ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 27 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 27
Topic #: 1
[All Professional Cloud Network Engineer Questions]

You are designing a shared VPC architecture. Your network and security team has strict controls over which routes are exposed between departments. Your
Production and Staging departments can communicate with each other, but only via specific networks. You want to follow Google-recommended practices.
How should you design this topology?

  • A. Create 2 shared VPCs within the shared VPC Host Project, and enable VPC peering between them. Use firewall rules to filter access between the specific networks.
  • B. Create 2 shared VPCs within the shared VPC Host Project, and create a Cloud VPN/Cloud Router between them. Use Flexible Route Advertisement (FRA) to filter access between the specific networks.
  • C. Create 2 shared VPCs within the shared VPC Service Project, and create a Cloud VPN/Cloud Router between them. Use Flexible Route Advertisement (FRA) to filter access between the specific networks.
  • D. Create 1 VPC within the shared VPC Host Project, and share individual subnets with the Service Projects to filter access between the specific networks.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by ESP_SAP at Nov. 2, 2020, 4:01 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
densnoigaskogen
Highly Voted 3 years, 5 months ago
D is the answer. The question wants us to follow Google's recommended practice, keeping it simply is one of the key best practices. Thus, creating ONLY 1 Shared VPC in the host project makes it easier to centralize and manage network resources (such as subnets, routes, and security rules) for the attached service VPCs.
upvoted 11 times
...
ESP_SAP
Highly Voted 3 years, 11 months ago
Correct Answer (D): Building on the initial reference architecture, Shared VPC host projects and multiple service projects let administrators delegate administrative responsibilities—such as creating and managing instances—to Service Project Admins while maintaining centralized control over network resources like subnets, routes, and firewalls. https://cloud.google.com/solutions/best-practices-vpc-design#single-host-project-multiple-service-projects-single-shared-vpc
upvoted 5 times
maxrh
3 years, 2 months ago
I dont understand how would the 2 networks communicate over a dedicated network then? you can separate them with sharing a specific subnet for each but how would they communicate then ?
upvoted 1 times
...
...
saraali
Most Recent 2 months, 1 week ago
Selected Answer: D
The correct option is: D. This design follows Google-recommended practices by using a single VPC in the Host Project and sharing specific subnets with Service Projects. You can then use firewall rules to control and filter access between the Production and Staging networks, ensuring strict controls over which routes are exposed between departments.
upvoted 1 times
...
saraali
2 months, 1 week ago
Selected Answer: D
The correct option is: D. This design follows Google-recommended practices by using a single VPC in the Host Project and sharing specific subnets with Service Projects. You can then use firewall rules to control and filter access between the Production and Staging networks, ensuring strict controls over which routes are exposed between departments.
upvoted 1 times
...
RKS_2021
3 months, 1 week ago
Selected Answer: D
You can not create two shared VPSc in a single host project.
upvoted 1 times
...
trashbox
5 months, 3 weeks ago
Selected Answer: D
Exam on 2024-05-02
upvoted 1 times
...
Chavoz
10 months ago
Selected Answer: A
For me it's A. Why D?
upvoted 1 times
...
subhala
1 year, 7 months ago
Question says - " Your network and security team has strict controls over which routes are exposed between departments" Doesn't it mean to use FCRA (B)? Is this requirement a distraction or the right thing. If we choose D, the routes between staging and prod exists even though we can enforce firewalls to restrict traffic.
upvoted 3 times
...
pk349
1 year, 9 months ago
D. Create 1 VPC within the shared VPC Host Project, and share individual subnets with the Service Projects to filter access between the specific networks.
upvoted 1 times
...
Ravi2477
1 year, 9 months ago
How can we create 2 Shared VPCs in host project? Straight answer is D
upvoted 2 times
...
desertlotus1211
2 years ago
The answer is A. A VPC for each...configure peering...create service project for each and restrict which subnet can communicate.
upvoted 2 times
...
GCP72
2 years, 2 months ago
Selected Answer: D
D is the correct answer
upvoted 2 times
...
kumarp6
2 years, 9 months ago
Answer is : D
upvoted 2 times
...
Vidyasagar
3 years, 7 months ago
D is correct
upvoted 2 times
...
Gharet
3 years, 10 months ago
D is the correct answer
upvoted 1 times
...
[Removed]
3 years, 11 months ago
Ans - D
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago