Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

GCP Associate Cloud Engineer > GCP Network (VPC, Firewall, Load Balancing, etc...) > Flashcards

GCP Network (VPC, Firewall, Load Balancing, etc...) Flashcards

1
Q

Google Virtual Private Clouds (VPCs) are…

1) Zonal
2) Regional
3) Global

A

Answer: 3) Global

A single VPC can span multiple regions without communicating across the public internet. For on-premises, you can share a connection between VPC and on-premises resources with all regions in a single VPC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You want to create a firewall rule to allow http inbound, which is correct?

1) gcloud compute firewall-rules create http-allow –direction=INGRESS –priority=1000 –action=DENY –rules=http –source-ranges=0.0.0.0/0 –target-tags=noicmp
2) gcloud compute firewall-rules create http-allow –direction=INGRESS –priority=1000 –action=ALLOW –rules=http –source-ranges=0.0.0.0/0 –target-tags=noicmp
3) gcloud compute firewall-rules create http-allow –direction=EGRESS –priority=1000 –action=DENY –rules=http –source-ranges=0.0.0.0/0 –target-tags=noicmp
4) gcloud compute firewall-rules create http-allow –direction=EGRESS –priority=1000 –action=ALLOW –rules=http –source-ranges=0.0.0.0/0 –target-tags=noicmp

A

Answer: 2

gcloud compute firewall-rules create http-allow –direction=INGRESS –priority=1000 –action=ALLOW –rules=http –source-ranges=0.0.0.0/0 –target-tags=noicmp

Answer 2 is only one that is INGRESS and action of “ALLOW”

Note that –priority controls which rules apply first.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is required for a firewall rule?

1) Conditions, Actions, Apply to
2) Conditions, Actions, App
3) App, Ruling
4) IP Addresses, Rules

A

Answer: 1 - Conditions, Actions, Apply to

Sample firewall rule:

gcloud compute firewall-rules create http-allow –direction=INGRESS –priority=1000 –action=ALLOW –rules=http –source-ranges=0.0.0.0/0 –target-tags=noicmp

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What should you use to balance internal UDP traffic?

1) Use Internal HTTP(s) load balancing
2) Use Internal TCP/UDP Load Balancing
3) Use Network TCP/UDP Load Balancing
4) Use TCP Proxy

A

Answer: 2 - Use Internal TCP/UDP Load Balancing

Use this flow chart to choose a load balancer: https://cloud.google.com/load-balancing/docs/choosing-load-balancer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You have a definition for an instance template that contains a web application. You are asked to deploy the application so that it can scale based on the HTTP traffic it receives. What should you do?

1) Create a VM from the instance template. Create a custom image from the VM’s disk. Export the image to Cloud Storage. Create an HTTP load balancer and add the Cloud Storage bucket as its backend service.
2) Create a VM from the instance template. Create an App Engine application in Automatic Scaling mode that forwards all traffic to the VM.
3) Create a managed instance group based on the instance template. Configure autoscaling based on HTTP traffic and configure the instance group as the backend service of an HTTP load balancer.
4) Create the necessary amount of instances required for peak user traffic based on the instance template. Create an unmanaged instance group and add the instances to that instance group. Configure the instance group as the Backend Service of an HTTP load balancer.

A

Answer: 3 -

Create a managed instance group based on the instance template. Configure autoscaling based on HTTP traffic and configure the instance group as the backend service of an HTTP load balancer.

1 Is not correct because the Load Balancer will just load balance access to the uploaded image itself, and not create or autoscale VMs based on that image.
2 Is not correct because while the App Engine can scale as a proxy, all requests will still end up on the same Compute Engine instance, which needs to scale itself.
3 is correct because a managed instance group can use an instance template to scale based on HTTP traffic
4 is not correct because unmanaged instance groups do not offer autoscaling.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What connectivity options use private addressing? (Select 2)

1) Direct Peering
2) Carrier Peering
3) Dedicated Interconnect
4) Partner Interconnect

A

Answer: 3 & 4

Interconnects are different from peering in that they give you connectivity using private address space into your Google VPC. If you need RFC1918-to-RFC1918 private address connectivity then you’ll need to provision either a dedicated or partner interconnect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

GCP has three (3) distinct elements to it’s network infrastructure. What are these?

A

Answer:

  • Data Centers
  • Edge Points of Presence (POPs)
  • Edge Nodes (Google Global Cache - GGC)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

GCP Associate Cloud Engineer (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions