Valentine Day Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > VMware > Vmware Certification > 2V0-41.23

2V0-41.23 VMware NSX 4.x Professional Question and Answers

Question # 4

How is the RouterLink port created between a Tier-1 Gateway and Tier-O Gateway?

A.

Automatically created when Tier-1 is connected with Tier-0 from NSX UI.

B.

Automatically created when Tier-1 is created.

C.

Manually create a Logical Switch and connect to bother Tier-1 and Tier-0 Gateways.

D.

Manually create a Segment and connect to both Tier-1 and Tier-0 Gateways.

Full Access
Question # 5

Which NSX CLI command is used to change the authentication policy for local users?

A.

Set cli-timeout

B.

Get auth-policy minimum-password-length

C.

Set hardening- policy

D.

Set auth-policy

Full Access
Question # 6

Which three selections are capabilities of Network Topology? (Choose three.)

A.

Display how the different NSX components are interconnected.

B.

Display the uplink configured on the Tier-0 Gateways.

C.

Display how the Physical components ate interconnected.

D.

Display the VMs connected to Segments.

E.

Display the uplinks configured on the Tier-1 Gateways.

Full Access
Question # 7

An administrator needs to download the support bundle for NSX Manager. Where does the administrator download the log bundle from?

A.

System > Utilities > Tools

B.

System > Support Bundle

C.

System > Settings > Support Bundle

D.

System > Settings

Full Access
Question # 8

Refer to the exhibit.

Which two items must be configured to enable OSPF for the Tler-0 Gateway in the Image? Mark your answers by clicking twice on the image.

Full Access
Question # 9

What are the four types of role-based access control (RBAC) permissions? (Choose four.)

A.

Read

B.

None

C.

Auditor

D.

Full access

E.

Enterprise Admin

F.

Execute

G.

Network Admin

Full Access
Question # 10

Which field in a Tier-1 Gateway Firewall would be used to allow access for a collection of trustworthy web sites?

A.

Source

B.

Profiles -> Context Profiles

C.

Destination

D.

Profiles -> L7 Access Profile

Full Access
Question # 11

What must be configured on Transport Nodes for encapsulation and decapsulation of Geneve protocol?

A.

VXIAN

B.

UDP

C.

STT

D.

TEP

Full Access
Question # 12

Which CLI command on NSX Manager and NSX Edge is used to change NTP settings?

A.

get timezone

B.

get time-server

C.

set timezone

D.

set ntp-server

Full Access
Question # 13

An NSX administrator Is treating a NAT rule on a Tler-0 Gateway configured In active-standby high availability mode. Which two NAT rule types are supported for this configuration? (Choose two.)

A.

Reflexive NAT

B.

Destination NAT

C.

1:1 NAT

D.

Port NAT

E.

Source NAT

Full Access
Question # 14

Which three DHCP Services are supported by NSX? (Choose three.)

A.

Gateway DHCP

B.

Port DHCP per VNF

C.

Segment DHCP

D.

VRF DHCP Server

E.

DHCP Relay

Full Access
Question # 15

Refer to the exhibit.

An administrator would like to change the private IP address of the NAT VM I72.l6.101.il to a public address of 80.80.80.1 as the packets leave the NAT-Segment network.

Which type of NAT solution should be implemented to achieve this?

A.

DNAT

B.

SNAT

C.

Reflexive NAT

D.

NAT64

Full Access
Question # 16

Which command is used to set the NSX Manager's logging-level to debug mode for troubleshooting?

A.

Set service manager log-level debug

B.

Set service manager logging-level debug

C.

Set service nsx-manager log-level debug

D.

Set service nsx-manager logging-level debug

Full Access
Question # 17

Which of the following settings must be configured in an NSX environment before enabling stateful active-active SNAT?

A.

Tier-1 gateway in active-standby mode

B.

Tier-1 gateway in distributed only mode

C.

An Interface Group for the NSX Edge uplinks

D.

A Punting Traffic Group for the NSX Edge uplinks

Full Access
Question # 18

Which CLI command shows syslog on NSX Manager?

A.

get log-file auth.lag

B.

