Hi, in this post, I will explain how I passed my Google Cloud Network Professional Engineer test. I’m a Cloud Engineer with networking experience, and I have been working in the industry for several years. I was highly skilled in traditional networking technologies but was interested in expanding my knowledge and skills to cloud networking.
The most preparation technique that was the most important for me was to do some hands-on labs to assess my theoretical knowledge gain from the training video series. Also doing some synthetic cheat sheet was important for me.
The Google Cloud Network Professional Engineer exam evaluate your skills for:
- Designing, planning, and prototyping a Google Cloud network
- Implementing Virtual Private Cloud (VPC) instances
- Configuring network services
- Implementing hybrid interconnectivity
- Managing, monitoring, and optimizing network operations
The most important is to define a learning path according to your weak and strong areas in the networking practice skills: https://storage.googleapis.com/cloud-training/T-GCPPCN-A/1.0/student/PCNE_Workbook.pdf.
This is important and then you will be focusing on preparing according to this, the preparation is your key to success. I will give you here the tips I have used to prepare with success for the exam in this blog post!
As everybody knows networking concepts are sometimes hard to gain, and figure out as BGP with so many parameters and routing possibilities the protocol can offer, also VLANs and other Layer 2 or Layer 3 networking technologies can sometimes be cumbersome. But when it comes to Cloud Networking the effort to catch every service is even harder because they are often offered as managed services by Cloud providers and the underlying behavior is hidden.
You have to go deeper in GCP documentation and Hands-On Labs to familiarize yourself with these services and get confident for the exam to make sure you understand well for what purpose they have been designed and how to configure them in the Cloud. Let me explain how my learning path was to prepare for the GCP PCNE certification.
#1 Study the cloud network engineer certification guide
I knew that passing the exam would not be easy, so I began to prepare myself by studying the exam guide and reviewing the relevant Google Cloud documentation:
https://cloud.google.com/certification/guides/cloud-network-engineer/
Take time to identify the topics you may be already familiar with, and others where you feel less comfortable and don’t know at all, and mark them for future work on it. Some topics like GKE networking deserve a deep analysis to understand well how they are implemented in GCP. After this, you will know which area and topics you have to prepare yourself.
#2 Signup for Google and Cloud Guru training and Get a Sandbox
Google Cloud Skills Boost: Network Engineer Learning Path:
- Preparing for Your Professional Cloud Network Engineer Journey (assessment)
https://partner.cloudskillsboost.google/course_templates/383
- Google Cloud Fundamentals: Core Infrastructure
https://partner.cloudskillsboost.google/course_templates/60
- Networking in Google Cloud: Defining and Implementing Networks
https://partner.cloudskillsboost.google/course_templates/35
- Networking in Google Cloud: Hybrid Connectivity and Network Management
https://partner.cloudskillsboost.google/course_templates/36
A Cloud Guru: Google Certified Professional Cloud Network Engineer (Karlos Knox, Special Thanks to him (KBA)!), do all the training with a special focus on:
- Kubernetes, Clusters & VPC Interactions
- DNS and CDN Services
- Load Balancing
- Monitoring Network Operations
I have taken advantage of my GCP’s sandbox to set up test environments and practice implementing different network architectures. Special thanks to my employer for allocating me this sandbox and the necessary time to study for my exam (Thanks DoiT!). The alternative if you don’t have a sandbox is to get a free 300$ trial from Google Cloud or Cloud Guru subscription.
#3 Understand well these cloud networking concepts
- VPC: default, custom, and shared VPC implementations with service projects.
- Firewall rules: configuration with service accounts, targets, priority, and logs.
- Routes: System-generated routes (default and subnet routes), Custom routes (static and dynamic routes). How these routes are advertised from: VPC Peering and Cloud Routers to On-Prem. VPC peering: import/export custom routes.
- Packet mirroring: set up a mirroring policy, mirrored source(s), and destination.
- IAM Roles: understanding roles needed to manage and create shared VPCs.
- DNS Services: make sure to understand well how to create private and public zones in GCP, activating DNSSEC on public zones, the different DNS zone types, and when to use them (private, public zones, forwarding zones, peering zones). Make sure you know when to use the DNS forwarding zone rather than DNS Server policies (Cloud DNS Best Practices).
- Hybrid Connectivity: HA designs, HA VPNs, HA for Interconnects to reach 999 or 9999 SLAs. Cloud Interconnects: VLAN attachments creation, BGP Sessions IP address configuration. BGP: public and private ASNs, peer ASN, route priority, MED.
- IP addressing: RFC1918 private IP space ranges, Cloud Router Link-Local BGP peering IP addresses. CIDR IP address notation, IP aliases, Primary and Secondary CIDR ranges, and Subnetting.
