Aviatrix ACE Exam Questions Instant Access

Question 1

When AWS Direct Connect, Azure ExpressRoute, Google Interconnect and OCI FastConnect are encrypted without using Aviatrix High Performance Encryption, the effective throughput is reduced to____. SELECT THE

CORRECT ANSWER

A1.25 Gbps

B10.25 Gbps

C5.25 Gbps

D525 Mbps

Answer : A

To encrypt this connection, users have the option to create an IPSec Tunnel which limits the throughput to only 1.25Gbps. Standard IPSec encryption in the cloud, or from your data center to the cloud, is limited by a single core processing to 1.25 Gbps.

High Performance Encryption with InsaneMode - Aviatrix Insane mode is integrated into the Transit Network solution to provide 10Gbps performance between on-prem and Transit VPC with encryption. For VPC to VPC, Insane mode can achieve 25 - 30Gbps.

Question 2

As a Cloud Networking Consultant, you are reviewing a Microsoft Azure network design that will be using Microsoft Azure ExpressRoute Edge routers as transit for inter-VNet communication. What are some known challenges with this design pattern?

AMultiple customers using same edge router may create noisy neighbor issues

BLack of visibility into traffic at the edge routers

CNo granular control to be able to route VNets selectively

DAll of the above

Answer : D

Question 3

AWS Global Accelerator is a service which allows a direct connectivity between AWS DirectConnect and Azure ExpressRoute.

ATrue

BFalse

Answer : B

AWS Global Accelerator is a service that improves the availability and performance of your applications with local or global users. It provides static IP addresses that act as a fixed entry point to your application endpoints in a single or multiple AWS Regions, such as your Application Load Balancers, Network Load Balancers or Amazon EC2 instances.

Question 4

The IPSec tunnels terminating at AWS TGW/VGW, Azure VPN GW, and other native VPN support interconnecting networks with overlapping IP ranges

SELECT THE CORRECT ANSWER

AFalse

BTrue

Answer : A

Question 5

What is/are the protocol(s) supported by Aviatrix Site2Cloud (S2C) Gateway?

AGRE

BUDP only

CBoth TCP and UDP

DTCP only

Answer : C

Question 6

Statefull Firewall rule:

AIs another name for Azure Active Directory Firewall

BRequires explicit rule for the return traffic

CAllows the return traffic implicitly

DAlone can easily satisfy the enterprise security needs

Answer : C

Aviatrix stateful firewall is feature on the Aviatrix gateway. It is a L4 stateful firewall that filters network CIDR, protocol and port on the packet forwarding path.

The stateful firewall allows each individual rule to be defined as Allow, Deny and Force Drop, in addition to a base rule.

Question 7

in an Azure setup where all VNETs are directly peered (full-mesh) using VNET Peering

SELECT THE CORRECT ANSWERS

Ait is easy to insert a centralized FW

Bpeering needs to be broken for VNET CIDR change

Cthere are no real limitations for bandwidth

DExpressRoute Edge Router does the actual routing

Answer : B, D

Aviatrix Certified Engineer (ACE) Program ACE Exam Questions