최신 Professional-Cloud-Network-Engineer 무료덤프 - Google Cloud Certified

문제1

Question:
Your organization has an on-premises data center. You need to provide connectivity from the on-premises data center to Google Cloud. Bandwidth must be at least 1 Gbps, and the traffic must not traverse the internet.
What should you do?

A. Configure Dedicated Interconnect by creating a VLAN attachment, activate the connection, and submit the pairing key to your service provider.

B. Configure Partner Interconnect by creating a VLAN attachment, submit the pairing key to your service provider, and activate the connection.

C. Configure HA VPN by using high availability gateways and tunnels.

D. Configure Cross-Cloud Interconnect by creating a VLAN attachment, activate the connection, and then submit the pairing key to your service provider.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제2

You are responsible for designing a new connectivity solution between your organization's on-premises data center and your Google Cloud Virtual Private Cloud (VPC) network Currently, there Is no end-to-end connectivity. You must ensure a service level agreement (SLA) of 99.99% availability What should you do?

A. Use HA VPN. Configure one tunnel from each Interface of the VPN gateway to connect to the corresponding interfaces on the peer gateway on-premises. Configure one Cloud Router and enable global routing in the VPC.

B. Use one Dedicated Interconnect connection in a single metropolitan area. Configure one Cloud Router and enable global routing in the VPC.

C. Use a Direct Peering connection between your on-premises data center and Google Cloud. Configure Classic VPN with two tunnels and one Cloud Router.

D. Use two Dedicated Interconnect connections in a single metropolitan area. Configure one Cloud Router and enable global routing in the VPC.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제3

There are two established Partner Interconnect connections between your on-premises network and Google Cloud. The VPC that hosts the Partner Interconnect connections is named "vpc-a" and contains three VPC subnets across three regions, Compute Engine instances, and a GKE cluster. Your on-premises users would like to resolve records hosted in a Cloud DNS private zone following Google-recommended practices. You need to implement a solution that allows your on-premises users to resolve records that are hosted in Google Cloud. What should you do?

A. Associate the private zone to "vpc-a." Create an outbound forwarding policy and associate the policy to
"vpc-a." Configure the on-premises DNS servers to forward queries for the private zone to the entry point addresses created when the policy was attached to "vpc-a."

B. Associate the private zone to "vpc-a." Create an inbound forwarding policy and associate the policy to
"vpc-a." Configure the on-premises DNS servers to forward queries for the private zone to the entry point addresses created when the policy was attached to "vpc-a."

C. Configure a DNS proxy service inside one of the GKE clusters. Expose the DNS proxy service in GKE as an internal load balancer. Configure the on-premises DNS servers to forward queries for the private zone to the IP address of the internal load balancer.

D. Use custom route advertisements to announce 169.254.169.254 via BGP to the on-premises environment. Configure the on-premises DNS servers to forward DNS requests to 169.254.169.254.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제4

You are configuring a new instance of Cloud Router in your Organization's Google Cloud environment to allow connection across a new Dedicated Interconnect to your data center Sales, Marketing, and IT each have a service project attached to the Organization's host project.
Where should you create the Cloud Router instance?

A. VPC network in the Host Project

B. VPC network in all projects

C. VPC network in the Sales, Marketing, and IT Projects

D. VPC network in the IT Project

정답: A

문제5

One instance in your VPC is configured to run with a private IP address only. You want to ensure that even if this instance is deleted, its current private IP address will not be automatically assigned to a different instance.
In the GCP Console, what should you do?

A. Change the instance's current internal IP address to static.

B. Add custom metadata to the instance with key internal-address and value reserved.

C. Assign a new reserved internal IP address to the instance.

D. Assign a public IP address to the instance.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제6

You work for a multinational enterprise that is moving to GCP.
These are the cloud requirements:
* An on-premises data center located in the United States in Oregon and New York with Dedicated Interconnects connected to Cloud regions us-west1 (primary HQ) and us-east4 (backup)
* Multiple regional offices in Europe and APAC
* Regional data processing is required in europe-west1 and australia-southeast1
* Centralized Network Administration Team
Your security and compliance team requires a virtual inline security appliance to perform L7 inspection for URL filtering. You want to deploy the appliance in us-west1.
What should you do?

A. * Create 2 VPCs in a Shared VPC Host Project.* Configure a 2-NIC instance in zone us-west1-a in the Service Project.* Attach NIC0 in VPC #1 us-west1 subnet of the Host Project.* Attach NIC1 in VPC #2 us-west1 subnet of the Host Project.* Deploy the instance.* Configure the necessary routes and firewall rules to pass traffic through the instance.

B. * Create 2 VPCs in a Shared VPC Host Project.* Configure a 2-NIC instance in zone us-west1-a in the Host Project.* Attach NIC0 in VPC #1 us-west1 subnet of the Host Project.* Attach NIC1 in VPC #2 us- west1 subnet of the Host Project.* Deploy the instance.* Configure the necessary routes and firewall rules to pass traffic through the instance.

C. * Create 1 VPC in a Shared VPC Host Project.* Configure a 2-NIC instance in zone us-west1-a in the Host Project.* Attach NIC0 in us-west1 subnet of the Host Project.* Attach NIC1 in us-west1 subnet of the Host Project* Deploy the instance.* Configure the necessary routes and firewall rules to pass traffic through the instance.

D. * Create 1 VPC in a Shared VPC Service Project.* Configure a 2-NIC instance in zone us-west1-a in the Service Project.* Attach NIC0 in us-west1 subnet of the Service Project.* Attach NIC1 in us-west1 subnet of the Service Project* Deploy the instance.* Configure the necessary routes and firewall rules to pass traffic through the instance.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제7

You are creating a new application and require access to Cloud SQL from VPC instances without public IP addresses.
Which two actions should you take? (Choose two.)

A. Activate the Cloud Datastore API in your project.

B. Create a custom static route to allow the traffic to reach the Cloud SQL API.

C. Enable Private Google Access.

D. Create a private connection to a service producer.

E. Activate the Service Networking API in your project.

정답: C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Question:
Your organization has approximately 100 teams that need to manage their own environments. A central team must manage the network. You need to design a landing zone that provides separate projects for each team and ensure the solution can scale. What should you do?

A. Configure a Shared VPC, and create a VPC network in the service project.

B. Configure a Shared VPC and create a VPC network in the host project.

C. Configure VPC Network Peering and peer one of the VPCs to the service project.

D. Configure Policy-based Routing for each team.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제9

You need to configure a Google Kubernetes Engine (GKE) cluster. The initial deployment should have 5 nodes with the potential to scale to 10 nodes. The maximum number of Pods per node is 8. The number of services could grow from 100 to up to 1024. How should you design the IP schema to optimally meet this requirement?

A. Configure a /28 primary IP address range for the node IP addresses. Configure a /25 secondary IP range for the Pods. Configure a /21 secondary IP range for the Services.

B. Configure a /28 primary IP address range for the node IP addresses. Configure a /28 secondary IP range for the Pods. Configure a /21 secondary IP range for the Services.

C. Configure a /28 primary IP address range for the node IP addresses. Configure a (25 secondary IP range for the Pods. Configure a /22 secondary IP range for the Services.

D. Configure a /28 primary IP address range for the node IP addresses. Configure a /24 secondary IP range for the Pads. Configure a /22 secondary IP range for the Services.

정답: C

문제10

You are developing an HTTP API hosted on a Compute Engine virtual machine instance that must be invoked only by multiple clients within the same Virtual Private Cloud (VPC). You want clients to be able to get the IP address of the service. What should you do?

A. Ensure that clients use Compute Engine internal DNS by connecting to the instance name with the url
https://[INSTANCE_NAME].[ZONE].c.[PROJECT_ID].internal/.

B. Reserve a static external IP address and assign it to an HTTP(S) load balancing service's forwarding rule. Then, define an A record in Cloud DNS. Clients should use the name of the A record to connect to the service.

C. Ensure that clients use Compute Engine internal DNS by connecting to the instance name with the url https://[API_NAME]/[API_VERSION]/.

D. Reserve a static external IP address and assign it to an HTTP(S) load balancing service's forwarding rule. Clients should use this IP address to connect to the service.

정답: B

문제11

In your company, two departments with separate GCP projects (code-dev and data-dev) in the same organization need to allow full cross-communication between all of their virtual machines in GCP. Each department has one VPC in its project and wants full control over their network. Neither department intends to recreate its existing computing resources. You want to implement a solution that minimizes cost.
Which two steps should you take? (Choose two.)

A. Connect both projects using Cloud VPN.

B. Enable firewall rules to allow all ingress traffic from all subnets of project code-dev to all instances in project data-dev, and vice versa.

C. Connect the VPCs in project code-dev and data-dev using VPC Network Peering.

D. Enable Shared VPC in one project (e. g., code-dev), and make the second project (e. g., data-dev) a service project.

E. Create a route in the code-dev project to the destination prefixes in project data-dev and use nexthop as the default gateway, and vice versa.

정답: B,C

문제12

You created a VPC network named Retail in auto mode. You want to create a VPC network named Distribution and peer it with the Retail VPC.
How should you configure the Distribution VPC?

A. Create the Distribution VPC in custom mode. Use the CIDR range 10.128.0.0/9. Create the necessary subnets, and then peer them via network peering.

B. Rename the default VPC as "Distribution" and peer it via network peering.

C. Create the Distribution VPC in custom mode. Use the CIDR range 10.0.0.0/9. Create the necessary subnets, and then peer them via network peering.

D. Create the Distribution VPC in auto mode. Peer both the VPCs via network peering.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제13

You have the networking configuration shown. In the diagram Two VLAN attachments associated With two Dedicated Interconnect connections terminate on the same Cloud Router (mycloudrouter). The Interconnect connections terminate on two separate on-premises routers. You advertise the same prefixes from the Border Gateway Protocol (BOP) sessions associated with each Of the VLAN attachments.
You notice an asymmetric traffic flow between the two Interconnect connections. Which of the following actions should you take to troubleshoot the asymmetric traffic flow?

A. From the Google Cloud console, navigate to the Hybrid Connectivity select the Cloud Router, and view BGP sessions.

B. From the Google Cloud console, navigate to Cloud Logging to view VPC Flow Logs and review the results

C. From the Cloud CLI. run gcloud compute routers describe mycloudrouter
--region REGION and review the results

D. From the Cloud CLI, run gcloud compute -protect_ID router get-status mycloudrouter --region REGION and review the results.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제14

You need to centralize the Identity and Access Management permissions and email distribution for the WebServices Team as efficiently as possible.
What should you do?

A. Create a Google Group for the WebServices Team.

B. Create a new Cloud Identity Domain for the WebServices Team.

C. Create a new Custom Role for all members of the WebServices Team.

D. Create a G Suite Domain for the WebServices Team.

정답: A

문제15

(You are developing an internet of things (IoT) application that captures sensor data from multiple devices that have already been set up. You need to identify the global data storage product your company should use to store this data. You must ensure that the storage solution you choose meets your requirements of sub- millisecond latency. What should you do?)

A. Capture IoT data in BigQuery datasets.

B. Store the IoT data in Spanner. Use caches to speed up the process and avoid latencies.

C. Store the IoT data in Bigtable.

D. Store the IoT data in Cloud Storage. Implement caching by using Cloud CDN.

정답: A,B,C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제16

You have just deployed your infrastructure on Google Cloud. You now need to configure the DNS to meet the following requirements:
Your on-premises resources should resolve your Google Cloud zones.
Your Google Cloud resources should resolve your on-premises zones.
You need the ability to resolve ". internal" zones provisioned by Google Cloud.
What should you do?

A. Configure Cloud DNS to DNS peer with your on-premises DNS resolver. Configure your on-premises DNS resolver to forward Google Cloud zone queries to Google's public DNS 8.8.8.8.

B. Configure both an inbound server policy and outbound DNS forwarding zones with the target as the on- premises DNS resolver. Configure your on-premises DNS resolver to forward Google Cloud zone queries to Google Cloud's DNS resolver.

C. Configure an outbound DNS server policy, and set your alternative name server to be your on-premises DNS resolver. Configure your on-premises DNS resolver to forward Google Cloud zone queries to Google Cloud's DNS resolver.

D. Configure an outbound server policy, and set your alternative name server to be your on-premises DNS resolver. Configure your on-premises DNS resolver to forward Google Cloud zone queries to Google's public DNS 8.8.8.8.

정답: D

최신 Professional-Cloud-Network-Engineer 무료덤프 - Google Cloud Certified - Professional Cloud Network Engineer

우리와 연락하기

유용한 링크

최신 업데이트