Aviatrix Certified Engineer Answers – Multi-Cloud Network

Associate Course Answers

Table of Contents 

Aviatrix Certified Engineer Answers – Multi-Cloud Network Associate

Course Answers: ��� If you came here looking for the answers of Multi-
Cloud Network Associate by Aviatrix then this is the one-stop solution for you.
Here I have mentioned all the modules in a separate way so that you can easily
find them and all the answers are correct even the Multi-Cloud Network Associate
Final Exam Answers are also mentioned which is 100% Correct.

Enroll Here: ACE Multi-Cloud Network Training & Certification Free Course By
Aviatrix

Aviatrix Certified Engineer – Multi-Cloud

Network Associate Course Answers
Note: You must watch 90% of the lecture and score at least 70% on each
knowledge check before proceeding to the next section.

Introduction

About Aviatrix Quiz Answers

1. Where is the ‘center of gravity’ in the new computing model?

Public Cloud
Private Cloud
On Prem
Provider

2. What caused a large push to the public cloud?

IT Security pushed it
 Speed of Deployment
Lack of on-prem knowledge
Compliance reasons

3. As applications move to the cloud, their proximity to the Internet is:

closer
farther away
exactly the same

4. What are common challenges in the cloud?

Lack of reference architecture

Lack of visibility and troubleshooting
Multi-Cloud Support
All of the above

5. How does Aviatrix help customers in public clouds?

Provides building blocks for AWS networking

Aviatrix is a visibility tool inside cloud networks
Aviatrix is a multi-cloud platform that brings a consistent architecture with Day 2
Operations and Visibility
Aviatrix is an on-prem solution for networking and security

6. Which group led the initial charge in the cloud?

DevOps
IT
Security
System Admistrators

7. True or false: When things break, DevOps teams can troubleshoot their
own network connectivity without needing networking teams for support.

True
 False

8. Which unique challenge does a network engineer face in the cloud that
isn’t present on-perm?

Routing
Firewalling
Accounts/Subscriptions
Securtiy

9. When organizations build in the cloud, the providers typically follow what
model:

Build it yourself – we provide the pieces

Plenty of reference architectures to choose from
Providers will design an architecture for you
None of the above

10. True or false: Cloud providers can easily help customers in multi-cloud
deployments.

True
False

Public Cloud Networking

Networking Principles In The Cloud Quiz Answers

1. What is the definition of a PaaS Service?

You as the customer own the entire stack

You as the customer manage just the application and data
You as the customer just consume the service
None of the above

2. What is a hybrid cloud?

 Multi-tenant cloud service provided by Microsoft, Amazon, etc.
Single-tenant cloud service hosted by you the customer
A combination of Public and Private Cloud
any virtualized compute provider

3. Which is NOT a valid component of the cloud?

Datacenter
Region
Geographical Zone
Availability Zone

4. Is Availability Zone 1A the same for every customer in cloud

environments?

Yes
No

5. True or false: We have an architectural gap in cloud today because there

is no consistent framework for network and security across clouds.

True
False

6. The On-Prem world is most similar to which type of service:

SaaS
IaaS
PaaS
CSP

7. Office365 is an example of which service:

IaaS
PaaS
SaaS
 None of the above

8. True or false: A region is the same thing as a data center for cloud
providers.

True
False

9. True or false: When a cloud provider deploys a region, there are always
multiple availability zones present.

True
False

10. One advantage of availability zones includes:

Resources across AZs can survive a regional outage

Resources across AZs can survive a global outage
Resources across AZs can survive a data center outage
None of the above

AWS Networking 101 Quiz Answers

1. Which AWS service represents a virtual machine?

VPC
Direct Connect
EC2
S3

2. True or false: To connect a VPC, AWS uses an implicit router that

customers must configure to allow communication between VPCs.

True
False
3. Which AWS service best represents your private virtual walled garden in
the cloud?

Direct Connect
VPC
IAM
CloudFront

4. True or false: In AWS, subnets are global resources spread across

availability zones.

True
False

5. Which AWS security component is a stateless filter?

Security Group
NACL
Internet Gateway
Network Security Groups (NSG)

6. True or false: Security Groups in AWS can not be shared across VPCs
unless they are peered together.

True
False

7. Which gateway is not an available option with AWS?

Internet Gateway
NAT Gateway
Virtual Network Gateway
Transit Gateway

8. True or false: Transit Gateway in AWS fully automates routing so that no

manual configuration is required.
 True
False

9. In AWS, a Direct Connect circuit can terminate on which of the following:

Direct Connect Gateway

Transit Gateway
Internet Gateway
VPC Gateway

10. Using native AWS constructs, the highest available bandwidth within an
IPSEC tunnel is:

500Mbps
1.25Gbps
4Gbps
10Gbps

11. True or false: There are currently no limitations to the number of routes
supported in AWS Transit Gateway.

True
False

Azure Networking 101

1. What is different about Availability Zones in Azure than other clouds?

Azure does not support Availability Zones

Azure implements Availability Zones by default
Azure only supports Availability Zones in certain regions
None of the above

2. What are Virtual Network Gateways used for?

Hybrid Connectivity termination constructs for VPN or Express Route

 Native construct used for VNET peering
Native construct used for Internet access
Hybrid Connectivity option for SDWAN connectivity

3. Which Azure component groups items together for better organization

control of a specific workload?

Service
Resource
Resource Group
AD Tenant

4. What is the top level organizational structure in Azure?

Resource Group
Subscription
AD Tenant
Resource

5. True or false: In Azure, subnets are created as either private or public.

True
False

6. Some challenges with Azure Virtual WAN as a platform include:

Does not provide encryption within the cloud

Does not provide a multi-cloud architecture
No 3rd party devices supported in the HUB
All of the above

7. An ExpressRoute circuit in Azure can terminate on which device (select

all that apply)

ExpressRoute Gateway
NVA
 Virtual Network Gateway
VPN Gateway

8. True or false: Using ExpressRoute hairpinning for spoke to spoke traffic

is the recommended option for transit within Azure.

True
False

9. What is an NVA in Azure (select all that apply)

Any 3rd party device in the Azure marketplace

Any native Azure networking device
Network Virtual Access
Network Virtual Appliance

10. Challenges with using an NVA to provide spoke to spoke communication

in Azure include: (select all that apply)

User Defined Route Management at scale

No allocated bandwidth on edge routers
SNAT required for traffic symmetry
This method is a 1 to 1 mapping of VNETs

GCP Networking 101

1. GCP private dedicated connectivity is referred to as

ExpressRoute
Direct Connect
Cloud Interconnect
Fast Connect

2. True or false: All resources within GCP are either Global or Regional or
both.
 True
False

3. A Virtual Machine is an example of a

Zonal Resource
Regional Resource
Global Resource
None of the above

4. A VPC is an example of a:

Zonal Resource
Regional Resource
Global Resource
None of the above

5. For a single user, GCP resources are structurally organized in a:

Organization
Folder
Project
Resource Group

6. True or false: GCP encourages deployments of multiple VPCs to spread

out all your workloads.

True
False

7. What does Auto Mode in GCP mean?

VPC networks start with no subnets

subnets are created in each region
you must manually configure your subnets
address space will be defined at the VPC level
8. True or false: GCP supports dynamic routes within the cloud.

True
False

9. True or false: VPC peering in GCP allows VPC to be transitive.

True
False

10. A project can access another project’s resource via (select all that apply)

Shared VPC
Cloud Interconnect
VPC Peering
Cloud Router

OCI Networking 101

1. What are virtual cloud networks called in OCI?

Cloud SQLNet
VCN
OCI-NET
oranet

2. True or false: OCI subnets are tied to Availability Domains.

True
False

3. How many DRGs can you have in an OCI Region?

25
No limits
5
 200

4. True or false: Overlapping IPs are allowed when peering VCNs in OCI.

True
False

5. In OCI you need to specify a _ when creating resources.

Compartment ID
Account Name
Oracle Prefix Identifier
Last 3 characters of tenancy id + the first three letters of your username

6. True or false: In OCI it’s easy to have full visibility and control of the
networks built there using the OCI Console.

True
False

7. The Oracle Azure networking partnership is available in all OCI and Azure
regions.

True
False

8. Service Gateways provide _____________ access from VCNs to Oracle

Services.

Public
Hybrid
Private
Round-robin hashed

9. Tenancy IAM metadata is bound to _______.

 Company address
the home region
Phoenix for all US customers
globally, no restrictions

10. True or false: Using OCI native networking resources alone, it’s easy to
scale and set up secure connections with other Cloud Service Providers.

True
False

Multi-Cloud Network Architecture

What is the MCNA?

1. What are the main pillars of the MCNA?

Cloud Core, Operations, and Access

Cloud Core, Networking, and Applications
Cloud Access, Transit, and Management
Cloud Operations, Connectivity, and Core

2. True or false: Security and Visibility is inserted throughout the MCNA

Architecture.

True
False

3. Which answer is a benefit of having a Multi-Cloud Network Architecture?

Normalized Data Plane

Centralized Control Plane
Repeatable across cloud providers
All of the above

4. Customer Challenges in cloud include:

 Go Build
Vendor Lock In
Black Box
All of the above

5. What is the most important aspect of any multi-cloud network?

Access
Compute
Transit
Delivery

6. The function of the cloud operations layer includes (select all that apply)

Multi-Cloud Centralized Visibility

Multi-Cloud Centralized Control
Multi-Cloud Centralized Orchestration
All of the above

7. The Cloud Core layer of the MCNA provides:

Centralized visibility and orchestrtion

Normalized Data plane across clouds
Common access into the clouds
None of the above

8. True or false: With MCNA, security must be configured per cloud provider
to maintain consistent governance.

True
False

9. Cloud Access in MCNA provides common access for:

SDWAN
Direct Connect options from cloud providers
 VPN connectivity
All of the above

10. The core principal of MCNA is:

a cloud architecture per cloud using native constructs

an on-prem hybrid connectivity model for connecting to cloud
a security a visibility framework for cloud environments
a multi-cloud network and security framework for consistent deployment across
clouds

Aviatrix Platform

Feature Overview – Part 1

1. Which best describes the Aviatrix Transit Solutions:

Built using native IPSEC with a limit of 1.25G per tunnel

Built using native peering only
Built using Aviatrix IPSEC for encryption by default with option for high
performance
Built using a mix of IPSEC with BGP that requires customer configuration

2. True or false: Aviatrix transit must be built out per cloud and does not
support cross-cloud communication by default.

True
False

3. What is a challenge with native encryption within the cloud?

Cloud environments are not natively encrypted

Native encryption mechanisms are limited to 1.25G
IPSEC tunnels are tied to a single core within compute
All of the above
4. What are the components within the Aviatrix Platform?

Controller
Gateways
CoPilot
All of the above

5. Why is cloud IPSEC limited to 1.25G?

Native solutions build tunnels across a single core only

This is can be overcome with multi-core VMs
Private connectivity like ExpressRoute and Direct Connect is encrypted by
default
Cloud providers cannot provide encryption at all

6. True or false: The Aviatrix FQDN Egress Filter supports both centralized
and distributed egress methods.

True
False

7. True or false: Aviatrix can extend native AWS features like Guard Duty to
provide enforcement of alerts.

True
False

8. The advantage of Aviatrix Transit within the cloud is:

End to End Encryption

Repeatable across Clouds
Complete Visibility and Control
All of the above

9. With Aviatrix HPE, customers can get:

 Near line rate encryption within the cloud
Near line rate encryption between clouds
Near line rate encryption between on-prem and cloud
All of the above

10. True or false: Aviatrix can provide filtering of partner route

advertisements through a BGP Approval Process.

True
False

Feature Overview – Part 2

1. What are some challenges with inserting firewalls in the cloud?

Repackaged Firewall Solution from on-prem world

Native Firewall Solutions are primarily L4 firewalls
Customer required to configure and manage routing
All of the above

2. How much throughput can Aviatrix achieve with Firenet?

Up to 10G
Up to 30G
Up to 50G
Up to 70G

3. What advantages does the Aviatrix Site to Cloud offer?

Support for Network Address Translation (NAT)

Support for TCP and UDP tunnels
Uses a template driven manner for configuration
All of the above

4. True or false: Aviatrix Firenet can orchestrate the firewall deployment,

firewall routing, and VNET/VPC routing for NGFW insertion.
 True
False

5. True or false: The Aviatrix User VPN solution does not allow profile based
granular access control.

True
False

6. Which 3rd party integrations are available for Aviatrix User VPN?

DUO
Okta
AD
SAML
All of the above

7. True or false: Aviatrix Firenet requires that customers use gateways in the
spokes, as this is not supported using native constructs for transit (i.e. AWS
TGW or Azure Peering).

True
False

8. Which Aviatrix feature allows customers to group VPC/VNETs with

common security properties for access?

FireNet
Security Domains
Site 2 Cloud
Cloud WAN

9. True or false: Aviatrix Site 2 Cloud can also be used to onboard IoT
devices.

True
 False

10. What problems does Aviatrix Private S3 solution solve for? (select all
that apply)

Data exfiltration
IDS for S3 buckets
Private access (RFC1918 only) to S3 buckets without the need of public
addresses
On prem S3 buckets

Operations, Visibility, and Troubleshooting

Day 2 Operations

1. True or false: Aviatrix is a multi-cloud Terraform provider.

True
False

2. True or false: Aviatrix can not provide packet captures of live traffic.

True
False

3. True or false: The VPC tracker is only available for AWS.

True
False

4. What does Aviatrix use for Controller HA in AWS?

a Lambda script
an S3 bucket
an auto scaling group
All of the above
5. How does Flight Path help users troubleshoot connectivity problems?

