Google Professional Cloud Network Engineer Exam Questions

Exam Name: Professional Cloud Network Engineer

Exam Code: Professional Cloud Network Engineer

Related Certification(s): Google Cloud Certified Certification

Certification Provider: Google

Actual Exam Duration: 120 Minutes

Number of Professional Cloud Network Engineer Practice Questions: 233 (updated: )

Expected Professional Cloud Network Engineer Exam Topics, as suggested by Google:
Topic 1: Designing and planning a Google Cloud network
This section of the exam measures the skills of Cloud Architects and covers the high-level planning of network infrastructure on Google Cloud. It involves designing overall network architecture with considerations for high availability, security, and hybrid connectivity. The domain includes planning DNS topology, selecting appropriate load balancers, designing VPC networks, and creating resilient multi-cloud architectures. It also encompasses planning for GKE networking, IAM roles in Shared VPC environments, microsegmentation strategies, and connectivity to managed services while differentiating between network tiers and implementing VPC Service Controls.
Topic 2: Implementing Virtual Private Cloud (VPC) networks
This section of the exam measures the skills of Network Engineers and focuses on the practical implementation of VPC networks. It includes configuring VPCs, VPC Network Peering, and Shared VPC environments. The domain covers setting up routing configurations, including static and dynamic routing, implementing the Network Connectivity Center, and configuring Google Kubernetes Engine clusters with proper networking setups. It also involves configuring and managing Cloud Next Generation Firewall rules, including creating firewall policies, configuring intrusion prevention services, and implementing fully qualified domain name firewall objects.
Topic 3: Configuring managed network services
This section of the exam measures the skills of Cloud Operations Engineers and encompasses the configuration of various Google Cloud networking services. It includes setting up load balancing with proper backend services and health checks, configuring Google Cloud Armor security policies with WAF rules and DDoS protection, and implementing Cloud CDN for content delivery. The domain also covers managing Cloud DNS zones and records, securing internet egress traffic through NAT configurations, and implementing network packet inspection solutions using multi-NIC VMs and internal load balancers.
Topic 4: Implementing hybrid network interconnectivity
This section of the exam measures the skills of Connectivity Specialists and focuses on establishing connections between Google Cloud and other environments. It involves configuring Cloud Interconnect solutions, including Dedicated Interconnect, Partner Interconnect, and Cross-Cloud Interconnect, with proper VLAN attachments. The domain covers setting up site-to-site IPSec VPNs, including HA VPN configurations, implementing Cloud Router with BGP attributes and BFD, and configuring Network Connectivity Center for hybrid connectivity, including creating hybrid spokes and establishing site-to-site data transfer.
Topic 5: Managing, monitoring, and troubleshooting network operations
This section of the exam measures the skills of Network Administrators and covers the ongoing management of Google Cloud network environments. It includes implementing logging and monitoring using Google Cloud Observability for various networking components. The domain encompasses maintaining and troubleshooting connectivity issues, including traffic management with load balancers, firewall rule tuning, and VPN troubleshooting. It also involves using Network Intelligence Center tools for monitoring and diagnostics, including Network Topology visualization, Connectivity Tests, Performance Dashboard analysis, Firewall Insights, and Network Analyzer for identifying and resolving network issues.
Free Professional Cloud Network Engineer Exam Actual Questions
Note: Professional Cloud Network Engineer Premium Questions were last updated on

Q#1
You are planning to use Terraform to deploy the Google Cloud infrastructure for your company The design must meet the following requirements

* Each Google Cloud project must represent an Internal project that your team Will work on

* After an internal project is finished, the infrastructure must be deleted

* Each Internal project must have Its own Google Cloud project owner to manage the Google Cloud resources-

* You have 10-100 projects deployed at a time,

While you are writing the Terraform code, you need to ensure that the deployment IS Simple, and the code IS reusable With
centralized management What should you doo

Q#2
Your organization recently re-architected your cloud environment to use Network Connectivity Center. However, an error occurred when you tried to add a new VPC named vpc-dev as a spoke. The error indicated that there was an issue with an existing spoke and the IP space of a VPC named vpc-pre-prod. You must complete the migration quickly and efficiently. What should you do?

Q#3
Your organization has a Google Cloud Virtual Private Cloud (VPC) with subnets in us-east1, us-west4, and europe-west4 that use the default VPC configuration. Employees in a branch office in Europe need to access the resources in the VPC using HA VPN. You configured the HA VPN associated with the Google Cloud VPC for your organization with a Cloud Router deployed in europe-west4. You need to ensure that the users in the branch office can quickly and easily access all resources in the VPC. What should you do?

Q#4
Your on-premises data center has 2 routers connected to your Google Cloud environment through a VPN on each router…

* Each on-premises router is configured with a unique ASN.

* Each on-premises router is configured with the same routes and priorities.

* Both on-premises routers are configured with a VPN connected to a single Cloud Router.

* BGP sessions are established between both on-premises routers and the Cloud Router.

* Only 1 of the on-premises router’s routes are being added to the routing table.

What is the most likely cause of this problem?

Q#5
You need to create the technical architecture for hybrid connectivity from your data center to Google Cloud This will be managed by a partner. You want to follow Google-recommended practices for production-level applications. What should you do?