New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Network Engineer Exam - Topic 5 Question 81 Discussion

Actual exam question for Google's Professional Cloud Network Engineer exam
Question #: 81
Topic #: 5
[All Professional Cloud Network Engineer Questions]

You are a network administrator at your company planning a migration to Google Cloud and you need to finish the migration as quickly as possible, To ease the transition, you decided to use the same architecture as your on-premises network' a hub-and-spoke model. Your on-premises architecture consists of over 50 spokes. Each spoke does not have connectivity to the other spokes, and all traffic IS sent through the hub for security reasons. You need to ensure that the Google Cloud architecture matches your on-premises architecture. You want to implement a solution that minimizes management overhead and cost, and uses default networking quotas and limits. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: D

The correct answer is D because it meets the following requirements:

It matches the hub-and-spoke model of the on-premises network, where each spoke is a separate VPC network that is connected to a central hub VPC network.

It minimizes management overhead and cost, because VPC Network Peering is a simple and low-cost way to connect VPC networks without using any external IP addresses or VPN gateways1.

It uses default networking quotas and limits, because VPC Network Peering does not consume any quota or limit for VPN tunnels, external IP addresses, or forwarding rules2.

It prevents connectivity between the spokes, because VPC Network Peering is non-transitive by default, meaning that a spoke can only communicate with the hub, not with other spokes1.To enforce this restriction, a third-party network appliance can be used as a default gateway in each spoke VPC network, which can filter out any traffic destined for other spokes3.

Option A is incorrect because it does not minimize cost, as Cloud VPN charges for egress traffic and requires external IP addresses for the VPN gateways4.Option B is incorrect because it does not prevent connectivity between the spokes, as VPC Network Peering allows direct communication between peered VPC networks by default1. Option C is incorrect because it does not minimize cost or use default quotas and limits, for the same reasons as option A.


VPC Network Peering overview | VPC

Quotas and limits | VPC

Hub-and-spoke network architecture | Cloud Architecture Center

Cloud VPN overview | Google Cloud

by Gertude at May 02, 2024, 04:42 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Network Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Chaya
3 months ago
I agree with B, it keeps things straightforward!
upvoted 0 times
...
Kattie
3 months ago
Wait, can we really use a third-party appliance in GCP?
upvoted 0 times
...
Janella
3 months ago
D seems overkill, just stick with A or B.
upvoted 0 times
...
Theola
4 months ago
I think B is better for minimizing costs.
upvoted 0 times
...
Chantay
4 months ago
A is the simplest option, right?
upvoted 0 times
...
Marge
4 months ago
I'm a bit confused about whether to prioritize security or simplicity here. I think both VPN and VPC Peering have their pros and cons.
upvoted 0 times
...
Bette
4 months ago
I feel like we practiced a question similar to this, and I recall that using a third-party appliance might complicate things more than necessary.
upvoted 0 times
...
Lavera
4 months ago
I think VPC Network Peering could be a good option since it allows for direct communication between the hub and spokes without extra management layers.
upvoted 0 times
...
Devora
5 months ago
I remember we discussed using Cloud VPN for secure connections, but I'm not sure if it's the best choice for minimizing management overhead.
upvoted 0 times
...
Kattie
5 months ago
I'm leaning towards either option A or B, as they seem to directly address the requirement to match the on-premises architecture. But I'll need to double-check the details on each.
upvoted 0 times
...
Trevor
5 months ago
Using a third-party network appliance as a default gateway seems like an interesting approach to prevent connectivity between the spokes. I'll have to consider that option.
upvoted 0 times
...
Danilo
5 months ago
The key here is to match the on-premises architecture, which is a hub-and-spoke model with no direct connectivity between spokes. I'll need to find the solution that best replicates that.
upvoted 0 times
...
Glenna
5 months ago
Hmm, I'm a bit unsure about the differences between Cloud VPN and VPC Network Peering. I'll need to review those options carefully.
upvoted 0 times
...
Carole
5 months ago
This looks like a straightforward networking question. I think I can handle this one.
upvoted 0 times
...
Dean
5 months ago
Ah, I see what they're getting at. Using grid layouts and setting column importance should help keep content visible without scrolling.
upvoted 0 times
...
Ashlyn
5 months ago
This seems straightforward to me. The flow is modelled correctly, and the 'issue invoice' activity is conducted after the 'compile goods' activity, which is the expected sequence.
upvoted 0 times
...
Pansy
2 years ago
Could be, but isn’t Cloud VPN more secure since all the spoke traffic goes through the hub?
upvoted 0 times
...
Jackie
2 years ago
Maybe, but what about Option B, using VPC Network Peering? It might be simpler.
upvoted 0 times
...
Barney
2 years ago
But wouldn't that be a bit costly and hard to manage with all those connections?
upvoted 0 times
...
Loreen
2 years ago
I think Option A makes sense. Cloud VPN should connect everything quickly.
upvoted 0 times
...
Jackie
2 years ago
Yeah, seems a bit overwhelming. They're asking for the same hub-and-spoke model.
upvoted 0 times
...
Pansy
2 years ago
Have you seen this question about migrating to Google Cloud with over 50 spokes?
upvoted 0 times
...

Save Cancel