Professional-Cloud-Network-Engineer Exam Dumps : Google Cloud Certified - Professional Cloud Network Engineer

To configure Cloud CDN for an application hosted outside of Google Cloud (e.g., in AWS), you need to use an internet network endpoint group (NEG). An internet NEG allows you to point to external endpoints using their FQDN or IP address. Cloud CDN works with external HTTP(S) Load Balancers, and you enable CDN on the backend service associated with the load balancer. A Network Load Balancer (passthrough) does not support Cloud CDN.

Exact Extract:

"To enable Cloud CDN for content hosted outside of Google Cloud, you must use an external HTTP(S) Load Balancer with an internet network endpoint group (NEG)."

"An internet NEG specifies one or more external endpoints that can be reached by an external HTTP(S) Load Balancer. You can specify endpoints using an IP address and port, or a fully qualified domain name (FQDN) and port."

"Cloud CDN is enabled on the backend service of an external HTTP(S) Load Balancer."Reference: Google Cloud CDN Documentation - Caching external content, Internet NEGs overview

Explanation: Enabling VPC Flow Logs with sample_rate = 1.0 on the VM’s subnet will give detailed information about network traffic flowing to and from your VM. You can then query this data in Logs Explorer to check whether packets are leaving the VM and reaching the intended destination. This is a recommended practice for troubleshooting such network issues.

Automatic encryption between GFEs and backends For the following load balancer types, Google automatically encrypts traffic between Google Front Ends (GFEs) and your backends that reside within Google Cloud VPC networks: HTTP(S) Load Balancing TCP Proxy Load Balancing SSL Proxy Load Balancing