Aviatrix ACE Multicloud Network Associate Course Answers (Aviatrix Certified Engineer Answers)

Are you looking for Aviatrix ACE Multicloud Network Associate Course Answers? If yes, here is the latest and updated answer to the Aviatrix Certified Engineer – Multi-Cloud Network Associate Quiz, and Get a certificate. This article will help you with the Aviatrix Multi-Cloud answers in the easiest ways.

Free Courses by HubSpot With Certificate

CourseACE Multicloud Network Associate
Solved byCourses Answer

Use CTRL + F or Find In Page to find questions.

Aviatrix ACE Multicloud Network Associate Course Answers

1. Where is the ‘center of gravity’ in the new computing model?

  1. Public Cloud
  2. Private Cloud
  3. On Prem
  4. Provider

2. What caused a large push to the public cloud?

  1. IT Security pushed it
  2. Speed of Deployment
  3. Lack of on-prem knowledge
  4. Compliance reasons

3. As applications move to the cloud, their proximity to the Internet is:

  1. closer
  2. farther away
  3. exactly the same

4. What are common challenges in the cloud?

  1. Lack of reference architecture
  2. Lack of visibility and troubleshooting
  3. Multi-Cloud Support
  4. All of the above

5. How does Aviatrix help customers in public clouds?

  1. Provides building blocks for AWS networking
  2. Aviatrix is a visibility tool inside cloud networks
  3. Aviatrix is a multi-cloud platform that brings a consistent architecture with Day 2 Operations and Visibility
  4. Aviatrix is an on-prem solution for networking and security

6. Which group led the initial charge in the cloud?

  1. DevOps
  2. IT
  3. Security
  4. System Admistrators

7. True or false: When things break, DevOps teams can troubleshoot their own network connectivity without needing networking teams for support.

  1. True
  2. False

8. Which unique challenge does a network engineer face in the cloud that isn’t present on-perm?

  1. Routing
  2. Firewalling
  3. Accounts/Subscriptions
  4. Securtiy

9. When organizations build in the cloud, the providers typically follow what model:

  1. Build it yourself – we provide the pieces
  2. Plenty of reference architectures to choose from
  3. Providers will design an architecture for you
  4. None of the above

10. True or false: Cloud providers can easily help customers in multi-cloud deployments.

  1. True
  2. False

11. What is the definition of a PaaS Service?

  1. You as the customer own the entire stack
  2. You as the customer manage just the application and data
  3. You as the customer just consume the service
  4. None of the above

12. What is a hybrid cloud?

  1. Multi-tenant cloud service provided by Microsoft, Amazon, etc.
  2. Single-tenant cloud service hosted by you the customer
  3. A combination of Public and Private Cloud
  4. any virtualized compute provider

13. Which is NOT a valid component of the cloud?

  1. Datacenter
  2. Region
  3. Geographical Zone
  4. Availability Zone

14. Is Availability Zone 1A the same for every customer in cloud environments?

  1. Yes
  2. No

15. True or false: We have an architectural gap in cloud today because there is no consistent framework for network and security across clouds.

  1. True
  2. False

16. The On-Prem world is most similar to which type of service:

  1. SaaS
  2. IaaS
  3. PaaS
  4. CSP

17. Office365 is an example of which service:

  1. IaaS
  2. PaaS
  3. SaaS
  4. None of the above

18. True or false: A region is the same thing as a data center for cloud providers.

  1. True
  2. False

19. True or false: When a cloud provider deploys a region, there are always multiple availability zones present.

  1. True
  2. False

20. One advantage of availability zones includes:

  1. Resources across AZs can survive a regional outage
  2. Resources across AZs can survive a global outage
  3. Resources across AZs can survive a data center outage
  4. None of the above

21. Which AWS service represents a virtual machine?

  1. VPC
  2. Direct Connect
  3. EC2
  4. S3

22. True or false: To connect a VPC, AWS uses an implicit router that customers must configure to allow communication between VPCs.

