Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
SAP
ServiceNow
All Vendors
  1. Home
  2. Google
  3. PROFESSIONAL CLOUD NETWORK ENGINEER

Google Professional Cloud Network Engineer PROFESSIONAL CLOUD NETWORK ENGINEER Exam Questions in PDF

Free Google PROFESSIONAL CLOUD NETWORK ENGINEER Dumps Questions (page: 4)

PROFESSIONAL CLOUD NETWORK ENGINEER PDF — 307 Questions

You have a web application that is currently hosted in the us-central1 region. Users experience high latency when traveling in Asia. You've configured a network load balancer, but users have not experienced a performance improvement. You want to decrease the latency.

What should you do?

  1. Configure a policy-based route rule to prioritize the traffic.
  2. Configure an HTTP load balancer, and direct the traffic to it.
  3. Configure Dynamic Routing for the subnet hosting the application.
  4. Configure the TTL for the DNS zone to decrease the time between updates.

Answer(s): B


Reference:

https://cloud.google.com/load-balancing/docs/tutorials/optimize-app-latency



You have an application running on Compute Engine that uses BigQuery to generate some results that are stored in Cloud Storage. You want to ensure that none of the application instances have external IP addresses.

Which two methods can you use to accomplish this? (Choose two.)

  1. Enable Private Google Access on all the subnets.
  2. Enable Private Google Access on the VPC.
  3. Enable Private Services Access on the VP
  4. Create network peering between your VPC and BigQuery.
  5. Create a Cloud NAT, and route the application traffic via NAT gateway.

Answer(s): A,E



You are designing a shared VPC architecture. Your network and security team has strict controls over which routes are exposed between departments. Your Production and Staging departments can communicate with each other, but only via specific networks. You want to follow Google-recommended practices.

How should you design this topology?

  1. Create 2 shared VPCs within the shared VPC Host Project, and enable VPC peering between them. Use firewall rules to filter access between the specific networks.
  2. Create 2 shared VPCs within the shared VPC Host Project, and create a Cloud VPN/Cloud Router between them. Use Flexible Route Advertisement (FRA) to filter access between the specific networks.
  3. Create 2 shared VPCs within the shared VPC Service Project, and create a Cloud VPN/Cloud Router between them. Use Flexible Route Advertisement (FRA) to filter access between the specific networks.
  4. Create 1 VPC within the shared VPC Host Project, and share individual subnets with the Service Projects to filter access between the specific networks.

Answer(s): D


Reference:

https://cloud.google.com/vpc/docs/shared-vpc



You are adding steps to a working automation that uses a service account to authenticate. You need to give the automation the ability to retrieve files from a Cloud Storage bucket. Your organization requires using the least privilege possible.

What should you do?

  1. Grant the compute.instanceAdmin to your user account.
  2. Grant the iam.serviceAccountUser to your user account.
  3. Grant the read-only privilege to the service account for the Cloud Storage bucket.
  4. Grant the cloud-platform privilege to the service account for the Cloud Storage bucket.

Answer(s): C



You converted an auto mode VPC network to custom mode. Since the conversion, some of your Cloud Deployment Manager templates are no longer working. You want to resolve the problem.

What should you do?

  1. Apply an additional IAM role to the Google API's service account to allow custom mode networks.
  2. Update the VPC firewall to allow the Cloud Deployment Manager to access the custom mode networks.
  3. Explicitly reference the custom mode networks in the Cloud Armor whitelist.
  4. Explicitly reference the custom mode networks in the Deployment Manager templates.

Answer(s): D



You have recently been put in charge of managing identity and access management for your organization. You have several projects and want to use scripting and automation wherever possible. You want to grant the editor role to a project member.

Which two methods can you use to accomplish this? (Choose two.)

  1. GetIamPolicy() via REST API
  2. SetIamPolicy() via REST API
  3. gcloud pubsub add-iam-policy-binding $projectname --member user:$username -- role roles/editor
  4. gcloud projects add-iam-policy-binding $projectname --member user:$username -- role roles/editor
  5. Enter an email address in the Add members field, and select the desired role from the drop-down menu in the GCP Console.

Answer(s): D,E


Reference:

https://cloud.google.com/iam/docs/granting-changing-revoking-access



You are using a 10-Gbps direct peering connection to Google together with the gsutil tool to upload files to Cloud Storage buckets from on-premises servers. The on-premises servers are 100 milliseconds away from the Google peering point. You notice that your uploads are not using the full 10-Gbps bandwidth available to you. You want to optimize the bandwidth utilization of the connection.

What should you do on your on-premises servers?

  1. Tune TCP parameters on the on-premises servers.
  2. Compress files using utilities like tar to reduce the size of data being sent.
  3. Remove the -m flag from the gsutil command to enable single-threaded transfers.
  4. Use the perfdiag parameter in your gsutil command to enable faster performance: gsutil perfdiag gs://[BUCKET_NAME].

Answer(s): A



You work for a multinational enterprise that is moving to GCP.

These are the cloud requirements:

· An on-premises data center located in the United States in Oregon and New York with Dedicated Interconnects connected to Cloud regions us-west1 (primary HQ) and us-east4 (backup) · Multiple regional offices in Europe and APAC
· Regional data processing is required in europe-west1 and australia-southeast1 · Centralized Network Administration Team

Your security and compliance team requires a virtual inline security appliance to perform L7 inspection for URL filtering. You want to deploy the appliance in us-west1.

What should you do?

