Google Professional-Cloud-Network-Engineer Real Exam Questions Test Engine Dumps Training With 80 Questions [Q15-Q30]

NO.15 Your company is running out of network capacity to run a critical application in the on-premises data center. You want to migrate the application to GCP. You also want to ensure that the Security team does not lose their ability to monitor traffic to and from Compute Engine instances.
Which two products should you incorporate into the solution? (Choose two.)

NO.16 You are migrating to Cloud DNS and want to import your BIND zone file.
Which command should you use?

NO.17 Your company has launched a mobile application that uploads pictures to google cloud storage bucket. The application was successfully uploading the pictures to google cloud storage buckets, but lately the application has become popular and you start seeing 429 errors. Please suggest the ways to address the issue. Please select any two.

NO.18 You want to deploy a VPN Gateway to connect your on-premises network to GCP. You are using a non BGP-capable on-premises VPN device. You want to minimize downtime and operational overhead when your network grows. The device supports only IKEv2, and you want to follow Google-recommended practices.
What should you do?

NO.19 You work for a university that is migrating to GCP.
These are the cloud requirements:
* On-premises connectivity with 10 Gbps
* Lowest latency access to the cloud
* Centralized Networking Administration Team
New departments are asking for on-premises connectivity to their projects. You want to deploy the most cost- efficient interconnect solution for connecting the campus to Google Cloud.
What should you do?

NO.20 You need to establish network connectivity between three Virtual Private Cloud networks, Sales, Marketing, and Finance, so that users can access resources in all three VPCs. You configure VPC peering between the Sales VPC and the Finance VPC. You also configure VPC peering between the Marketing VPC and the Finance VPC. After you complete the configuration, some users cannot connect to resources in the Sales VPC and the Marketing VPC. You want to resolve the problem.
What should you do?

NO.21 Your company has a security team that manages firewalls and SSL certificates. It also has a networking team that manages the networking resources. The networking team needs to be able to read firewall rules, but should not be able to create, modify, or delete them.
How should you set up permissions for the networking team?

NO.22 You want to deploy a VPN Gateway to connect your on-premises network to GCP. You are using a non BGP- capable on-premises VPN device. You want to minimize downtime and operational overhead when your network grows. The device supports only IKEv2, and you want to follow Google-recommended practices.
What should you do?

NO.23 You have a storage bucket that contains the following objects:
– folder-a/image-a-1.jpg
– folder-a/image-a-2.jpg
– folder-b/image-b-1.jpg
– folder-b/image-b-2.jpg
Cloud CDN is enabled on the storage bucket, and all four objects have been successfully cached. You want to remove the cached copies of all the objects with the prefix folder-a, using the minimum number of commands.
What should you do?

NO.24 You are designing a Google Kubernetes Engine (GKE) cluster for your organization. The current cluster size is expected to host 10 nodes, with 20 Pods per node and 150 services. Because of the migration of new services over the next 2 years, there is a planned growth for 100 nodes, 200 Pods per node, and 1500 services. You want to use VPC-native clusters with alias IP ranges, while minimizing address consumption.
How should you design this topology?

NO.25 Your on-premises data center has 2 routers connected to your GCP through a VPN on each router. All applications are working correctly; however, all of the traffic is passing across a single VPN instead of being load-balanced across the 2 connections as desired.
During troubleshooting you find:
* Each on-premises router is configured with the same ASN.
* Each on-premises router is configured with the same routes and priorities.
* Both on-premises routers are configured with a VPN connected to a single Cloud Router.
* The VPN logs have no-proposal-chosen lines when the VPNs are connecting.
* BGP session is not established between one on-premises router and the Cloud Router.
What is the most likely cause of this problem?

NO.26 You need to enable Cloud CDN for all the objects inside a storage bucket. You want to ensure that all the object in the storage bucket can be served by the CDN.
What should you do in the GCP Console?

NO.27 You have a storage bucket that contains two objects. Cloud CDN is enabled on the bucket, and both objects have been successfully cached. Now you want to make sure that one of the two objects will not be cached anymore, and will always be served to the internet directly from the origin.
What should you do?

NO.28 You created a new VPC for your development team. You want to allow access to the resources in this VPC via SSH only.
How should you configure your firewall rules?

NO.29 You want to create a service in GCP using IPv6.
What should you do?

NO.30 Datachamps is an organization resource and it has many projects under it .The company uses BigQuery for data analysis. They want a user named admin-bigquery to be the admin for all BigQuery data across all of the projects under the Datachamps organization . Monitorbigquery is a service account that’s responsible for monitoring the size of all the tables across all projects in the Datachamps organization. What predefined roles must be given to admin-bigquery (user) and Monitorbigquery (service account) .