Google Cloud Professional Cloud Network Engineer — Question 128

You just finished your company’s migration to Google Cloud and configured an architecture with 3 Virtual Private Cloud (VPC) networks: one for Sales, one for Finance, and one for Engineering. Every VPC contains over 100 Compute Engine instances, and now developers using instances in the Sales VPC and the Finance VPC require private connectivity between each other. You need to allow communication between Sales and Finance without compromising performance or security. What should you do?

Answer options

• A. Configure an HA VPN gateway between the Finance VPC and the Sales VPC.
• B. Configure the instances that require communication between each other with an external IP address.
• C. Create a VPC Network Peering connection between the Finance VPC and the Sales VPC.
• D. Configure Cloud NAT and a Cloud Router in the Sales and Finance VPCs.

Correct answer: C

Explanation

The correct answer is C, as VPC Network Peering allows private communication between two VPCs while maintaining performance and security. Option A introduces unnecessary complexity with a VPN when peering is sufficient, option B exposes instances to the public internet which is a security risk, and option D involves additional configurations that do not directly enable private connectivity between the two VPCs.