PCNE Configuring network services • Complete Question Bank
Complete PCNE Configuring network services question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit.
```
$ gcloud compute routers describe my-router --region us-central1
creationTimestamp: '2023-01-15T10:00:00.000-08:00'
description: Router for on-prem connectivity
id: '1234567890123456789'
kind: compute#router
name: my-router
network: https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default
region: https://www.googleapis.com/compute/v1/projects/my-project/regions/us-central1
bgp:
asn: 65001
advertiseMode: CUSTOM
advertisedGroups:
- ALL_SUBNETS
advertisedIpRanges:
- range: 10.0.1.0/24
description: On-prem subnet
keepaliveInterval: 20
```Refer to the exhibit.
```
gcloud compute routers create nat-router \
--network=my-vpc \
--region=us-central1
gcloud compute routers nats create nat-config \
--router=nat-router \
--region=us-central1 \
--nat-external-ip-pool=ip-address-1 \
--nat-all-subnet-ip-ranges \
--enable-logging
gcloud compute instances create test-instance \
--zone=us-central1-a \
--network=my-vpc \
--subnet=subnet-a \
--no-address
```Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Global, proxy-based, for HTTP/S traffic from internet
Regional, pass-through, for traffic within VPC
Regional, proxy-based, for non-HTTP/S internet traffic
Regional, proxy-based, for internal HTTP/S traffic
Global, terminates SSL, for non-HTTPS SSL traffic
Drag a concept onto its matching description — or click a concept then click the description.
Data leaving Google Cloud to the internet
Data entering Google Cloud (typically free)
Data transferred between regions within Google Cloud
Global network with consistent performance, higher cost
Lower cost, uses ISP networks for some hops
Refer to the exhibit. gcloud compute firewall-rules describe allow-ssh Allowed: IPProtocol: tcp ports: ['22'] Direction: INGRESS Source ranges: ['0.0.0.0/0'] Target tags: ['ssh-allowed'] Priority: 1000 A VM with network tag 'ssh-allowed' cannot be reached via SSH from the internet. Other VMs with the same tag work fine.
Refer to the exhibit. $ gcloud compute routers describe router-us bgp: advertiseMode: CUSTOM advertisedGroups: - ALL_SUBNETS advertisedIpRanges: - range: 10.1.0.0/24 - range: 10.2.0.0/24 asn: 65000 keepaliveInterval: 20 bgpPeers: - interfaceName: if-bgp ipAddress: 169.254.1.1 peerIpAddress: 169.254.1.2 peerAsn: 65001 advertisedRoutePriority: 100
Refer to the exhibit. $ gcloud compute networks subnets list NAME REGION NETWORK RANGE PRIVATE_GOOGLE_ACCESS STACK_TYPE subnet-a us-central1 vpc1 10.0.1.0/24 Enabled IPV4_ONLY subnet-b us-east1 vpc1 10.0.2.0/24 Disabled IPV4_ONLY A VM in 'subnet-a' can access Google APIs via private IP, but a VM in 'subnet-b' cannot.
NAME DIRECTION PRIORITY ALLOW SOURCE_RANGES TARGET_TAGS allow-http INGRESS 1000 tcp:80 0.0.0.0/0 http-server allow-https INGRESS 1000 tcp:443 0.0.0.0/0 https-server allow-ssh INGRESS 1000 tcp:22 10.0.0.0/8 ssh-server deny-all INGRESS 65535 icmp,udp,tcp 0.0.0.0/0 *
gcloud dns managed-zones describe example-zone creationTime: '2023-01-01T12:00:00.000Z' description: Example private zone dnsName: example.com. id: '1234567890' kind: dns#managedZone name: example-zone nameServers: - ns-cloud-c1.googledomains.com - ns-cloud-c2.googledomains.com - ns-cloud-c3.googledomains.com - ns-cloud-c4.googledomains.com privateVisibilityConfig: networks: - networkUrl: https://www.googleapis.com/compute/v1/projects/my-project/global/networks/vpc1 visibility: private
gcloud compute security-policies describe my-policy --format=json | jq '.rules[] | {priority: .priority, match: .match.config.srcIpRanges, action: .action}'
output:
{"priority":1000,"match":{"config":{"srcIpRanges":["203.0.113.0/24"]}},"action":"allow"}
{"priority":2000,"match":{"config":{"srcIpRanges":["*"],"versionedExpr":"SRC_IPS_V2"}},"action":"deny(403)"}$ gcloud compute forwarding-rules describe my-https-lb --region=us-central1 --- creationTimestamp: '2024-01-15T10:30:00.000-08:00' description: '' IPAddress: 34.123.45.67 IPProtocol: TCP loadBalancingScheme: INTERNAL_MANAGED name: my-https-lb networkTier: STANDARD portRange: 443-443 region: us-central1 target: https://www.googleapis.com/compute/v1/projects/my-project/regions/us-central1/targetHttpsProxies/my-https-proxy