Google Cloud Professional Cloud Network Engineer — Question 216

Your organization has over 250 autonomous business units that currently operate in a decentralized manner. Due to the organization's maturity, there is limited routable private IP address space, which is insufficient to accommodate all of the necessary workloads. You need to create a cloud-first network design that uses the same IP address space across business unit workloads where possible. These business units require communication between units, and access to their on-premises data center. What should you do?

Answer options

• A. Create a hub and spoke model that incorporates VPC Network Peering with hybrid connectivity centralized within the hub.
• B. Create a Network Connectivity Center design that incorporates Private NAT to facilitate communication between VPC spokes, and a Routing VPC to exchange dynamic routes from the on-premises environment.
• C. Create a Network Connectivity Center design that incorporates Private Service Connect to provide bidirectional communication between VPC spokes, and a Routing VPC to exchange dynamic routes from the on-premises environment.
• D. Create a hub and spoke design that incorporates a centralized network virtual appliance (NVA) in the hub to perform routing and NAT between spokes.

Correct answer: B

Explanation

The correct answer is B because it effectively uses Private NAT to facilitate communication between VPC spokes while also allowing dynamic route exchanges with the on-premises data center. Option A does not provide the necessary NAT functionality, and C suggests using Private Service Connect, which is not suitable for this scenario. Option D relies on a centralized NVA, which may not optimize the network design for all business units' needs.