Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 166 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 166
Topic #: 1
[All Professional Cloud Network Engineer Questions]

You are designing a packet mirroring policy as part of your network security architecture for your gaming workload. Your infrastructure is located in the us-west2 region and deployed across several zones: us-west2-a, us-west2-b, and us-west2-c. The infrastructure is running a web-based application on TCP ports 80 and 443 with other game servers that utilize the UDP protocol. You need to deploy packet mirroring policies and collector instances to monitor web application traffic while minimizing inter-zonal network egress costs.

Following Google-recommended practices, how should you deploy the packet mirroring policies and collector instances?

  • A. Crate three packet mirroring policies: one for each zone. Create one group of collector instances for the us-west2 region. Configure each packet mirroring policy to match traffic for its zone based on instance-tags, and create a filter for TCP traffic.
  • B. Create one packet mirroring policy for the us-west2 region. Create one group of collector instances for the us-west2 region. Configure the packet mirroring policy to match traffic for web server instances based on instance-tags, and create a filter for TCP traffic.
  • C. Create three packet mirroring policies: one for each zone. Create three groups of collector instances: one group for each zone. Configure each policy to match traffic for its zone based on instance-tags, and create a filter for TCP traffic.
  • D. Create three packet mirroring policies: one for each zone. Create three groups of collector instances: one group for each zone. Configure each policy to match traffic for its zone based on subnets, and create a filter for TCP traffic.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by [deleted] at Feb. 8, 2024, 6:20 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
anshad666
5 months ago
Selected Answer: B
Policy created based on region , not based Zone
upvoted 1 times
...
Positron75
6 months ago
Selected Answer: C
Wouldn't it be C if we want to minimize data egress costs between zones? C and D are the only options that create packet mirroring policies and collector instances in each zone, and instance tags sound like a better (more specific) option than subnets. Both A and B would result in additional egress costs as with only one group of collector instances for the whole region, all the mirrored data has to be travel between zones. From the documentation (https://cloud.google.com/vpc/docs/packet-mirroring#key_properties): "The cost of Packet Mirroring varies depending on the amount of egress traffic traveling from a mirrored instance to an instance group and whether the traffic travels between zones." Seems to me like C is the only one that minimizes this cost.
upvoted 1 times
...
desertlotus1211
8 months, 2 weeks ago
Answer is C. You need to use tags. D is incorrect
upvoted 3 times
...
gonlafer
9 months, 1 week ago
Selected Answer: B
Should not be inter-zonal egress cost. So I'd go now for B
upvoted 2 times
...
gonlafer
9 months, 1 week ago
Selected Answer: D
To me, D makes sense to minimize the egress traffic across zones, which is one requirement.
upvoted 1 times
...
[Removed]
9 months, 3 weeks ago
Selected Answer: B
To deploy packet mirroring policies and collector instances following Google-recommended practices while minimizing inter-zonal network egress costs, we need to consider the requirements and best practices outlined in the scenario. Given that the infrastructure is deployed across multiple zones within the us-west2 region and that the goal is to monitor web application traffic while minimizing egress costs, the most appropriate approach would be to consolidate collector instances and policies to cover the entire region. Option B seems to align with this approach
upvoted 2 times
[Removed]
9 months, 3 weeks ago
It offers Single Policy for the Region, Single Group of Collector Instances,Matching Traffic for Web Server Instances, Filter for TCP Traffic
upvoted 1 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel