ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 223 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 223
Topic #: 1
[All Professional Cloud Network Engineer Questions]

Your organization wants to deploy HA VPN over Cloud Interconnect to ensure encryption-in-transit over the Cloud Interconnect connections. You have created a Cloud Router and two encrypted VLAN attachments that have a 5 Gbps capacity and a BGP configuration. The BGP sessions are operational. You need to complete the deployment of the HA VPN over Cloud Interconnect. What should you do?

  • A. Create an HA VPN gateway and associate the gateway with your two encrypted VLAN attachments. Configure the HA VPN Cloud Router, peer VPN gateway resources, and HA VPN tunnels. Use the same encrypted Cloud Router used for the Cloud Interconnect tier.
  • B. Enable MACsec on Partner Interconnect.
  • C. Enable MACsec for Cloud Interconnect on the VLAN attachments.
  • D. Create an HA VPN gateway and associate the gateway with your two encrypted VLAN attachments. Create a new dedicated HA VPN Cloud Router, peer VPN gateway resources, and HA VPN tunnels.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by RKS_2021 at Feb. 24, 2025, 7:13 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
cyberafrica89
3 months ago
Selected Answer: D
A is incorrect, here's why: The Cloud Router for Cloud Interconnect is dedicated to exchanging prefixes between VLAN attachments for the Interconnect tier, while the Cloud Router for HA VPN handles the exchange of prefixes between your VPC network and your on-premises network.
upvoted 1 times
...
n2183712847
3 months, 2 weeks ago
Selected Answer: A
The existing Cloud Router can handle both BGP sessions. Creating a new one adds complexity and doesn't directly solve the main configuration steps needed for the VPN tunnels and gateway.
upvoted 1 times
...
n2183712847
3 months, 2 weeks ago
Selected Answer: A
A A more accurate step 1 might be "Create an HA VPN gateway in the same region and VPC as the Cloud Interconnect VLAN attachments." But that option isn't available. Given the options, Option A is the best fit for the required steps to complete the HA VPN over Cloud Interconnect deployment, despite the minor inaccuracy in how the gateway is described as being "associated" with VLAN attachments. The other options are either incorrect technologies or similarly flawed in their descriptions.
upvoted 1 times
...
1f01b87
5 months ago
Selected Answer: D
D is correct
upvoted 1 times
...
RKS_2021
5 months, 3 weeks ago
Selected Answer: D
https://cloud.google.com/network-connectivity/docs/interconnect/concepts/ha-vpn-interconnect
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel