ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CV0-004 All Questions

View all questions & answers for the CV0-004 exam
Go to Exam

Exam CV0-004 topic 1 question 47 discussion

Actual exam question from CompTIA's CV0-004
Question #: 47
Topic #: 1
[All CV0-004 Questions]

A network administrator is building a site-to-site VPN tunnel from the company’s headquarters office to the company’s public cloud development network. The network administrator confirms the following:
The VPN tunnel is established on the headquarters office firewall.
While inside the office, developers report that they cannot connect to the development network resources.
While outside the office on a client VPN, developers report that they can connect to the development network resources.
The office and the client VPN have different IP subnet ranges.
The firewall flow logs show that traffic is reaching the development network from the office.
Which of the following is the next step the network administrator should take to troubleshoot the VPN tunnel?

  • A. Review the development network routing table.
  • B. Change the ciphers on the site-to-site VPN.
  • C. Restart the site-to-site VPN tunnel.
  • D. Check the ACLs on the development workloads.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by pdepingre at March 28, 2025, 9:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Niels123
6 days, 16 hours ago
Selected Answer: A
I should first check the routing table!
upvoted 1 times
...
Justheretolook
1 week, 1 day ago
Selected Answer: A
The correct answer is: ✅ A. Review the development network routing table. ⸻ Explanation: The key clues are: • The VPN tunnel is established and traffic is reaching the development network from the office (confirmed by flow logs). • Developers outside the office (on client VPN) can connect to development resources. • Developers inside the office cannot, even though traffic is reaching the destination. • The office and client VPN have different IP subnets. This points to a routing issue on the development network side. The development network may have routes defined only for the client VPN subnet, but not for the office subnet, meaning replies to the office traffic don’t get routed back properly.
upvoted 1 times
...
6f7e8ce
2 months ago
Selected Answer: A
The key clues are: The VPN tunnel is up and traffic is reaching the development network from the office. Developers can access the development network when on the client VPN (which uses a different IP subnet). Developers cannot access it from the office subnet. This suggests the issue is not with the tunnel itself, but rather with routing: The development network likely doesn’t have a proper route back to the office subnet. If there's no return route, the initial request reaches the cloud, but the response has nowhere to go — effectively breaking communication.
upvoted 2 times
...
DrSpaceman117
2 months, 4 weeks ago
Selected Answer: D
D: IDK why you would Review the routing table if you confirm your traffic is going to development
upvoted 1 times
...
pdepingre
3 months ago
Selected Answer: D
Given these considerations, the most logical next step for troubleshooting is to check for access control lists (ACLs) on the development workloads, as this could directly impact connectivity based on source IP addresses and subnets. D. Check the ACLs on the development workloads.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel