Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors

Google Professional Cloud Network Engineer PROFESSIONAL CLOUD NETWORK ENGINEER Dumps in PDF

Free Google PROFESSIONAL CLOUD NETWORK ENGINEER Real Questions (page: 13)

PROFESSIONAL CLOUD NETWORK ENGINEER PDF — 307 Questions

You want to configure load balancing for an internet-facing, standard voice-over-IP (VOIP) application.

Which type of load balancer should you use?

  1. HTTP(S) load balancer
  2. Network load balancer
  3. Internal TCP/UDP load balancer
  4. TCP/SSL proxy load balancer

Answer(s): B


Reference:

https://cloud.google.com/load-balancing/docs/choosing-load-balancer#external-internal



You want to configure a NAT to perform address translation between your on-premises network blocks and GCP.

Which NAT solution should you use?

  1. Cloud NAT
  2. An instance with IP forwarding enabled
  3. An instance configured with iptables DNAT rules
  4. An instance configured with iptables SNAT rules

Answer(s): A


Reference:

https://cloud.google.com/nat/docs/overview



You need to ensure your personal SSH key works on every instance in your project. You want to accomplish this as efficiently as possible.

What should you do?

  1. Upload your public ssh key to the project Metadata.
  2. Upload your public ssh key to each instance Metadata.
  3. Create a custom Google Compute Engine image with your public ssh key embedded.
  4. Use gcloud compute ssh to automatically copy your public ssh key to the instance.

Answer(s): A


Reference:

https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys



In order to provide subnet level isolation, you want to force instance-A in one subnet to route through a security appliance, called instance-B, in another subnet.

What should you do?

  1. Create a more specific route than the system-generated subnet route, pointing the next hop to instance-B with no tag.
  2. Create a more specific route than the system-generated subnet route, pointing the next hop to instance-B with a tag applied to instance-A.
  3. Delete the system-generated subnet route and create a specific route to instance-B with a tag applied to instance-A.
  4. Move instance-B to another VPC and, using multi-NIC, connect instance-B's interface to instance-A's network. Configure the appropriate routes to force traffic through to instance-A.

Answer(s): D



You create a Google Kubernetes Engine private cluster and want to use kubectl to get the status of the pods. In one of your instances you notice the master is not responding, even though the cluster is up and running.

What should you do to solve the problem?

  1. Assign a public IP address to the instance.
  2. Create a route to reach the Master, pointing to the default internet gateway.
  3. Create the appropriate firewall policy in the VPC to allow traffic from Master node IP address to the instance.
  4. Create the appropriate master authorized network entries to allow the instance to communicate to the master.

Answer(s): D



Your company has a security team that manages firewalls and SSL certificates. It also has a networking team that manages the networking resources. The networking team needs to be able to read firewall rules, but should not be able to create, modify, or delete them.

How should you set up permissions for the networking team?

  1. Assign members of the networking team the compute.networkUser role.
  2. Assign members of the networking team the compute.networkAdmin role.
  3. Assign members of the networking team a custom role with only the compute.networks.* and the compute.firewalls.list permissions.
  4. Assign members of the networking team the compute.networkViewer role, and add the compute.networks.use permission.

Answer(s): B


Reference:

https://cloud.google.com/compute/docs/access/iam



You have created an HTTP(S) load balanced service. You need to verify that your backend instances are responding properly.

How should you configure the health check?

  1. Set request-path to a specific URL used for health checking, and set proxy-header to PROXY_V1.
  2. Set request-path to a specific URL used for health checking, and set host to include a custom host header that identifies the health check.
  3. Set request-path to a specific URL used for health checking, and set response to a string that the backend service will always return in the response body.
  4. Set proxy-header to the default value, and set host to include a custom host header that identifies the health check.

Answer(s): C



You need to give each member of your network operations team least-privilege access to create, modify, and delete Cloud Interconnect VLAN attachments.

What should you do?

  1. Assign each user the editor role.
  2. Assign each user the compute.networkAdmin role.
  3. Give each user the following permissions only: compute.interconnectAttachments.create, compute.interconnectAttachments.get.
  4. Give each user the following permissions only: compute.interconnectAttachments.create, compute.interconnectAttachments.get, compute.routers.create, compute.routers.get, compute.routers.update.

