Exam Professional Cloud Network Engineer topic 1 question 35 discussion

Correct Answer are (A) & (C): The solution is incorrect. GCP recommends creating VPC peering for establishing communication between two organizations in GCP.

VPC peering offers peering between VPC which will suffice the requirement =A C is 100% correct

Reason:The correct answers are A& C. A. VPC peering: This solution allows two VPCs, in this case, your company's and the partner's VPCs, to communicate securely without needing a VPN or a shared network. Since there is no CIDR overlap between the VPCs, VPC peering is a great choice for private communication between the VPCs. C. Cloud VPN: If you want to securely connect your company's VPC to the partner's network (or their VPC), Cloud VPN is a good solution. It provides an encrypted connection over the public internet. It doesn’t require CIDR overlap, making it suitable for your scenario.

For everyone saying C Cloud VPN, I ask you to lab it up real quick. Please try and create a VPN connection between 2 VPCs in separate organizations. You will not be able to because when you are creating a VPN connection and select GCP as the VPN Peer gateway, the only options available to connect you are your VPC's. Not your partners in a different organization.

I see everyone on here saying that you can use cloud VPN but the VPN gateways also have to be within the same organization in order to connect. Facing the same issue as the shared VPC. In my lab when I go to create a VPN tunnel between 2 different VPC's in different organizations this message pops up "Make sure you created a VPN gateway in the Google Cloud project that you want to connect." You then have to select the project you are connecting to. This implies that if the VPC/project are not in your org then you cant create a VPN between the two.

This is really not a difficult question folks - here's my explanation A. VPC peering (Correct - Now I know this opens up the subnet, and there should be an additional step of configuring firewall rules IMO - but peering can be done between two different organizations) B. Shared VPC (Incorrect - We are talking about company and partner - meaning different organization. Shared VPC is applicable only for projects in the same org - https://cloud.google.com/vpc/docs/shared-vpc) C. Cloud VPN (Correct - With Cloud VPN you get additional layer of security of encryption) D. Dedicated Interconnect (Incorrect - Both use GCP. If it was different cloud, then cross connect or on-prem then interconnect) E. Cloud NAT (Incorrect - Not needed. With peering itself all subnets can communicate using internal IPv4 addresses - https://cloud.google.com/vpc/docs/vpc-peering)

please someone explain. Why not B. Shared VPC

The two solutions that can be implemented to achieve the desired results without compromising the security are VPC peering and Dedicated Interconnect. A. VPC peering allows connecting two VPC networks through a private network connection. This solution provides private connectivity between the two VPCs without the need for public IPs or internet connectivity. D. Dedicated Interconnect allows for establishing a dedicated network connection between the two networks over a private, high-throughput, low-latency connection. This solution provides a dedicated and private connection between the two networks.

Correct Answer are (A) & (C): The solution is incorrect. GCP recommends creating VPC peering for establishing communication between two organizations in GCP. Dedicated interconnect is used to connect on prem to GCP, not GCP to GCP. D is not correct. VPC peering allows this to occur between GCP VPCs. Dedicated interconnect enables hybrid cloud - meaning if only on-prem network needs connectivity with Google Cloud. Question clearly mention only VPC between org. Hence D is wrong!

A,C is perfect

Dedicated interconnect is used to connect on prem to GCP, not GCP to GCP. D is not correct. VPC peering allows this to occur between GCP VPCs.

Boys oh boys, Dedicated interconnect enables hybrid cloud - meaning if only on-prem network needs connectivity with Google Cloud. Question clearly mention only VPC between org. hence D is wrong!

The correct answer is A & C

C is 100% accurate D is wrong as interconnect only comes in picture when we need to enable connectivity between on prem and gcp A is partially fits in picture as give access to all resource but requirement says need access on few resources.

for sure te correct answer is (A) and (C).

A and C are correct .

There is no question of going with Dedicated Interconnect when you have both networks on GCP. Easily we can implement the solution using Peering and VPN. Hence A and C.