0
0
Azurecloud~20 mins

VPN Gateway for hybrid connectivity in Azure - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
VPN Gateway Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
Architecture
intermediate
2:00remaining
Choosing the right VPN Gateway SKU for hybrid connectivity

You need to connect your on-premises network to Azure using a VPN Gateway. Your on-premises network has high traffic and requires support for multiple tunnels. Which VPN Gateway SKU should you choose?

AVpnGw3 SKU, supports multiple tunnels and high bandwidth
BVpnGw1 SKU, supports multiple tunnels and moderate bandwidth
CBasic SKU, supports up to 1 tunnel and low bandwidth
DStandard SKU, supports multiple tunnels and moderate bandwidth
Attempts:
2 left
💡 Hint

Consider the number of tunnels and bandwidth needed for your hybrid network.

service_behavior
intermediate
2:00remaining
Behavior of BGP with Azure VPN Gateway

You configure BGP (Border Gateway Protocol) on your Azure VPN Gateway and your on-premises VPN device. What is the expected behavior when BGP is enabled?

ABGP advertises routes dynamically between Azure and on-premises networks
BRoutes are statically configured and do not change dynamically
CBGP disables VPN tunnels and uses ExpressRoute instead
DBGP only works with Basic SKU VPN Gateways
Attempts:
2 left
💡 Hint

Think about what BGP does in network routing.

security
advanced
2:00remaining
Securing VPN Gateway connections with IPsec/IKE policies

You want to enforce specific encryption and hashing algorithms for your VPN Gateway connections to comply with your company's security policy. Which Azure feature allows you to customize these settings?

ASet up Network Security Groups (NSGs) on the VPN Gateway subnet
BConfigure IPsec/IKE policy on the VPN Gateway connection
CEnable Azure DDoS Protection on the VPN Gateway
DUse Azure Firewall to filter VPN traffic
Attempts:
2 left
💡 Hint

Look for a feature that controls encryption and hashing algorithms on VPN tunnels.

Configuration
advanced
2:00remaining
Configuring active-active VPN Gateway for high availability

You want to configure an Azure VPN Gateway in active-active mode to ensure high availability for your hybrid connection. Which of the following is a required step?

ADeploy two VPN Gateways in different regions and connect them with ExpressRoute
BUse Basic SKU VPN Gateway with multiple tunnels enabled
CEnable active-active mode on a VpnGw2 or higher SKU and configure two public IP addresses
DConfigure BGP only on one tunnel and disable it on the other
Attempts:
2 left
💡 Hint

Active-active mode requires specific SKU and multiple IP addresses.

Best Practice
expert
2:00remaining
Optimizing hybrid connectivity with VPN Gateway and ExpressRoute

Your company uses both VPN Gateway and ExpressRoute to connect on-premises to Azure. You want to optimize routing and failover between these connections. Which approach follows best practices?

AUse ExpressRoute for all traffic and disable VPN Gateway to avoid conflicts
BUse VPN Gateway only for backup and disable BGP on ExpressRoute
CConfigure static routes on VPN Gateway and dynamic routes on ExpressRoute without BGP
DAdvertise all on-premises routes over both VPN Gateway and ExpressRoute with BGP, and configure route priorities
Attempts:
2 left
💡 Hint

Think about how to use BGP and route priorities for failover.