Good news for candidates who want to earn Google Cloud certification, we have updated Professional Cloud Network Engineer real exam questions, which are the latest version in the market. To take Professional Cloud Network Engineer exam, you need to have at least 1 year of hands-on experience working with Google Cloud Platform and may work on networking or cloud teams with architects who design the infrastructure.
Professional Cloud Network Engineer implements and manages network architectures in Google Cloud Platform.
Google Professional Cloud Network Engineer exam can help you test the following ability.
Design, plan, and prototype a GCP Network
Implement a GCP Virtual Private Cloud (VPC)
Configure network services
Implement hybrid interconnectivity
Implement network security
Google Professional Cloud Network Engineer real exam questions updated version can help you test the above skills. Share some updated Professional Cloud Network Engineer real exam questions and answers below.
1.You have deployed a new internal application that provides HTTP and TFTP services to on-premises hosts. You want to be able to distribute traffic across multiple Compute Engine instances, but need to ensure that clients are sticky to a particular instance across both services.Which session affinity should you choose?
A. None
B. Client IP
C. Client IP and protocol
D. Client IP, port and protocol
Answer: B
2.You created a new VPC network named Dev with a single subnet. You added a firewall rule for the network Dev to allow HTTP traffic only and enabled logging. When you try to log in to an instance in the subnet via Remote Desktop Protocol, the login fails. You look for the Firewall rules logs in Stackdriver Logging, but you do not see any entries for blocked traffic. You want to see the logs for blocked traffic.What should you do?
A. Check the VPC flow logs for the instance.
B. Try connecting to the instance via SSH, and check the logs.
C. Create a new firewall rule to allow traffic from port 22, and enable logs.
D. Create a new firewall rule with priority 65500 to deny all traffic, and enable logs.
Answer: D
3.You are trying to update firewall rules in a shared VPC for which you have been assigned only Network Admin permissions. You cannot modify the firewall rules. Your organization requires using the least privilege necessary.Which level of permissions should you request?
A. Security Admin privileges from the Shared VPC Admin.
B. Service Project Admin privileges from the Shared VPC Admin.
C. Shared VPC Admin privileges from the Organization Admin.
D. Organization Admin privileges from the Organization Admin.
Answer: A
4.You want to create a service in GCP using IPv6.What should you do?
A. Create the instance with the designated IPv6 address.
B. Configure a TCP Proxy with the designated IPv6 address.
C. Configure a global load balancer with the designated IPv6 address.
D. Configure an internal load balancer with the designated IPv6 address.
Answer: C
5.You decide to set up Cloud NAT. After completing the configuration, you find that one of your instances is not using the Cloud NAT for outbound NAT.What is the most likely cause of this problem?
A. The instance has been configured with multiple interfaces.
B. An external IP address has been configured on the instance.
C. You have created static routes that use RFC1918 ranges.
D. The instance is accessible by a load balancer external IP address.
Answer: B