XK0-005 Question #1316: Real Exam Question with Answer & Explanation

Question

Users are reporting collaborate.company.com is inaccessible from the user VLAN, but there is no issue connecting to the system's web page from the DMZ. Given the following outputs from commands run on the system: Which of the following explains why users are unable to access the system from the user VLAN, and how can the administrator remediate this issue?

Options

• AUsers cannot access the system because the IP subnet mask is /24. The remediation for this
• BUsers cannot access the system because the DNS server has the incorrect IP address. The
• CUsers cannot access the system because the connectivity port is running on the incorrect IP. The
• DUsers cannot access the system because the default gateway has the wrong interface. The

Explanation

Users cannot access collaborate.company.com because the service is only listening on the DMZ interface, preventing connections from the user VLAN; the remediation is to configure the service to listen on the correct IP address or all available interfaces.

Common mistakes.

• A. An IP subnet mask of /24 is a standard configuration and would not inherently prevent a web service from being accessible from one VLAN while being accessible from another, assuming routing is correct.
• B. Incorrect DNS server IP address would typically prevent resolution of the hostname, affecting access from all locations, not just the user VLAN, and would not explain why the service is accessible from the DMZ.
• D. An incorrect default gateway interface would affect outbound traffic from the system itself, not specifically prevent inbound connections to a service that is otherwise listening and reachable from another network segment.

Concept tested. Network service binding and IP addressing

Reference. https://linux.die.net/man/8/netstat

No community discussion yet for this question.