Managing Network Settings

Question 1

Your existing Microsoft Azure virtual network is currently configured with an IPv4 address range of 10.0.0/16. Future virtual machines deployed to this virtual network will be configured with addresses in the 192.168.0.0/24 IPv4 address range. What should you do to ensure the virtual machines will communicate correctly in the cloud?
A. The 192.168.0.0/24 range cannot be used with vnets
B. Add the 192.168.0.0/24 range to the virtual network
C. Create a subnet using the 192.168.0.0/24 range
D. Create a new vnet using the 192.168.0.0/24 range

Answer 1

C. Create a subnet using the 192.168.0.0/24 range.
B. Add the 192.168.0.0/24 range to the virtual network

A. The 192.168.0.0/24 range cannot be used with vnets is incorrect. Virtual networks can use any valid IPv4 address range.
D. Create a new vnet using the 192.168.0.0/24 range is unnecessary and would complicate network management.
By creating a subnet within your existing virtual network using the 192.168.0.0/24 range, you ensure that

Question 2

You have created a new public IP address resource in thr Microsoft Azure cloud, but your existing virtual machine does not show a public IP address. What is the problem?
A. The public Ip address must exist before the virtual machines is deployed
B. The public IP address must be associated with the virtual machine network adapter
C. Cloud virtual machines cannot have public IP addresses
D. The Azure portal web page needs to be refreshed

Answer 2

B. The public IP address must be associated with the virtual machine network adapter.

To make a virtual machine accessible from the internet, you need to associate a public IP address with one of its network interfaces. This is typically done through the Azure portal, PowerShell, or Azure CLI.

Once the association is made, the virtual machine will be accessible via the public IP address.

Question 3

You need to configure a default role through an Internet Gateway for your AWS environment. Which IP address should you specify when adding a new route to a routing table in AWS?
A. 0.0.0.0/0
B. 127.0.0.1
C. ::/0
D. ::/1

Answer 3

A. 0.0.0.0/0.

This CIDR block represents all possible IPv4 addresses. By specifying this as the destination CIDR for your route, you’re instructing the routing table to send all traffic that doesn’t have a more specific route to the specified target, which in this case is your Internet Gateway.

Question 4

You need a VMware virtual machine’s virtual network adapter to connect directly to the physical network. Which type of network connection should the adapter be configured with?
A. NAT
B. Bridged
C. VMnet5
D. Host-only

Answer 4

B. Bridged.
A bridged network adapter allows the virtual machine to communicate directly with physical network devices, just like a physical machine. This is the appropriate choice when you want the virtual machine to be seen as a separate physical device on the network.

Question 5

You need to configure IPSec on a Windows server. Where should you configure this?
A. Add a Connection Security Rule in the Windows Defender advanced settings
B. Add an inbound rule in Windows Defender
C. Add the IPSec settings in the Windows registry
D. Create an IPSec configuration in Active Directory

Answer 5

A. Add a Connection Security Rule in the Windows Defender advanced settings.

Here’s a brief explanation of why:
Connection Security Rules are specifically designed to configure IPSec policies on Windows systems.
Windows Defender is a security suite that includes tools for managing network security, including IPSec.
Advanced settings within Windows Defender provide access to granular configuration options, including IPSec.

Question 6

Which DNS option digitally signs records in a DNS zone?
A. DNSSEC
B. Vendor class identifiers
C. SSH
D. HTTPS

Answer 6

A. DNSSEC.
DNSSEC (Domain Name System Security Extensions) is a suite of specifications that adds security extensions to the Domain Name System (DNS). It uses digital signatures to authenticate DNS data and protect against DNS spoofing and other attacks.

Question 7

Which Wi-Fi authentication methods forwards network connection request to a centralized authentication server?
A. WPA2 PSK
B. WEP
C. WPA2 Enterprise
D. WPS

Answer 7

C. WPA2 Enterprise.
WPA2 Enterprise is a Wi-Fi authentication method that requires users to authenticate with a centralized authentication server, typically a RADIUS server. This provides stronger security than methods like WPA2 PSK, which relies on a pre-shared key.

Question 8

Which Linux command can be used to display network interfaces and associated IP addresses?
A. chmod
B. ipconfig
C. ip a
D. Ismod

Answer 8

C. ip a.
The ip a command is the most common and versatile way to display network interface information in Linux. It provides detailed information about each interface, including IP addresses, MAC addresses, network masks, and other relevant details.

Here’s a breakdown of the other options:
chmod: This command is used to change file permissions, not for network information.
ipconfig: This command is primarily used in Windows environments.
lsmod: This command lists loaded kernel modules, not network interfaces.

Question 9

Which protocol removes the need for configuring IP settings on each station?
A. DHCP
B. DNS
C. FTP
D. SSH

Answer 9

A. DHCP.

DHCP (Dynamic Host Configuration Protocol) is a network protocol that automatically assigns IP addresses and other network configuration parameters to devices on a network. This eliminates the need for manual configuration of IP settings on each individual device, making network management more efficient.