Google Cloud

Google Cloud Certified – Professional Cloud Network Engineer

PR000240

Become a certified Professional Cloud Network Engineer with exam code PR000240 to validate your networking skills in Google Cloud.

492 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 141–150 of 492

Q141

You are configuring firewall rules on a Google Cloud project. What happens when you set an ingress rule to allow all traffic?

  • A Blocks all incoming traffic
  • B Allows all incoming traffic
  • C Only allows traffic from specific IPs
  • D Clears existing rules
Explanation Allowing all traffic permits every incoming request; blocking is the opposite action.
Q142

Which service allows interconnectivity between on-premises and Google Cloud resources?

  • A Cloud VPN
  • B Cloud CDN
  • C Cloud Storage
  • D Cloud Functions
Explanation Cloud VPN establishes secure connections to Google Cloud, while others do not offer this functionality.
Q143

A company needs to optimize their VPC subnetting for a large number of workloads. What should they do?

  • A Use one large subnet for all instances
  • B Create multiple smaller, regional subnets
  • C Limit subnets to a single region
  • D Use external IP addresses for all CPUs
Explanation Creating multiple smaller, regional subnets allows better scalability and management.
Q144

What happens when you set a firewall rule with 'deny all' to a VPC Network?

  • A Allows all traffic to flow
  • B Denies all incoming traffic only
  • C Denies both incoming and outgoing traffic
  • D Overrides existing allow rules
Explanation A 'deny all' rule blocks both inbound and outbound traffic, which is a fundamental network security feature.
Q145

Which Google Cloud service provides a fully managed DNS service?

  • A Cloud DNS
  • B Cloud Storage
  • C Cloud Functions
  • D Cloud Pub/Sub
Explanation Cloud DNS manages DNS records, while the others serve different purposes.
Q146

A company needs to connect its on-premises network with a Google Cloud VPC. Which service should they use?

  • A Cloud VPN
  • B Cloud Load Balancing
  • C Cloud Armor
  • D Cloud Scheduler
Explanation Cloud VPN connects on-premises networks to a VPC, while others do not fulfill this requirement.
Q147

What happens when a route is created with a higher priority than an existing one in Google Cloud?

  • A It is ignored.
  • B It replaces the existing route.
  • C It combines with the existing route.
  • D It takes precedence over existing routes.
Explanation Higher priority routes will take precedence in routing decisions; the other options are incorrect interpretations.
Q148

Which service provides VPC peering in Google Cloud?

  • A Cloud Router
  • B VPC Network
  • C Cloud CDN
  • D Cloud Armor
Explanation VPC Network supports peering; Cloud Router does not establish it directly.
Q149

A company needs to restrict internet access for instances. Which solution is best?

  • A Use VPN tunnels
  • B Implement a firewall rule
  • C Enable Cloud NAT
  • D Create a subnetwork
Explanation Firewall rules can effectively limit internet access.
Q150

What happens when you enable Private Google Access on a subnet?

  • A Private IPs can use Google APIs
  • B Public IPs are restricted
  • C No effect on subnet traffic
  • D All traffic routes through Cloud Router
Explanation Enabling this allows private IPs to access Google services securely.