Google Cloud Professional Cloud Network Engineer — Question 115

You are designing the network architecture for your organization. Your organization has three developer teams: Web, App, and Database. All of the developer teams require access to Compute Engine instances to perform their critical tasks. You are part of a small network and security team that needs to provide network access to the developers. You need to maintain centralized control over network resources, including subnets, routes, and firewalls. You want to minimize operational overhead. How should you design this topology?

Answer options

• A. Configure a host project with a Shared VPC. Create service projects for Web, App, and Database.
• B. Configure one VPC for Web, one VPC for App, and one VPC for Database. Configure HA VPN between each VPC.
• C. Configure three Shared VPC host projects, each with a service project: one for Web, one for App, and one for Database.
• D. Configure one VPC for Web, one VPC for App, and one VPC for Database. Use VPC Network Peering to connect all VPCs in a full mesh.

Correct answer: A

Explanation

The correct answer is A because using a Shared VPC allows for centralized management of network resources, which is crucial for maintaining control and reducing overhead. Options B and D create separate VPCs that complicate management and increase operational overhead, while option C, although utilizing Shared VPCs, involves unnecessary duplication of host projects.