Google Professional Cloud Network Engineer
Get started today
Ultimate access to all questions.
In your organization, two departments have separate GCP projects (code-dev and data-dev) within the same organization and need to enable complete cross-communication between all their VMs in GCP. Each department maintains one VPC in its respective project and requires full control over its network. Neither department plans to recreate existing compute resources. You need to implement a cost-optimized solution.
Which two actions should you perform? (Select two.)
In your organization, two departments have separate GCP projects (code-dev and data-dev) within the same organization and need to enable complete cross-communication between all their VMs in GCP. Each department maintains one VPC in its respective project and requires full control over its network. Neither department plans to recreate existing compute resources. You need to implement a cost-optimized solution.
Which two actions should you perform? (Select two.)
Explanation:
To enable full cross-communication between VMs in two GCP projects (code-dev and data-dev) while minimizing costs and maintaining network control, VPC Network Peering (Option B) is the most cost-effective solution. It allows direct connectivity between the VPCs in the same organization without egress charges (for same-region traffic) and does not require recreating resources. Peering automatically handles routing between the VPCs. Firewall Rules (Option D) are necessary because, even with peering, GCP firewall rules block all ingress traffic by default. Each project must explicitly allow ingress traffic from the other project's subnets. Since the departments want full control, they can independently manage their own firewall rules to permit cross-communication.