A company needs to rehost its ERP system to complete a datacenter migration to the public cloud. The company has already migrated other systems and configured VPN connections. Which of the following MOST likely needs to be analyzed before rehosting the ERP?
A company wants to check its infrastructure and application for security issues regularly. Which of the following should the company implement?
A company that utilizes an IaaS service provider has contracted with a vendor to perform a penetration test on its environment. The vendor is able to exploit the virtualization layer and obtain access to other instances within the cloud provider’s environment that do not belong to the company. Which of the following BEST describes this attack?
A systems administrator would like to reduce the network delay between two servers. Which of the following will reduce the network delay without taxing other system resources?
An administrator is performing an in-place upgrade on a quest VM operating system. Which of the following can be performed as a quick method to roll back to an earlier state, if necessary?
A company has decided to scale its e-commerce application from its corporate datacenter to a commercial cloud provider to meet an anticipated increase in demand during an upcoming holiday. The majority of the application load takes place on the application server under normal conditions. For this reason, the company decides to deploy additional application servers into a commercial cloud provider using the on-premises orchestration engine that installs and configures common software and network configurations. The remote computing environment is connected to the on-premises datacenter via a site-to-site IPSec tunnel. The external DNS provider has been configured to use weighted round -robin routing to load balance connections from the Internet. During testing, the company discovers that only 20% of connections completed successfully. INSTRUCTIONS Review the network architecture and supporting documents and fulfill these requirements: Part 1: Analyze the configuration of the following components: DNS, Firewall 1, Firewall 2, Router 1, Router 2, VPN and Orchestrator Server. Identify the problematic device(s). Part 2: Identify the correct options to provide adequate configuration for hybrid cloud architecture. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Part 1: Cloud Hybrid Network Diagram Part 2: Only select a maximum of TWO options from the multiple choice question Explanation: Part 1: Router 2 ee explanation below. The problematic device is Router 2, which has an incorrect configuration for the IPSec tunnel. The IPSec tunnel is a secure connection between the on-premises datacenter and the cloud provider, which allows the traffic to flow between the two networks. The IPSec tunnel requires both endpoints to have matching parameters, such as the IP addresses, the pre-shared key (PSK), the encryption and authentication algorithms, and the security associations (SAs) . According to the network diagram and the configuration files, Router 2 has a different PSK and a different address space than Router 1. Router 2 has a PSK of “1234567890”, while Router 1 has a PSK of “0987654321”. Router 2 has an address space of 10.0.0.0/8, while Router 1 has an address space of 192.168.0.0/16. These mismatches prevent the IPSec tunnel from establishing and encrypting the traffic between the two networks. The other devices do not have any obvious errors in their configuration. The DNS provider has two CNAME records that point to the application servers in the cloud provider, with different weights to balance the load. The firewall rules allow the traffic from and to the application servers on port 80 and port 443, as well as the traffic from and to the VPN server on port 500 and port 4500. The orchestration server has a script that installs and configures the application servers in the cloud provider, using the DHCP server to assign IP addresses. Part 2: The correct options to provide adequate configuration for hybrid cloud architecture are: Update the PSK in Router 2. Change the address space on Router 2. These options will fix the IPSec tunnel configuration and allow the traffic to flow between the on- premises datacenter and the cloud provider. The PSK should match the one on Router 1, which is “0987654321”. The address space should also match the one on Router 1, which is 192.168.0.0/16. B. Update the PSK (Pre-shared key in Router2) E. Change the Address Space on Router2
