Blog

Google Cloud Professional Cloud Network Engineer (PCNE) Certification Tips and Preparation

Google Cloud Professional Cloud Network Engineer Certification Tips and Preparation DoiT

Hi, in this post, I will explain how I passed my Google Cloud Network Professional Engineer test. I’m a Cloud Engineer with networking experience, and I have been working in the industry for several years. I was highly skilled in traditional networking technologies but was interested in expanding my knowledge and skills to cloud networking.

The most preparation technique that was the most important for me was to do some hands-on labs to assess my theoretical knowledge gain from the training video series. Also doing some synthetic cheat sheet was important for me.

The Google Cloud Network Professional Engineer exam evaluate your skills for:

  • Designing, planning, and prototyping a Google Cloud network
  • Implementing Virtual Private Cloud (VPC) instances
  • Configuring network services
  • Implementing hybrid interconnectivity
  • Managing, monitoring, and optimizing network operations

The most important is to define a learning path according to your weak and strong areas in the networking practice skills: https://storage.googleapis.com/cloud-training/T-GCPPCN-A/1.0/student/PCNE_Workbook.pdf.

This is important and then you will be focusing on preparing according to this, the preparation is your key to success. I will give you here the tips I have used to prepare with success for the exam in this blog post!

As everybody knows networking concepts are sometimes hard to gain, and figure out as BGP with so many parameters and routing possibilities the protocol can offer, also VLANs and other Layer 2 or Layer 3 networking technologies can sometimes be cumbersome. But when it comes to Cloud Networking the effort to catch every service is even harder because they are often offered as managed services by Cloud providers and the underlying behavior is hidden.

You have to go deeper in GCP documentation and Hands-On Labs to familiarize yourself with these services and get confident for the exam to make sure you understand well for what purpose they have been designed and how to configure them in the Cloud. Let me explain how my learning path was to prepare for the GCP PCNE certification.

#1 Study the cloud network engineer certification guide

I knew that passing the exam would not be easy, so I began to prepare myself by studying the exam guide and reviewing the relevant Google Cloud documentation:

https://cloud.google.com/certification/guides/cloud-network-engineer/

Take time to identify the topics you may be already familiar with, and others where you feel less comfortable and don’t know at all, and mark them for future work on it. Some topics like GKE networking deserve a deep analysis to understand well how they are implemented in GCP. After this, you will know which area and topics you have to prepare yourself.

#2 Signup for Google and Cloud Guru training and Get a Sandbox

Google Cloud Skills Boost: Network Engineer Learning Path:

  • Preparing for Your Professional Cloud Network Engineer Journey (assessment)

https://partner.cloudskillsboost.google/course_templates/383

  • Google Cloud Fundamentals: Core Infrastructure

https://partner.cloudskillsboost.google/course_templates/60

  • Networking in Google Cloud: Defining and Implementing Networks

https://partner.cloudskillsboost.google/course_templates/35

  • Networking in Google Cloud: Hybrid Connectivity and Network Management

https://partner.cloudskillsboost.google/course_templates/36

A Cloud Guru: Google Certified Professional Cloud Network Engineer (Karlos Knox, Special Thanks to him (KBA)!), do all the training with a special focus on:

  • Kubernetes, Clusters & VPC Interactions
  • DNS and CDN Services
  • Load Balancing
  • Monitoring Network Operations

I have taken advantage of my GCP’s sandbox to set up test environments and practice implementing different network architectures. Special thanks to my employer for allocating me this sandbox and the necessary time to study for my exam (Thanks DoiT!). The alternative if you don’t have a sandbox is to get a free 300$ trial from Google Cloud or Cloud Guru subscription.

#3 Understand well these cloud networking concepts

  • VPC: default, custom, and shared VPC implementations with service projects.
  • Firewall rules: configuration with service accounts, targets, priority, and logs.
  • Routes: System-generated routes (default and subnet routes), Custom routes (static and dynamic routes). How these routes are advertised from: VPC Peering and Cloud Routers to On-Prem. VPC peering: import/export custom routes.
  • Packet mirroring: set up a mirroring policy, mirrored source(s), and destination.
  • IAM Roles: understanding roles needed to manage and create shared VPCs.
  • DNS Services: make sure to understand well how to create private and public zones in GCP, activating DNSSEC on public zones, the different DNS zone types, and when to use them (private, public zones, forwarding zones, peering zones). Make sure you know when to use the DNS forwarding zone rather than DNS Server policies (Cloud DNS Best Practices).
  • Hybrid Connectivity: HA designs, HA VPNs, HA for Interconnects to reach 999 or 9999 SLAs. Cloud Interconnects: VLAN attachments creation, BGP Sessions IP address configuration. BGP: public and private ASNs, peer ASN, route priority, MED.
  • IP addressing: RFC1918 private IP space ranges, Cloud Router Link-Local BGP peering IP addresses. CIDR IP address notation, IP aliases, Primary and Secondary CIDR ranges, and Subnetting.
  • Private Access options to access Google APIs and services: Private Google Access, Private Service Connect, Private Service Access, Serverless VPC Access (knowing which option to use for which service according to the context).
  • Virtual appliances: using multiple network interfaces, and centralized network appliances (NGFGW, IDS). Internal TCP/UDP Load Balancers as next hop, architecture with multi-NICs virtual appliances.
  • Load Balancers: knowing when to use global vs regional load balancer as well as HTTP or Network load Balancer. Cloud CDN: global content delivery network, edge location, and caching features. Cloud Armor: security policies to protect workload using HTTP/s Load Balancer.
  • Packet mirroring: set up a mirroring policy, mirrored source(s), and destination.

Helpful links:

Google Cloud Professional Cloud Network Engineer Certification Tips and Preparation

#4 Hands-on Labs:

About the Labs: Practice as much as you can, especially on Load Balancers, Cloud NAT, Cloud Router, Cloud VPNs

  • Getting Started with VPC Networking and Google Compute Engine
  • Google Cloud Fundamentals: Getting Started with Cloud Storage and Cloud SQL
  • Google Cloud Fundamentals: Getting Started with GKE
  • Hello Cloud Run [APPRUN]
  • Automating the Deployment of Infrastructure Using Terraform

Lab qwiklabs references:
https://partner.cloudskillsboost.google/course_templates/60

  • Working with Multiple VPC networks
  • Controlling Access to VPC networks
  • Configure VPC Network Peering
  • Set Up Network and HTTP Load Balancers (GSP 007 GCP Self-Paced Labs)
  • Configure Traffic Management with a Load Balancer
  • Caching Content with Cloud CDN

Lab qwiklabs references:
https://partner.cloudskillsboost.google/course_templates/35

  • Configure Google Cloud HA VPN
  • Implement Private Google Access and Cloud Cloud NAT
  • Optimizing Network Spend with Network Tiers
  • Resource Monitoring: Analyzing Network Traffic with VPC Flow Logs

Lab qwiklabs references:
https://partner.cloudskillsboost.google/course_templates/36

#5 Other links:

When you feel ready to take the exam

#6 Link to register:

Share Your Thoughts, please feel free to connect on Linkedin https://www.linkedin.com/in/ja9/.

PCNE

Subscribe to updates, news and more.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related blogs

Schedule a call with our team

You will receive a calendar invite to the email address provided below for a 15-minute call with one of our team members to discuss your needs.

You will be presented with date and time options on the next step