiber network.



Your organization is deploying a single project for 3 separate departments. Two of these departments require network connectivity between each other, but the third department should remain in isolation. Your design should create separate network administrative domains between these departments. You want to minimize operational overhead.

How should you design the topology?

  1. Create a Shared VPC Host Project and the respective Service Projects for each of the 3 separate departments.
  2. Create 3 separate VPCs, and use Cloud VPN to establish connectivity between the two appropriate VPCs.
  3. Create 3 separate VPCs, and use VPC peering to establish connectivity between the two appropriate VPCs.
  4. Create a single project, and deploy specific firewall rules. Use network tags to isolate access between the departments.

Answer(s): C

Explanation:

https://cloud.google.com/vpc/docs/vpc-peering



You are migrating to Cloud DNS and want to import your BIND zone file.

Which command should you use?

  1. gcloud dns record-sets import ZONE_FILE --zone MANAGED_ZONE
  2. gcloud dns record-sets import ZONE_FILE --replace-origin-ns --zone MANAGED_ZONE
  3. gcloud dns record-sets import ZONE_FILE --zone-file-format --zone MANAGED_ZONE
  4. gcloud dns record-sets import ZONE_FILE --delete-all-existing --zone MANAGED ZONE

Answer(s): C

Explanation:

https://cloud.google.com/sdk/gcloud/reference/dns/record-sets/import



You created a VPC network named Retail in auto mode. You want to create a VPC network named Distribution and peer it with the Retail VPC.

How should you configure the Distribution VPC?

  1. Create the Distribution VPC in auto mode. Peer both the VPCs via network peering.
  2. Create the Distribution VPC in custom mode. Use the CIDR range 10.0.0.0/9. Create the necessary subnets, and then peer them via network peering.
  3. Create the Distribution VPC in custom mode. Use the CIDR range 10.128.0.0/9. Create the necessary subnets, and then peer them via network peering.
  4. Rename the default VPC as "Distribution" and peer it via network peering.

Answer(s): B

Explanation:

https://cloud.google.com/vpc/docs/vpc#ip-ranges



Viewing Page 1 of 44



Share your comments for Google Professional Cloud Network Engineer exam with other users:

JM 12/19/2023 2:23:00 PM

q252: dns poisoning is the correct answer, not locator redirection. beaconing is detected from a host. this indicates that the system has been infected with malware, which could be the source of local dns poisoning. location redirection works by either embedding the redirection in the original websites code or having a user click on a url that has an embedded redirect. since users at a different office are not getting redirected, it isnt an embedded redirection on the original website and since the user is manually typing in the url and not clicking a link, it isnt a modified link.
UNITED STATES


Freddie 12/12/2023 12:37:00 PM

helpful dump questions
SOUTH AFRICA


Da Costa 8/25/2023 7:30:00 AM

question 423 eigrp uses metric
Anonymous


Bsmaind 8/20/2023 9:22:00 AM

hello nice dumps
Anonymous


beau 1/12/2024 4:53:00 PM

good resource for learning
UNITED STATES


Sandeep 12/29/2023 4:07:00 AM

very useful
Anonymous


kevin 9/29/2023 8:04:00 AM

physical tempering techniques
Anonymous


Blessious Phiri 8/15/2023 4:08:00 PM

its giving best technical knowledge
Anonymous


Testbear 6/13/2023 11:15:00 AM

please upload
ITALY


shime 10/24/2023 4:23:00 AM

great question with explanation thanks!!
ETHIOPIA


Thembelani 5/30/2023 2:40:00 AM

does this exam have lab sections?
Anonymous


Shin 9/8/2023 5:31:00 AM

please upload
PHILIPPINES


priti kagwade 7/22/2023 5:17:00 AM

please upload the braindump for .net
UNITED STATES


Robe 9/27/2023 8:15:00 PM

i need this exam 1z0-1107-2. please.
Anonymous


Chiranthaka 9/20/2023 11:22:00 AM

very useful!
Anonymous


Not Miguel 11/26/2023 9:43:00 PM

for this question - "which three type of basic patient or member information is displayed on the patient info component? (choose three.)", list of conditions is not displayed (it is displayed in patient card, not patient info). so should be thumbnail of chatter photo
Anonymous


Andrus 12/17/2023 12:09:00 PM

q52 should be d. vm storage controller bandwidth represents the amount of data (in terms of bandwidth) that a vms storage controller is using to read and write data to the storage fabric.
Anonymous


Raj 5/25/2023 8:43:00 AM

nice questions
UNITED STATES


max 12/22/2023 3:45:00 PM

very useful
Anonymous


Muhammad Rawish Siddiqui 12/8/2023 6:12:00 PM

question # 208: failure logs is not an example of operational metadata.
SAUDI ARABIA


Sachin Bedi 1/5/2024 4:47:00 AM

good questions
Anonymous


Kenneth 12/8/2023 7:34:00 AM

thank you for the test materials!
KOREA REPUBLIC OF


Harjinder Singh 8/9/2023 4:16:00 AM

its very helpful
HONG KONG


SD 7/13/2023 12:56:00 AM

good questions
UNITED STATES


kanjoe 7/2/2023 11:40:00 AM

good questons
UNITED STATES


Mahmoud 7/6/2023 4:24:00 AM

i need the dumb of the hcip security v4.0 exam
EGYPT


Wei 8/3/2023 4:18:00 AM

upload the dump please
HONG KONG


Stephen 10/3/2023 6:24:00 PM

yes, iam looking this
AUSTRALIA


Stephen 8/4/2023 9:08:00 PM

please upload cima e2 managing performance dumps
Anonymous


hp 6/16/2023 12:44:00 AM

wonderful questions
Anonymous


Priyo 11/14/2023 2:23:00 AM

i used this site since 2000, still great to support my career
INDONESIA


Jude 8/29/2023 1:56:00 PM

why is the answer to "which of the following is required by scrum?" all of the following stated below since most of them are not mandatory? sprint retrospective. members must be stand up at the daily scrum. sprint burndown chart. release planning.
UNITED STATES


Marc blue 9/15/2023 4:11:00 AM

great job. hope this helps out.
UNITED STATES


Anne 9/13/2023 2:33:00 AM

upload please. many thanks!
Anonymous