/var/log/syslog/syslog.log

C.

show log manager follow

D.

get log-file syslog

Full Access
Question # 19

Refer to the exhibits.

Drag and drop the NSX graphic element icons on the left found in an NSX Intelligence visualization graph to Its correct description on the right.

Full Access
Question # 20

The security administrator turns on logging for a firewall rule.

Where is the log stored on an ESXi transport node?

A.

/var/log/vmware/nsx/firewall.log

B.

/var/log/messages.log

C.

/var/log/dfwpktlogs.log

D.

/var/log/fw.log

Full Access
Question # 21

An administrator has deployed 10 Edge Transport Nodes in their NSX Environment, but has forgotten to specify an NTP server during the deployment.

What is the efficient way to add an NTP server to all 10 Edge Transport Nodes?

A.

Use Transport Node Profile

B.

Use the CU on each Edge Node

C.

Use a Node Profile

D.

Use a PowerCU script

Full Access
Question # 22

Which VMware GUI tool is used to identify problems in a physical network?

A.

VMware Aria Automation

B.

VMware Aria Orchestrator

C.

VMware Site Recovery Manager

D.

VMware Aria Operations Networks

Full Access
Question # 23

Which two built-in VMware tools will help Identify the cause of packet loss on VLAN Segments? (Choose two.)

A.

Flow Monitoring

B.

Packet Capture

C.

Live Flow

D.

Activity Monitoring

E.

Traceflow

Full Access
Question # 24

An architect receives a request to apply distributed firewall in a customer environment without making changes to the network and vSphere environment. The architect decides to use Distributed Firewall on VDS.

Which two of the following requirements must be met in the environment? (Choose two.)

A.

vCenter 8.0 and later

B.

NSX version must be 3.2 and later

C.

NSX version must be 3.0 and later

D.

VDS version 6.6.0 and later

Full Access
Question # 25

An administrator wants to validate the BGP connection status between the Tier-O Gateway and the upstream physical router.

What sequence of commands could be used to check this status on NSX Edge node?

A.

set vrf

show logical-routers

show bgp

B.

show logical-routers

get vrf

show ip route bgp

C.

get gateways

vrf

get bgp neighbor

D.

enable

get vrf

show bgp neighbor

Full Access
Question # 26

An NSX administrator has deployed a single NSX Manager node and will be adding two additional nodes to form a 3-node NSX Management Cluster for a production environment. The administrator will deploy these two additional nodes and Cluster VIP using the NSX UI.

What two are the prerequisites for this configuration? (Choose two.)

A.

All nodes must be in separate subnets.

B.

The cluster configuration must be completed using API.

C.

NSX Manager must reside on a Windows Server.

D.

All nodes must be in the same subnet.

E.

A compute manager must be configured.

Full Access
Question # 27

When deploying an NSX Edge Transport Node, what two valid IP address assignment options should be specified for the TEP IP addresses? (Choose two.)

A.

Use an IP Pool

B.

Use a DHCP Server

C.

Use RADIUS

D.

Use a Static IP List

E.

Use BootP

Full Access
Question # 28

Which two choices are use cases for Distributed Intrusion Detection? (Choose two.)

A.

Use agentless antivirus with Guest Introspection.

B.

Quarantine workloads based on vulnerabilities.

C.

Identify risk and reputation of accessed websites.

D.

Gain Insight about micro-segmentation traffic flows.

E.

Identify security vulnerabilities in the workloads.

Full Access
Question # 29

What should an NSX administrator check to verify that VMware Identity Manager Integration Is successful?

A.

From VMware Identity Manager the status of the remote access application must be green.

B.

From the NSX UI the status of the VMware Identity Manager Integration must be "Enabled".

C.

From the NSX CLI the status of the VMware Identity Manager Integration must be "Configured".

D.

From the NSX UI the URI in the address bar must have "locaNfatse" part of it.

Full Access
Question # 30

Which three NSX Edge components are used for North-South Malware Prevention? (Choose three.)

A.

Thin Agent

B.

RAPID

C.

Security Hub

D.

IDS/IPS

E.

Security Analyzer

F.

Reputation Service

Full Access
Question # 31

Sort the rule processing steps of the Distributed Firewall. Order responses from left to right.

Full Access