Free Preparation Discussions
MENU
Google Professional Cloud Network Engineer Exam Questions
- Topic 1: Managing and monitoring network operations/ Designing a container IP addressing plan for Google Kubernetes Engine
- Topic 2: Optimizing network resources/ Load balancer and CDN location/ Designing a hybrid network. Considerations Using interconnect, Failover and disaster recovery strategy
- Topic 3: Designing the overall network architecture. Considerations Hybrid connectivity, Container networking, Options for high availability
- Topic 4: Implementing a GCP Virtual Private Cloud (VPC)/ Creating a shared VPC and explaining how to share subnets with other projects
- Topic 5: Differences between Google Cloud Networking and other cloud platforms/ Designing, planning, and prototyping a GCP network
- Topic 6: Configuring and maintaining Google Kubernetes Engine clusters/ Configuring and maintaining Google Kubernetes Engine clusters
- Topic 7: Configuring GCP VPC resources/ Failover and disaster recovery strategy/ Target network tags and service accounts
- Topic 8: Shared vs. standalone VPC interconnect access/ Choosing the appropriate load balancing options
- Topic 9: Microsegmentation for security purposes/ Designing a Virtual Private Cloud (VPC)/ VPC-native clusters using alias IPs
Free Google Professional Cloud Network Engineer Exam Actual Questions
Note: Premium Questions for Professional Cloud Network Engineer were last updated On Jan. 27, 2025 (see below)
Your team deployed two applications in GKE that are exposed through an external Application Load Balancer. When queries are sent to www.mountkirkgames.com/sales and www.mountkirkgames.com/get-an-analysis, the correct pages are displayed. However, you have received complaints that www.mountkirkgames.com yields a 404 error. You need to resolve this error. What should you do?
The 404 error is occurring because there is no default backend defined for requests to the root URL. Defining the default backend in the Ingress YAML file ensures that requests to www.mountkirkgames.com are routed to the correct service.
Your organization recently created a sandbox environment for a new cloud deployment. To have parity with the production environment, a pair of Compute Engine instances with multiple network interfaces (NICs) were deployed. These Compute Engine instances have a NIC in the Untrusted VPC (10.0.0.0/23) and a NIC in the Trusted VPC (10.128.0.0/9). A HA VPN tunnel has been established to the on-premises environment from the Untrusted VPC. Through this pair of VPN tunnels, the on-premises environment receives the route advertisements for the Untrusted and Trusted VPCs. In return, the on-premises environment advertises a number of CIDR ranges to the Untrusted VPC. However, when you tried to access one of the test services from the on-premises environment to the Trusted VPC, you received no response. You need to configure a highly available solution to enable the on-premises users to connect to the services in the Trusted VPC. What should you do?
The solution requires creating internal passthrough load balancers for both VPCs, with custom static routes pointing to each load balancer. This ensures connectivity between the on-premises environment and the Trusted VPC via the Untrusted VPC.
There are two established Partner Interconnect connections between your on-premises network and Google Cloud. The VPC that hosts the Partner Interconnect connections is named "vpc-a" and contains three VPC subnets across three regions, Compute Engine instances, and a GKE cluster. Your on-premises users would like to resolve records hosted in a Cloud DNS private zone following Google-recommended practices. You need to implement a solution that allows your on-premises users to resolve records that are hosted in Google Cloud. What should you do?
Associating the private zone to 'vpc-a' and creating an outbound forwarding policy allows DNS queries to be forwarded from on-premises to Google Cloud DNS. The on-premises DNS servers will forward queries to the entry points created when the forwarding policy was applied to 'vpc-a,' enabling proper name resolution.
Your organization's security team recently discovered that there is a high risk of malicious activities originating from some of your VMs connected to the internet. These malicious activities are currently undetected when TLS communication is used. You must ensure that encrypted traffic to the internet is inspected. What should you do?
Cloud NGFW Enterprise provides TLS inspection to detect and manage threats within encrypted traffic. Configuring firewall rules for TLS inspection enables granular monitoring and filtering, ensuring secure internet traffic.
Your organization recently exposed a set of services through a global external Application Load Balancer. After conducting some testing, you observed that responses would intermittently yield a non-HTTP 200 response. You need to identify the error. What should you do? (Choose 2 answers)
To troubleshoot the intermittent non-HTTP 200 responses, you should enable and review health check logs and log the backend service's responses in Cloud Logging. Reviewing the statusDetails field helps identify the cause of the error. Enabling logging on the load balancer and backend service provides visibility into the issue.
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Stacey
23 days agoValentine
1 months agoJunita
1 months agoKati
2 months agoAvery
2 months agoGail
2 months agoAleta
2 months agoJenelle
2 months agoJenise
3 months agoMaddie
3 months agoBernardo
3 months agoEmily
3 months agoMona
3 months agoMayra
4 months agoCorazon
4 months agoAdrianna
4 months agoRemona
4 months agoShalon
4 months agoAleisha
5 months agoLera
5 months agoAngelica
5 months agoVeronica
6 months agoJestine
7 months agoLorean
7 months agoQuentin
7 months agoLisha
7 months ago