ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 229 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 229
Topic #: 1
[All Professional Cloud Network Engineer Questions]

You are troubleshooting connectivity issues between Google Cloud and a public SaaS provider. Connectivity between the two environments is through the public internet. Your users are reporting intermittent connection errors when using TCP to connect; however, ICMP tests show no failures. According to users, errors occur around the same time every day. You want to troubleshoot and gather information by using Google Cloud tools that are most likely to provide insights to what is occurring within Google Cloud. What should you do?

  • A. Enable and review Cloud Logging for Cloud Armor. Look for logs with errors matching the destination IP address of the public SaaS provider.
  • B. Enable and review Cloud Logging on your Cloud NAT gateway. Look for logs with errors matching the destination IP address of the public SaaS provider.
  • C. Enable the Firewall Insights API. Set the deny rule insights observation period to one day. Review the insights to assure there are no firewall rules denying traffic.
  • D. Create a Connectivity Test by using TCP, the source IP address of your test VM, and the destination IP address of the public SaaS provider. Review the live data plane analysis and take the next steps based on the test results.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by 1f01b87 at March 16, 2025, 6:37 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
n2183712847
1 month, 2 weeks ago
Selected Answer: B
It is B
upvoted 1 times
...
mohitms1996
2 months, 2 weeks ago
Selected Answer: B
Enable and review Cloud Logging on Cloud NAT gateway ✅ Best Choice Since ICMP works but TCP fails, NAT exhaustion is a strong possibility (NAT TCP ports might be depleting). Cloud NAT logging can reveal dropped connections due to port exhaustion. Recurring errors at the same time each day could indicate a peak usage period exhausting NAT resources.
upvoted 2 times
...
1f01b87
3 months ago
Selected Answer: B
Changing my answer to B. Question states that errors occur “around the same time every day,” hinting at a daily traffic surge. Connectivity tests is for testing routing paths and policies but don't effectively simulate sustained traffic load. Intermittent TCP Failures Often Point to NAT issue due to ephemeral port exhaustion.
upvoted 2 times
...
1f01b87
3 months ago
Selected Answer: D
I think D is a better option here since it can help to identify whether it's a NAT related issues or caused by something else in the path. Next best option is B.
upvoted 1 times
1f01b87
3 months ago
Changing my answer to B. Question states that errors occur “around the same time every day,” hinting at a daily traffic surge. Connectivity tests is for testing routing paths and policies but don't effectively simulate sustained traffic load. Intermittent TCP Failures Often Point to NAT issue due to ephemeral port exhaustion.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel