Topic 1 Question 130
You are designing a hybrid cloud environment for your organization. Your Google Cloud environment is interconnected with your on-premises network using Cloud HA VPN and Cloud Router. The Cloud Router is configured with the default settings. Your on-premises DNS server is located at 192.168.20.88 and is protected by a firewall, and your Compute Engine resources are located at 10.204.0.0/24. Your Compute Engine resources need to resolve on-premises private hostnames using the domain corp.altostrat.com while still resolving Google Cloud hostnames. You want to follow Google-recommended practices. What should you do?
- Create a private forwarding zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com that points to 192.168.20.88.
- Configure your on-premises firewall to accept traffic from 10.204.0.0/24.
- Set a custom route advertisement on the Cloud Router for 10.204.0.0/24
- Create a private forwarding zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com that points to 192.168 20.88.
- Configure your on-premises firewall to accept traffic from 35.199.192.0/19
- Set a custom route advertisement on the Cloud Router for 35.199.192.0/19.
- Create a private forwarding zone in Cloud DNS for ‘corp .altostrat.com’ called corp-altostrat-com that points to 192.168.20.88.
- Configure your on-premises firewall to accept traffic from 10.204.0.0/24.
- Modify the /etc/resolv conf file on your Compute Engine instances to point to 192.168.20 88
- Create a private zone in Cloud DNS for ‘corp altostrat.com’ called corp-altostrat-com.
- Configure DNS Server Policies and create a policy with Alternate DNS servers to 192.168.20.88.
- Configure your on-premises firewall to accept traffic from 35.199.192.0/19.
- Set a custom route advertisement on the Cloud Router for 35.199.192.0/19.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: B
Easy, B for sure.
https://cloud.google.com/dns/docs/zones/forwarding-zones
A and C) wrong, source address request is reserved 35.199.192.0/19. D) wrong, local zone setup created black role to DNS zone, scenario required forwarding to onpremise.
B
👍 7ccieman20162022/12/03 - 正解だと思う選択肢: B
B is the correct. "To make sure that you can query DNS records in your on-premises environment, set up a forwarding zone for the domain that you're using on-premises for your corporate resources (such as corp.example.com). " https://cloud.google.com/dns/docs/best-practices#use_forwarding_zones_to_query_on-premises_servers
👍 5pfilourenco2022/12/04 B. 1. Create a private forwarding zone in Cloud DNS for ‘corp.altostrat.com’ called corp-altostrat-com that points to 192.168 20.88. 2. Configure your on-premises firewall to accept traffic from 35.199.192.0/19 3. Set a custom route advertisement on the Cloud Router for 35.199.192.0/19
👍 1AzureDP9002022/12/12
シャッフルモード