Practice Test 3 | Google Cloud Certified Professional Cloud Network Engineer | Dumps | Mock Test

Question 4

A hybrid connection has just been setup between GCP and your company’s on-premises network using Cloud VPN and Cloud Router. You try pinging a GCE Instance in GCP from a VM on-premises but it failed.

Which of the following could be a possible reason? Choose two.

A. A Cloud Armor security policy is denying the traffic.
B. There is no firewall rule to allow incoming ICMP traffic from the on-premises network.
C. The implied allow egress rule which permits outgoing ICMP traffic from your GCP network has been overridden.
D. There is no route in GCP to the on-premises network.

Answer

Answer: B & C

Option A is incorrect, cloud armor is used with the HTTPS Load balancer and not Cloud VPN.

Option B is correct, an ingress firewall rule that allows ICMP (all traffic) from the on- premises network is needed.

Option C is correct, an egress firewall rule that allows ICMP (all traffic) to the on-premises network is needed.

Option D is incorrect. Using Cloud Router and Cloud VPN means routes are dynamically added to GCP and the on-premises router.

https://cloud.google.com/network-connectivity/docs/vpn/support/troubleshooting highlights troubleshooting issues in Cloud VPN.

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50

PCNE

Practice Test 3 | Google Cloud Certified Professional Cloud Network Engineer | Dumps | Mock Test

Question 4

Answer

Ads Blocker Detected!!!