Online Access Free Google.Professional-Cloud-Network-Engineer.v2024-05-06.q121 Practice Test (Page 2)

Professional-Cloud-Network-Engineer Exam Question 1

You recently configured Google Cloud Armor security policies to manage traffic to your application. You discover that Google Cloud Armor is incorrectly blocking some traffic to your application. You need to identity the web application firewall (WAF) rule that is incorrectly blocking traffic. What should you do?

A.Enable Google Cloud Armor audit logs, and view the logs on the Activity page in the Google Cloud Console.

B.Enable firewall logs, and view the logs in Firewall Insights.

C.Enable VPC Flow Logs, and view the logs in Cloud Logging.

D.Enable HTTP(S) Load Balancing logging with sampling rate equal to 1, and view the logs in Cloud Logging.

Professional-Cloud-Network-Engineer Exam Question 2

Your company offers a popular gaming service. Your instances are deployed with private IP addresses, and external access is granted through a global load balancer. You believe you have identified a potential malicious actor, but aren't certain you have the correct client IP address. You want to identify this actor while minimizing disruption to your legitimate users.
What should you do?

A.Create a Cloud Armor Policy rule that denies traffic and review necessary logs.

B.Create a Cloud Armor Policy rule that denies traffic, enable preview mode, and review necessary logs.

C.Create a VPC Firewall rule that denies traffic, enable logging and set enforcement to disabled, and review necessary logs.

D.Create a VPC Firewall rule that denies traffic, enable logging and set enforcement to enabled, and review necessary logs.

Professional-Cloud-Network-Engineer Exam Question 3

You are using a 10-Gbps direct peering connection to Google together with the gsutil tool to upload files to Cloud Storage buckets from on-premises servers. The on-premises servers are 100 milliseconds away from the Google peering point. You notice that your uploads are not using the full 10-Gbps bandwidth available to you. You want to optimize the bandwidth utilization of the connection.
What should you do on your on-premises servers?

A.Tune TCP parameters on the on-premises servers.

B.Compress files using utilities like tar to reduce the size of data being sent.

C.Remove the -m flag from the gsutil command to enable single-threaded transfers.

D.Use the perfdiag parameter in your gsutil command to enable faster performance: gsutil perfdiag gs://[BUCKET NAME].

Professional-Cloud-Network-Engineer Exam Question 4

You have an application hosted on a Compute Engine virtual machine instance that cannot communicate with a resource outside of its subnet. When you review the flow and firewall logs, you do not see any denied traffic listed.
During troubleshooting you find:
- Flow logs are enabled for the VPC subnet, and all firewall rules are
set to log.
- The subnetwork logs are not excluded from Stackdriver.
- The instance that is hosting the application can communicate outside
the subnet.
- Other instances within the subnet can communicate outside the subnet.
- The external resource initiates communication.
What is the most likely cause of the missing log lines?

A.The traffic is not matching the expected egress rule.

B.The traffic is not matching the expected ingress rule.

C.The traffic is matching the expected egress rule.

D.The traffic is matching the expected ingress rule.

Professional-Cloud-Network-Engineer Exam Question 5

You have deployed a proof-of-concept application by manually placing instances in a single Compute Engine zone. You are now moving the application to production, so you need to increase your application availability and ensure it can autoscale.
How should you provision your instances?

A.Create a single managed instance group, specify the desired region, and select Multiple zones for the location.

B.Create a managed instance group for each region, select Single zone for the location, and manually distribute instances across the zones in that region.

C.Create an unmanaged instance group in a single zone, and then create an HTTP load balancer for the instance group.

D.Create an unmanaged instance group for each zone, and manually distribute the instances across the desired zones.

Other Version: 512Google.Professional-Cloud-Network-Engineer.v2024-12-11.q112; 420Google.Professional-Cloud-Network-Engineer.v2024-02-05.q70; 1153Google.Professional-Cloud-Network-Engineer.v2022-09-17.q73; 1717Google.Professional-Cloud-Network-Engineer.v2022-05-31.q72; 124Google.Passexamdumps.Professional-Cloud-Network-Engineer.v2022-02-28.by.stanford.72q.pdf; 1518Google.Professional-Cloud-Network-Engineer.v2022-02-17.q85; 107Google.Examcollectionpass.Professional-Cloud-Network-Engineer.v2021-08-08.by.dempsey.84q.pdf

Latest Upload: 107Salesforce.ADM-201.v2025-09-06.q260; 103Oracle.1Z0-1055-23.v2025-09-06.q48; 104Cisco.010-151.v2025-09-06.q130; 130PMI.PMI-PBA.v2025-09-05.q160; 138Salesforce.Advanced-Cross-Channel.v2025-09-04.q41; 133EC-COUNCIL.312-40.v2025-09-04.q87; 147Oracle.1Z1-591.v2025-09-03.q129; 128Oracle.1z0-1065-25.v2025-09-03.q26; 162Cisco.350-701.v2025-09-03.q218; 125Oracle.1Z0-1195-25.v2025-09-03.q20

Professional-Cloud-Network-Engineer Exam Question 1

Professional-Cloud-Network-Engineer Exam Question 2

Professional-Cloud-Network-Engineer Exam Question 3

Professional-Cloud-Network-Engineer Exam Question 4

Professional-Cloud-Network-Engineer Exam Question 5

Download PDF File