Google Cloud

Google Cloud Certified – Professional Cloud Network Engineer

PR000240

Become a certified Professional Cloud Network Engineer with exam code PR000240 to validate your networking skills in Google Cloud.

492 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 471–480 of 492

Q471

What happens when a Compute Engine instance is assigned to a subnet with less than 1,024 IP addresses?

  • A Instance cannot communicate
  • B No impact on instance
  • C Instance runs slow
  • D Instance downtime occurs
Explanation The instance operates normally as long as it can get an IP address, regardless of subnet size.
Q472

Which service provides a private connection between a Google Cloud VPC and Google services?

  • A Cloud VPN
  • B Cloud Interconnect
  • C VPC Peering
  • D Private Service Connect
Explanation Private Service Connect enables a private connection, while others provide different connectivity roles.
Q473

A company needs to connect its on-premises network with Google Cloud VPC while maintaining a secure tunnel. Which solution should they implement?

  • A Cloud VPN
  • B Cloud Router
  • C VPC Peering
  • D Firewall Rules
Explanation Cloud VPN creates a secure tunnel; the others do not provide a secure tunnel functionality.
Q474

You are configuring an IAM policy to grant roles to users. If a user has conflicting roles that provide different permissions, what takes precedence?

  • A Least permissive role
  • B Most permissive role
  • C No roles apply
  • D First role assigned
Explanation The most permissive role is applied; the other options do not accurately reflect IAM behavior.
Q475

Which service allows you to control network traffic between Google Cloud resources?

  • A Cloud Firewalls
  • B Cloud VPN
  • C Cloud Router
  • D Cloud Load Balancing
Explanation Cloud Firewalls is specifically designed for managing network traffic, while the others serve different purposes.
Q476

You are configuring a VPN connection. What must match on both sides of the tunnel?

  • A Encryption algorithm
  • B Subnetwork
  • C Regional availability
  • D Identity Provider
Explanation The encryption algorithm must be identical for successful tunneling, while the other options do not require matching.
Q477

A company needs a solution for hybrid cloud connectivity with on-premises resources. Which feature should they use?

  • A Static IP Address
  • B Interconnect
  • C App Engine
  • D Cloud Functions
Explanation Interconnect provides reliable private connectivity, whereas the other options do not serve this specific function.
Q478

Which service allows for managing inter-VPC communications in GCP?

  • A Cloud Router
  • B Cloud Pub/Sub
  • C Cloud Load Balancing
  • D Cloud Functions
Explanation Cloud Router facilitates dynamic routing between VPCs; the others serve different purposes.
Q479

A company needs to ensure its VM instances are resilient to single-zone failures. What should they implement?

  • A Use Regional Managed Instance Groups
  • B Enable Auto Scaling in a Zone
  • C Deploy all VMs in one zone
  • D Use Static IP addresses only
Explanation Regional Managed Instance Groups distribute VMs across zones; the others do not ensure zone redundancy.
Q480

You are configuring VPC Peering and receive an error. What should you verify first?

  • A Overlapping IP ranges
  • B Firewall rules
  • C Subnetwork region
  • D Instance locations
Explanation Overlapping IP ranges are not allowed in VPC Peering; the other factors won't cause an immediate error.