Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertificationsPCNEDomainsManaging, Monitoring, and Optimising Network Operations
PCNEFree — No Signup

Managing, Monitoring, and Optimising Network Operations

Practice PCNE Managing, Monitoring, and Optimising Network Operations questions with full explanations on every answer.

70questions

Start practicing

Managing, Monitoring, and Optimising Network Operations — choose a session length

10 questions~10 min20 questions~20 min30 questions~30 min50 questions~50 min

Free · No account required

PCNE Domains

Configuring Network ServicesImplementing Hybrid InterconnectivityManaging, Monitoring, and Optimising Network OperationsDesigning, Planning, and Prototyping a GCP NetworkImplementing VPC InstancesImplementing network securityImplementing a Virtual Private Cloud

Practice Managing, Monitoring, and Optimising Network Operations questions

10Q20Q30Q50Q

All PCNE Managing, Monitoring, and Optimising Network Operations questions (70)

Start session

Click any question to see the full explanation and answer options, or start a focused practice session above.

1

A network engineer needs to verify that traffic from a specific Compute Engine instance can reach a Cloud SQL database in a different VPC. Which Google Cloud tool should be used to test this reachability?

2

A company wants to analyze VPC Flow Logs to understand which external IPs are generating the most outbound traffic. What is the most scalable way to store and query these logs?

3

An engineer notices that VPC Flow Logs are enabling on a subnet but only a fraction of traffic is logged. What is the most likely cause?

4

Which Network Intelligence Center tool provides a visual representation of your VPC network, including instances, subnets, firewall rules, and routes?

5

A company has two VPCs connected via VPC Network Peering. Traffic from an instance in VPC A to an instance in VPC B is failing. Connectivity Tests show that the expected route exists and firewall rules allow the traffic. What is a possible cause?

6

A security team wants to capture all traffic from a Compute Engine instance for intrusion detection. Which service should be used to copy traffic to a third-party IDS appliance running on another instance?

7

An engineer is troubleshooting high latency between a Compute Engine instance in us-central1 and an instance in europe-west1. Which tool can show per-region latency and packet loss?

8

A company is using Cloud NAT for outbound traffic. They want to log when a connection fails due to resource exhaustion. Which logging feature should be enabled?

9

An organization needs to reduce egress costs for a global application serving users worldwide. The application serves static content from Compute Engine instances. Which action is most cost-effective?

10

What is the default MTU for packets sent between VMs within the same VPC network in Google Cloud?

11

A network engineer has set up a Cloud Router with BGP for an HA VPN. The BGP session is flapping. Which log should be examined to diagnose the issue?

12

A company wants to analyze firewall rule effectiveness by identifying rules that are never hit or are shadowed. Which Network Intelligence Center tool should be used?

13

A security engineer wants to monitor and analyze traffic to a load-balanced web application. Which TWO services can provide detailed logs of HTTP requests and responses?

14

A company is experiencing a BGP session flap between Cloud Router and an on-premises router. Which THREE actions should the engineer take to diagnose the issue?

15

A company wants to reduce outbound data transfer costs from Compute Engine to the internet. Which TWO strategies are effective?

16

A network engineer wants to test reachability between a Compute Engine instance in VPC A and a Cloud SQL instance in VPC B, which are connected via VPC peering. Which Google Cloud tool should be used to check if firewall rules or routes are blocking traffic?

17

A company has enabled VPC Flow Logs on a subnet with the default sample rate. They notice that only 50% of flows are being logged. What is the most likely reason?

18

An organization has a VPC with multiple subnets and Cloud NAT configured for outbound internet access. They need to analyze which instances are using the most egress bandwidth to optimize costs. Which approach is most effective?

19

A network engineer wants to capture all network traffic from a set of Compute Engine instances for security monitoring by an IDS appliance. Which Google Cloud service should be used?

20

An organization is using Cloud CDN to deliver content globally. Which of the following is a primary benefit of using Cloud CDN?

21

A company has a VPC with a Cloud Router using BGP to advertise prefixes to an on-premises network. The BGP session keeps flapping. What is a likely cause?

22

A company wants to reduce egress costs for traffic going to Google APIs (e.g., Cloud Storage, BigQuery) from Compute Engine instances. Which configuration should they use?

23

An engineer is troubleshooting asymmetric routing between two VPCs connected via VPC peering. They notice that return traffic takes a different path. What is a common cause of asymmetric routing in this scenario?

24

A company wants to analyze HTTP load balancer access logs to understand user behavior and traffic patterns. Which approach is recommended for long-term analysis and querying?

25

An organization has a project with multiple VPCs. They need to know the maximum number of firewall rules allowed per VPC. Where should they look?

26

A company is using a global external HTTP(S) load balancer to serve traffic from multiple regions. They notice high egress costs for traffic served to users in Asia. What change could reduce costs?

27

A network engineer is using Connectivity Tests to diagnose a reachability issue between two instances in the same VPC but different subnets. The test indicates that traffic is denied by firewall rules. However, the engineer cannot find any firewall rule denying the traffic. What is a possible explanation?

28

A company wants to audit firewall rules for security best practices. They need to identify overly permissive rules (e.g., allowing all traffic from 0.0.0.0/0) and rules that are never used. Which two Google Cloud tools can help? (Choose two.)

29

A company uses Cloud NAT for outbound internet access from private instances. They want to monitor for connection failures due to NAT resource exhaustion. Which two steps should they take? (Choose two.)

30

A company is experiencing packet loss between two Compute Engine instances in different zones within the same region. They suspect MTU issues. Which three actions should they take to diagnose and resolve? (Choose three.)

31

A network engineer wants to test whether a Compute Engine VM can reach a Cloud SQL instance in a different VPC network, considering firewall rules and VPC peering. Which Google Cloud tool should they use?

32

A company has deployed a global HTTP Load Balancer with Cloud CDN to serve content to users worldwide. They notice high egress costs from the origin region. What is the most cost-effective solution to reduce egress from the origin?

33

An engineer notices that some packets sent from a Compute Engine VM in GCP to an on-premises server via a VPN tunnel are being fragmented. The on-premises server is not receiving the fragmented packets. What is the most likely cause?

34

A security team needs to capture all traffic to and from a specific Compute Engine instance for forensic analysis. They want to send the mirrored traffic to a third-party IDS appliance running on a separate VM in the same VPC. Which GCP feature should they use, and what is a key consideration?

35

A company is using VPC Flow Logs to analyze traffic patterns. They need to reduce the volume of logs by approximately 75% while still capturing representative data for troubleshooting. What is the most effective configuration change?

36

An organization has multiple VPC networks in a project and wants to centrally manage firewall rules across all networks using a single set of rules. Which approach should they take?

37

A network engineer wants to see a real-time graphical representation of the topology of their VPC network, including instances, subnets, and load balancers. Which Network Intelligence Center tool should they use?

38

A company has two VPC networks connected via VPC peering. They notice asymmetric routing: traffic from Network A to Network B follows one path, but return traffic from B to A takes a different path. This is causing connectivity issues for stateful firewalls. What is the likely cause?

39

A developer wants to log all denied firewall rule events for security auditing purposes. What is the simplest way to achieve this without modifying existing firewall rules?

40

An organization runs a web application on Compute Engine behind a regional external HTTP(S) load balancer. They need to log HTTP request details (e.g., user-agent, status codes) to BigQuery for analysis. Which logging feature should they enable?

41

A company is hitting the quota for number of firewall rules per VPC network. They need to add more rules without requesting a quota increase. Which approach can reduce the number of rules?

42

A network engineer is troubleshooting BGP session flaps between a Cloud Router and an on-premises router. The Cloud Router logs show that the session goes down and up repeatedly every few minutes. What is the most common cause of such flapping?

43

A company is designing a multi-region application on GCP and wants to optimize egress costs. Which TWO of the following strategies will reduce cross-region egress costs? (Choose two.)

44

A security engineer needs to identify overly permissive firewall rules and shadowed rules (rules that never match because a higher priority rule overrides them). Which TWO Network Intelligence Center tools can help? (Choose two.)

45

A company is experiencing periodic packet loss between two Compute Engine instances in the same region but different zones. They have enabled VPC Flow Logs and see that the flows are marked with 'RTT' latency. Which THREE actions should they take to diagnose the issue? (Choose three.)

46

A network engineer wants to test whether a VM in VPC A can reach a VM in VPC B that is connected via VPC peering. The engineer suspects that firewall rules or routes are blocking traffic. Which Google Cloud service should they use to test the path and identify the blocking rule?

47

A company is using Cloud NAT to allow private VMs to access the internet. They want to troubleshoot connectivity failures and analyze connection attempts that were dropped due to NAT resource exhaustion. What should they enable?

48

An organization has a global web application deployed behind an External HTTPS Load Balancer. They want to reduce egress costs for users in Europe who are served from the same region. The application is already using Cloud CDN. Which additional action will MOST effectively reduce egress costs for these users?

49

A network engineer notices asymmetric routing between two VPCs connected via VPC peering. Traffic from VPC A to VPC B flows correctly, but return traffic from VPC B to VPC A drops. What is the most likely cause?

50

A company wants to analyze VPC Flow Logs to identify the top talkers (source IPs) generating the most traffic to their web servers. They have enabled VPC Flow Logs on the subnet. Where should they export the logs for cost-effective querying and analysis?

51

An organization has a VPC with several subnets and wants to monitor firewall rule usage to identify rules that are overly permissive (e.g., allowing all traffic from 0.0.0.0/0). Which Google Cloud service provides this insight?

52

A company uses an external HTTP Load Balancer with Cloud Armor. They want to log all requests that are blocked by Cloud Armor security policies for compliance auditing. What should they enable?

53

A network engineer is troubleshooting connectivity issues between two Compute Engine instances in the same VPC but different subnets (us-east1 and europe-west1). The engineer suspects an MTU issue. What is the default MTU for traffic within Google Cloud, and what MTU should the engineer expect when packets traverse the internet?

54

An organization wants to mirror all traffic from a set of Compute Engine instances to a third-party IDS appliance running on a separate instance in the same VPC. The IDS appliance must receive a copy of both ingress and egress traffic without impacting production traffic. Which Google Cloud service should they use?

55

A company has a VPC with 200 custom routes and wants to set up VPC peering with another VPC. The VPC peering quota limits the number of routes per VPC. What should the engineer do to avoid hitting the quota?

56

A network engineer is investigating packet loss between two GCP regions using the Performance Dashboard. The dashboard shows high packet loss but no corresponding latency increase. What is the most likely cause of this packet loss?

57

A developer wants to enable VPC Flow Logs on a subnet to capture metadata about IP traffic. They want to reduce costs by logging only a sample of traffic. What is the default sampling rate for VPC Flow Logs?

58

A security team wants to capture and analyze all DNS queries from their Compute Engine instances to detect potential data exfiltration. They have enabled VPC Flow Logs. Which TWO additional steps should they take to capture DNS query details?

59

A company is using Cloud Router with BGP for connectivity to an on-premises network via Partner Interconnect. The BGP session is flapping. Which THREE actions should the engineer take to diagnose the issue?

60

A company wants to optimize costs for egress traffic from Compute Engine instances to the internet. They are considering using Cloud CDN and Private Google Access. Which TWO statements correctly describe how these services can reduce egress costs?

61

A company uses VPC Flow Logs to analyze traffic patterns. They notice that the logs show only 50% of the actual flows. What is the most likely cause?

62

An engineer needs to verify that a Compute Engine instance can reach a specific IP address on the internet, considering firewall rules and routes. Which Network Intelligence Center tool should they use?

63

A company has two VPC networks connected via VPC Network Peering. They observe asymmetric routing causing connectivity issues. Which configuration is most likely to be the root cause?

64

A network engineer wants to capture all traffic to and from a specific Compute Engine instance for security analysis and forward it to an IDS appliance in another VPC. Which GCP service should they use?

65

An organization wants to reduce egress costs for data sent from Compute Engine instances to users worldwide. Which TWO approaches should they consider? (Choose TWO.)

66

A company uses VPC Flow Logs exported to BigQuery for security analysis. They need to identify traffic to a known malicious IP. Which THREE fields can be used in a BigQuery query to filter this traffic? (Choose THREE.)

67

A network engineer is troubleshooting high latency between two VM instances in different GCP regions. Which TWO tools can help identify packet loss and latency issues? (Choose TWO.)

68

An organization needs to monitor and analyze firewall rule activity for security auditing. Which TWO actions should they take? (Choose TWO.)

69

A company is migrating to Google Cloud and needs to connect their on-premises data center to a VPC using Cloud VPN with dynamic routing (BGP). They want high availability and automatic failover. Which THREE components are required? (Choose THREE.)

70

An engineer needs to monitor Cloud NAT gateway usage for cost allocation and troubleshooting. Which TWO types of logs should they enable? (Choose TWO.)

Practice all 70 Managing, Monitoring, and Optimising Network Operations questions

Other PCNE exam domains

Configuring Network ServicesImplementing Hybrid InterconnectivityDesigning, Planning, and Prototyping a GCP NetworkImplementing VPC InstancesImplementing network securityImplementing a Virtual Private Cloud

Frequently asked questions

What does the Managing, Monitoring, and Optimising Network Operations domain cover on the PCNE exam?

The Managing, Monitoring, and Optimising Network Operations domain covers the key concepts tested in this area of the PCNE exam blueprint published by Google Cloud. Courseiva provides free domain-focused practice, mock exams, missed-question review, and readiness tracking across all PCNE domains — no account required.

How many Managing, Monitoring, and Optimising Network Operations questions are in the PCNE question bank?

The Courseiva PCNE question bank contains 70 questions in the Managing, Monitoring, and Optimising Network Operations domain. Click any question to see the full explanation and answer breakdown.

What is the best way to practice Managing, Monitoring, and Optimising Network Operations for PCNE?

Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.

Can I practice only Managing, Monitoring, and Optimising Network Operations questions for PCNE?

Yes — the session launcher on this page draws questions exclusively from the Managing, Monitoring, and Optimising Network Operations domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.

Free forever · No credit card required

Track your PCNE domain progress

Save your results, see per-domain analytics, and get readiness scores — free, for every certification.

Sign Up Free

Free forever · Every certification included

Practice Session

10 questions20 questions30 questions50 questions

Study Resources

All DomainsPractice TestMock ExamFlashcardsStudy Guide