Add to collection(s) Add to saved
  1. No category
Uploaded by Said A. Quiroz Tapia

VMware.Testking.2V0-642.v2018-11-12.by.Brayden.75q

advertisement 
2V0-642.exam.75q
Number: 2V0-642
Passing Score: 800
Time Limit: 120 min
https://www.gratisexam.com/
2V0-642
VMware Certified Professional 6 - Network Virtualization 6.2 Exam
https://www.gratisexam.com/
Exam A
QUESTION 1
When specifying a source for a security rule, what is the purpose of the Negate Source check box?
A.
B.
C.
D.
If Negate Source is selected, the rule is sent to only the objects identified under object type.
If Negate Source is selected, the rule is applied to traffic coming from all sources except for the source identified under the object type.
If Negate Source is not selected, the rule is applied to traffic coming from all sources except for the source identified under the object type.
if Negate Source is not selected, the rule is sent to only the objects identified under the object type.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-C7A0093A-4AFA-47EC-9187-778BDDAD1C65.html
QUESTION 2
Which vSphere network object abstracts the physical network, provides access-level switching in the hypervisor and enables support for overlay networking?
https://www.gratisexam.com/
https://www.gratisexam.com/
A.
B.
C.
D.
Standard Switch
Distributed Port Group
Distributed Switch
Logical Switch
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/nsx/vmw-nsx-network-virtualization-design-guide.pdf
QUESTION 3
A network administrator has been tasked with deploying a 3-tier application across two data centers. Tier-1 and tier-2 will be located in Datacenter-A and tier-3 will
be located in Datacenter-B.
Which NSX components are needed to make this deployment functional?
A. A universal transport zone deployed with a universal distributed logical router (UDLR), a universal logical switch and two local logical switches connected to the
UDLR.
B. A universal transport zone deployed with a universal distributed logical router (UDLR), two universal logical switches and a single logical switch connected to the
UDLR.
C. A universal transport zone deployed with a universal distributed logical router (UDLR) and three universal logical switches connected to the UDLR.
D. A universal transport zone, a universal distributed logical router (UDLR) and three local switches in each data center connected to the UDLR.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
https://www.gratisexam.com/
QUESTION 4
Which two are accurate statements with regards to Guest Introspection installation? (Choose two.)
A.
B.
C.
D.
The service virtual machine performs data security and activity monitoring.
The installation deploys a virtual machine to hosts prepared for VMware NSX.
A security policy weight of 4300 is assigned to hosts prepared to Guest Introspection.
Guest Introspection is deployed with NSX Data Security by default.
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
QUESTION 5
Which three objects are supported for universal synchronization in a Cross-vCenter NSX deployment? (Choose three.)
A.
B.
C.
D.
E.
IP Pools
IP Sets
L2 bridges
MAC Sets
Transport Zones
Correct Answer: BDE
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-62/index.jsp?topic=%2Fcom.vmware.nsx-cross-vcenter-install.doc%2FGUID-35831055-57D8-4F2F-95BA8EFE5362746C.html
QUESTION 6
An organization has a PCI compliant application deployed as part of a larger NSX environment. Every year a team of contractors evaluates the security of the
environment and recommends changes.
What NSX Role and Scope should the contractors be given to minimize access but still allow them to fulfill the stated requirement?
A. NSX Administrator, Limit access scope
https://www.gratisexam.com/
B. Enterprise Administrator, Limit access scope
C. Auditor, Limit access scope
D. Security Administrator, No restrictions
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 7
When creating a new security policy how is the default weight determined?
A.
B.
C.
D.
The default weight is equal to the highest defined weight minus 1000.
The default weight is equal to the highest defined weight plus 1000.
The default weight is equal to the highest defined weight.
The default weight is incremented by 100, starting at 0.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-607C399F-0D11-4B95-90DA-A6E17E8C906E.html
QUESTION 8
What is the effect on NSX Edge virtual machines when NSX Edge high availability is configured but vSphere HA is NOT configured?
