ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 159 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 159
Topic #: 1
[All Professional Cloud Network Engineer Questions]

Your product team has web servers running on both us-east1 and us-west1 regions in the prod-servers project. Your security team plans to install an intrusion detection system (IDS) in their own Google Cloud project to inspect the incoming network traffic. What should you do?

  • A. Create a new project and a VPC for the security team.
    Peer the new VPC with the web servers’ VPC in the prod-servers project.
    Create an internal load balancer and the IDS system in both us-east1 and us-west1.
    Enable Packet Mirroring, and create packet mirroring policies inside the new project.
  • C. Create a host project and a Sharad VPC for the security team.
    Make prod-servers a service project, and relocate the web servers to shared subnets in both regions.
    Enable IP forwarding on all the web servers.
    Create the IDS system in a non-shared subnet of us-east1 or us-west1.
    Configure the web servers to forward the packets to the IDS system.
    C. Create a new project and a VPC for the security team.
    Peer the new VPC with the web servers’ VPC in the prod-servers project.
    Enable IP forwarding on all the web servers.
    Install the IDS system in both us-east1 and us-west1.
    Configure the web servers to forward the packets to the IDS system.
  • D. Create a host project and a Shared VPC for the security team.
    Make prod-servers a service project, and relocate the web servers to shared subnets in both regions.
    Create an internal load balancer and the IDS system in a subnet in either us-east1 or us-west1.
    Enable Packet Mirroring, and create a packet mirroring policy inside the host project.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by bnba44 at Dec. 21, 2023, 2:16 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
RKS_2021
5 months ago
Selected Answer: A
A is correct
upvoted 1 times
...
gonlafer
11 months, 3 weeks ago
Selected Answer: A
in their own Google Cloud project --> A
upvoted 1 times
...
daidai75
1 year, 1 month ago
After carefully reading the requirement, I found the following key words: "in their own Google Cloud project", so it must be A.
upvoted 1 times
...
ExamQnA
1 year, 1 month ago
Selected Answer: A
https://cloud.google.com/vpc/docs/packet-mirroring#key_properties A collector destination must be in the same region as the mirrored sources. A collector destination can be located in either the same VPC network as the mirrored sources or a VPC network connected to the mirrored sources' network using VPC Network Peering. An example scenario (somewhat different though) here: https://www.cloudskillsboost.google/focuses/14864?parent=catalog
upvoted 1 times
...
ExamQnA
1 year, 1 month ago
Selected Answer: A
An example scenario (somewhat different though) here: https://www.cloudskillsboost.google/focuses/14864?parent=catalog
upvoted 1 times
...
bnba44
1 year, 1 month ago
Selected Answer: A
No need of Shared VPC.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel