Free Access Google.Professional-Cloud-Network-Engineer.v2024-10-28.q109 Practice Test (Page 15)

Question 66

In order to provide subnet level isolation, you want to force instance-A in one subnet to route through a security appliance, called instance-B, in another subnet.
What should you do?

A.Create a more specific route than the system-generated subnet route, pointing the next hop to instance-B with no tag.

B.Create a more specific route than the system-generated subnet route, pointing the next hop to instance-B with a tag applied to instance-A.

C.Delete the system-generated subnet route and create a specific route to instance-B with a tag applied to instance-A.

D.Move instance-B to another VPC and, using multi-NIC, connect instance-B's interface to instance-A's network. Configure the appropriate routes to force traffic through to instance-A.

Question 67

You decide to set up Cloud NAT. After completing the configuration, you find that one of your instances is not using the Cloud NAT for outbound NAT.
What is the most likely cause of this problem?

A.The instance has been configured with multiple interfaces.

B.An external IP address has been configured on the instance.

C.You have created static routes that use RFC1918 ranges.

D.The instance is accessible by a load balancer external IP address.

Question 68

You need to ensure your personal SSH key works on every instance in your project. You want to accomplish this as efficiently as possible.
What should you do?

A.Upload your public ssh key to the project Metadata.

B.Upload your public ssh key to each instance Metadata.

C.Create a custom Google Compute Engine image with your public ssh key embedded.

D.Use gcloud compute ssh to automatically copy your public ssh key to the instance.

Question 69

Your organization is deploying a single project for 3 separate departments. Two of these departments require network connectivity between each other, but the third department should remain in isolation. Your design should create separate network administrative domains between these departments. You want to minimize operational overhead.
How should you design the topology?

A.Create a Shared VPC Host Project and the respective Service Projects for each of the 3 separate departments.

B.Create 3 separate VPCs, and use Cloud VPN to establish connectivity between the two appropriate VPCs.

C.Create 3 separate VPCs, and use VPC peering to establish connectivity between the two appropriate VPCs.

D.Create a single project, and deploy specific firewall rules. Use network tags to isolate access between the departments.

Question 70

You are using a third-party next-generation firewall to inspect traffic. You created a custom route of 0.0.0.0/0 to route egress traffic to the firewall. You want to allow your VPC instances without public IP addresses to access the BigQuery and Cloud Pub/Sub APIs, without sending the traffic through the firewall.
Which two actions should you take? (Choose two.)

A.Turn on Private Google Access at the subnet level.

B.Turn on Private Google Access at the VPC level.

C.Turn on Private Services Access at the VPC level.

D.Create a set of custom static routes to send traffic to the external IP addresses of Google APIs and services via the default internet gateway.

E.Create a set of custom static routes to send traffic to the internal IP addresses of Google APIs and services via the default internet gateway.

Other Version: 2036Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 1755Google.Professional-Cloud-Network-Engineer.v2025-05-14.q111; 2810Google.Professional-Cloud-Network-Engineer.v2023-04-24.q111; 1801Google.Professional-Cloud-Network-Engineer.v2023-01-24.q52; 2860Google.Professional-Cloud-Network-Engineer.v2022-03-12.q83; 102Google.Ipassleader.Professional-Cloud-Network-Engineer.v2021-10-07.by.stephanie.79q.pdf

Latest Upload: 252PaloAltoNetworks.NGFW-Engineer.v2026-05-01.q43; 362Nokia.4A0-113.v2026-05-01.q69; 397EC-COUNCIL.312-49v11.v2026-04-30.q214; 312Microsoft.MB-820.v2026-04-30.q101; 248Salesforce.MC-202.v2026-04-30.q57; 276BICSI.INSTC_V8.v2026-04-29.q53; 411NMLS.MLO.v2026-04-28.q82; 277NCARB.Project-Management.v2026-04-28.q27; 494EMC.D-AV-DY-23.v2026-04-27.q184; 1304ServiceNow.CSA.v2026-04-27.q483

Question 66

Question 67

Question 68

Question 69

Question 70

Download PDF File