  1. True
  2. False

23. Which AWS service best represents your private virtual walled garden in the cloud?

  1. Direct Connect
  2. VPC
  3. IAM
  4. CloudFront

24. True or false: In AWS, subnets are global resources spread across availability zones.

  1. True
  2. False

25. Which AWS security component is a stateless filter?

  1. Security Group
  2. NACL
  3. Internet Gateway
  4. Network Security Groups (NSG)

26. True or false: Security Groups in AWS can not be shared across VPCs unless they are peered together.

  1. True
  2. False

27. Which gateway is not an available option with AWS?

  1. Internet Gateway
  2. NAT Gateway
  3. Virtual Network Gateway
  4. Transit Gateway

28. True or false: Transit Gateway in AWS fully automates routing so that no manual configuration is required.

  1. True
  2. False

29. In AWS, a Direct Connect circuit can terminate on which of the following:

  1. Direct Connect Gateway
  2. Transit Gateway
  3. Internet Gateway
  4. VPC Gateway

30. Using native AWS constructs, the highest available bandwidth within an IPSEC tunnel is:

  1. 500Mbps
  2. 1.25Gbps
  3. 4Gbps
  4. 10Gbps

31. True or false: There are currently no limitations to the number of routes supported in AWS Transit Gateway.

  1. True
  2. False

32. What is different about Availability Zones in Azure than other clouds?

  1. Azure does not support Availability Zones
  2. Azure implements Availability Zones by default
  3. Azure only supports Availability Zones in certain regions
  4. None of the above

33. What are Virtual Network Gateways used for?

  1. Hybrid Connectivity termination constructs for VPN or Express Route
  2. Native construct used for VNET peering
  3. Native construct used for Internet access
  4. Hybrid Connectivity option for SDWAN connectivity

34. Which Azure component groups items together for better organization control of a specific workload?

  1. Service
  2. Resource
  3. Resource Group
  4. AD Tenant

35. What is the top level organizational structure in Azure?

  1. Resource Group
  2. Subscription
  3. AD Tenant
  4. Resource

36. True or false: In Azure, subnets are created as either private or public.

  1. True
  2. False

37. Some challenges with Azure Virtual WAN as a platform include:

  1. Does not provide encryption within the cloud
  2. Does not provide a multi-cloud architecture
  3. No 3rd party devices supported in the HUB
  4. All of the above

38. An ExpressRoute circuit in Azure can terminate on which device (select all that apply)

  1. ExpressRoute Gateway
  2. NVA
  3. Virtual Network Gateway
  4. VPN Gateway

39. True or false: Using ExpressRoute hairpinning for spoke to spoke traffic is the recommended option for transit within Azure.

  1. True
  2. False

40. What is an NVA in Azure (select all that apply)

  1. Any 3rd party device in the Azure marketplace
  2. Any native Azure networking device
  3. Network Virtual Access
  4. Network Virtual Appliance

41. Challenges with using an NVA to provide spoke to spoke communication in Azure include: (select all that apply)

  1. User Defined Route Management at scale
  2. No allocated bandwidth on edge routers
  3. SNAT required for traffic symmetry
  4. This method is a 1 to 1 mapping of VNETs

42. GCP private dedicated connectivity is referred to as

  1. ExpressRoute
  2. Direct Connect
  3. Cloud Interconnect
  4. Fast Connect

43. True or false: All resources within GCP are either Global or Regional or both.

  1. True
  2. False

44. A Virtual Machine is an example of a

  1. Zonal Resource
  2. Regional Resource
  3. Global Resource
  4. None of the above

45. A VPC is an example of a:

  1. Zonal Resource
  2. Regional Resource
  3. Global Resouce
  4. None of the above

46. For a single user, GCP resources are structurally organized in a:

  1. Organization
  2. Folder
  3. Project
  4. Resource Group

47. True or false: GCP encourages deployments of multiple VPCs to spread out all your workloads.

  1. True
  2. False

48. What does Auto Mode in GCP mean?

  1. VPC networks start with no subnets
  2. subnets are created in each region
  3. you must manually configure your subnets
  4. address space will be defined at the VPC level

49. True or false: GCP supports dynamic routes within the cloud.

  1. True
  2. False

50. True or false: VPC peering in GCP allows VPC to be transitive.

  1. True
  2. False

51. A project can access another project’s resource via (select all that apply)

  1. Shared VPC
  2. Cloud Interconnect
  3. VPC Peering
  4. Cloud Router

52. What are virtual cloud networks called in OCI?

  1. Cloud SQLNet
  2. VCN
  3. OCI-NET
  4. oranet

53. True or false: OCI subnets are tied to Availability Domains.

  1. True
  2. False

54. How many DRGs can you have in an OCI Region?

  1. 25
  2. No limits
  3. 5
  4. 200

55. True or false: Overlapping IPs are allowed when peering VCNs in OCI.

  1. True
  2. False

56. In OCI you need to specify a _ when creating resources.

  1. Compartment ID
  2. Account Name
  3. Oracle Prefix Identifier
  4. Last 3 characters of tenancy id + the first three letters of your username

57. True or false: In OCI it’s easy to have full visibility and control of the networks built there using the OCI Console.

  1. True
  2. False

58. The Oracle Azure networking partnership is available in all OCI and Azure regions.

  1. True
  2. False

59. Service Gateways provide _____________ access from VCNs to Oracle Services.

  1. Public
  2. Hybrid
  3. Private
  4. Round-robin hashed

60. Tenancy IAM metadata is bound to _______.

  1. Company address
  2. the home region
  3. Phoenix for all US customers
  4. globally, no restrictions

61. True or false: Using OCI native networking resources alone, it’s easy to scale and set up secure connections with other Cloud Service Providers.

  1. True
  2. False

62. What are the main pillars of the MCNA?

  1. Cloud Core, Operations, and Access
  2. Cloud Core, Networking, and Applications
  3. Cloud Access, Transit, and Management
  4. Cloud Operations, Connectivity, and Core

63. True or false: Security and Visibility is inserted throughout the MCNA Architecture.

  1. True
  2. False

64. Which answer is a benefit of having a Multi-Cloud Network Architecture?

  1. Normalized Data Plane
  2. Centralized Control Plane
  3. Repeatable across cloud providers
  4. All of the above

65. Customer Challenges in cloud include:

  1. Go Build
  2. Vendor Lock In
  3. Black Box
  4. All of the above

66. What is the most important aspect of any multi-cloud network?

  1. Access
  2. Compute
  3. Transit
  4. Delivery

67. The function of the cloud operations layer includes (select all that apply)

  1. Multi-Cloud Centralized Visibility
  2. Multi-Cloud Centralized Control
  3. Multi-Cloud Centralized Orchestration
  4. All of the above

68. The Cloud Core layer of the MCNA provides:

  1. Centralized visibility and orchestrtion
  2. Normalized Data plane across clouds
  3. Common access into the clouds
  4. None of the above

69. True or false: With MCNA, security must be configured per cloud provider to maintain consistent governance.

  1. True
  2. False

70. Cloud Access in MCNA provides common access for:

  1. SDWAN
  2. Direct Connect options from cloud providers
  3. VPN connectivity
  4. All of the above

71. The core principal of MCNA is:

  1. a cloud architecture per cloud using native constructs
  2. an on-prem hybrid connectivity model for connecting to cloud
  3. a security a visibility framework for cloud environments
  4. a multi-cloud network and security framework for consistent deployment across clouds

72. Which best describes the Aviatrix Transit Solutions:

  1. Built using native IPSEC with a limit of 1.25G per tunnel
  2. Built using native peering only
  3. Built using Aviatrix IPSEC for encryption by default with option for high performance
  4. Built using a mix of IPSEC with BGP that requires customer configuration

73. True or false: Aviatrix transit must be built out per cloud and does not support cross-cloud communication by default.

  1. True
  2. False

74. What is a challenge with native encryption within the cloud?

  1. Cloud environments are not natively encrypted
  2. Native encryption mechanisms are limited to 1.25G
  3. IPSEC tunnels are tied to a single core within compute
  4. All of the above

75. What are the components within the Aviatrix Platform?

  1. Controller
  2. Gateways
  3. CoPilot
  4. All of the above

76. Why is cloud IPSEC limited to 1.25G?

  1. Native solutions build tunnels across a single core only
  2. This is can be overcome with multi-core VMs
  3. Private connectivity like ExpressRoute and Direct Connect is encrypted by default
  4. Cloud providers cannot provide encryption at all

77. True or false: The Aviatrix FQDN Egress Filter supports both centralized and distributed egress methods.

  1. True
  2. False

78. True or false: Aviatrix can extend native AWS features like Guard Duty to provide enforcement of alerts.

  1. True
  2. False

79. The advantage of Aviatrix Transit within the cloud is:

  1. End to End Encryption
  2. Repeatable across Clouds
  3. Complete Visibility and Control
  4. All of the above

80. With Aviatrix HPE, customers can get:

  1. Near line rate encryption within the cloud
  2. Near line rate encryption between clouds
  3. Near line rate encryption between on-prem and cloud
  4. All of the above

81. True or false: Aviatrix can provide filtering of partner route advertisements through a BGP Approval Process.

  1. True
  2. False

82. What are some challenges with inserting firewalls in the cloud?

  1. Repackaged Firewall Solution from on-prem world
  2. Native Firewall Solutions are primarily L4 firewalls
  3. Customer required to configure and manage routing
  4. All of the above

83. How much throughput can Aviatrix achieve with Firenet?

  1. Up to 10G
  2. Up to 30G
  3. Up to 50G
  4. Up to 70G

84. What advantages does the Aviatrix Site to Cloud offer?

  1. Support for Network Address Translation (NAT)
  2. Support for TCP and UDP tunnels
  3. Uses a template driven manner for configuration
  4. All of the above

85. True or false: Aviatrix Firenet can orchestrate the firewall deployment, firewall routing, and VNET/VPC routing for NGFW insertion.

