Implementing a VPC network Questions
Practice questions for Implementing a VPC network topic in Google Professional Cloud Network Engineer. 36 questions covering this domain.
You increase the MTU of a VPC network from 1460 to 1500. Existing Linux and Windows VMs must start using the new MTU. Which action is required?
Two ingress firewall rules match the same traffic. One rule allows TCP 80 at priority 900, and the other denies all traffic at priority 1000. What is ...
You are creating an ingress firewall rule and want to define targets and sources. Which combination is invalid in a single firewall rule?
A new VPC firewall rule does not specify a priority. What priority does Google Cloud assign by default?
Which target selector is generally the stricter choice for VPC firewall rules when you want tight control over which VMs a rule applies to?
A subnet contains VM instances that have only internal IP addresses and need to reach Google APIs and services. Which subnet-level setting must you en...
A security team creates a VPC firewall rule in VPC A and expects it to apply to instances in peered VPC B. What actually happens?
A VM is allowed to open an outbound TCP connection by an egress firewall rule. Which statement about the return traffic is correct?
An engineer worries that a restrictive firewall rule could lock down access to the metadata server at 169.254.169.254. What is the correct expectation...
A network engineer wants to use VPC Network Peering to exchange policy-based routes between two VPC networks. What should you tell them?
A company runs a third-party firewall appliance as a VM in Google Cloud. To ensure all traffic between two internal subnets passes through the applian...
Which component of a hierarchical firewall policy determines its application scope relative to a VPC firewall rule?
An organization uses hierarchical firewall policies at the folder level and also has VPC firewall rules in the project. In which order are these evalu...
A security engineer wants to log all firewall rule matches for a specific ingress allow rule to analyze traffic patterns. Which feature must they enab...
A team deploys a multi-NIC VM with one NIC in VPC A and one NIC in VPC B. Which routing behavior applies to this VM?
A VM inside a VPC has a network tag `backend`. An ingress firewall rule allows TCP 8080 from source tag `frontend`. A second ingress firewall rule at ...
A network team wants to prevent any VM in a project from having an external ephemeral or static IP address assigned. Which mechanism enforces this at ...
A security team discovers that a developer-tagged VM can reach a database-tagged VM on port 5432, even though no explicit allow rule exists for this c...
A subnet is created in us-central1 with the default settings. Which IP range is reserved by Google Cloud within every subnet, regardless of size?
In GKE, what is required to use VPC-native clusters so that Pod IP addresses are routable within the VPC?
Sign in to see all 36 questions
Create a free account to browse all questions — completely free during our launch phase.