ExpertHard1 markMultiple Choice
AZ-305 · Question 40 · Domain 4.1: Compute Solutions
You are designing the network architecture for an Azure Kubernetes Service (AKS) cluster. Security requires that every pod receives an IP address from the Azure Virtual Network subnet, allowing on-premises firewalls to filter traffic per pod. Which network plugin must you use?
You are designing the network architecture for an Azure Kubernetes Service (AKS) cluster. Security requires that every pod receives an IP address from the Azure Virtual Network subnet, allowing on-premises firewalls to filter traffic per pod. Which network plugin must you use?
Answer options:
A.
Azure CNI
B.
Kubenet
C.
Calico
D.
Flannel
How to approach this question
Identify the plugin that integrates pods directly with the VNet.
Full Answer
A.Azure CNI✓ Correct
Azure CNI
Azure CNI assigns VNet IPs to pods, making them routable from on-prem. Kubenet uses NAT. Pillar: Security.
Common mistakes
Choosing Kubenet, which hides pod IPs behind the node IP.
Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 7
55 questions · hints · full answers · grading
More questions from this exam
Q01CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...HardQ02CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...MediumQ03CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...HardQ04CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...MediumQ05CASE STUDY: Contoso migrating 500 servers to Azure. RTO 2h, RPO 15m, GDPR compliance, 10Gbps Expr...Hard