Topic 1 Question 167
Your company recently migrated to Google Cloud. You configured separate Virtual Private Cloud (VPC) networks for Department A and Department B. You need to configure both VPC networks to have access to the same on-premises location through separate links with full isolation between the VPC networks. Your design must also query on-premises DNS servers from workloads in Google Cloud using conditional forwarding. You want to minimize operational overhead. What should you do?
Customize the operating system DNS configuration files to target the on-premises DNS servers.
Keep the different VPC networks from both departments isolated with different on-premises links, and separate Cloud DNS private zones and Cloud DNS forwarding zones.
Peer Department A's and Department B's VPC networks to have all on-premises connectivity via a single VPC network. Use separate Cloud DNS private zones and Cloud DNS forwarding zones.
Configure a Cloud DNS Peering zone in Department A's VPC network pointing to Department B's VPC and a Cloud DNS outbound forwarding zone in Department B's VPC network. Use separate on-premises links in each VPC network.
ユーザの投票
コメント(11)
- 正解だと思う選択肢: D
B is not an option as per Google best practices: https://cloud.google.com/dns/docs/best-practices#use-dns-peering-to-avoid-outbound-forwarding-from-multiple_vpc-networks
therefore I see D as best option
👍 7gonlafer2024/02/19 - 正解だと思う選択肢: B
The scenario outlines the need for separate VPC networks for Department A and Department B with access to the same on-premises location through separate links while maintaining full isolation between the VPC networks. Additionally, the design should allow querying on-premises DNS servers from Google Cloud workloads using conditional forwarding while minimizing operational overhead.
Given these requirements, the most suitable option is:
B. Keep the different VPC networks from both departments isolated with different on-premises links, and separate Cloud DNS private zones and Cloud DNS forwarding zones.
👍 5[Removed]2024/02/08 D is the answer
B is clearly wrong. You should avoid outbound DNS forwarding from multiple VPCs https://cloud.google.com/dns/docs/best-practices#use-dns-peering-to-avoid-outbound-forwarding-from-multiple_vpc-networks
👍 4PeppaPig2024/02/16
シャッフルモード