AZ-304 Exam QuestionsBrowse all questions from this exam
Go to Exam

AZ-304 Exam - Question 195

DRAG DROP -

You have an on-premises network that uses an IP address space of 172.16.0.0/16.

You plan to deploy 25 virtual machines to a new Azure subscription.

You identify the following technical requirements:

✑ All Azure virtual machines must be placed on the same subnet named Subnet1.

✑ All the Azure virtual machines must be able to communicate with all on-premises servers.

✑ The servers must be able to communicate between the on-premises network and Azure by using a site-to-site VPN.

You need to recommend a subnet design that meets the technical requirements.

What should you include in the recommendation? To answer, drag the appropriate network addresses to the correct subnets. Each network address may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

NOTE: Each correct selection is worth one point.

Select and Place:

Exam AZ-304 Question 195
Show Answer
Correct Answer:
Exam AZ-304 Question 195

Discussion

10 comments
Sign in to comment
Elecktrus
Dec 7, 2020

is Correct. Explanation (for people that don`t know about network) 1) The range for the new subnet can't overlap the on-premise subnet range. The on-premise network is 172.16.0.0/16, that is from 172.16.0.1 to 172.16.255.255, so the answers 172.16.0.0/16 and 172.16.1.0/28 are not valid (overlap with on-pemise subnet) 2) the range 192.168.1.0/28 is from 192.168.1.1 to 192.168.1.15, only 16 ips and we need 25 IPs, so the only valid answer for subnet1 is 192.168.0.0/24 3) the range for the gateway can't ovelap with on-premise, and Microsoft recommend that would be /27 or /28, so the answer valid for gateway is 192.168.1.0/28 Check the example: https://docs.microsoft.com/es-es/azure/vpn-gateway/tutorial-site-to-site-portal

michel28vda
May 15, 2021

Example calculation for 192.168.1.0/28 network. An ip-address can be 32 bits max. Each octet contains 8 bits. SO: 11111111(8).11111111(8).11111111(8).11111111(8) The CIDR contains the bits for the network part. A /28 network has 28 bits. In binary that means: 11111111(8).11111111(8).11111111(8).11110000(4) Remaining 32-28 = 4 bits. You can see that above. The remaining bits are for the host addresses. Now convert those 4 bits to decimal numbers to get the host address range. 128 64 32 16 8 4 2 1 1 1 1 1 1+2+4+8= 15 Available ip-addresses 192.118.1.0 to 192.168.1.15 Available usable ip-addressess 192.168.1.1 to 192.168.1.14 because the network address and the broadcast address are not used as host ip-addresses. - A broadcast IP address is only assigned once in each network. It is always the last IP address of the subnet. (192.168.1.15) - In a network, the first address field is reserved for the network. The network address is the ip-adress with the /28 notation. (192.168.1.0)

rdemontis
Dec 3, 2021

thanks for explanation

uzairahm007
Dec 7, 2020

Answer is perfectly correct. " /28" is for the gateway subnet (recommended by Microsoft) and VMs are NOT INSTALLED in gateway subnet because in that case they don't remain VMs, they become VPN Gateway Instances. On-premise subnet range is 172.16.0.0/16 hence this address space CAN'T be used for VMs so remaining is 192.168.0.0/24 subnet range for VMs and 192.168.1.0/28 for gateway subnet. Hence answer is correct.

andyR
Dec 2, 2020

correct

jonasis
Jan 23, 2021

Correct answer, but I just want to add that Microsoft and John Savill recommends /27 mask for GW subnet https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings

Hfyr
Feb 2, 2021

Correct - and John Savill rules! :)

tvs2021
Jul 19, 2021

on exam (7-19-2021). passed 304

claudio82
Apr 16, 2021

Ok, but first is necessary add an address space of 192.168.0.0/16

Oracleist
May 14, 2021

why? are a lot of address, don't tell that to an infosec manager...

MrClumsy
Jan 24, 2022

Correct, otherwise you can't have 192.168.1.0/24 subnet in 192.168.0.0/24 network. Because 192.168.0.0/24 means you have network with address range from 192.168.0.0 - 192.168.0.255.

syu31svc
Sep 30, 2021

The address space for the Virtual Network should not conflict with the address space for the on-premise network. So, in this case the ideal option to choose as the address space is 192.168.0.0/24 The address space for the Virtual Network should not conflict with the address space for the on-premise network. So, in this case the ideal option to choose as the address space is 192.168.0.0/24 for the subnet in the virtual network. And then use 192.168.1.0/28 as the address space for the gateway subnet

Dpejic
Dec 24, 2021

On exam 24.12.2021

Dpejic
Dec 23, 2021

Appere on exam 23-dec-2021