- Private Access options to access Google APIs and services: Private Google Access, Private Service Connect, Private Service Access, Serverless VPC Access (knowing which option to use for which service according to the context).
- Virtual appliances: using multiple network interfaces, and centralized network appliances (NGFGW, IDS). Internal TCP/UDP Load Balancers as next hop, architecture with multi-NICs virtual appliances.
- Load Balancers: knowing when to use global vs regional load balancer as well as HTTP or Network load Balancer. Cloud CDN: global content delivery network, edge location, and caching features. Cloud Armor: security policies to protect workload using HTTP/s Load Balancer.
- Packet mirroring: set up a mirroring policy, mirrored source(s), and destination.
Helpful links:
- Cloud OnAir GCP networking 101 — VPC Shared VPC Interconnect https://www.youtube.com/watch?v=0hN-dyOV10c
- Cloud OnAir: Google Cloud Networking 102 — Cloud Routing and VPC Peering: https://www.youtube.com/watch?v=jQc9P7xA_wU
- Cloud OnAir: Google Cloud Networking 103 — Securing your Network: https://www.youtube.com/watch?v=W-YAQCP2Bdg
- Cloud OnAir: Google Cloud Networking 104 — Everything You Need to Know About Load Balancers on GCP
- Cloud OnAir: Networking 105 — How to use GCP DNS: https://www.youtube.com/watch?v=OH_Jw8NhEGU
- Cloud On air GCP networking L200 — Google Cloud Networking Fundamentals https://www.youtube.com/watch?v=vDrG15sv5ss
#4 Hands-on Labs:
About the Labs: Practice as much as you can, especially on Load Balancers, Cloud NAT, Cloud Router, Cloud VPNs
- Getting Started with VPC Networking and Google Compute Engine
- Google Cloud Fundamentals: Getting Started with Cloud Storage and Cloud SQL
- Google Cloud Fundamentals: Getting Started with GKE
- Hello Cloud Run [APPRUN]
- Automating the Deployment of Infrastructure Using Terraform
Lab qwiklabs references:
https://partner.cloudskillsboost.google/course_templates/60
- Working with Multiple VPC networks
- Controlling Access to VPC networks
- Configure VPC Network Peering
- Set Up Network and HTTP Load Balancers (GSP 007 GCP Self-Paced Labs)
- Configure Traffic Management with a Load Balancer
- Caching Content with Cloud CDN
Lab qwiklabs references:
https://partner.cloudskillsboost.google/course_templates/35
- Configure Google Cloud HA VPN
- Implement Private Google Access and Cloud Cloud NAT
- Optimizing Network Spend with Network Tiers
- Resource Monitoring: Analyzing Network Traffic with VPC Flow Logs
Lab qwiklabs references:
https://partner.cloudskillsboost.google/course_templates/36
#5 Other links:
- Professional Cloud Network Engineer Exam Guide: Professional Cloud Network Engineer Exam Guide | Google Cloud
- Professional Cloud Network Engineer Learning Path: Google Cloud — Professional Cloud Network Engineer Certification learning path
- Study link from Mike Sparr: https://gist.github.com/mikesparr/d837a60f8640fff5ffb7190ba4f5387c
- PCNE Prep sheet for the exam (read it when training is done): GitHub — jesuispy/google-cloud-professional-cloud-network-engineer-prep-sheet: Prep sheet for Google Cloud Professional Cloud Network engineer
- Others blog: https://javarevisited.blogspot.com/2022/02/how-to-prepare-for-google-cloud-network-engineer-exam.html#axzz7waGxWXaK
- A plus, Fundamentals of BGP Protocol: Fundamentals of Border Gateway Protocol (BGP) — Part 1
- Foundational networking courses: https://acloudguru.com/course/networking-foundations, https://acloudguru.com/course/network-routing-fundamentals (network routing fundamentals), https://acloudguru.com/course/subnetting-fundamentals (subnetting and network masking fundamentals) estimated total study time (6 hours)
- Book from Maurizio Ipsale and Mirko Gilioli — Google Cloud Certified Professional Cloud Network Engineer Guide (it’s a plus to read), and it has a mock exam that is available on O’Reilly https://www.oreilly.com/library/view/google-cloud-certified/9781801072694/
- Do sample exam questions either from Cloud Guru to assess yourself, read carefully they can be always two or more similar answers but only one will match the requested requirements in the asked question: https://acloudguru.com/course/google-certified-professional-cloud-network-engineer
When you feel ready to take the exam
#6 Link to register:
- Register on Webassessor: https://www.webassessor.com/wa.do?page=defaultLogin
- And “Bonne chance!”
Share Your Thoughts, please feel free to connect on Linkedin https://www.linkedin.com/in/ja9/.