Free Access Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179 Practice Test (Page 27)

Question 126

You want Cloud CDN to serve the https://www.example.com/images/spacetime.png static image file that is hosted in a private Cloud Storage bucket, You are using the VSE ORIG.-X_NZADERS cache mode You receive an HTTP 403 error when opening the file In your browser and you see that the HTTP response has a Cache-control: private, max-age=O header How should you correct this Issue?

A.Configure a Cloud Storage bucket permission that gives the Storage Legacy Object Reader role

B.Change the cache mode to cache all content.

C.Increase the default time-to-live (TTL) for the backend service.

D.Enable negative caching for the backend bucket

Question 127

You created a new VPC network named Dev with a single subnet. You added a firewall rule for the network Dev to allow HTTP traffic only and enabled logging. When you try to log in to an instance in the subnet via Remote Desktop Protocol, the login fails. You look for the Firewall rules logs in Stackdriver Logging, but you do not see any entries for blocked traffic. You want to see the logs for blocked traffic.
What should you do?

A.Create a new firewall rule with priority 65500 to deny all traffic, and enable logs.

B.Try connecting to the instance via SSH, and check the logs.

C.Create a new firewall rule to allow traffic from port 22, and enable logs.

D.Check the VPC flow logs for the instance.

Question 128

Your end users are located in close proximity to us-east1 and europe-west1. Their workloads need to communicate with each other. You want to minimize cost and increase network efficiency.
How should you design this topology?

A.Create 2 VPCs, each with their own regions and individual subnets. Create 2 VPN gateways to establish connectivity between these regions.

B.Create 2 VPCs, each with their own region and individual subnets. Use external IP addresses on the instances to establish connectivity between these regions.

C.Create 1 VPC with 2 regional subnets. Create a global load balancer to establish connectivity between the regions.

D.Create 1 VPC with 2 regional subnets. Deploy workloads in these subnets and have them communicate using private RFC1918 IP addresses.

Question 129

Your organization wants to seamlessly migrate a global external web application from Compute Engine to GKE. You need to deploy a simple, cloud-first solution that exposes both applications and sends 10% of the requests to the new application. What should you do?

A.Configure a global external Application Load Balancer with a Service Extension that points to an application running in a VM, which controls which requests go to each application.

B.Configure a global external Application Load Balancer with weighted traffic splitting.

C.Configure two separate global external Application Load Balancers, and use Cloud DNS geolocation routing policies.

D.Configure a global external Application Load Balancer with weighted request mirroring.

Question 130

Your organization recently created a sandbox environment for a new cloud deployment. To have parity with the production environment, a pair of Compute Engine instances with multiple network interfaces (NICs) were deployed. These Compute Engine instances have a NIC in the Untrusted VPC (10.0.0.0/23) and a NIC in the Trusted VPC (10.128.0.0/9). A HA VPN tunnel has been established to the on-premises environment from the Untrusted VPC. Through this pair of VPN tunnels, the on-premises environment receives the route advertisements for the Untrusted and Trusted VPCs. In return, the on-premises environment advertises a number of CIDR ranges to the Untrusted VPC. However, when you tried to access one of the test services from the on-premises environment to the Trusted VPC, you received no response. You need to configure a highly available solution to enable the on-premises users to connect to the services in the Trusted VPC. What should you do?

A.Add both multi-NIC VMs to a new unmanaged instance group, named nva-uig.
Create an internal passthrough Network Load Balancer in the Untrusted VPC, named ilb-untrusted, with the nva-uig unmanaged instance group designated as the backend.
Create a custom static route in the Untrusted VPC for destination 10.123.0.0/9 and the next hop ilb- untrusted.
Create an internal passthrough Network Load Balancer in the Trusted VPC, named ilb-trusted, with the nva-uig unmanaged instance group designated as the backend.
Create a custom static route in the Trusted VPC for destination 0.0.0.0/0 and the next hop ilb-trusted.

B.Add both multi-NIC VMs to a new unmanaged instance group, named nva-uig.
Create an internal passthrough Network Load Balancer in the Untrusted VPC, named ilb-untrusted, with the nva-uig unmanaged instance group designated as the backend.
Create a custom static route in the Untrusted VPC for destination 10.128.0.0/9 and the next hop ilb- untrusted.
Create an internal passthrough Network Load Balancer in the Trusted VPC, named ilb-trusted, with the nva-uig unmanaged instance group designated as the backend.
Create a custom static route in the Trusted VPC for destination 10.0.0.0/23 and the next hop ilb-trusted.

C.Add both multi-NIC VMs to a new unmanaged instance group, named nva-uigO.
Create an internal passthrough Network Load Balancer in the Untrusted VPC, named ilb-untrusted, with the nva-uigO as backend.
Create a custom static route in the Untrusted VPC for destination 10.128.0.0/9 and the next hop ilb- untrusted.
Add both multi-NIC VMs to a new unmanaged instance group, named nva-uigl.
Create an internal passthrough Network Load Balancer in the Trusted VPC, named ilb-trusted, with the nva-uigl as backend.
Create a custom static route in the Trusted VPC for destination 0.0.0.0/0 and the next hop ilb-trusted.

D.Add both multi-NIC VMs to a new unmanaged instance group, named nva-uig.
Create two custom static routes in the Untrusted VPC for destination 10.128.0.0/9 and set each of the VMs' NIC as the next hop.
Create two custom static routes in the Trusted VPC for destination 10.0.0.0/23 and set each of the VMs' NIC as the next hop.

Other Version: 496Google.Professional-Cloud-Network-Engineer.v2025-05-14.q111; 587Google.Professional-Cloud-Network-Engineer.v2024-10-28.q109; 1794Google.Professional-Cloud-Network-Engineer.v2023-04-24.q111; 1383Google.Professional-Cloud-Network-Engineer.v2023-01-24.q52; 2295Google.Professional-Cloud-Network-Engineer.v2022-03-12.q83; 102Google.Ipassleader.Professional-Cloud-Network-Engineer.v2021-10-07.by.stephanie.79q.pdf

Latest Upload: 105Oracle.1Z0-1057-23.v2025-09-10.q47; 139Google.Professional-Cloud-Network-Engineer.v2025-09-09.q179; 130SAP.C-S4EWM-2023.v2025-09-08.q83; 148TheSecOpsGroup.CNSP.v2025-09-08.q20; 190CFAInstitute.ESG-Investing.v2025-09-08.q173; 145PECB.ISO-IEC-27001-Lead-Implementer.v2025-09-06.q132; 138Salesforce.Data-Architect.v2025-09-05.q216; 133Adobe.AD0-E605.v2025-09-05.q50; 172Nutanix.NCP-MCI-6.10.v2025-09-05.q55; 113Oracle.1z0-591.v2025-09-05.q104

Question 126

Question 127

Question 128

Question 129

Question 130

Download PDF File