Professional Cloud Network Engineer

All the instances in your project are configured with the custom metadata enable-osloginvalue set to FALSE and to block project-wide SSH keys. None of the instances are set with any SSH key, and no project-wide SSH keys have been configured. Firewall rules are set up to allow SSH sessions from...

You are using a third-party next-generation firewall to inspect traffic. You created a custom route of 0.0.0.0/0 to route egress traffic to the firewall. You want to allow your VPC instances without public IP addresses to access the BigQuery and Cloud Pub/Sub APIs, without sending the traffic through the firewall....

You want to deploy a VPN Gateway to connect your on-premises network to GCP. You are using a non BGP-capable on-premises VPN device. You want to minimize downtime and operational overhead when your network grows. The device supports only IKEv2, and you want to follow Google-recommended practices. What should you...

You want to set up two Cloud Routers so that one has an active Border Gateway Protocol (BGP) session, and the other one acts as a standby. Which BGP attribute should you use on your on-premises router?A . AS-PathB . CommunityC . Local PreferenceD . Multi-exit DiscriminatorView AnswerAnswer: D Explanation:...

You are trying to update firewall rules in a shared VPC for which you have been assigned only Network Admin permissions. You cannot modify the firewall rules. Your organization requires using the least privilege necessary. Which level of permissions should you request?A . Security Admin privileges from the Shared VPC...

Your company offers a popular gaming service. Your instances are deployed with private IP addresses, and external access is granted through a global load balancer. You believe you have identified a potential malicious actor, but aren't certain you have the correct client IP address. You want to identify this actor...

You created a VPC network named Retail in auto mode. You want to create a VPC network named Distribution and peer it with the Retail VPC. How should you configure the Distribution VPC?A . - Create the Distribution VPC in auto mode. Peer both the VPCs via network peering.B ....

You work for a university that is migrating to GCP. These are the cloud requirements: - On-premises connectivity with 10 Gbps - Lowest latency access to the cloud - Centralized Networking Administration Team New departments are asking for on-premises connectivity to their projects. You want to deploy the most cost-efficient...

You created a new VPC network named Dev with a single subnet. You added a firewall rule for the network Dev to allow HTTP traffic only and enabled logging. When you try to log in to an instance in the subnet via Remote Desktop Protocol, the login fails. You look...

You need to restrict access to your Google Cloud load-balanced application so that only specific IP addresses can connect. What should you do?A . Create a secure perimeter using the Access Context Manager feature of VPC Service Controls and restrict access to the source IP range of the allowed clients...