A. The active-standby NSX Edge pair will survive one failure. However, the virtual machines must reside on the same host to prevent NSX Edge availability from
being compromised.
B. The active-standby NSX Edge HA pair will survive multiple failures.
C. The active-standby NSX Edge HA pair will survive one failure. However, if another failure happens before the second Edge appliance is restored, NSX Edge
availability can be compromised.
D. The active-standby NSX Edge HA pair will survive two failures. However, the virtual machines must reside on two different hosts.
Correct Answer: C
Section: (none)
Explanation
https://www.gratisexam.com/
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-6C4F0C33-C6DD-432B-AA91-10AD6B449125.html
QUESTION 9
An administrator creates a SpoofGuard policy for specific networks.
Which two modes are associated with this type of policy? (Choose two.)
https://www.gratisexam.com/
A.
B.
C.
D.
Automatically trust IP assignments on their first use
Manually inspect and approve all IP assignments before use
Manually approve IP assignments listed in the Host file before use
Automatically inspect and trust IP assignments on every use
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Reference: http://www.virtually-limitless.com/vcix-nv-study-guide/create-modify-or-delete-spoofguard-policies/
QUESTION 10
Which would best describe a workload in Compute Cluster 1 attached to a logical switch port group?
https://www.gratisexam.com/
A.
B.
C.
D.
Within Compute Cluster 1, Layer 2 would function, but Layer 3 would fail.
Within Compute Cluster 1, Layer 2 would fail, and Layer 3 would fail.
Within Compute Cluster 1, Layer 2 would fail, but Layer 3 would function.
Within Compute Cluster 1, Layer 2 would function, and Layer 3 would function.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 11
Where can firewall rules be applied on the NSX Edge Services Gateway?
A.
B.
C.
D.
Rules can be applied on the uplink interface only.
Rules can be applied on either the uplink interface or internal interface.
Rules can be on either the uplink, internal, or management interfaces.
Rules can be applied on the management and uplink interfaces only.
Correct Answer: B
https://www.gratisexam.com/
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.install.doc%2FGUID-6FB89057-CD13-48AF-82F2-550B89F89FC5.html
QUESTION 12
Which is required to support unicast mode in NSX?
A.
B.
C.
D.
Hardware VTEP
Distributed Logical Router
NSX Controller
NSX Edge
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: http://www.virtually-limitless.com/vcix-nv-study-guide/create-transport-zones-in-nsx/
QUESTION 13
Which type of VPN should be configured to ensure application mobility between data centers?
A.
B.
C.
D.
Application VPN
L2VPN
IPSec VPN
SSL VPN-Plus
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Reference: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/nsx/vmw-nsx-network-virtualization-design-guide.pdf (page 23)
QUESTION 14
An application requires load balancing with minimal impact to network performance. An NSX administrator is deploying a load balancer to meet the stated
requirements.
https://www.gratisexam.com/
Which load balancing engine should be deployed?
A.
B.
C.
D.
Layer 5
Layer 6
Layer 7
Layer 4
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Reference: http://cloudmaniac.net/nsx-load-balancer-under-the-hood/
QUESTION 15
When configuring BGP routing in NSX, what is the purpose of the Graceful Restart check box?
A.
B.
C.
D.
Automatically restart the peer router when BGP session is established.
Allow packet forwarding to be uninterrupted during restart of BGP services.
Automatically restart the local router when BGP session is established.
Allow packet forwarding to be paused during restart of BGP services.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Reference: http://docs.hol.vmware.com/HOL-2017/hol-1703-sdc-1_html_en/
QUESTION 16
What is the purpose of a DHCP Relay Agent in an NSX Edge configuration?
A.
B.
C.
D.
Configures virtual machine interfaces to which DHCP messages are relayed.
Configures Edge interfaces from which DHCP messages are relayed.
Configures Edge interfaces to which DHCP messages are relayed.
Configures virtual machine interfaces from which DHCP messages are relayed.
https://www.gratisexam.com/
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Reference: http://pubs.vmware.com/NSX-61/index.jsp#com.vmware.nsx.admin.doc/GUID-C655D21F-C800-4C7F-A887-F5733810DF34.html
QUESTION 17
What are the correct steps for connecting a virtual machine to a logical switch?
A.
B.
C.
D.
Select the logical switch, select the virtual machine, click the Add Virtual Machine icon, select the vNIC to connect.
Select the logical switch, click the Add Virtual Machine Icon, select the VM, select the vNIC to connect.
Select the vNIC, click the Add Virtual Machine Icon, select the logical switch.
Click the Add Virtual Machine icon, select the logical switch, vNIC to connect.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 18
Which term describes a situation where a bottleneck is created when traffic is sent to a single device for security enforcement?
A.
B.
C.
D.
security event queueing
hairpinning
security looping
enforcement degradation
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 19
VMware NSX is a key component in enabling enterprises to realize the full potential of their investment in which technology?
https://www.gratisexam.com/
https://www.gratisexam.com/
A.
B.
C.
D.
Physical to virtual bridged networks.
Integrated physical topology.
Distributed firewall.
Software-defined data center.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Reference: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/whitepaper/products/nsx/vmware-nsx-network-virtualization-platform-whitepaper.pdf
QUESTION 20
A virtualized application needs access to a physical database. Both servers are on the 172.168.3.0/24 subnet. NSX has been deployed across the entire virtual
environment.
What method can be used to allow access between the servers?
A.
B.
C.
D.
Configure a DLR with an L2 bridge instance for 172.168.3.0/24 VXLAN to VLAN traffic.
Route 172.168.3.0/24 to the NSX Edge where the logical switch of the application exists.
Configure a NAT rule for 172.177.13.0/24 for the database physical router.
Configure the logical switch to bridge 172.168.3.0/24 to the physical router of the database.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
https://www.gratisexam.com/
QUESTION 21
When running the NSX Control Plane in Hybrid Mode what are the minimum physical network requirements? (Choose three.)
A.
B.
C.
D.
E.
MTU 1500
NSX Controller connectivity
IGMP Snooping
Multicast Routing with PIM
Unicast L3 Routing
Correct Answer: BCE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 22
Which three options are true about NSX logical bridges? (Choose three.)
A.
B.
C.
D.
E.
A logical bridge configured for HA uses a 15 second heartbeat by default to detect failure.
A logical bridge configured for HA uses (BFD) Bi-Directional Forwarding to detect a failure in a minimum of one second.
A logical bridge on the DLR supports VXLAN to VLAN bridging.
A logical bridge forwards traffic through the control VM.
A logical bridge forwards traffic through the hypervisor.
Correct Answer: ACE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 23
Which two NSX roles could be used to create security policies? (Choose two.)
A. Enterprise Administrator
B. Security Administrator
C. NSX Administrator
https://www.gratisexam.com/
D. Auditor
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-79F9067D-2F29-45DA-85C7-09EFC31549EA.html
QUESTION 24
A customer has Cisco Nexus 1000V switches in their environment and is looking at deploying NSX.
Which statement is correct?
A.
B.
C.
D.
The environment must be migrated from the Nexus 1000V to vSphere Distributed Switches.
The environment must be configured for VXLAN over the Nexus 1000V.
The environment can use the Nexus 1000V switches for the NSX deployment.
The environment must be migrated from the Nexus 1000V to vSphere Standard Switches.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference: https://fojta.wordpress.com/2014/06/09/migration-from-nexus-1000v-to-nsx-in-vcloud-director/
QUESTION 25
Which two networking and security components are contained in the backup configuration data of an NSX Manager backup file? (Choose two.)
A.
B.
C.
