Google Cloud Associate Cloud Engineer — Question 318

You have been asked to create robust Virtual Private Network (VPN) connectivity between a new Virtual Private Cloud (VPC) and a remote site. Key requirements include dynamic routing, a shared address space of 10.19.0.1/22, and no overprovisioning of tunnels during a failover event. You want to follow Google- recommended practices to set up a high availability Cloud VPN. What should you do?

Answer options

• A. Use a custom mode VPC network, configure static routes, and use active/passive routing.
• B. Use an automatic mode VPC network, configure static routes, and use active/active routing.
• C. Use a custom mode VPC network, use Cloud Router border gateway protocol (BGP) routes, and use active/passive routing.
• D. Use an automatic mode VPC network, use Cloud Router border gateway protocol (BGP) routes, and configure policy-based routing.

Correct answer: C

Explanation

The correct answer is C because using a custom mode VPC network with Cloud Router and BGP allows for dynamic routing, which meets the requirement for robust connectivity. Active/passive routing ensures that there is no overprovisioning of tunnels during failovers, which is also a key requirement. Options A and B use static routes which do not support dynamic routing, while option D employs policy-based routing, which is not aligned with the requirements.