Google Cloud Professional Cloud Network Engineer
Validates ability to design, implement, and manage Google Cloud network infrastructure. Covers designing and planning VPC networks including overall architecture, VPC design, hybrid/multi-cloud networking, and GKE networking; implementing VPC networks with routing, Network Connectivity Center, and GKE clusters; configuring managed network services including load balancing, Cloud CDN, and Cloud DNS; configuring hybrid and multi-cloud interconnectivity with Cloud Interconnect, VPN, and Cloud Router; managing, monitoring, and troubleshooting network operations; and configuring cloud network security solutions with Cloud Armor and Cloud NGFW. 50-60 multiple-choice and multiple-select questions in 2 hours. Recommended 3+ years industry experience; 2-year validity.
Exam domains
- Designing and planning a Google Cloud VPC network24%
Designing an overall network architecture (high availability, failover, and disaster recovery strategies; DNS strategy - Cloud DNS for public/private zones, on-premises name resolution; security and data exfiltration requirements; load balancing - regional vs global, internal vs external, types - HTTP(S), TCP/SSL Proxy, TCP/UDP); applying quotas per project and per VPC; hybrid connectivity options - Cloud Interconnect, Cloud VPN; container networking; IAM roles for networking. Designing VPC networks (CIDR range for subnets and aliases; IP addressing - internal and external, IPv4 and IPv6; standalone vs Shared VPC; multiple vs single VPC; regional vs multi-regional; VPC peering - transitive peering, peering with custom routes; firewalls including service accounts and security tags; custom routes; using managed services - Cloud SQL, Memorystore - private connectivity, Private Service Connect, Private Service Access).
- Implementing a VPC network19%
Configuring VPCs (Google Cloud VPC resources - networks, subnets, firewall rules - tag-based, identity-based; VPC peering; routing - static, dynamic with BGP; creating a Shared VPC and explaining how to share subnets with other projects). Configuring routing (static vs dynamic routing - Cloud Router with BGP; global vs regional dynamic routing; routing policies using tags and priority; internal load balancer as next hop; custom route advertisement and import).
- Configuring managed network services16%
Sources
Questions are grounded in 50 references from official and authoritative materials.