Free Cloud Network EngineerPractice Test

Your organization is designing a new GCP network architecture for a multi-tier application. The application consists of web servers, application servers, and database servers. You need to ensure that database servers cannot be accessed directly from the internet but can communicate with application servers. What is the most secure approach?

You are planning a VPC network design for a company that has multiple business units. Each business unit requires isolation from others, but they need to share some common services like DNS and monitoring. What architecture would you recommend?

Your company is migrating workloads to GCP and needs to design IP address ranges for VPC subnets. The application may need to scale to support 10,000 VM instances in the future. The company also wants to maintain the option to connect to their on-premises network which uses 10.0.0.0/8. What should you do?

You need to design a network architecture that supports both IPv4 and IPv6 traffic for a global application. The application must be accessible from the internet via both protocols. Which GCP networking feature should you implement?

An organization wants to prototype a disaster recovery solution that requires replicating their VPC network configuration to a different region. What is the simplest approach to achieve regional network redundancy in GCP?

You need to create a custom VPC with subnets in three different regions. Each subnet should have automatic expansion disabled to maintain strict IP address control. What command structure should you use?

Your application running in GCP needs to access Google APIs and services without using public IP addresses. The VMs should not have external IP addresses for security reasons. How should you configure this?

You are implementing firewall rules for a VPC that hosts a web application. The application tier should only accept traffic from the load balancer, and the database tier should only accept traffic from the application tier. Both tiers should allow SSH access from a specific management subnet. What is the best practice for implementing these rules?

Your organization has a Shared VPC setup where the host project contains the VPC network and multiple service projects contain workloads. A new service project needs to create VM instances in a specific subnet. What is the minimum IAM permission required for the service project administrator?

You need to implement a solution that allows multiple VPCs to communicate with each other privately. The VPCs belong to different projects within your organization. Traffic between VPCs should not traverse the public internet and should maintain low latency. What should you implement?

You are configuring a Cloud Load Balancer for a global application. The application needs to route traffic to the nearest healthy backend based on user location, and automatically failover to other regions if a regional failure occurs. Which load balancer type should you use?

Your application requires a load balancer that can terminate SSL/TLS connections, inspect HTTP headers, and route traffic based on URL paths. Which load balancer should you configure?

You need to enable outbound internet access for VM instances that only have internal IP addresses in your VPC. The solution should support high availability and automatic scaling. What service should you configure?

Your company serves static content globally and wants to minimize latency for end users while reducing load on origin servers. The content should be cached at Google's edge locations. What should you configure?

You are implementing Cloud Armor security policies to protect your application from DDoS attacks and control access based on IP addresses. You need to allow traffic from your corporate office IP range, block a specific malicious IP address, and apply rate limiting. What is the correct approach to configure these rules?

Your company needs to establish a dedicated, private connection between your on-premises data center and GCP with predictable bandwidth and lower latency than internet-based connections. The data transfer volume justifies the cost. Which solution should you implement?

You have established a Cloud VPN connection between your on-premises network and GCP. You need to ensure high availability and automatic failover if one VPN tunnel fails. What configuration should you implement?

Your organization has both a Cloud Interconnect connection and a Cloud VPN connection to GCP. You want to configure routing so that the Interconnect connection is used as the primary path and VPN is used only for failover. How should you configure this?

You need to troubleshoot connectivity issues between your on-premises network and GCP VMs. You want to verify that packets are reaching the destination and identify where packet loss might be occurring. Which GCP tool should you use?

Your application is experiencing intermittent latency issues. You want to continuously monitor network performance between different GCP regions and receive alerts when latency exceeds acceptable thresholds. What should you implement?