  1. · Create 2 VPCs in a Shared VPC Host Project.
    · Configure a 2-NIC instance in zone us-west1-a in the Host Project.
    · Attach NIC0 in VPC #1 us-west1 subnet of the Host Project.
    · Attach NIC1 in VPC #2 us-west1 subnet of the Host Project.
    · Deploy the instance.
    · Configure the necessary routes and firewall rules to pass traffic through the instance.
  2. · Create 2 VPCs in a Shared VPC Host Project.
    · Configure a 2-NIC instance in zone us-west1-a in the Service Project.
    · Attach NIC0 in VPC #1 us-west1 subnet of the Host Project.
    · Attach NIC1 in VPC #2 us-west1 subnet of the Host Project.
    · Deploy the instance.
    · Configure the necessary routes and firewall rules to pass traffic through the instance.
  3. · Create 1 VPC in a Shared VPC Host Project.
    · Configure a 2-NIC instance in zone us-west1-a in the Host Project.
    · Attach NIC0 in us-west1 subnet of the Host Project.
    · Attach NIC1 in us-west1 subnet of the Host Project
    · Deploy the instance.
    · Configure the necessary routes and firewall rules to pass traffic through the instance.
  4. · Create 1 VPC in a Shared VPC Service Project.
    · Configure a 2-NIC instance in zone us-west1-a in the Service Project.
    · Attach NIC0 in us-west1 subnet of the Service Project.
    · Attach NIC1 in us-west1 subnet of the Service Project
    · Deploy the instance.
    · Configure the necessary routes and firewall rules to pass traffic through the instance.

Answer(s): B



Viewing page 4 of 32

Share your comments for Google PROFESSIONAL CLOUD NETWORK ENGINEER exam with other users:

B
Blessious Phiri
8/13/2023 9:35:00 AM

rman is one good recovery technology

Anonymous
D
DiligentSam
9/30/2023 10:26:00 AM

need it thx

Anonymous
V
Vani
8/10/2023 8:11:00 PM

good questions

NEW ZEALAND
F
Fares
9/11/2023 5:00:00 AM

good one nice revision

Anonymous
L
Lingaraj
10/26/2023 1:27:00 AM

i love this thank you i need

Anonymous
M
Muhammad Rawish Siddiqui
12/5/2023 12:38:00 PM

question # 142: data governance is not one of the deliverables in the document and content management context diagram.

SAUDI ARABIA
A
al
6/7/2023 10:25:00 AM

most answers not correct here

Anonymous
B
Bano
1/19/2024 2:29:00 AM

what % of questions do we get in the real exam?

UNITED STATES
O
Oliviajames
10/25/2023 5:31:00 AM

i just want to tell you. i took my microsoft az-104 exam and passed it. your program was awesome. i especially liked your detailed questions and answers and practice tests that made me well-prepared for the exam. thanks to this website!!!

UNITED STATES
D
Divya
8/27/2023 12:31:00 PM

all the best

UNITED STATES
K
KY
1/1/2024 11:01:00 PM

very usefull document

Anonymous
A
Arun
9/20/2023 4:52:00 PM

nice and helpful questions

INDIA
J
Joseph J
7/11/2023 2:53:00 PM

i found the questions helpful

UNITED STATES
M
Meg
10/12/2023 8:02:00 AM

q 105 . ans is d

INDIA
N
Navaneeth S
7/14/2023 7:57:00 AM

i have interest to get a sybase iq dba certification

UNITED STATES
A
Aish
10/11/2023 5:27:00 AM

want to pass exm.

INDIA
A
Anonymous
6/12/2023 7:23:00 AM

are the answers correct?

INDIA
K
Kris
7/7/2023 9:43:00 AM

good morning, could you please upload this exam again, i need it to test my knowledge in sd-wan with version 7.0.

Anonymous
M
Meghraj mali
10/7/2023 1:47:00 PM

very nice question

CANADA
N
Noel
11/1/2022 9:14:00 PM

i have learning disability and this exam dumps allowed me to focus on the actual questions and not worry about notes and the those other study materials.

SOUTH AFRICA
J
Jas
10/25/2023 6:01:00 PM

165 should be apt

UNITED STATES
N
Neetu
6/22/2023 8:41:00 AM

please upload the dumps, real need of them

Anonymous
M
Mark
10/24/2023 1:34:00 AM

any recent feeedback?

UNITED STATES
G
Gopinadh
8/9/2023 4:05:00 AM

question number 2 is indicating you are giving proper questions. observe and change properly.

Anonymous
S
Santhi
1/1/2024 8:23:00 AM

passed today.40% questions were new.litwere case study,lots of new questions on afd,ratelimit,tm,lb,app gatway.got 2 set series of questions which are not present here.questions on azure cyclecloud, no.of vnet/vms required for implimentation,blueprints assignment/management group etc

INDIA
R
Raviraj Magadum
1/12/2024 11:39:00 AM

practice test

INDIA
S
sivaramakrishnan
7/27/2023 8:12:00 AM

want the dumps for emc content management server programming(cmsp)

Anonymous
A
Aderonke
10/23/2023 1:52:00 PM

brilliant and helpful

UNITED KINGDOM
A
Az
9/16/2023 2:43:00 PM

q75. azure files is pass

SWITZERLAND
K
ketty
11/9/2023 8:10:00 AM

very helpful

Anonymous
S
Sonail
5/2/2022 1:36:00 PM

thank you for these questions. it helped a lot.

UNITED STATES
S
Shariq
7/28/2023 8:00:00 AM

how do i get the h12-724 dumps

Anonymous
A
adi
10/30/2023 11:51:00 PM

nice data dumps

Anonymous
E
EDITH NCUBE
7/25/2023 7:28:00 AM

answers are correct

SOUTH AFRICA
AI Tutor 👋 I’m here to help!