Question 8: Free Google Professional Cloud Network Engineer Actual Exam Questions

Question No. 8

You are designing a hybrid cloud environment for your organization. Your Google Cloud environment
is interconnected with your on-premises network using Cloud HA VPN and Cloud Router. The Cloud
Router is configured with the default settings. Your on-premises DNS server is located at
192.168.20.88 and is protected by a firewall, and your Compute Engine resources are located at
10.204.0.0/24. Your Compute Engine resources need to resolve on-premises private hostnames using
the domain corp.altostrat.com while still resolving Google Cloud hostnames. You want to follow
Google-recommended practices. What should you do?

Select one option, then reveal solution.

Kevin K.

2026-02-19

Option D makes sense since DNS Server Policies handle selective forwarding properly.

Sam B.

2026-02-12

Probably A, since the firewall should allow traffic from Compute Engine IPs, not Google DNS ranges.

Sam B.

2026-02-09

Maybe D, since DNS Server Policies are designed for selective forwarding and use Google’s DNS IP ranges.

Ethan M.

2026-01-26

D, because DNS Server Policies handle selective forwarding better than static configs.

Ethan M.

2026-01-24

A/D? D uses DNS Server Policies, which is cleaner for selective forwarding, and the firewall rule for 35.199.192.0/19 covers GCP’s DNS IPs. A seems simpler but might miss some permissions for Cloud DNS forwarding.

Ethan M.

2026-01-23

A imo, cause it matches the Compute Engine subnet and firewall needs.

Osama M.

2026-01-17

Maybe D

Free Google Professional Cloud Network Engineer Actual Exam Questions - Question 8 Discussion