Allows the gateways to be access via API to perform queries

Provides a packet capture of specific network flows
Provides a visual walk-through based on source and destination to highlight
path issues
Provides ping and traceroute capabilities for source and destination

6. What are some operational challenges that customers face in the cloud?

Tier-3 becomes Tier-1 for troubleshooting

Limited visibility into native constructs
Lack of standard troubleshooting tools (ping, traceroute, etc.)
All of the above

7. True or false: The Aviatrix controller can perform auditing of routing

constructs. This ensures that no new routes have been added, that can
affect end to end network correctness.

True
False

8. True or false: Common troubleshooting tasks like ping and traceroute can
be run from any Aviatrix gateway.

True
False

9. What happens when the Aviatrix components require upgrades?

Downtime is required for all upgrades

Upgrades are hitless
The controller must be rebooted after upgrades
The gateways must be rebooted after upgrades

10. Which of the following statements is true?

 Customers must spin up a controller per subscription/account
Customers must spin up a controller per cloud environment
Customers can spin up a single controller but can only on-board one master
account per cloud
Customers can spin up a single controller and on-board multiple cloud accounts
for management

CoPilot Demo

1. True or false: CoPilot must be deployed per cloud to gain visibility across
your multi-cloud network.

True
False

2. CoPilot topology can provide:

Customized Visibility Options

Custom tagging of resources
Diagnostic functions from gateways
All of the above

3. True or false: CoPilot doesn’t provide any geolocation features for data
traffic.

True
False

4. Aviatrix FlowIQ provides:

A dashboard for up/down status of gateways

Netflow data across the multi-cloud network for all traffic seen by gateways
A dynamic topology of all cloud resources
None of the above

5. True or false: Flow IQ will provide summarization of netflow data but for
specific records we must perform tasks on the gateways.

True
False

6. What is Aviatrix CoPilot?

Provides intelligent visibility into cloud networks through dynamic topology,

netflow, troubleshooting and more
A cloud native troubleshooting tool
A function on the aviatrix gateways
None of the above

7. True or false: CoPilot allows for custom filters to limit data to defined
resources, applications, and flows.

True
False

Aviatrix Controller Deployment

1. Which clouds can you deploy the Aviatrix controller in?

AWS
Azure
OCI
All of the above

2. How many controllers do you normally need to run a multi-cloud

environment consisting of OCI, Azure and GCP?

1
2
3
4
3. What is the recommended or easiest way of deploying the Aviatrix
controller in AWS?

your own lambda script

your own CloudFormation template
CloudFormation template from docs.aviatrix.com
building an instance from the AMI

4. Can you deploy Aviatrix Controller in your on-prem DC?

Yes
No

Real Aviatrix Customer Walk-Through – Single Region

Here you have to give feedback about how much this course is helpful to you.
After ticking all the options submit it.

That’s all about this module

Aviatrix Multi-Cloud Network Associate Final Exam

Answers

Updating……

Conclusion
I hope this article might be useful for you to find all the Aviatrix Certified Engineer
Answers – Multi-Cloud Network Associate Course Answers. If this article is really
useful then make sure to share it on social media with your friends and let them
know about this awesome free program by Aviatrix.

Aviatrix, Course Answers, Free Courses

 2 thoughts on “Aviatrix Certified Engineer Answers –
Multi-Cloud Network Associate Course Answers”

DC
May 24, 2021 at 12:13 pm

Hi
Do you have latest ACE Final exam Q&A

Reply

Minati
May 25, 2021 at 12:44 pm

Sure DC but can you please send the final exam questions

Reply

Recent Posts

Shopping ads Certification Exam Answers

Google Ads Video Certification Exam Answers

Microsoft AI Classroom Series Assessment Answers [1hr Ago Updated]

Google Ads – Measurement Certification Exam Answers

Optimization Score Is Made Up Of Over 50 Recommendations To Optimize Search

Campaigns.

Barbara’s boss has asked her to use Google Ads to reach as many users searching
as possible for terms around the services their business offers.Which keyword match
type would help Barbara reach the most search queries that potential clients are
using?

Charlie is working to improve the quality score of a Google Search ad by improving

his expected click-through rate (eCTR).

Layla Is Learning About The Benefits Of Using Search Ad Extensions And Has
Come To Know That They Can Help To Increase User Engagement. What Are Two
Other Benefits That Search Ad Extensions Can Contribute To Performance?
(Choose Two.)

To Earn User Clicks, Ginger Should Focus On Creating An Ad That _____. (Choose
Two.)

Tim Is Looking To Buy A New Skateboard. He Goes To Google Search To Research

And Purchase The Best Skateboard He Can find. Organize The Following Steps In
The Logical Order To Describe How Tim’s Interaction With Google Search Ads
Would Occur From Start To finish.

Blog Tag About DMCA Contact Privacy Policy

© 2021 CoursesAnswer.com | Made With ❤ In India