Google Cloud

Google Cloud Certified – Professional Cloud Network Engineer

PR000240

Become a certified Professional Cloud Network Engineer with exam code PR000240 to validate your networking skills in Google Cloud.

492 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 71–80 of 492

Q71

You are configuring a firewall rule to restrict traffic. What happens when you set the rule to deny all but specific IPs?

  • A Only the specified IPs are allowed.
  • B All traffic is allowed by default.
  • C Only firewall logs are generated.
  • D Traffic is denied for specific apps.
Explanation Denying all except specific IPs only allows those specified, effectively blocking everything else.
Q72

A company needs high availability for its application running on GCP. Which option should they choose?

  • A Single regional instance
  • B Global load balancer
  • C Compute Engine snapshot
  • D Static IP address
Explanation Global load balancers distribute traffic across multiple regions, ensuring high availability, unlike the other options which do not offer redundancy.
Q73

What happens when a VM is set to 'preemptible' in Google Cloud?

  • A Always runs without interruption
  • B Can be shut down by Google
  • C Charges full price per hour
  • D Has higher availability than standard VMs
Explanation Preemptible VMs can be terminated by Google at any time, making option B correct while A, C, and D are incorrect interpretations of their nature.
Q74

A company needs to restrict access to its sensitive data in Cloud Storage. Which service should they implement?

  • A IAM Roles and Permissions
  • B Cloud Pub/Sub
  • C Cloud Firestore
  • D Cloud Functions
Explanation IAM Roles and Permissions allow for secure access management, whereas the other options do not focus on access restriction.
Q75

You are configuring a VPN between your on-premises network and Google Cloud. What is crucial to ensure successful connectivity?

  • A Match IP ranges in both setups
  • B Use only public IP addresses
  • C Disable Firewall rules initially
  • D Select any encryption method
Explanation Matching IP ranges is essential for routing traffic between the networks; B, C, and D could lead to connectivity issues.
Q76

Which service can you use to interconnect on-premises networks with Google Cloud?

  • A Cloud Interconnect
  • B Cloud Storage
  • C BigQuery
  • D App Engine
Explanation Cloud Interconnect provides connections between on-premises and Google Cloud; the other options do not serve this purpose.
Q77

A company needs to analyze network traffic for security threats. Which tool is most appropriate?

  • A Cloud DNS
  • B Cloud Armor
  • C VPC Flow Logs
  • D Cloud IAM
Explanation VPC Flow Logs captures metadata for network traffic, unlike the other options which serve different functions.
Q78

What happens when a Google Cloud Load Balancer's backend service becomes unhealthy?

  • A All traffic is rerouted instantly
  • B Traffic is sent to other backends
  • C Application shuts down automatically
  • D Health checks are disabled
Explanation Traffic is rerouted to healthy backends, while the other options are not accurate behaviors for backend service unhealthiness.
Q79

Which service in Google Cloud provides a managed Kubernetes environment?

  • A Google Kubernetes Engine
  • B Cloud Run
  • C Cloud Functions
  • D App Engine
Explanation Google Kubernetes Engine is a managed service for Kubernetes; others are not primarily for Kubernetes management.
Q80

A company needs to ensure that all network traffic between its VMs is encrypted. Which Google Cloud feature should they implement?

  • A Private Google Access
  • B VPN Tunnel
  • C VPC Peering
  • D Firewall Rules
Explanation A VPN Tunnel encrypts traffic between VMs; the other options don't focus on encryption directly.