For Individuals For Educators

Ace your certifications with Practice Exams and AI assistance.

Browse Exams
For Educators
Blog

Privacy Policy
Terms of Service
Cookie Policy
Support

AWS SAA Exam Prep
PMI PMP Exam Prep
CPA Exam Prep
GCP PCA Exam Prep

© 2026 TinyHive Labs. Company number 16262776.

Practice Azure Solutions Architect Expert (AZ-305)Azure Solutions Architect Expert AZ-305 Practice Exam 7Question 40

Hard1 markMultiple Choice

Domain 4.1: Compute SolutionsAKSNetworking

AZ-305 · Question 40 · Domain 4.1: Compute Solutions

You are designing the network architecture for an Azure Kubernetes Service (AKS) cluster. Security requires that every pod receives an IP address from the Azure Virtual Network subnet, allowing on-premises firewalls to filter traffic per pod. Which network plugin must you use?

Answer options:

A.

Azure CNI

B.

Kubenet

C.

Calico

D.

Flannel

How to approach this question

Identify the plugin that integrates pods directly with the VNet.

Full Answer

A.Azure CNI✓ Correct

Azure CNI assigns VNet IPs to pods, making them routable from on-prem. Kubenet uses NAT. Pillar: Security.

Common mistakes

Choosing Kubenet, which hides pod IPs behind the node IP.

Question 39 All questions Question 41

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 7

55 questions · hints · full answers · grading

Sign up free Take the exam

More questions from this exam

Q01CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...Hard Q02CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...Medium Q03CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...Hard Q04CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...Medium Q05CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...Hard

View all 55 questions →