ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-901 All Questions

View all questions & answers for the 350-901 exam
Go to Exam

Exam 350-901 topic 1 question 293 discussion

Actual exam question from Cisco's 350-901
Question #: 293
Topic #: 1
[All 350-901 Questions]



Refer to the exhibit. A developer runs the docker service scale command to increase the number of replicas for the cisco_devnet service. The swarm cluster is using a private IP address subnet. The service has these design requirements:
• It must be hosted behind a virtual IP address that is reachable from the Internet.
• For security reasons, the Docker swarm cluster subnet must not be reachable from the Internet.

Which design approach is used to fulfil the requirements?

  • A. Configure an external load balancer to route requests to the swarm service by using NAT.
  • B. Create an overlay network by using a globally routable subnet and enable a routing mesh within the swarm cluster.
  • C. Create a bridge network by using a globally routable subnet and enable a routing mesh within the swarm cluster.
  • D. Configure an external load balancer to route requests to the swarm service by using VPN.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by [deleted] at Jan. 18, 2023, 10:01 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
johntermlen
Highly Voted 9 months, 4 weeks ago
Selected Answer: A
The correct answer is (A). The design approach that fulfills the requirements is to configure an external load balancer to route requests to the swarm service by using NAT. This will allow the service to be hosted behind a virtual IP address that is reachable from the Internet, while keeping the Docker swarm cluster subnet unreachable from the Internet. The other options are incorrect. Option (B) would allow the Docker swarm cluster subnet to be reachable from the Internet, which is not allowed by the security requirements. Option (C) would also allow the Docker swarm cluster subnet to be reachable from the Internet, which is not allowed by the security requirements. Option (D) would use VPN to route requests to the swarm service, but this would not allow the service to be hosted behind a virtual IP address.
upvoted 6 times
...
[Removed]
Most Recent 1 year, 4 months ago
Selected Answer: A
A is correct. NAT is a common solution to provide internet access to a service or a group of services running on a private IP address.
upvoted 4 times
lznlxl
1 year, 4 months ago
agree with your answer. it should be A.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago