Aviatrix ACE Exam Practice Test Instant Access

Question 1

Choose the correct behavior around software upgrade and security patching of Aviatrix Platform. (Choose 2)

AAviatrix platform offers hitless upgrades

BAviatrix platform software upgrade requires long downtime

CSecurity patching of the Aviatrix platform always requires a version upgrade for entire deployment

DSecurity patching of the Aviatrix platform can be done without requiring version upgrade of entire platform

Answer : A, D

Aviatrix software upgrade happens inline without taking down the controller.

In addition, gateway upgrades are hitless. That is, all gateway encrypted tunnels stay up during the upgrade process. There is no packet loss when upgrading the software.

Question 2

AWS Public VIF for DirectConnect announces the CIDR ranges of the publicly-a...

SELECT THE CORRECT ANSWER

AThe selected publicly-available services from all AWS regions

BThe selected publicly-available services from the selected AWS region

CAll publicly-available services from all AWS regions

DAll publicly-available services from the selected AWS region.

Answer : D

Question 3

A Customer has 100 VPCs in GCP that they want to be able to route between. What are some of the solutions customers can use. Each option represents a complete solution. (Choose 2)

AGoogle already provides global routing for inter-VPC traffic

BUse Aviatrix Transit solution to connect the VPCs with a Transit VPC running Aviatrix Gateways

CManually configure routing tables in each VPC

DUse Google Routers

EBuild full mesh connectivity using VPC Peering

Answer : A, B

Question 4

AWS Guard Duty automatically enforces its findings through the ingress routing feature, blocking the traffic by default.

SELECT THE CORRECT ANSWER

AFalse

BTrue

Answer : A

monitoring service that analyzes and processes the following Data sources.

Question 5

Azure Firewall (native services):

SELECT THE CORRECT ANSWER

APerform Load Balancing and SNAT automatically

BHandles UDR updates and route propagation for all peered spoke VNETs

CIs encrypting the traffic in transit

DBy default provides Malware protection, IDS (intrusion Detection) and IPS.....

Answer : A

Azure Firewall includes the following features: Built-in high availability

* Availability Zones

* Unrestricted cloud scalability

* Application FQDN filtering rules

* Network traffic filtering rules

* FQDN tags

* Service tags

* Threat intelligence

* Outbound SNAT support

* Inbound DNAT support

* Multiple public IP addresses

* Azure Monitor logging

* Forced tunneling

* Certifications

Question 6

Can the Aviatrix platform help you interconnect VPCs/VNets/VCNs with overlapping IP address ranges?

AYes, using standard encrypted peering

BYes, using S2C (Site-to-Cloud)

CYes, using FiightPath

DNo

Answer : B

Site2Cloud builds an encrypted connection between two sites over the Internet, in an easy to

use and template driven manner. Its workflow is similar to AWS VGW or Azure VPN.

Overlapping IP addresses The CIDR blocks at your customer sites are not controlled by us. If CIDR

block overlaps with our operation VPC CIDR, we have to find a way to NAT the address. The cloud

provider native solution is not usable in this case. The Aviatrix site2cloud solution solves this problems:

Question 7

You can peer AWS TGWs within a Region

SELECT THE CORRECT ANSWER

AFalse

BTrue

Answer : A

Aviatrix Certified Engineer (ACE) Program ACE Exam Practice Test