Configure and Manage Virtual Networking

Question 1

Azure reserves 5 IP addresses with each subnet

subnet
x.x.x.0

What is this reserved for ?

Answer 1

the Network address

Question 2

Azure reserves 5 IP addresses with each subnet

subnet
x.x.x.255

What is this reserved for ?

Answer 2

the network broadcast address

Question 3

Azure reserves 5 IP addresses with each subnet

subnet
x.x.x.1

What is this reserved for ?

Answer 3

the default gateway

Question 4

Azure reserves 5 IP addresses with each subnet

subnet
x.x.x.2 and x.x.x.3

What are these reserved for ?

Answer 4

mapping the Azure DNS IPs to the VNET space

Question 5

What is a default gateway ?

Answer 5

The IP address for the router that connects your network to other network segments, serving as an exit point for all packets that have a destination outside your network

Question 6

When you create and configure new IP addresses, what are the three dimensions you must define ?

Answer 6

Public or private
Static assignment or dynamic assignment
IPV4 or IPV6 or both

Question 7

[Private IP addresses]

The infrastructure team has implemented firewall rules to deny traffic based on IP address ranges.

Which of the following should be used to meet the requirement?

• Statically assigned IP addresses
• Dynamically assigned IP addresses

Answer 7

Statically assigned IP addresses

Question 8

[Peering]

When 2 VNETs are peered, traffic is routed through …

• public internet
• public internet with a VPN gateway
• Microsoft’s infrastructure backbone

Answer 8

Microsoft’s infrastructure backbone

Question 9

[Peering]

What is the difference between regular peering and global peering ?

Answer 9

Regular peering is when the two peered VNETs are in the same region

Global peering is when the two peered VNETs are in different regions

Question 10

[Peering]

A single VNET can span …

• regions
• subscriptions
• both
• neither regions nor subscriptions

Answer 10

neither regions nor subscriptions

Question 11

[Peering]

True or false : Ingressing and egressing data is more expensive in global peering

Answer 11

True

Question 12

[Peering]

What is the most important rule to remember when establishing the peering relationship between two VNETs ?

Answer 12

The two VNETs can not have overlapping address space

Question 13

[Peering]

True or false : Once two VNETs are peered, you can modify their address space

Answer 13

False - address space can not be modified once a VNET is peered with another

Question 14

[Peering]

True or false : address space can not be modified once a VNET is peered with another VNET

Answer 14

True

Question 15

[Peering]

What is the maximum number of peering connections per VNET ?
Is this a hard limit or can this be changed ?

Answer 15

500 peering connections per VNET

It is hard limit

Question 16

[Peering]

What does UDR stand for ?

Answer 16

User Defined Routing

Question 17

[Peering]

VNet peering is not _____________________ . This means there is no automatic connectivity between spokes in a hub-and-spoke topology.

Answer 17

transitive

Question 18

[Peering]

…deploy an NVA into the hub through user-defned routes (UDRs) to route inter-spoke traffc through the NVA.

This is known as ___________________ , and it enables spoke-to-spoke communication without requiring additional VNet peerings.

Answer 18

service chaining

Question 19

[Peering]

What is the simplest way to do spoke-to-spoke communication without doing too many VNET peerings ?

Answer 19

service chaining

Question 20

[Peering]

NVA stands for … ?

Answer 20

Network Virtual Appliance

Question 21

[Peering]

In an hub-and-spoke architecture, where several VNETs are all peered to a hub, you’ve decided to use service chaining to avoid creating too many peering relationships.

What are the two major characteristics of “service chaining” ?

Answer 21

1. Deploy an NVA to the Hub

2. Use UDR to route inter-spoke traffic through the NVA

Question 22

[Peering]

To transit traffic from one spoke VNet to another spoke VNet via an NVA in the hub VNet, the VNet peerings must be confgured correctly.

By default, a peering connection will only accept traffic originating from the VNet to which it is connected.

However, this will not be the case for traffic forwarded between spoke VNets via an NVA in a hub VNet.

To permit such traffic, the ________________________ setting must be enabled for those VNet peerings.

Answer 22

Allow Forwarded Traffic

Question 23

[Peering]

Suppose you want two peered VNets want to send traffic to an external network via a virtual network gateway.