  1. True
  2. False

86. True or false: The Aviatrix User VPN solution does not allow profile based granular access control.

  1. True
  2. False

87. Which 3rd party integrations are available for Aviatrix User VPN?

  1. DUO
  2. Okta
  3. AD
  4. SAML
  5. All of the above

88. True or false: Aviatrix Firenet requires that customers use gateways in the spokes, as this is not supported using native constructs for transit (i.e. AWS TGW or Azure Peering).

  1. True
  2. False

89. Which Aviatrix feature allows customers to group VPC/VNETs with common security properties for access?

  1. FireNet
  2. Security Domains
  3. Site 2 Cloud
  4. Cloud WAN

90. True or false: Aviatrix Site 2 Cloud can also be used to onboard IoT devices.

  1. True
  2. False

91. What problems does Aviatrix Private S3 solution solve for? (select all that apply)

  1. Data exfiltration
  2. IDS for S3 buckets
  3. Private access (RFC1918 only) to S3 buckets without the need of public addresses
  4. On prem S3 buckets

92. True or false: Aviatrix is a multi-cloud Terraform provider.

  1. True
  2. False

93. True or false: Aviatrix can not provide packet captures of live traffic.

  1. True
  2. False

94. True or false: The VPC tracker is only available for AWS.

  1. True
  2. False

95. What does Aviatrix use for Controller HA in AWS?

  1. a Lambda script
  2. an S3 bucket
  3. an auto scaling group
  4. All of the above

96. How does Flight Path help users troubleshoot connectivity problems?

  1. Allows the gateways to be access via API to perform queries
  2. Provides a packet capture of specific network flows
  3. Provides a visual walk-through based on source and destination to highlight path issues
  4. Provides ping and traceroute capabilities for source and destination

97. What are some operational challenges that customers face in the cloud?

  1. Tier-3 becomes Tier-1 for troubleshooting
  2. Limited visibility into native constructs
  3. Lack of standard troubleshooting tools (ping, traceroute, etc.)
  4. All of the above

98. True or false: The Aviatrix controller can perform auditing of routing constructs. This ensures that no new routes have been added, that can affect end to end network correctness.

  1. True
  2. False

99. True or false: Common troubleshooting tasks like ping and traceroute can be run from any Aviatrix gateway.

  1. True
  2. False

100. What happens when the Aviatrix components require upgrades?

  1. Downtime is required for all upgrades
  2. Upgrades are hitless
  3. The controller must be rebooted after upgrades
  4. The gateways must be rebooted after upgrades

101. Which of the following statements is true?

  1. Customers must spin up a controller per subscription/account
  2. Customers must spin up a controller per cloud environment
  3. Customers can spin up a single controller but can only on-board one master account per cloud
  4. Customers can spin up a single controller and on-board multiple cloud accounts for management

102. True or false: CoPilot must be deployed per cloud to gain visibility across your multi-cloud network.

  1. True
  2. False

103. CoPilot topology can provide:

  1. Customized Visibility Options
  2. Custom tagging of resources
  3. Diagnostic functions from gateways
  4. All of the above

104. True or false: CoPilot doesn’t provide any geolocation features for data traffic.

  1. True
  2. False

105. Aviatrix FlowIQ provides:

  1. A dashboard for up/down status of gateways
  2. Netflow data across the multi-cloud network for all traffic seen by gateways
  3. A dynamic topology of all cloud resources
  4. None of the above

106. True or false: Flow IQ will provide summarization of netflow data but for specific records we must perform tasks on the gateways.

  1. True
  2. False

107. What is Aviatrix CoPilot?

  1. Provides intelligent visibility into cloud networks through dynamic topology, netflow, troubleshooting and more
  2. A cloud native troubleshooting tool
  3. A function on the aviatrix gateways
  4. None of the above

108. True or false: CoPilot allows for custom filters to limit data to defined resources, applications, and flows.

  1. True
  2. False

109. Which clouds can you deploy the Aviatrix controller in?

  1. AWS
  2. Azure
  3. OCI
  4. All of the above

110. How many controllers do you normally need to run a multi-cloud environment consisting of OCI, Azure and GCP?

  1. 1
  2. 2
  3. 3
  4. 4

111. What is the recommended or easiest way of deploying the Aviatrix controller in AWS?

  1. your own lambda script
  2. your own CloudFormation template
  3. CloudFormation template from docs.aviatrix.com
  4. building an instance from the AMI

112. Can you deploy Aviatrix Controller in your on-prem DC?

  1. Yes
  2. No


That’s all about Aviatrix ACE Multicloud Network Associate Course Answers (Aviatrix Certified Engineer Answers). If you have any further queries drop them in the comments below. It is a great opportunity to learn new skills from industry experts for free and get a certificate.

Leave a Comment