Crucial Exams

GCP Professional Cloud Architect Practice Question

Project A hosts a highly regulated payment API on GKE behind an internal HTTP(S) load balancer. Several consumer projects-some in other Google Cloud organizations-must invoke the API using private RFC 1918 addresses. The security team has ruled out VPC Network Peering because of overlapping CIDR ranges and requires that no other producer subnet resources be reachable. All traffic must remain on Google's private backbone and avoid the public internet. Which Google Cloud networking construct meets these requirements while allowing the consumers to initiate the connection from their own VPCs?

  • Expose the API with an internal TCP/UDP load balancer enabled for global access and share its virtual IP through Cloud DNS across projects.

  • Create Cloud VPN tunnels from each consumer project to Project A and route traffic to the API through the tunnel.

  • Set up VPC Network Peering between Project A and every consumer project and advertise custom routes to the internal load balancer.

  • Publish the API through a Private Service Connect service attachment in Project A and allow each consumer project to create PSC endpoints that point to it.

GCP Professional Cloud Architect
Designing and planning a cloud solution architecture
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot