ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Network Engineer All Questions

View all questions & answers for the Professional Cloud Network Engineer exam
Go to Exam

Exam Professional Cloud Network Engineer topic 1 question 125 discussion

Actual exam question from Google's Professional Cloud Network Engineer
Question #: 125
Topic #: 1
[All Professional Cloud Network Engineer Questions]

You are designing a hybrid cloud environment. Your Google Cloud environment is interconnected with your on-premises network using HA VPN and Cloud Router in a central transit hub VPC. The Cloud Router is configured with the default settings. Your on-premises DNS server is located at 192.168.20.88. You need to ensure that your Compute Engine resources in multiple spoke VPCs can resolve on-premises private hostnames using the domain corp.altostrat.com while also resolving Google Cloud hostnames. You want to follow Google-recommended practices. What should you do?

  • A. 1. Create a private forwarding zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com that points to 192.168.20.88. Associate the zone with the hub VPC.
    2. Create a private peering zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com associated with the spoke VPCs, with the hub VPC as the target.
    3. Set a custom route advertisement on the Cloud Router for 35.199.192.0/19.
    4. Configure VPC peering in the spoke VPCs to peer with the hub VPC.
  • B. 1. Create a private forwarding zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com that points to 192.168.20.88.
    2. Associate the zone with the hub VPC. Create a private peering zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com associated with the spoke PCs, with the hub VPC as the target.
    3. Set a custom route advertisement on the Cloud Router for 35.199.192.0/19.
  • C. 1. Create a private forwarding zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com that points to 192.168.20.88. Associate the zone with the hub VPC.
    2. Create a private peering zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com associated with the spoke VPCs, with the hub VPC as the target.
    3. Set a custom route advertisement on the Cloud Router for 35.199.192.0/19.
    4. Create a hub-and-spoke VPN deployment in each spoke VPC to connect back to the on-premises network directly.
  • D. 1. Create a private forwarding zone in Cloud DNS for ‘corp altostrat.com’ called corp-altostrat-com that points to 192. 168.20.88. Associate the zone with the hub VPC.
    2. Create a private peering zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com associated with the spoke VPCs, with the hub VPC as the target.
    3. Sat a custom route advertisement on the Cloud Router for 35.199.192.0/19.
    4. Create a hub and spoke VPN deployment in each spoke VPC to connect back to the hub VPC.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by ccieman2016 at Dec. 3, 2022, 1:09 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ccieman2016
Highly Voted 1 year, 5 months ago
Selected Answer: A
C and D is wrong, hub-and-spoke vpn deployment. B is wrong, when create forwarding zone is required associate zone with VPC, not after create. A is complete, and correct. 100% A, I tested in my lab.
upvoted 10 times
AzureDP900
1 year, 4 months ago
Agreed. I am good with your explanation and choosing A.
upvoted 1 times
...
...
n2183712847
Most Recent 3 days, 8 hours ago
Selected Answer: A
A is correct
upvoted 1 times
...
1f01b87
1 month, 2 weeks ago
Selected Answer: B
B is the correct answer. VPC peering is not required for DNS peering.
upvoted 1 times
...
Thornadoo
8 months, 3 weeks ago
Selected Answer: A
Please read - https://cloud.google.com/dns/docs/best-practices. It clearly says that in the Hybrid architecture using a hub VPC network connected to spoke VPC networks section that DNS peering runs in parallel with VPC Network Peering connections to allow name resolution between environments.
upvoted 2 times
...
Dan137
11 months ago
Selected Answer: B
Agree with B after reading https://cloud.google.com/blog/products/networking/how-to-use-cloud-dns-peering-in-a-shared-vpc-environment/ which was shared in a previous comment.
upvoted 2 times
...
SZON
1 year, 1 month ago
B because you don't need VPC peering
upvoted 2 times
...
mikizenit
1 year, 1 month ago
It's B in my opinion. https://cloud.google.com/blog/products/networking/how-to-use-cloud-dns-peering-in-a-shared-vpc-environment/ Cloud DNS peering is not to be confused with VPC peering, and it doesn’t require you to configure any communication between the source and destination VPC.
upvoted 2 times
...
asharma7
1 year, 2 months ago
It is B. You don't need VPC network peering with spoke to make DNS hostname resolutions work.
upvoted 3 times
...
pk349
1 year, 3 months ago
• A. 1. Create a private forwarding zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com that points to 192.168.20.88. Associate the zone with the hub VPC. 2. Create a private peering zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com associated with the spoke VPCs, with the hub VPC as the target. 3. Set a custom route advertisement on the Cloud Router for 35.199.192.0/19. 4. Configure ******* VPC peering in the spoke ******* VPCs to peer with the hub VPC.
upvoted 2 times
...
apehkone
1 year, 4 months ago
Selected Answer: D
VPC Network Peering connections don't allow transitive traffic beyond the two VPC networks in a peering relationship which means that option A wouldn't work because spokes cannot reach the on-prem network via the hub network. See: https://cloud.google.com/architecture/deploy-hub-spoke-vpc-network-topology
upvoted 2 times
...
Rightsaidfred
1 year, 4 months ago
Selected Answer: A
VPC Peering is required between the Hub and Spoke VPC's - A is the only one that mentions this!
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago