This document contains comprehensive and well-structured Business Studies notes covering major concepts such as Management, Marketing, Financial Management, Business Environment, Consumer Protection, and Entrepreneurship.
Features of this document:
Detailed explanation of each concept
Real-life practical examples
Clear headings and structured format
Suitable for school, college, and competitive exams
Helpful for assignments and last-minute revision
This PDF is professionally prepared and easyto understand, making complex business topics simple and exam-oriented.Ready-to-use study material designed to save time and improve grades.
Perfect for Business Management, BBA, MBA foundation, and High School Business Studies courses.
Activity Overview: In this graded activity, students will utilize what they’ve learned in this course to evaluate a cloud-migration business case, with the intent to offer a viable Return on Investment (ROI) to the requesting organization.
Students will determine which cloud services best suit the pre-existing assets and services, then build a cost-estimate for 1 year of usage. Finally, students will summarize their findings with the intent to deliver them to high-level executives.
Utilize what you’ve learned about Cloud Services during this course to determine a good financial outcome for the business case below. Be creative, and think critically!
Activity Outcomes: After completing this activity students will be able to:
Identify comparable cloud-services to on-premise assets
Assess differences in network operational and capital expenditures
Create a high-level Cost Analysis for Cloud-based services
Deliverable: Upload all requested deliverables below, as a .pdf export from the editor of your choosing.
Be sure to include your name, student number, and course (CNW-2511) at the top of your document.
The Business Case: Holiday Emporium
Holiday Emporium is a seasonal distributor of Winter holiday promotional items (decorations, cards, costumes, etc.). They service nationally, and recently identified major flaws in their current financial model which include IT expenditures.
You have been asked to consult with Holiday Emporiums’ internal IT team to help assess the potential viability of migrating IT assets and services to a Cloud Service Provider. The CIO of the organization has determined that Microsoft Azure is their only viable path at this time, considering all of their current architecture is built around Microsoft products, and established these other constraints which must be followed:
Use your knowledge of cloud services gained during this course to identify the appropriate method to migrate the below hardware assets. We discussed and configured the following Azure items which may help determine what cloud services to use in replacement of the current assets, and the lowest outcome Total Cost of Ownership (TCO):
VM’s and VM sizes
Virtual Networks
Network Peering
Virtual Gateways (VNet – VNet VPN and Site to VNet VPN)
Load-Balancers
App Services (Serverless Apps)
Scaling VM’s and App Services
Firewalls
All servers (web and SQL) are of the following specifications:
8-core CPU’s
4 TB HDD or SSD Storage (beyond the baked-in temporary storage)
32 GB RAM
Utilize the given I/O and request information to research the possibility of down-sizing certain compute resources (web and SQL), as well as potential scaling options for peak-season/off-season changes. Keep in mind, that App Services (Serverless Applications) might be a great solution for some of the below services, considering the variation of traffic and workload throughout the year.
Include the following Capital Expenditure in your ROI assessment:Holiday Emporium spends an additional average of $70,000 per year for tech-refresh of the IT assets listed below.
Assets/Services Requested for Migration:
There are currently three (3) regional hubs:
California (Annual TCO = $75,000):
Three (3) Load-Balanced, public web-hosting servers which handle approximately 10,000 requests per day during the periods of October – January (peak-season). During other months, requests dwindle to an average of 500 per day (off-season).
One (1) VPN router connecting internal systems to the other two regional sites (2 connections), pushing approximately 2 TB I/O per month each, year-round.
One (1) Firewall pushing approximately 4 TB I/O per month during the peak season, and 2 TB during off-season.
Texas (Annual TCO = $100,000):
Two (2) Load-Balanced, private web-hosting servers which provide employee access to local SQL databases. These servers handle approximately 1,000 requests per day, year-round, and push approximately 2 TB I/O per month, year-round.
Four (4) SQL Databases with 4 TB of storage each. These DB’s are load-balanced in a 2×2 fashion. One set of DB’s is for customer data, the other set is for warehouse inventory tracking.
One (1) VPN router connecting to the other two sites (2 connections), pushing approximately 2 TB I/O per month each, year-round.
One (1) Firewall pushing approximately 2 TB I/O per month, year-round.
Pennsylvania (Annual TCO = $50,000):
Two (2) Load-Balanced, private web-hosting servers which provide general administration access for the company. These servers handle approximately 5,000 requests per day, year-round.
One (1) VPN router connecting to the other two sites (2 connections), pushing approximately 1 TB I/O per month.
One (1) Firewall pushing approximately 1 TB I/O per month.
Cost Analysis
One of the first steps in preparing a project plan for migration of assets and services to the cloud is to assess the potential Return on Investment (ROI). To do this (at a high level) is to simply identify what assets/services should be migrated, and calculate their cost over an appropriate period of time.
This factor of time will be different across industries and organizations, but generally a 1-3 year assessment will yield enough data to identify whether or not migration is in the best interest of your organization.
Using the above business case as a reference, utilize the to create a 1-year cost assessment to integrate into your ROI evaluation.
Assemble an itemized pricing inventory for all requested assets/services into a spreadsheet format (Excel or Google Sheets is appropriate). Azure Pricing Calculator can export your work into an Excel spreadsheet for further editing.
You will use this cost prediction to help determine whether or not cloud migration is a viable option for the Holiday Emporium.
You will need to investigate your options and perform additional research to make your determinations and service selections.
Summarize your findings and recommendations in a 300-500 word essay to be included with your deliverable.
Example of the Azure Pricing Calculator for Two SQL server VM’s with 100 million transactions for 1- year of usage
Exported spreadsheet of the calculated cost for the SQL servers shown above. Note the changes to description, and inclusion of the current cost listed on the right.
Activity Overview: In this graded activity, students will learn how to create an IPSec VPN tunnel on a Cisco network (via Packet Tracer). Students will configure end-to-end connectivity between two private networks, ISAKMP and IKE policies, and verify connectivity across the IPSec tunnel.
Activity Outcomes: After completing this activity students will be able to:
Demonstrate configuration of IPSec S2S VPN tunnels
Identify components of a functional S2S VPN
Demonstrate verification of connectivity across S2S VPN
Deliverable: Upload all requested screenshots below, as a .pdf export from the editor of your choosing.
Be sure to include your name, student number, and course (CNW-2511) at the top of your document.
Virtual Private Networks
In a modern organization, workers need to have access from anywhere in the world. In addition, many organizations are geographically-dispersed globally. Much of the information workers need to access is heavily controlled by internal and external policies and regulatory guidance.
The best method for ensuring both global access and data security, is through the use of Virtual Private Networks (VPN). These logical “tunnels” create an encrypted path which disregards traditional public network-traversal. VPN also provides authentication and authorization services, to ensure the data is from a trusted source and has not been tampered with. There are many methods for establishing VPN, and in the course of this lab you will be provisioning one type of Site-to-Site IPSec tunnel using Cisco Packet Tracer.
As you progress through this activity, your instructor will request that you capture a screenshot periodically (on Mac OS: “command+shift+3” to capture the whole screen, or “command+shift+4” then drag the cursor over the area you would like to capture). These screenshots are part of your required deliverable and will be graded.
Install and run Cisco Packet Tracer
Go to the website and create an account. You need to create an account in order to download the latest version of Packet Tracer. Network Academy will very likely put a short (24-48hr) hold on your account while they validate the information, so get this account created ASAP. Failure to create your account prior to the final weekend is not an excuse for missing this deliverable. See below for the backup plan. Please watch the Week 4 Part 1 lecture for further guidance, if needed.
Once logged in, navigate to the “Getting Started with Packet Tracer” course via the search bar at the top of the screen. Sign up for the course, then once you’ve accessed it, scroll down the main area of the course until you see the link to download packet tracer. Then, select the version of Packet Tracer which is compatible with your current Operating System, and install.
If you have issues creating an account or downloading the latest version from either site, here is a direct Gdrive link to download the software:
These versions have “guest login” capability. They do not require any account to function – each file is limited to 3 saves, however.
0:00 / 38:40
VPN Activity Walkthrough
Topology of the network you will be creating during this activity
Provision Resources in Packet Tracer
1. Once Packet Tracer is installed and running, create and connect these devices:
Three (3) 1941 Routers Two (2) 2960 Switches Two (2) PC Clients
Connect the clients (eth0) to the switches (fa0/1) with straight-through cables
Connect the switches (gi0/1) to the routers (gi0/1) with straight-through cables
Connect R1 (gi0/0) to R2 (gi0/0) with a cross-over cable
Connect R2 (gi0/1) to R3 (gi0/0) with a cross-over cable
2. Configure port access-modes on both switches:
Input the following commands on both S1 and S2:
“enable > conf t > interface fa0/1 > switchport mode access” (enables access-mode for the client connection)
“interface gi0/1 > switchport mode trunk” (enables trunk mode for the router connection)
“do write” (saves the running-configuration to the startup-configuration, “do” enables this command to be input at any privilege level)
3. Configure the Default Gateway and IP Address on both clients:
C1: IP Address 192.168.0.100, Default Gateway 192.168.0.1 C2: IP Address 192.168.1.100, Default Gateway 192.168.1.1
Example of Client 1 gateway settings
Example of Client 1 NIC settings
Configure Routers (Remember to save your CLI configurations OFTEN – “wr” or “do wr”)
1. Configuration inputs for the three routers:
Router 1:
hostname LNFI-R1 (names the device, global config)
interface g0/0 (“enable > conf t > interface g0/0”, interface config) ip address 10.0.0.1 255.255.255.0 (gives this interface an IP address) no shut (turns the interface on)
interface g0/1 ip address 192.168.0.1 255.255.255.0 no shut
ip route 0.0.0.0 0.0.0.0 10.0.0.2 (establishes a static route to R2 – the “public” router from any network to any network, Global Config)
Router 2 (this router only needs to know its own IP addresses):
hostname LNFI-R2
interface g0/0 ip address 10.0.0.2 255.255.255.0 no shut
interface g0/1 ip address 10.0.1.2 255.255.255.0 no shut
Router 3:
hostname LNFI-R3
interface g0/0 ip address 10.0.1.1 255.255.255.0 no shut
interface g0/1 ip address 192.168.1.1 255.255.255.0 no shut
ip route 0.0.0.0 0.0.0.0 10.0.1.2
Before moving forward, verify your connectivity from both clients to their respective gateway via “ping”, by clicking on the client, then entering the desktop tab and clicking on “command prompt”.
Try to ping the distant client from each side (C1->C2, C2->C1), and notice that the pings will not be able to reach their destination. This is because there is no actual routes established for the two private 192.168.x.x networks.
We’re going to fix that with our VPN configurations.
2. Install the Security License Module on all three (3) routers:
license boot module c1900 technology-package securityk9 (enable>conf t, global config)
Type “y” when prompted
Remember to write your running-config to the startup-config (“wr”), then type:
“reload” or “do reload” (depending on what configuration mode you are in) all three routers.
