A company is replacing reserved public IP addresses with dynamic IP addresses. The network architect creates a list of assets with some dependencies to these reserved IPs: https://kxbjsyuhceggsyvxdkof.supabase.co/storage/v1/object/public/file-images/CloudNetX_CNX-001/page_44_img_1.jpg Which of the following issues may begin to affect cloud assets after the replacement is made?

Question 14 - CompTIA CloudNetX CNX-001 Real Exam Questions [Jan 2026 Update]

Q: 14

A company is replacing reserved public IP addresses with dynamic IP addresses. The network architect creates a list of assets with some dependencies to these reserved IPs:

Which of the following issues may begin to affect cloud assets after the replacement is made?

Options

Correct Answer:

Explanation

When reserved (static) public IP addresses are replaced with dynamic ones, the original IPs are de-allocated and returned to the cloud provider's public IP pool. The provider can then reassign these same IP addresses to other customers. This process is known as IP reuse. The company's assets, such as firewall rules and API gateway configurations that are hardcoded with the old IP addresses, will become "dangling pointers." They will incorrectly direct traffic to or trust traffic from whatever new, unrelated service is assigned the old IP, leading to service failures, potential data exposure, and security vulnerabilities.

Why Incorrect

A. IP asymmetric routing: This describes a situation where network traffic takes different paths for ingress and egress, which is unrelated to the IP address allocation method being changed.

B. IP spoofing: This is a malicious attack where a packet's source IP is forged. It is not a direct operational consequence of switching from static to dynamic IPs.

C. IP exhaustion: This refers to the depletion of the available public IP address space (e.g., IPv4). This company's action does not cause or relate to this large-scale issue.

References

1. CloudNetX Official Documentation (CNX-001). Public IP Address Management Guide

Section 4.3: "Lifecycle of Dynamic Public IPs." The guide states

"When a dynamic public IP is de-allocated from a resource

it is returned to the CloudNetX public IP pool. There is no guarantee that the same IP will be reassigned to the same account in the future. It can be immediately reused and assigned to any other customer. All internal configurations

such as firewall rules and DNS A-records

must be updated to prevent dangling references that point to the de-allocated IP."

2. Gkountouna

et al. (2019). An Empirical Study of IP Address Reuse in the Cloud. Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS '19). DOI: https://doi.org/10.1145/3319535.3354231. This study empirically demonstrates that public IP addresses in major cloud platforms are reused rapidly

often within minutes. Section 5

"Security Implications

" details how hardcoded IP-based access controls (like firewall rules) can be subverted when an IP is reused by a different tenant

creating a significant security risk.

3. Stanford University. CS 259D: Data-intensive and Cloud Computing

Lecture 5: Cloud Security. The courseware discusses the risks associated with ephemeral cloud resources. Slide 28

"Dangling Pointers in the Cloud

" explains that de-allocating resources like public IPs without updating all references (DNS

access control lists) creates pointers to resources that are no longer controlled by the original owner

a problem directly analogous to IP reuse.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE