Are you looking for Aviatrix ACE Multicloud Network Associate Course Answers? If yes, here is the latest and updated answer to the Aviatrix Certified Engineer – Multi-Cloud Network Associate Quiz, and Get a certificate. This article will help you with the Aviatrix Multi-Cloud answers in the easiest ways.
Free Courses by HubSpot With Certificate
Course | ACE Multicloud Network Associate |
Provider | Aviatrix |
Certification | Yes |
Solved by | Courses Answer |
Use CTRL + F or Find In Page to find questions.
Aviatrix ACE Multicloud Network Associate Course Answers
1. Where is the ‘center of gravity’ in the new computing model?
- Public Cloud
- Private Cloud
- On Prem
- Provider
2. What caused a large push to the public cloud?
- IT Security pushed it
- Speed of Deployment
- Lack of on-prem knowledge
- Compliance reasons
3. As applications move to the cloud, their proximity to the Internet is:
- closer
- farther away
- exactly the same
4. What are common challenges in the cloud?
- Lack of reference architecture
- Lack of visibility and troubleshooting
- Multi-Cloud Support
- All of the above
5. How does Aviatrix help customers in public clouds?
- Provides building blocks for AWS networking
- Aviatrix is a visibility tool inside cloud networks
- Aviatrix is a multi-cloud platform that brings a consistent architecture with Day 2 Operations and Visibility
- Aviatrix is an on-prem solution for networking and security
6. Which group led the initial charge in the cloud?
- DevOps
- IT
- Security
- System Admistrators
7. True or false: When things break, DevOps teams can troubleshoot their own network connectivity without needing networking teams for support.
- True
- False
8. Which unique challenge does a network engineer face in the cloud that isn’t present on-perm?
- Routing
- Firewalling
- Accounts/Subscriptions
- Securtiy
9. When organizations build in the cloud, the providers typically follow what model:
- Build it yourself – we provide the pieces
- Plenty of reference architectures to choose from
- Providers will design an architecture for you
- None of the above
10. True or false: Cloud providers can easily help customers in multi-cloud deployments.
- True
- False
11. What is the definition of a PaaS Service?
- You as the customer own the entire stack
- You as the customer manage just the application and data
- You as the customer just consume the service
- None of the above
12. What is a hybrid cloud?
- Multi-tenant cloud service provided by Microsoft, Amazon, etc.
- Single-tenant cloud service hosted by you the customer
- A combination of Public and Private Cloud
- any virtualized compute provider
13. Which is NOT a valid component of the cloud?
- Datacenter
- Region
- Geographical Zone
- Availability Zone
14. Is Availability Zone 1A the same for every customer in cloud environments?
- Yes
- No
15. True or false: We have an architectural gap in cloud today because there is no consistent framework for network and security across clouds.
- True
- False
16. The On-Prem world is most similar to which type of service:
- SaaS
- IaaS
- PaaS
- CSP
17. Office365 is an example of which service:
- IaaS
- PaaS
- SaaS
- None of the above
18. True or false: A region is the same thing as a data center for cloud providers.
- True
- False
19. True or false: When a cloud provider deploys a region, there are always multiple availability zones present.
- True
- False
20. One advantage of availability zones includes:
- Resources across AZs can survive a regional outage
- Resources across AZs can survive a global outage
- Resources across AZs can survive a data center outage
- None of the above
21. Which AWS service represents a virtual machine?
- VPC
- Direct Connect
- EC2
- S3
22. True or false: To connect a VPC, AWS uses an implicit router that customers must configure to allow communication between VPCs.
- True
- False
23. Which AWS service best represents your private virtual walled garden in the cloud?
- Direct Connect
- VPC
- IAM
- CloudFront
24. True or false: In AWS, subnets are global resources spread across availability zones.
- True
- False
25. Which AWS security component is a stateless filter?
- Security Group
- NACL
- Internet Gateway
- Network Security Groups (NSG)
26. True or false: Security Groups in AWS can not be shared across VPCs unless they are peered together.
- True
- False
27. Which gateway is not an available option with AWS?
- Internet Gateway
- NAT Gateway
- Virtual Network Gateway
- Transit Gateway
28. True or false: Transit Gateway in AWS fully automates routing so that no manual configuration is required.
- True
- False
29. In AWS, a Direct Connect circuit can terminate on which of the following:
- Direct Connect Gateway
- Transit Gateway
- Internet Gateway
- VPC Gateway
30. Using native AWS constructs, the highest available bandwidth within an IPSEC tunnel is:
- 500Mbps
- 1.25Gbps
- 4Gbps
- 10Gbps
31. True or false: There are currently no limitations to the number of routes supported in AWS Transit Gateway.
- True
- False
32. What is different about Availability Zones in Azure than other clouds?
- Azure does not support Availability Zones
- Azure implements Availability Zones by default
- Azure only supports Availability Zones in certain regions
- None of the above
33. What are Virtual Network Gateways used for?
- Hybrid Connectivity termination constructs for VPN or Express Route
- Native construct used for VNET peering
- Native construct used for Internet access
- Hybrid Connectivity option for SDWAN connectivity
34. Which Azure component groups items together for better organization control of a specific workload?
- Service
- Resource
- Resource Group
- AD Tenant
35. What is the top level organizational structure in Azure?
- Resource Group
- Subscription
- AD Tenant
- Resource
36. True or false: In Azure, subnets are created as either private or public.
- True
- False
37. Some challenges with Azure Virtual WAN as a platform include:
- Does not provide encryption within the cloud
- Does not provide a multi-cloud architecture
- No 3rd party devices supported in the HUB
- All of the above
38. An ExpressRoute circuit in Azure can terminate on which device (select all that apply)
- ExpressRoute Gateway
- NVA
- Virtual Network Gateway
- VPN Gateway
39. True or false: Using ExpressRoute hairpinning for spoke to spoke traffic is the recommended option for transit within Azure.
- True
- False
40. What is an NVA in Azure (select all that apply)
- Any 3rd party device in the Azure marketplace
- Any native Azure networking device
- Network Virtual Access
- Network Virtual Appliance
41. Challenges with using an NVA to provide spoke to spoke communication in Azure include: (select all that apply)
- User Defined Route Management at scale
- No allocated bandwidth on edge routers
- SNAT required for traffic symmetry
- This method is a 1 to 1 mapping of VNETs
42. GCP private dedicated connectivity is referred to as
- ExpressRoute
- Direct Connect
- Cloud Interconnect
- Fast Connect
43. True or false: All resources within GCP are either Global or Regional or both.
- True
- False
44. A Virtual Machine is an example of a
- Zonal Resource
- Regional Resource
- Global Resource
- None of the above
45. A VPC is an example of a:
- Zonal Resource
- Regional Resource
- Global Resouce
- None of the above
46. For a single user, GCP resources are structurally organized in a:
- Organization
- Folder
- Project
- Resource Group
47. True or false: GCP encourages deployments of multiple VPCs to spread out all your workloads.
- True
- False
48. What does Auto Mode in GCP mean?
- VPC networks start with no subnets
- subnets are created in each region
- you must manually configure your subnets
- address space will be defined at the VPC level
49. True or false: GCP supports dynamic routes within the cloud.
- True
- False
50. True or false: VPC peering in GCP allows VPC to be transitive.
- True
- False
51. A project can access another project’s resource via (select all that apply)
- Shared VPC
- Cloud Interconnect
- VPC Peering
- Cloud Router
52. What are virtual cloud networks called in OCI?
- Cloud SQLNet
- VCN
- OCI-NET
- oranet
53. True or false: OCI subnets are tied to Availability Domains.
- True
- False
54. How many DRGs can you have in an OCI Region?
- 25
- No limits
- 5
- 200
55. True or false: Overlapping IPs are allowed when peering VCNs in OCI.
- True
- False
56. In OCI you need to specify a _ when creating resources.
- Compartment ID
- Account Name
- Oracle Prefix Identifier
- Last 3 characters of tenancy id + the first three letters of your username
57. True or false: In OCI it’s easy to have full visibility and control of the networks built there using the OCI Console.
- True
- False
58. The Oracle Azure networking partnership is available in all OCI and Azure regions.
- True
- False
59. Service Gateways provide _____________ access from VCNs to Oracle Services.
- Public
- Hybrid
- Private
- Round-robin hashed
60. Tenancy IAM metadata is bound to _______.
- Company address
- the home region
- Phoenix for all US customers
- globally, no restrictions
61. True or false: Using OCI native networking resources alone, it’s easy to scale and set up secure connections with other Cloud Service Providers.