3. Configure IPsec on the routers at each end of the VPN tunnel (R1 and R3)
Router 1 (Global Config):
crypto isakmp policy 10 (establishes the policy to be configured) encryption aes 256 (the type of encryption to be used in this policy) authentication pre-share (establishes that this policy will use a pre-shared password) group 5 (establishes the Diffie-Hellman group to be used for this policy)
crypto isakmp key Fullsail1! address 10.0.1.1 (establishes the pre-shared key and the router to be shared with)
crypto ipsec transform-set R3 esp-aes 256 esp-sha-hmac (establishes the combination of encryption and hashing to be used for this specific R1-R3 IPSec tunnel)
crypto map IPSEC 10 ipsec-isakmp (establishes the settings for the overall VPN tunnel) set peer 10.0.1.1 (identifies what device will be allowed to peer with this map) set pfs group5 (establishes the Diffie-Hellman group for perfect forward security) set security-association lifetime seconds 86400 (lifespan of the established connection regardless of time-outs) set transform-set R3 (links the previously created transform set to this map) match address 100 (links the access-list 100 to this map to permit communication)
interface GigabitEthernet0/0 crypto map IPSEC (attaches the previously created crypto map to this interface)
access-list 100 permit ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255 (creates the ACL for communication between private networks on either side of the VPN tunnel, Interface Config)
crypto map IPSEC 10 ipsec-isakmp set peer 10.0.0.1 set pfs group5 set security-association lifetime seconds 86400 set transform-set R1 match address 100
interface GigabitEthernet0/0 crypto map IPSEC
access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
Verify Connectivity and Tunnel Functionality
Once all configurations have been input and saved for each device, you can verify that the IPSec tunnel is up and functional in two ways:
Open the command prompt on each of your clients, then ping the distant client’s IP (Keep in mind you will likely have to ping multiple times before the IPSec tunnel establishes a connection):
C1 -> C2 “ping 192.168.1.100” (SCREENSHOT)
C2 -> C1 “ping 192.168.0.100” (SCREENSHOT)
Access the CLI for R1 and verify that the pings above have properly transversed the IPSec tunnel:
In “enable” mode, type: “show crypto ipsec sa”
There should be a number of packets listed by “pckts encap” and pckts encrypt” which demonstrates that the ping traversal was successful. (SCREENSHOT)
Repeat Step 2 on R3 (SCREENSHOT)
Example of “show crypto ipsec sa” output from Router 1 after successful transmission across the VPN tunnell
Required Screenshots and Configuration Text
Take your screenshots/copy running-config text after all configurations and lab steps have been completed.
Running-configurations: On each of the below devices (in “enable” mode) type: “show run”. Press spacebar until all of the information is listed and you are returned to the CLI prompt. Select all of the text output and copy this text into your deliverable document.
Switch 1
Switch 2
Router 1
Router 3
Take a screenshot of your successful PING outputs from:
Client 1 to Client 2
Client 2 to Client 1
Take a screenshot of the output from “show crypto ipsec sa” from:
Router 1
Router 3
Take a screenshot of your topology AFTER all connections have been verified functional (links should all be GREEN)
Activity Overview: In this graded activity, students will learn how to publicly host web-content via two alternative methodologies. Students will host a static website directly via storage, and a server-less application.
Activity Outcomes: After completing this activity will be able to
Demonstrate configuration of storage accounts
Demonstrate configuration of server-less applications
Demonstrate web-hosting principles
Deliverable: Upload all requested screenshots below, as a .pdf export from the editor of your choosing.
Be sure to include your name, student number, and course (CNW-2511) at the top of your document.
Hosting Web Content in Azure
Part of the advantage in hosting an environment on a Cloud platform is the ease of access to resources from anywhere in the world. In order to leverage this advantage, organizations must provide publicly-accessible web content in a highly-available, scalable, yet cost-efficient manner. Technicians must be familiar with many of these deployment models, along with the various methods to implement them.
Utilizing a Command-Line Interface (CLI) is often preferable to a Graphical User Interface (GUI) in a production environment. Provisioning, automation, and configuration become far more efficient when a technician can perform tasks in this way.
Follow this link to log in to the Azure Portal. Virtual Machines (and many other billed resources), must be disabled/deleted via the Azure dashboard to prevent continuous billing. Shutting down a VM within the OS will not disable them.
After you have completed this activity, you will delete all created resources, then verify with screenshots.
Do not create any resources unless you are specifically requested to. This runs a very high risk of your student account credits ($100 cap) being spent in their entirety, at which point you will no longer be able to access any of the resources required for this course, and future courses.
In this lab, you will be provisioning:
One (1) Resource Group
One (1) Storage Account
One (1) Storage Blob
One (1) App Service Plan
One (1) App Service
As you progress through this activity, your instructor may request that you capture a screenshot periodically (on Mac OS: “command+shift+3” to capture the whole screen, or “command+shift+4” then drag the cursor over the area you would like to capture). These screenshots are part of your required deliverable and will be graded.
Please attend or view Live Lecture (Week 3 Part 1) when available for the latest walkthrough. It is important to understand Cloud Service Provider (CSP) platforms change frequently, so the available recording here may look differently than what you see. You are welcome to use your best judgement to navigate any differences, or wait until the Live Lecture recording becomes available for further elaboration.
Host a Static Website via Storage
Create a new Resource Group
Region: East US 2
Name: CNW-WEB
Create a new Storage Account
Resource Group: CNW-WEB
Storage Acct Name: “firstinitiallastname”web
Location: East US 2
Performance: Standard
Account Kind: StorageV2
Replication: Locally Redundant (LRS) or no redundancy, if available
Access-Tier: Standard (Whichever option is least expensive, this is considered Cool storage)
Create a Static Website from within the Storage Account
In the sidebar, under “Data Management” click “Static Website”
Click “Enabled”
Index Document Name: “index.html”
Note the Primary Endpoint URL (this is the public URL to access your static website)
Access “$web” container and upload “index.html” (download the .zip below and extract)
Leave upload blob setting as their defaults
Access your static website via the Endpoint URL (great color, huh!?) – screenshot
Return to to “Data Management > Static Website” and click “$web” to access the container
Click “Index.html” then select “Edit Blob”
On line 19, change the “bgcolor” Hex value to “FFFF00” (yellow) and click “Save” – screenshot
Access your website URL to see the changes (you may need to reload a few times)
1 KB
Host a Website via Server-less App
Create an App Service Plan
Name: “firstinitiallastname“web
Resource Group: CNW-WEB
OS: Windows
Location: Central US
Pricing Tier: F1 Free
Create an App Service
Name: cnw1″firstinitiallastname“
Resource Group: CNW-WEB
App Service Plan: The plan you just created (should be selected by default)
Application Insights: Disabled
OS: Windows
Runtime Stack: .NET Core 2.1 (or the nearest version if 2.1 is not available)
Configure App Service to display static website
Navigate to your storage blob website
Right click on the page, and select “View Page Source”
Select all (cmd+a), then copy (cmd+c)
Navigate back to your App Service
In the sidebar, select “Development Tools > App Service Editor”
Click “Go”
Select “WWWROOT > hostingstart.html”
Select all (cmd+a), then paste the copied html from step C
On line 19 or 20, change the “bgcolor” hex value to “F00200” (red)
Navigate to the App Service’s public URL (which can be found on the overview page) – it should be “cnw1firstinitallastname.azurewebsites.net”
Required Screenshots
The following screenshots should show the configurations identified in lab, for each component:
Storage Account
Overview page
Static Website page
Browser displaying the blob-hosted website (purple) – be sure to capture the entire browser window
Browser displaying the blob-hosted website (yellow) – be sure to capture the entire browser window.
App Service Plan Overview page
App Services
Overview page
App Services Editor displaying HTML for the hosted website
Browser displaying the App Services-hosted website (red) – be sure to capture the entire browser window
All Resources page showing that all resources have been completely deleted (it should be empty)
Activity Overview: In this graded activity, students will learn how to create a publicly-accessible load-balancing solution in a cloud environment. Students will provision the resources necessary through Azure Portal, then configure them via PowerShell CLI (via Run Command) and Azure Portal.
Activity Outcomes: After completing this activity students will be able to:
Be sure to include your name, student number, and course (CNW-2511) at the top of your document.
Load-Balancing in Azure
Part of the advantage in hosting an environment on a Cloud platform is the ease of access to resources from anywhere in the world. In order to leverage this advantage, organizations must provide publicly-accessible web content in a highly-available, scalable, yet cost-efficient manner. Technicians must be familiar with many of these deployment models, along with the various methods to implement them.
Load-Balancing is a necessary solution to maintain availability of publicly accessible resources. These configurations also allow for transparent “scale-out, scale-in” provisioning as the need for more back-end resources arises.
Follow this link to log in to the Azure Portal. Virtual Machines (and many other billed resources), must be disabled/deleted via the Azure dashboard to prevent continuous billing. Shutting down a VM within the OS will not disable them.
After you have completed this activity, you will delete all created resources, then verify with screenshots.
Do not create any resources unless you are specifically requested to. This runs a very high risk of your student account credits ($100 cap) being spent in their entirety, at which point you will no longer be able to access any of the resources required for this course, and future courses. Please contact your instructor ASAP if this occurs.
In this lab, you will be provisioning:
One (1) Resource Group
One (1) Virtual Network
One (1) Load-Balancer
One (1) Public IP
One (1) Network Security Group
Two (2) Virtual Machines
As you progress through this activity, your instructor may request that you capture a screenshot periodically (on Mac OS: “command+shift+3” to capture the whole screen, or “command+shift+4” then drag the cursor over the area you would like to capture). These screenshots are part of your required deliverable and will be graded.
Please attend or view Live Lecture (Week 3 Part 1) when available for the latest walkthrough. It is important to understand Cloud Service Provider (CSP) platforms change frequently, so the available recording here may look differently than what you see. You are welcome to use your best judgement to navigate any differences, or wait until the Live Lecture recording becomes available for further elaboration.
Provision Resources via Azure Portal
Wherever you see “LNFI”, input your last name followed by your first initial (e.g. cnw-lb-LNFI = cnw-lb-smithp)
Create a new Resource Group
name: cnw-lb-LNFI
location: westus3 (or any region that allows VM creation)
Create a new Virtual Network
name: cnw-LNFI
resource-group: cnw-lb-LNFI
address-prefixes: 10.0.0.0/24
subnet-name: cnw-web
subnet-prefix: 10.0.0.64/26
Create a new Public IP named “lb-pip” – This must match the Standard SKU of your Load Balander
Create a Load Balancer
Name: cnw-lb
Region: West US 3
SKU: Standard
Type: Public
Tier: Regional
Public IP Address: “lb-pip” (Use Existing) there may be an issue using a pre-created Public IP, in which case create a new public IP in this wizard.
SKIP the rest of the configuration options during the creation of the Load Balancer, we will be configuring the items below after it has been provisioned.
Configure Load Balancer Functions
Create a new backend pool
Name: cnw-VMbackend
Create a new health probe
Name: cnw-VMHP
Protocol: TCP
External / Frontend Port: 80
Internal / Backend Port: 80
Interval: 5 seconds
Create a new load balancing rule
Name: cnw-LB-http
Backend Pool: cnw-VMbackend
Frontend / External Port: 80
Backend / Internal Port: 80
Health Probe: cnw-VMHP
Create a new Network Security Group
Name: cnw-webNSG
Location: West US 3 (or the region you’ve selected)
Create a new Inbound Security Rule
Source: Service Tag
Source ST: Internet
Source Ports: *
Destination: Any
Destination Port Ranges: 80
Protocol: Any
Action: Allow
Priority: 100
Name: inbound_allow
Associate the NSG to the “cnw-web” Subnet
Create Virtual Machines (2)
VM 1 Name: web01 / VM 2 Name: web02
Region: West US 3 (or the region in which you are working)
Availability Options: None
OS: Windows Server (any datacenter version, 2025 may not work)
OS Disk Type: Standard SSD
Use Managed Disks: Yes
Virtual Network: cnw-LNFI
Subnet: cnw-web
Public IP: None – Important
NIC NSG: None
Place VM behind existing LB solution: Yes
Options: Azure Load Balancer
Load Balancer: cnw-lb-LNFI
Backend Pool: cnw-VMbackend
Management: All options OFF
Be sure to double-check the above VM settings on the “Review+Create” page, as provisioning certain VM configurations may change previously set ones.
Configure IIS via “Run Command”
It is possible to configure a virtual machine without the need for SSH or RDP, through Azure’s “Run Command” option within the Azure Portal. This is an extremely useful tool when a VM cannot be connected to while troubleshooting through normal remote means.
Complete the following steps on both of your provisioned VM’s:
From the Azure Portal, select the VM
Under “Operations” select “Run Command”
Select “RunPowerShellScript”
Copy and paste the following command string (all three lines):
Add-Content -Path “C:inetpubwwwrootiisstart.htm” -Value $(“Hello World from ” + $env:computername)
This process will take a few minutes, but you can proceed to the second VM in another tab while the first script runs. You will need screenshots of the output for both VM’s once the commands are successful.
Verify HTTP Connectivity and Load-Balancing
Navigate to your Load Balancer’s Overview page and copy the front-end public IP
Open your browser and paste the public IP to access the load-balanced website
Check to see which VM is posting the webpage by the name displayed
Reload the website a few times to see if the VM name changes (this may take quite a few reloads). It’s possible that your browser cached the first page to load, and reloading will not show the other VM’s website.
If the page isn’t alternating, go to your Virtual Machines and select “Stop” on the VM that is showing up when you access the website.
Once the VM is fully stopped, reload the website and you should see the other VM’s name.
To force this on the other VM, simply swap which VM is “On”
Required Screenshots
Take your screenshots after all configurations and lab steps have been completed.
The following screenshots should show the configurations identified in lab:
Virtual Machines
Overview for cnw-LNFI-web01
Overview for cnw-LNFI-web02
Virtual Networks
Diagram for cnw-lb-LNFI
Network Security Groups
Inbound Security Rules
Subnets
Load Balancers
Overview
Backend Pools (with the list expanded to show both VM’s)
Load Balancing Rules
Screenshot of web browser accessing:
cnw-LNFI-web01
cnw-LNFI-web02
All Resources
Showing all provisioned resources for this lab deleted
Activity Overview: In this graded activity, students will provision a virtual network, virtual machines, ACL/firewall rules, and their prerequisite components in Azure Cloud Platform. Students will then generate back up templates and connect to their compute resources remotely.
Activity Outcomes: After completing this activity will be able to
Demonstrate configuration of cloud-based virtual network functions
Demonstrate configuration of cloud-based ACL and firewall rules
Demonstrate the creation of backup/templates in Azure
Demonstrate remote connectivity to compute resources in the cloud
Deliverable: Upload all requested screenshots below, as a .pdf export from the editor of your choosing.
Be sure to include your name, student number, and course (CNW-2511) at the top of your document.
Provisioning Resources in Azure
Microsoft Azure Cloud Platform offers the ability to provision many cloud-based resources, including virtual appliances (VM’s and Containers), and virtual network functions (VNF). The process to create and configure these resources is reliable and quick within a cloud platform, so the reliance on our knowledge of theory and how these resources work together becomes paramount.
Follow this link to log in to the Azure Portal. Virtual Machines (and many other billed resources), must be disabled/deleted via the Azure dashboard to prevent continuous billing. Shutting down a VM within the OS will not disable them.
After you have completed this activity, you will delete all created resources, then verify with screenshots.
Do not create any resources unless you are specifically requested to. This runs a very high risk of your student account credits ($200 cap) being spent in their entirety, at which point you will no longer be able to access any of the resources required for this course, and future courses.
In this lab, you will be provisioning:
One (1) Virtual Network
Two (2) virtual NIC’s
One (1) static public IP (VIP – standard SKU)
One (1) firewall
One (1) network security group
One (1) private address spaces with two (2) subnets
Two (2) Virtual Machines
Whenever you see “LNFI” input your last name and first initial (ex: smithp)
As you progress through this activity, your instructor will request that you capture a screenshot periodically (on Mac OS: “command+shift+3” to capture the whole screen, or “command+shift+4” then drag the cursor over the area you would like to capture). These screenshots are part of your required deliverable and will be graded.
Please attend or view Live Lecture (Week 2 Part 1) when available for the latest walkthrough.It is important to understand Cloud Service Provider (CSP) platforms change frequently, so the available recording here may look differently than what you see. You are welcome to use your best judgement to navigate any differences, or wait until the Live Lecture recording becomes available for further elaboration.
Diagram of Activity Outcome
Lab Steps and Configuration Requirements
Resource Group
Name: LNFI-MMYYYY
Region: ANY REGION THAT ALLOWS YOU TO CREATE VM’S, I use “East” as a naming example here
Public IP
SKU: Standard (Static)
Name: cnw-region-PIP-LNFI
DNS name label: cnwLNFI
Resource Group: Use the one created above
Availability Zone: Zone-redundant
Virtual Network
Name: cnw-east-LNFI “east” or whatever region you are using
Address Space: 10.0.1.0 /24
Subnet: 10.0.1.64 /26
Name: cnw-east-compute-LFNI
Firewall: Enabled
Name: cnw-east-fw-LNFI
Firewall Subnet Address Space: 10.0.1.0 /26
Public IP Address: Use Existing (the PIP created above)
Network Interface 1
Name: cnw-east-client01
Virtual Network: Same as above
Subnet: cnw-east-compute…
Static address assignment
Private IP Address: 10.0.1.80
Network Security Group: None
Resource Group: Same as above
Network Interface 2 (same as above unless noted below)
Name: cnw-east-websrv
Private IP Address: 10.0.1.70
Network Security Group
Name: cnw-east-compute
Resource Group: Same as above
Configure Network Security Group – Apply to Subnet:
Virtual Network: Network created above
Subnet: cnw-east-compute…
Configure inbound rule for NSG (to allow Remote Desktop Connections)
Add Inbound Security Rule:
Source: IP Addresses
Source IP: Public IP on your end (use the link above to identify it)
Source Port Ranges: * (* means ALL)
Destination: Service Tag
Destination: VirtualNetwork
Destination Port Ranges: 3389
Protocol: Any
Action: Allow
Priority: 100
Name: RDP_in_allow
Description: in your own words
Firewall Rules > Add NAT Rule Collection
“cnw-east-compute-LFNI” Priority 100
Rule 1:
Name: RDP-allow-websrv
Protocol: TCP, UDP
Source Address: (your public IP)
Destination Address: (Azure Public IP)
Destination Port: 33890
Translated Address: 10.0.1.70
Translated Port: 3389
Rule 2 (same as above unless otherwise noted):
Name: RDP-allow-client01
Destination Port: 33891
Translated Address: 10.0.1.80
Virtual Machine 1 (These will auto-generate a new NIC which you will remove and replace with the earlier NIC’s you’ve created)
Name: cnw-client01
Region: East US
User Name: LNFI
Password: Fullsail11!!
Availability Options: None
Image: Windows 10 Enterprise, 22h2, any generation – Note that any version of Windows 10 should be okay if those aren’t listed for you
Size: Standard D2s_v3
Disks: Standard SSD, Use Managed Disks
Network: cnw-east-compute
Public IP: NO
NIC Security Group: None
Management: All options OFF, Security: Basic
Advanced: All options OFF
Virtual Machine 2(These will auto-generate a new NIC which you will remove and replace with the earlier NIC’s you’ve created)
Name: cnw-websrv
Region: East US
Username and Password: same as above
Availability Options: None
Image: Windows Server 2019, 2022, or 2025 (2025 may or may not work, but any version of these OS’ should be okay, see the walkthrough for more detail)
Size: Standard D2s v3
Disks: Standard SSD, Use Managed Disks
Network: cnw-east-compute
Public IP: NO
NIC Security Group: None
Management: All options OFF, Security: Basic
Advanced: All options OFF
Final Configurations and Testing
Go to the Virtual Machine overview and select “STOP” at the top of the list, this will turn the VM’s off. (may take a couple of minutes)
Go to each of the VM’s overview and select “Networking”
Attach the NIC you’ve previously created for the VM you are configuring.
Once the new NIC is attached, detach the auto-generated one.
Go to Network Interfaces in the sidebar, and delete both of the auto-generated NIC’s
Go to Virtual Networks in the sidebar, select your virtual network
Select DNS Servers, change to “Custom”
Input two DNS Servers: 10.0.1.70 and 8.8.8.8
Be sure to save your changes
Go to Virtual Machine overview and select “START” for both VM’s. (this may take a couple of minutes)
Download the Microsoft Remote Desktop client applicable for your computer
Select “+” to add a new RDP connection
Connection Name: CNW-websrv
PC Name: x.x.x.x:33890 (x.x.x.x = your Azure public IP)
No gateway configured
User name and password: As configured for each VM above
Close out the configuration window, and double click to connect to your server
Repeat this procress for your client machine
Connection Name: CNW-client01
PC Name: x.x.x.x:33891 (x.x.x.x = same IP as above)
Close out the window and connect to your client
PLEASE NOTE: If you have verified that your NSG and ingress access rules are configured correctly, but still cannot RDP into your VM’s, please just note that RDP was not able to connect and any troubleshooting steps you took, in place of the RDP screenshots. Sometimes, depending on the network a student is using, RDP is unable to traverse the home network or hot-spots.
Required Screenshots
The following screenshots should show the configurations identified in lab, for each component (PLEASE NUMBER AND LABEL YOUR SCREENSHOTS):
Resource Groups – Resource Group “LNFI-MMYYYY” Properties Page (showing all provisioned resources for this activity)
Public IP’s – Public IP “cnw-east-PIP-LNFI” Overview Page
Network Interfaces – List of both NIC’s created (conforming to lab requirements)
Net Security Groups – NSG “cnw-east-compute” Overview Page
Firewalls – “cnw-east-fw-LNFI” > Rules > NAT Rule list for “cnw-east-compute-LNFI” showing the two RDP inbound rule configurations
Virtual Machines:
Overview page for CNW-CLIENT01
Overview page for CNW-WEBSRV
While connect to each VM via RDP:
“ipconfig /all” on CNW-WEBSRV
“ipconfig /all” on CNW-CLIENT01
PLEASE NOTE: If you have verified that your NSG and ingress access rules are configured correctly, but still cannot RDP into your VM’s, please just note that RDP was not able to connect and any troubleshooting steps you took, in place of the RDP screenshots. Sometimes, depending on the network a student is using, RDP is unable to traverse the home network or hot-spots.
All Resources Page showing all resources deleted (not on the list)
ctivity Overview: In this graded activity, students will provision additional virtual networks and resources, establish an Active Directory Domain, and connect virtual networks via peering. Students will then verify connectivity of all created resources.
Activity Outcomes: After completing this activity will be able to
Demonstrate configuration of cloud-based virtual network functions
Demonstrate configuration of cloud-based Load Balancing and NAT
Demonstrate the configuration of internetwork connectivity
Demonstrate remote connectivity to compute resources in the cloud
Deliverable: Upload all requested screenshots below, as a .pdf export from the editor of your choosing.
Be sure to include your name, student number, and course (CNW-2511) at the top of your document.
Connecting Networks in Azure
Many enterprise networks consist of multiple locations with various shared functions, often due to internal or external requirements (e.g. disaster recovery or regulation). When migrating traditional resources to a virtualized environment in the cloud, engineers must be able to maintain the segmentation and distribution of those resources while providing a seamless transition for their end-users.
Follow this link to log in to the Azure Portal. Virtual Machines (and many other billed resources), must be disabled/deleted via the Azure dashboard to prevent continuous billing. Shutting down a VM within the OS will not disable them.
After you have completed this activity, you will delete all created resources, then verify with screenshots.
Do not create any resources unless you are specifically requested to. This runs a very high risk of your student account credits ($200 cap) being spent in their entirety, at which point you will no longer be able to access any of the resources required for this course, and future courses.
In this lab, you will be provisioning:
Three (3) virtual NIC’s
Two (2) virtual networks with one subnet each
One (1) Load Balancer
One (1) Public IP
Three (3) Virtual Machines
Two (2) V-Net connections via peering
As you progress through this activity, your instructor will request that you capture a screenshot periodically (on Mac OS: “command+shift+3” to capture the whole screen, or “command+shift+4” then drag the cursor over the area you would like to capture). These screenshots are part of your required deliverable and will be graded.
Please attend or view Live Lecture (Week 2 Part 2) when available for the latest walkthrough. It is important to understand Cloud Service Provider (CSP) platforms change frequently, so the available recording here may look differently than what you see. You are welcome to use your best judgement to navigate any differences, or wait until the Live Lecture recording becomes available for further elaboration.
Diagram of Activity Outcome
Lab Requirements (LNFI-MMYYY Resource Group)
Create two (2) virtual networks within any two regions which permit you to create VMs in (see Live Lecture for further elaboration), respectively, I am using US West and Central in the example below. No Firewalls
Region 1: “LNFI-West” Address Space – 10.0.0.0/24, Subnet: 10.0.0.0/24
Region 2: “LNFI-Central” Address Space 10.0.1.0/24, Subnet: 10.0.1.0/24
Create NSG (one NSG applied to the West US Subnet) permitting RDP (Port 3389), or allow all inbound if there are issues
Peer the West US and Central US virtual networks
Create two (2) virtual machines within West US Region and one (1) VM in Central US Region. There should be three (3) total VM’s created. You do not need to use D2s_v3 if it is not available, you can use any VM size which has at least 2 vCPUs and 8GB of RAM.
VM Size and OS:
1x D2s_v3 VM, Windows 10 (any version, but Enterprise 2H22 is most common) and 1x D2s_v3 VM, Windows Server (any version, datacenter is most common, 2025 may not work) in your first region D2s_v3 VM, finally 1x Win 10 VM in your second region
Allow incoming RDP (3389)
No Public IP
West US host names: “cnw-client01” / “cnw-websrv”
Central US host names: “cnw-client02”
Adjust the new VM NIC’s to static private IP’s
West US Server: 10.0.0.100
West US Client: 10.0.0.200
Central US Client: 10.0.1.200
Create a Load Balancer (provision a new public IP within this wizard) in West US Network (Take note of the Public IP that is provisioned). The Load Balancer and Public IP need to be standard SKU. The Load Balancer should be ‘Regional’ or ‘Internal’.
Create a new inbound NAT rule to a single VM: cnw-client01
Service: Custom
Protocol: TCP
Frontend Port: 33891
Target virtual Machine: CNW-Client01
Port mapping: Custom
Floating IP: Disabled (may not be an option)
Target/Backend port: 3389
Final Configurations and Testing
In Azure Portal, go to Virtual Networks, complete this configuration in both:
Select DNS Servers, change to “Custom”
Input two DNS Servers: 10.0.0.100 (primary) and 8.8.8.8 (secondary)
Be sure to save your changes
Open Microsoft Remote Desktop client applicable for your computer
Connect to: cnw-client01
Input the public IP for your Load-Balancer followed by the external port, example: “52.100.10.54:33891”
Input the login credentials created when you provisioned your VM
PLEASE NOTE: If you have verified that your NSG and ingress access rules are configured correctly, but still cannot RDP into your VM’s, please just note that RDP was not able to connect and any troubleshooting steps you took, in place of the RDP screenshots. Sometimes, depending on the network a student is using, RDP is unable to traverse the home network or hot-spots.
Once connected to cnw-client01, open RDP within cnw-client01 (use the search bar for “RDP”) and remotely connect to cnw-websrv and cnw-client02 (Use their private IP addresses and the login credentials you created when provisioning them)
While connected to each VM, disable Windows Firewall completely on all network types (this needs to be done for all three VM’s)
Disconnect from cnw-client02 and cnw-websrv (you should still be RDP into cnw-client01)
While RDP into cnw-client01, re-open your RDP session to cnw-websrv, and install Active Directory Domain Services, following all prompts that appear. In post configuration, name your domain “CNW.BIZ“
Now, add each client VM to the domain by using RDP.
After each client has been added, open command prompt and type “ipconfig /all” on both client VM’s to verify they have successfully been added to the domain.
After Lab is complete, verify all required screenshots have been taken (below), then delete all resources.
