Troubleshoot virtual network connectivity

Practice Test

True/False: Virtual Network Peering in Azure allows the connectivity between two Virtual Networks.

• True
• False

Answer: True.

Explanation: Using Azure Virtual Network Peering, connectivity between two virtual networks can be set up seamlessly via the Azure backbone network.

Single Select: What tool do you use to diagnose network traffic filtering problems in Azure?

• A. Azure Network Watcher
• B. Azure Traffic Manager
• C. Azure Service Health
• D. Azure VPN Gateway

Answer: A. Azure Network Watcher

Explanation: Network Watcher is a regional service that enables you to monitor and diagnose conditions at a network level in, to, and from Azure.

Multiple Select: What are some of the features of the Azure Network Watcher?

• A. IP flow verify
• B. Network packet capture
• C. Next hop
• D. All the above

Answer: D. All the above

Explanation: All these features are part of Azure Network Watcher’s diagnostics and monitoring services.

True/False: The Azure Virtual Network service allows the creation of disjointed network segments within each virtual network.

• True
• False

Answer: False.

Explanation: Azure Virtual Network service deploys a single, vast network space within which subnets can be created. But there are no disjointed segments.

Single Select: Which of the following can be used to connect Azure virtual networks?

• A. Azure ExpressRoute
• B. Virtual Network Peering
• C. VPN Gateway
• D. All of the above

Answer: D. All of the above

Explanation: All of these can be used to connect Azure virtual networks depending on the requirements and scenario.

True/False: Virtual Network Peering involves data transfer over the public Internet.

• True
• False

Answer: False.

Explanation: Data transferred between Virtual Networks through peering always stays on the Microsoft Backbone network providing a more secure and high-bandwidth connectivity.

Single Select: Which Azure feature is used for an in-depth study of network traffic in real-time?

• A. Traffic Analytics
• B. IP flow verify
• C. Connection Monitor
• D. Network Performance Monitor

Answer: A. Traffic Analytics

Explanation: Traffic Analytics provides real-time analytics and in-depth insights on network activities in Azure.

True/False: You can use Network Watcher to automate the checking of the health and connectivity of VPN Gateways.

• True
• False

Answer: True.

Explanation: Network Watcher provides capabilities to automate checking of VPN Gateway and connections for availability and health.

Multiple Select: What are the two types of Azure Virtual Network Peering?

• A. Global VNet Peering
• B. Regional VNet Peering
• C. Inter-Net Peering
• D. Intra-Net Peering

Answer: A. Global VNet Peering, B. Regional VNet Peering

Explanation: Azure provides two types of peering: VNet peering within the same region, called “Regional VNet Peering” and peering across regions, called “Global VNet Peering”.

True/False: Azure ExpressRoute is a service that enables you to create private connections between Azure datacenters and infrastructure on your premises or in a colocation facility.

• True
• False

Answer: True.

Explanation: Azure ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection.

Interview Questions

What Azure tool can you use to diagnose virtual network gateway and connections?

The Azure Network Watcher is a tool used to diagnose virtual network gateway and connections.

What should you check first when you are experiencing troubles with your Azure Virtual Network connectivity?

The first thing you need to check are the network security group rules. They are often the source of connectivity problems as they control the traffic flow on the Azure Virtual Network.

What is the common cause of a virtual machine failing to communicate with other resources in Azure?

If a virtual machine fails to communicate with other resources in Azure, it’s typically due to incorrect network security group rules configuration.

What can you use if there is a need to investigate the outbound connections for your virtual machine in Azure?

You can use Azure Network Watcher’s IP flow verify capability for investigating outbound connections of your Azure VM.

What Azure service allows you to check for any network-related issues within the Azure Network infrastructure?

Azure Network Watcher allows you to check for any network-related issues within the Azure Network infrastructure.

What Azure tool can help identify if your Virtual Network traffic flow is not working as expected?

Azure Network Watcher’s next hop capability can help identify if your Virtual Network traffic flow is not working as expected.

Which feature of Azure allows you to set up, change, and propagate network settings across resources and subscriptions in Azure?

The Azure Virtual WAN feature allows the setting up, changing and propagating of network settings across resources and subscriptions.

How can you monitor and diagnose networking issues without logging into the virtual machines (VMs)?

You can monitor and diagnose networking issues without logging into the VMs by using Azure Network Watcher.

What can you use to detect if there’s a network-level connectivity issue between your Virtual Network (VNet) and an Internet endpoint in Azure?

Azure Network Watcher’s Connectivity Check can detect if there’s a network-level connectivity issue between your VNet and an Internet endpoint.

What tool in Azure can verify IP packet transit for specified endpoints?

Azure Network Watcher’s IP flow verify tool can be used to verify IP packet transit for specified endpoints.

What is the key component in Azure that is responsible for managing and isolating communication within Azure?

Virtual Networks (VNets) are the key component in Azure that manage and isolate communication within Azure.

What common Azure misconfiguration can cause a Destination Host Unreachable error when you ping a Virtual Machine (VM)?

A common misconfiguration that can cause a Destination Host Unreachable error is when network security group rules block ICMP packets, used by the ping command.

When troubleshooting Azure DNS, what commonly overlooked aspect can cause problems?

Failing to create a reverse DNS zone is a commonly overlooked aspect when troubleshooting Azure DNS problems.

How do you check if there’s a routing issue to a specific outbound port on Azure?

You can use the Networking tab in the Azure portal to check if there’s a routing issue to a specific outbound port.

What method in Azure allows you to test if your VM’s firewall rules are allowing traffic to or from a specific IP and port?

You can use Azure Network Watcher’s IP Flow Verify tool to test if your VM’s firewall rules are allowing traffic to or from a specific IP and port.