- True
- False
62. What are the main pillars of the MCNA?
- Cloud Core, Operations, and Access
- Cloud Core, Networking, and Applications
- Cloud Access, Transit, and Management
- Cloud Operations, Connectivity, and Core
63. True or false: Security and Visibility is inserted throughout the MCNA Architecture.
- True
- False
64. Which answer is a benefit of having a Multi-Cloud Network Architecture?
- Normalized Data Plane
- Centralized Control Plane
- Repeatable across cloud providers
- All of the above
65. Customer Challenges in cloud include:
- Go Build
- Vendor Lock In
- Black Box
- All of the above
66. What is the most important aspect of any multi-cloud network?
- Access
- Compute
- Transit
- Delivery
67. The function of the cloud operations layer includes (select all that apply)
- Multi-Cloud Centralized Visibility
- Multi-Cloud Centralized Control
- Multi-Cloud Centralized Orchestration
- All of the above
68. The Cloud Core layer of the MCNA provides:
- Centralized visibility and orchestrtion
- Normalized Data plane across clouds
- Common access into the clouds
- None of the above
69. True or false: With MCNA, security must be configured per cloud provider to maintain consistent governance.
- True
- False
70. Cloud Access in MCNA provides common access for:
- SDWAN
- Direct Connect options from cloud providers
- VPN connectivity
- All of the above
71. The core principal of MCNA is:
- a cloud architecture per cloud using native constructs
- an on-prem hybrid connectivity model for connecting to cloud
- a security a visibility framework for cloud environments
- a multi-cloud network and security framework for consistent deployment across clouds
72. Which best describes the Aviatrix Transit Solutions:
- Built using native IPSEC with a limit of 1.25G per tunnel
- Built using native peering only
- Built using Aviatrix IPSEC for encryption by default with option for high performance
- Built using a mix of IPSEC with BGP that requires customer configuration
73. True or false: Aviatrix transit must be built out per cloud and does not support cross-cloud communication by default.
- True
- False
74. What is a challenge with native encryption within the cloud?
- Cloud environments are not natively encrypted
- Native encryption mechanisms are limited to 1.25G
- IPSEC tunnels are tied to a single core within compute
- All of the above
75. What are the components within the Aviatrix Platform?
- Controller
- Gateways
- CoPilot
- All of the above
76. Why is cloud IPSEC limited to 1.25G?
- Native solutions build tunnels across a single core only
- This is can be overcome with multi-core VMs
- Private connectivity like ExpressRoute and Direct Connect is encrypted by default
- Cloud providers cannot provide encryption at all
77. True or false: The Aviatrix FQDN Egress Filter supports both centralized and distributed egress methods.
- True
- False
78. True or false: Aviatrix can extend native AWS features like Guard Duty to provide enforcement of alerts.
- True
- False
79. The advantage of Aviatrix Transit within the cloud is:
- End to End Encryption
- Repeatable across Clouds
- Complete Visibility and Control
- All of the above
80. With Aviatrix HPE, customers can get:
- Near line rate encryption within the cloud
- Near line rate encryption between clouds
- Near line rate encryption between on-prem and cloud
- All of the above
81. True or false: Aviatrix can provide filtering of partner route advertisements through a BGP Approval Process.
- True
- False
82. What are some challenges with inserting firewalls in the cloud?
- Repackaged Firewall Solution from on-prem world
- Native Firewall Solutions are primarily L4 firewalls
- Customer required to configure and manage routing
- All of the above
83. How much throughput can Aviatrix achieve with Firenet?
- Up to 10G
- Up to 30G
- Up to 50G
- Up to 70G
84. What advantages does the Aviatrix Site to Cloud offer?
- Support for Network Address Translation (NAT)
- Support for TCP and UDP tunnels
- Uses a template driven manner for configuration
- All of the above
85. True or false: Aviatrix Firenet can orchestrate the firewall deployment, firewall routing, and VNET/VPC routing for NGFW insertion.
- True
- False
86. True or false: The Aviatrix User VPN solution does not allow profile based granular access control.
- True
- False
87. Which 3rd party integrations are available for Aviatrix User VPN?
- DUO
- Okta
- AD
- SAML
- All of the above
88. True or false: Aviatrix Firenet requires that customers use gateways in the spokes, as this is not supported using native constructs for transit (i.e. AWS TGW or Azure Peering).
- True
- False
89. Which Aviatrix feature allows customers to group VPC/VNETs with common security properties for access?
- FireNet
- Security Domains
- Site 2 Cloud
- Cloud WAN
90. True or false: Aviatrix Site 2 Cloud can also be used to onboard IoT devices.
- True
- False
91. What problems does Aviatrix Private S3 solution solve for? (select all that apply)
- Data exfiltration
- IDS for S3 buckets
- Private access (RFC1918 only) to S3 buckets without the need of public addresses
- On prem S3 buckets
92. True or false: Aviatrix is a multi-cloud Terraform provider.
- True
- False
93. True or false: Aviatrix can not provide packet captures of live traffic.
- True
- False
94. True or false: The VPC tracker is only available for AWS.
- True
- False
95. What does Aviatrix use for Controller HA in AWS?
- a Lambda script
- an S3 bucket
- an auto scaling group
- All of the above
96. How does Flight Path help users troubleshoot connectivity problems?
- Allows the gateways to be access via API to perform queries
- Provides a packet capture of specific network flows
- Provides a visual walk-through based on source and destination to highlight path issues
- Provides ping and traceroute capabilities for source and destination
97. What are some operational challenges that customers face in the cloud?
- Tier-3 becomes Tier-1 for troubleshooting
- Limited visibility into native constructs
- Lack of standard troubleshooting tools (ping, traceroute, etc.)
- All of the above
98. True or false: The Aviatrix controller can perform auditing of routing constructs. This ensures that no new routes have been added, that can affect end to end network correctness.
- True
- False
99. True or false: Common troubleshooting tasks like ping and traceroute can be run from any Aviatrix gateway.
- True
- False
100. What happens when the Aviatrix components require upgrades?
- Downtime is required for all upgrades
- Upgrades are hitless
- The controller must be rebooted after upgrades
- The gateways must be rebooted after upgrades
101. Which of the following statements is true?
- Customers must spin up a controller per subscription/account
- Customers must spin up a controller per cloud environment
- Customers can spin up a single controller but can only on-board one master account per cloud
- Customers can spin up a single controller and on-board multiple cloud accounts for management
102. True or false: CoPilot must be deployed per cloud to gain visibility across your multi-cloud network.
- True
- False
103. CoPilot topology can provide:
- Customized Visibility Options
- Custom tagging of resources
- Diagnostic functions from gateways
- All of the above
104. True or false: CoPilot doesn’t provide any geolocation features for data traffic.
- True
- False
105. Aviatrix FlowIQ provides:
- A dashboard for up/down status of gateways
- Netflow data across the multi-cloud network for all traffic seen by gateways
- A dynamic topology of all cloud resources
- None of the above
106. True or false: Flow IQ will provide summarization of netflow data but for specific records we must perform tasks on the gateways.
- True
- False
107. What is Aviatrix CoPilot?
- Provides intelligent visibility into cloud networks through dynamic topology, netflow, troubleshooting and more
- A cloud native troubleshooting tool
- A function on the aviatrix gateways
- None of the above
108. True or false: CoPilot allows for custom filters to limit data to defined resources, applications, and flows.
- True
- False
109. Which clouds can you deploy the Aviatrix controller in?
- AWS
- Azure
- OCI
- All of the above
110. How many controllers do you normally need to run a multi-cloud environment consisting of OCI, Azure and GCP?
- 1
- 2
- 3
- 4
111. What is the recommended or easiest way of deploying the Aviatrix controller in AWS?
- your own lambda script
- your own CloudFormation template
- CloudFormation template from docs.aviatrix.com
- building an instance from the AMI
112. Can you deploy Aviatrix Controller in your on-prem DC?
- Yes
- No
Conclusion
That’s all about Aviatrix ACE Multicloud Network Associate Course Answers (Aviatrix Certified Engineer Answers). If you have any further queries drop them in the comments below. It is a great opportunity to learn new skills from industry experts for free and get a certificate.