A user reports an issue connecting to a database server. The front-end application for this database is hosted on the company's web server. The network engineer has changed the network subnet that the company servers are located on along with the IP addresses of the servers. These are the new configurations:

New subnet for the servers is 10.10.10.64/27

Web server IP address is 10.10.10.101

Database server IP is 10.10.10.93
Which of the following ismostlikely causing the user's issue?

Correct Answer:D
With a /27 mask on 10.10.10.64/27, valid host addresses run from 10.10.10.65 through 10.10.10.94. The database server??s IP (10.10.10.93) is in that range, but the web server??s IP (10.10.10.101) falls outside it—so it??s mis-configured and cannot reach the database.

A company provides an API that runs on the public cloud for its customers. A fixed number of VMs host the APIs. During peak hours, the company notices a spike in usage that results in network communication speeds slowing down for all customers. The management team has decided that access for all customers should be fair and accessible at all times. Which of the following is themostcost-effective way to address this issue?

Correct Answer:C
Implementing request throttling (rate limiting) lets you cap how many requests each customer can make per time unit. This ensures no single user can saturate the API servers, providing fair access across all customers without the recurring costs of adding more VMs.

A network architect must ensure only certain departments can access specific resources while on premises. Those same users cannot be allowed to access those resources once they have left campus. Which of the following would ensure access is provided according to these requirements?

Correct Answer:B
By defining an IP-based geofence around the on-premises network addresses where those resources reside, you ensure that only users connecting from inside the campus IP ranges can reach them. As soon as the same users leave that network (and thus fall outside the geofenced IP block), access is automatically denied.

A company hosts a cloud-based e-commerce application and only wants the application accessed from certain locations. The network team configures a cloud firewall with WAF enabled, but users can access the application globally. Which of the following should the network team do?

Correct Answer:D
Geo-restriction lets you block or allow traffic based on the requester??s geographic region, preventing access from locations you haven??t authorized.

Which of the following helps the security of the network design to align with industry best practices?

Correct Answer:A
Reference architectures provide standardized, vendor-agnostic blueprints that incorporate industry best practices for security, ensuring your network design aligns with proven frameworks.

A network architect is creating a network topology for a global SD-WAN deployment. The business has offices in Asia, Europe, and the United States and makes use of data centers in the United States and Europe. Most traffic between sites must have the lowest latency possible. Which of the following topologies best meets this requirement?

Correct Answer:C
A full-mesh SD-WAN topology allows each site to establish direct overlays with every other site, minimizing the number of hops and avoiding backhauling through a central hub, thereby delivering the lowest latency paths between Asia, Europe, and the US.