Rather than deploy two virtual network gateways, what is simpler and more cost-efficient set up for the VNets ?

Answer 23

Have them share a single network gateway

Question 24

[Peering]

“Use Remote Gateways” setting is enabled for a VNet.

Can this VNet have its own network gateway ?

Answer 24

No

Question 25

[Peering]

You need to inform a VNet-B of the presence of a gateway in VNet-A.

Which setting should you enable in VNet-B ?

Answer 25

Enable the setting “Use Remote Gateway” in VNet-B

Question 26

[Peering]

Suppose the virtual network gateway is deployed to VNet-A, allowing VNet-A to communicate with the external network.

VNet-B has enabled the setting “Use Remote Gateway” and there is a peering between VNet-A and Vnet-B.

What setting must you enable in VNet-A to allow VNet-B to use VNet-A’s virtual network gateway ?

Answer 26

You must enable the “Allow Gateway Transit” setting

Question 27

[Private IP addresses]

What do VMs use to connect to a network or to the internet ?

Answer 27

A network interface card (NIC)

Question 28

[Private IP addresses]

…………………………… is a stand alone Azure resource, whose only purpose is to provide connectivity for VMs. It is thus typically deleted with its corresponding VM.

Answer 28

A network interface card

Question 29

[Private IP addresses]

A VM acting as an NVA will typically have …

• 1 NIC
• Many NICs

Answer 29

Many NICs

Question 30

[Private IP addresses]

True or false : A VM can only have one single NIC

Answer 30

False, a VM can have multiple NICs. This is often the case for VMs that are used as NVAs.

Question 31

[Private IP addresses]

The IP configurations for a VM are stored where ?

Answer 31

In the NIC

Question 32

[Private IP addresses]

True or false : A single NIC can have multiple IP configurations

Answer 32

True

Question 33

[Private IP addresses]

True or false : Private IP adresses are a separate resource from the NIC

Answer 33

False

Question 34

[Private IP addresses]

True or false : Private IP adresses are not a separate resource from the NIC

Answer 34

True

Question 35

[Private IP addresses]

What two things does an IP configuration specify ?

Answer 35

1 . a specific subnet

2. an IP address allocated from that specific subnet

Question 36

[Private IP addresses]

What does DHCP stand for ?

Answer 36

Dynamic Host Configuration Protocol

Question 37

[Private IP addresses]

What are the two methods of assigning private IP addresses ?

Which one is the default method ?

Answer 37

1. Dynamic
2. Static

Dynamic is default

Question 38

[Private IP addresses]

What does Azure use to dynamically allocate private IP addresses ?

Answer 38

the Azure DHCP server

Question 39

[Private IP addresses]

In the subnet 10.10.0.0/24, you deploy a VM with dynamic IP address allocation.

Azure DHCP allocates 10.10.0.4

Why ?

Answer 39

It allocated the lowest available IP, and the first 4 are always reserved for the Azure platform

Question 40

[Private IP addresses]

When does a dynamically allocated IP address change ?

Answer 40

When you stop and restart a VM

Question 41

[Private IP addresses]

At what level is the IP address allocation method configuration (dynamic/static) specified ?

• the VM
• the NIC
• the IP configuration
• the subnet and IP address

Answer 41

the IP configuration

Question 42

[Private IP addresses]

You have a VM that is also going to serve as a domain controller.

Which of the following should be used to meet the requirement?

• Statically assigned IP addresses
• Dynamically assigned IP addresses

Answer 42

Statically assigned IP addresses

Question 43

[Private IP addresses]

Certain resources are going to be accessed through an IP address and not a domain name.

Which of the following should be used to meet the requirement?

• Statically assigned IP addresses
• Dynamically assigned IP addresses

Answer 43

Statically assigned IP addresses

Question 44

[Private IP addresses]

Static private IP addresses should only be configured in the Azure network interface resource.

They will be assigned to the virtual machine using ………………………. , just like with dynamic private IP addresses.

Answer 44

DHCP

Question 45

[Private IP addresses]

Private IPv6 addresses can be assigned …

• only dynamically
• only statically
• dynamically or statically

Answer 45

only dynamically

Question 46

[Private IP addresses]

Private IPv4 addresses can be assigned …

• only dynamically
• only statically
• dynamically or statically

Answer 46

dynamically or statically