Aviatrix Certified Engineer (ACE) Program ACE Exam Questions

Page: 1 / 14
Total 72 questions
Question 1

An operator needs to create a new VPC, VCN or VNet using Aviatrix Controller.

Can the operator use Aviatrix VPC Tracker feature to validate potential CIDR/Prefix/Address space duplication across multiple clouds?



Answer : A


Question 2

When AWS Direct Connect, Azure ExpressRoute, Google Interconnect and OCI FastConnect are encrypted without using Aviatrix High Performance Encryption, the effective throughput is reduced to____. SELECT THE

CORRECT ANSWER



Answer : A

To encrypt this connection, users have the option to create an IPSec Tunnel which limits the throughput to only 1.25Gbps. Standard IPSec encryption in the cloud, or from your data center to the cloud, is limited by a single core processing to 1.25 Gbps.

High Performance Encryption with InsaneMode - Aviatrix Insane mode is integrated into the Transit Network solution to provide 10Gbps performance between on-prem and Transit VPC with encryption. For VPC to VPC, Insane mode can achieve 25 - 30Gbps.


Question 3

ACE Inc. currently uses AWS as their primary cloud provider with a strong desire to expand to Azure and GCP. IT team has strict security and control requirements from different business units that require isolation and control from each other. The different business units want

* to own their own transit architecture

* the ability to control firewall rules for their own application

* to not share same transit with other business units but have ability to connect to other business units if needed

The architecture board has mandated that there needs to be a single design pattern that accommodates above requirements irrespective of the public cloud vendor being used.

Choose the best design option to meet above needs. Each option presents a complete solution.



Answer : C

As here AWS is Primary Cloud Provider.

With Aviatrix You can Bring your own firewall to the cloud. Pre-integrated with Next-Generation Firewalls

to enable inline inspection of VPC traffic to maximize security and performance.

Multicloud and Multi-Region is the new normal: With Aviatrix You can support your business needs for onprem and multiple cloud providers. Instead of managing different cloud vendor gateways, Aviatrix NextGeneration Transit Network lets you abstract away the networking differences between AWS, Azure, Google

and Private Cloud.


Question 4

Private, Public, Transit VIFs (Virtual interfaces) are terms related to which...

SELECT THE CORRECT ANSWER



Answer : C

(AWS Direct Connect virtual interfaces)

You must create one of the following virtual interfaces to begin using your AWS Direct Connect

connection.

Private virtual interface: A private virtual interface should be used to access an Amazon VPC using

private IP addresses.

Public virtual interface: A public virtual interface can access all AWS public services using public IP

addresses.

Transit virtual interface: A transit virtual interface should be used to access one or more Amazon VPC

Transit Gateways associated with Direct Connect gateways. You can use transit virtual interfaces with

1/2/5/10 Gbps AWS Direct Connect connections. For information about Direct Connect gateway

configurations, see Direct Connect gateways.

More Details:


Question 5

ACE Inc. has 50 VPCs in AWS with applications that need access to SaaS services on the internet using pre-defined.

FQDNs. Current deployment has AWS NAT instances deployed that allow full internet access.

ACE Inc.'s security team has mandated that these applications should only be allowed access to pre-approved FQDNs.

You have been tasked to solve this problem considering the following three goals.

1. Solution must be easy to implement

2. Same URLs definitions can be used for multiple applications

3. Keep the cost down



Answer : C


Question 6

An example of when would you use Aviatrix FlightPath is:



Answer : D

EC2 related information such as Security Groups, Route table and route table entries and network ACL.

This helps you to identify connectivity problems.

You do not need to launch Aviatrix gateways to use this tool, but you need to create Aviatrix accounts so

that the Controller can use the account credentials to execute AWS APIs to retrieve relevant information.


Question 7

What is Aviatrix CoPilot?



Answer : C

Aviatrix CoPilot provides a global operational view of your multi-cloud network. Enterprise IT teams use CoPilot's dynamic topology mapping to maintain an accurate topology of their global multi-cloud networks, FlowIQ to analyze global network traffic flows and global heat maps and time series trend charts to easily pinpoint and troubleshoot traffic anomalies. CoPilot leverages the intelligence and advanced network and security services delivered by Aviatrix's multi-cloud network platform to provide enterprise cloud network operations teams both familiar day-two operational features such as packet capture, trace route and ping and new operational capabilities specifically built for multi-cloud network environments.


Page:    1 / 14   
Total 72 questions