Answer(s): B



PDF
Viewing page 13 of 32

Share your comments for Google PROFESSIONAL CLOUD NETWORK ENGINEER exam with other users:

S
shime
10/23/2023 10:03:00 AM

this is really very very helpful for mcd level 1

ETHIOPIA
V
Vnu
6/3/2023 2:39:00 AM

very helpful!

Anonymous
S
Steve
8/17/2023 2:19:00 PM

question #18s answer should be a, not d. this should be corrected. it should be minvalidityperiod

CANADA
R
RITEISH
12/24/2023 4:33:00 AM

thanks for the exact solution

Anonymous
S
SB
10/15/2023 7:58:00 AM

need to refer the questions and have to give the exam

INDIA
M
Mike Derfalem
7/16/2023 7:59:00 PM

i need it right now if it was possible please

Anonymous
I
Isak
7/6/2023 3:21:00 AM

i need it very much please share it in the fastest time.

Anonymous
M
Maria
6/23/2023 11:40:00 AM

correct answer is d for student.java program

IRELAND
N
Nagendra Pedipina
7/12/2023 9:10:00 AM

q:37 c is correct

INDIA
J
John
9/16/2023 9:37:00 PM

q6 exam topic: terramearth, c: correct answer: copy 1petabyte to encrypted usb device ???

GERMANY
S
SAM
12/4/2023 12:56:00 AM

explained answers

INDIA
A
Andy
12/26/2023 9:35:00 PM

plan to take theaws certified developer - associate dva-c02 in the next few weeks

SINGAPORE
S
siva
5/17/2023 12:32:00 AM

very helpfull

Anonymous
M
mouna
9/27/2023 8:53:00 AM

good questions

Anonymous
B
Bhavya
9/12/2023 7:18:00 AM

help to practice csa exam

Anonymous
M
Malik
9/28/2023 1:09:00 PM

nice tip and well documented

Anonymous
R
rodrigo
6/22/2023 7:55:00 AM

i need the exam

Anonymous
D
Dan
6/29/2023 1:53:00 PM

please upload

Anonymous
A
Ale M
11/22/2023 6:38:00 PM

prepping for fsc exam

AUSTRALIA
A
ahmad hassan
9/6/2023 3:26:00 AM

pd1 with great experience

Anonymous
Ž
Žarko
9/5/2023 3:35:00 AM

@t it seems like azure service bus message quesues could be the best solution

UNITED KINGDOM
S
Shiji
10/15/2023 1:08:00 PM

helpful to check your understanding.

INDIA
D
Da Costa
8/27/2023 11:43:00 AM

question 128 the answer should be static not auto

Anonymous
B
bot
7/26/2023 6:45:00 PM

more comments here

UNITED STATES
K
Kaleemullah
12/31/2023 1:35:00 AM

great support to appear for exams

Anonymous
B
Bsmaind
8/20/2023 9:26:00 AM

useful dumps

Anonymous
B
Blessious Phiri
8/13/2023 8:37:00 AM

making progress

Anonymous
N
Nabla
9/17/2023 10:20:00 AM

q31 answer should be d i think

FRANCE
V
vladputin
7/20/2023 5:00:00 AM

is this real?

UNITED STATES
N
Nick W
9/29/2023 7:32:00 AM

q10: c and f are also true. q11: this is outdated. you no longer need ownership on a pipe to operate it

Anonymous
N
Naveed
8/28/2023 2:48:00 AM

good questions with simple explanation

UNITED STATES
C
cert
9/24/2023 4:53:00 PM

admin guide (windows) respond to malicious causality chains. when the cortex xdr agent identifies a remote network connection that attempts to perform malicious activity—such as encrypting endpoint files—the agent can automatically block the ip address to close all existing communication and block new connections from this ip address to the endpoint. when cortex xdrblocks an ip address per endpoint, that address remains blocked throughout all agent profiles and policies, including any host-firewall policy rules. you can view the list of all blocked ip addresses per endpoint from the action center, as well as unblock them to re-enable communication as appropriate. this module is supported with cortex xdr agent 7.3.0 and later. select the action mode to take when the cortex xdr agent detects remote malicious causality chains: enabled (default)—terminate connection and block ip address of the remote connection. disabled—do not block remote ip addresses. to allow specific and known s

Anonymous
Y
Yves
8/29/2023 8:46:00 PM

very inciting

Anonymous
M
Miguel
10/16/2023 11:18:00 AM

question 5, it seems a instead of d, because: - care plan = case - patient = person account - product = product2;

SPAIN
AI Tutor 👋 I’m here to help!