Required Screenshots
The following screenshots should show the configurations identified in lab, for each component (Please number and label your screenshots):
Virtual Networks
Inventory page (list of both V-Nets created)
2x Diagram Page – From the two V-nets provisioned (should show all resources provisioned during this activity) – these may not populate fully NOTE: IN CLASS ON 3/15 WE FOUND THIS RENAMED AS TOPOLOGY, NOT DIAGRAM.
Virtual Machines:
Overview page for cnw-client01
Overview page for cnw-client02
Overview page for cnw-websrv
Virtual Networks:
2x Peerings sub-page, shown as “connected” for each V-net
While connect to the following VM’s via RDP:
“ipconfig /all” on cnw-client01 (after it has been added to CNW.BIZ)
“ipconfig /all” on cnw-client02 (after it has been added to CNW.BIZ)
PLEASE NOTE: If you have verified that your NSG and ingress access rules are configured correctly, but still cannot RDP into your VM’s, please just note that RDP was not able to connect and any troubleshooting steps you took, in place of the RDP screenshots. Sometimes, depending on the network a student is using, RDP is unable to traverse the home network or hot-spots.
Load Balancers:
Overview Page
Inbound NAT Rules Page
All Resources Page showing all provisioned resources deleted
Activity Overview: In this graded activity, students will determine subnet scopes, assess routing metrics and paths, identify aspects of ACL’s and Firewalls, and design an IPv4 address space.
Activity Outcomes: After completing this activity you should be able to
Apply IP-Addressing conventions to subnet composition
Identify ACL and Firewall rules, and their components
Understand routing metrics and path determination
Identify commonly used TCP/UDP ports (quiz)
Deliverable: Upload your answers to the items below as a .pdf export from the editor of your choosing. Then complete the external Lab 1.2.1 Knowledge Check.
Be sure to include your name, student number, and course (CNW-2511) at the top of your document.
Grading Rubric:
40% – Subnet Scope Exercises
30% – IP-Address Space Design
20% – Routing Metrics and Path-Determination Exercises
10% – Document Organization, File Format, and File Naming Convention
Subnet Scope Exercises
Determine the Network ID, Host Range, and Broadcast ID for the following IP Addresses:
You are REQUIRED to utilize an online subnet calculator of your choosing, here are two: ()
or
YOUR ANSWERS MUST BE SCREENSHOTS FROM THE OUTPUT OF YOUR CHOSEN CALCULATOR
IP-Address Space Design
You are REQUIRED to utilize an online subnet calculator () or
Create a subnet scheme that includes the following:
A) Subnet scheme that can fit 200 subnets with a minimum size of 1,024 IP’s using a Class A private address space (10.x.x.x)
B) Subnet scheme that can fit 80 subnets with a minimum size of 256 IP’s each, using a Class Bprivate address space (172.16.x.x)
C) 3 (three) subnets for Router-to-Router connections using private Class C /30address space (192.168.x.x.)
YOUR ANSWERS MUST BE DELIVERED AS SCREENSHOTS FROM THE SUBNET CALCULATOR OUTPUT (THERE WILL BE FIVE(5) TOTAL)
Please join us for live lecture or watch the archive if you need a reminder on this process.
Routing Metric Exercise
Complete both sets of routing metric exercises below. The goal is to determine the path between each network with the lowest total “cost”. The metrics for each path are identified on each connecting line. See the example answer for possible formatting.
THERE ARE TWELVE(12) TOTAL ANSWERS FOR THIS SECTION OF THE ACTIVITY
Please refer to the Week 1 Part 1 Lecture recording if you have any questions.
What is the most efficient path to take, based upon the metrics given?(Remember: the lower the metric, the more efficient the path, you can pass through networks to get to others)
So long as each path chosen is easily identified, formatting can be however the student deem fit. Students may screenshot the each diagram and trace out lines visually for each path (please color-code, or use a separate screenshot per path).
Use the image above to answer the first set of routing metric questions
What is the most efficient path to take, based upon the metrics given?
Im working on a C++ Unreal Engine 5 assignment involving a BaseCharacter, Rifle, and Projectile system. The project compiles successfully, but the behavior is incorrect and Im stuck at the same point for the second submission attempt.
Below is the instructor feedback I received:
Base Character (18 pts) 11/18
No ChildActorComponent used (was using SpawnActor and AttachToComponent directly)
ChildActorComponent pointer not declared in header
AnimBP pointer not declared in header
Missing mesh location/rotation setup in constructor
Missing AnimBP caching in BeginPlay
Weapon object must be set before checking for nullptr
Must use ChildActorComponent with SetupAttachment and SetChildActorClass
Rifle (8 pts) 6/8
No FName variable declared
SkeletalMeshComponent must be declared in the header (not using FindComponentByClass)
Proper casting and ownership setup required
Projectile (24 pts) 23/24
Timer uses hardcoded 3.0f instead of declared float variable
Current issues:
The pawn does not appear correctly when playing (or behaves unexpectedly when ejecting)
The weapon does not attach/render properly
The ChildActorComponent behavior may be incorrect
Firing behavior is inconsistent
Everything compiles successfully
Assignment requirements include:
Using UChildActorComponent for the weapon (no direct SpawnActor)
Attaching the weapon to a skeletal mesh socket
Spawning the projectile from a muzzle socket
Converting AnimBP logic from Blueprint to C++
Proper separation of logic between BaseCharacter and Rifle
I am attaching the relevant C++ files:
BaseCharacter.h / .cpp
Rifle.h / .cpp
Projectile.h / .cpp
I am needing someone to help me correct the structural and logic errors directly in the code, and explain what is causing the pawn and weapon to behave incorrectly.
