Configure and manage virtual networking

1. You must design VNets for multiple teams to avoid IP overlap and allow future growth; which CIDR planning approach ensures non-overlapping, scalable address spaces?

• A.Allocate contiguous CIDR blocks from a central address plan so each VNet gets a non-overlapping prefix for future expansion.✓ Correct
• B.Assign random CIDR ranges to each VNet when created, relying on routing to handle any overlaps automatically in Azure.
• C.Use the smallest possible /29 prefixes for all VNets to conserve IPv4 space and avoid readdressing later on.
• D.Let each team pick their own CIDR blocks without central coordination because Azure prevents overlapping VNets by default.

2. A subnet needs at least 120 hosts plus room for future services; which CIDR prefix is the best choice for efficient IPv4 allocation?

• A.Use a /25 prefix which provides up to 126 usable host addresses and therefore is insufficient for 120 hosts plus future growth.
• B.Use a /24 prefix which provides 254 usable host addresses, giving room for 120 hosts and future expansion in the subnet.✓ Correct
• C.Use a /26 prefix which provides up to 62 usable hosts, which is enough if you compress addresses with NAT later on.
• D.Use a /27 prefix which provides up to 30 usable hosts and is best for conserving address space across many small subnets.

3. When you create a subnet in Azure, some IPs are reserved by the platform; which practice correctly accounts for reserved addresses during subnet planning?

• A.Subtract the five platform-reserved IP addresses from the usable host count when planning subnet size to ensure address requirements are met.✓ Correct
• B.Ignore platform reservations because Azure automatically expands the subnet to accommodate reserved addresses without affecting host allocation.
• C.Reserve separate management ranges inside the same subnet for platform services rather than increasing subnet prefix length.
• D.Use /32 assignments for VMs to avoid platform reserved addresses being consumed within a subnet.

4. A team reports two IPs missing after deploying VMs in a new subnet; what is the most likely explanation based on Azure subnet behavior?

• A.Azure reserves the first and last addresses plus three others in each subnet for platform use, so those IPs will not be available for VM assignment.✓ Correct
• B.A network security group has hidden two addresses for monitoring traffic, which prevents VM assignment to those specific IPs.
• C.Azure automatically blocks random addresses for future expansion and you must request those IPs be released through support.
• D.The virtual network gateway claims two IPs upon subnet creation which reduces the available pool for VMs in all subnets.

5. You need low-latency connectivity between VNets in different regions without routing over the public internet; which feature provides private Microsoft backbone connectivity between regions?

• A.Use Global VNet Peering which connects VNets across regions over the Microsoft backbone for low-latency private routing.✓ Correct
• B.Use Regional VNet Peering because it automatically provides cross-region backbone routing for free.
• C.Set up site-to-site VPN connections between regions because Azure peering never crosses the Microsoft backbone.
• D.Deploy public IP-based communication between VNets and secure it with firewall rules to keep traffic off the internet.