D.
vSphere Distributed Switch
Resource Pools
Edge Services Gateway
Grouping Objects
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
https://www.gratisexam.com/
QUESTION 26
If the Applied To scope is set to Distributed Firewall, which virtual machines will have the firewall rule applied?
A.
B.
C.
D.
Only the virtual machines defined in the Source field.
Only virtual machines defined in the Destination field.
All virtual machines in a Datacenter.
All virtual machines on prepared hosts.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Reference: http://www.routetocloud.com/2015/04/nsx-distributed-firewall-deep-dive/
QUESTION 27
A user has configured a specific distributed firewall rule preventing VM-A (172.16.10.11) on the Web-Logical Switch to communicate to VM-B (172.16.20.11),
running on the same switch. After the changes, the user is still able to communicated to VM-A from VM-B.
To debug this anomaly, the user will need to obtain logs from which component?
A.
B.
C.
D.
The Distributed Logical Router
The Edge Services Gateway
The appropriate ESXi Hosts(s)
The appropriate NSX Controller(s)
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 28
When deploying a standalone NSX Edge as a Layer 2 VPN client, which port needs to be configured on the client vSphere Distributed Switch?
A. Trunk port
https://www.gratisexam.com/
B. Span port
C. Sink port
D. Mirror port
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-62/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-C9E2B0E4-F1C1-44A7-B142-F814F801FA42.html
QUESTION 29
With which Application Profile types would the Insert X-Forwarded-For HTTP header option be used?
A.
B.
C.
D.
HTTP, HTTPS
TCP, UDP
HTTP, TCP
HTTP, UDP
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-58EB4584-2215-42A3-892D-CCD937CAFD3A.html
QUESTION 30
What vSphere Distributed Switch security policy allows virtual machines to send frames with a MAC Address that is different from the one specified in the vmx file?
A.
B.
C.
D.
MAC Address Changes
Failover detection
Forged Transmits
Promiscuous Mode
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
https://www.gratisexam.com/
Reference: http://www.vmwarearena.com/vsphere-distributed-switch-part-16/
QUESTION 31
In a Cross-vCenter implementation, where is the Universal Control Cluster deployed and configured?
A.
B.
C.
D.
In each vCenter instance associated with the Cross-vCenter implementation.
In each prepared NSX cluster associated with the Cross-vCenter implementation.
In every vCenter instance associated with an NSX Manager.
In the vCenter instance associated with the Primary NSX Manager.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-62/topic/com.vmware.ICbase/PDF/nsx_62_cross_vc_install.pdf (page 16)
QUESTION 32
Which highly available Edge design would provide high bandwidth and isolation to four application networks?
A.
B.
C.
D.
Four Distributed Routers (standalone mode) with one Edge Services Gateway in Active/Standby mode.
One Edge Services Gateway in ECMP mode.
One distributed Router (in HA mode) with two Edge Services Gateways in ECMP mode.
Four Distributed Routers (in HA mode) with one Edge Services Gateway in Active/Standby mode.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 33
An administrator is deploying NSX to secure the virtual environment. NSX Manager has been deployed and registered with the vCenter server.
Which additional step is required before the distributed firewall is functional?
A. Deploy the NSX Controller cluster
B. Enable Guest Introspection
https://www.gratisexam.com/
C. Perform host preparation on the cluster
D. Configure VTEPs on each host
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: https://esxsi.com/2017/01/18/nsx-part1/
QUESTION 34
An administrator has been asked to provide single failure redundancy. What is the minimum supported number of NSX Controllers needed to meet this
requirements?
A.
B.
C.
D.
2
3
1
5
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Reference: http://www.vmwarearena.com/vmware-nsx-installation-part-4-deploying-nsx-controller/
QUESTION 35
In which VMware NSX use case would VXLAN NOT be required?
A.
B.
C.
D.
L2 Bridging physical to virtual
NSX micro-segmentation
Active/Active Datacenter
Distributed Logical Routing
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
https://www.gratisexam.com/
QUESTION 36
Which NSX routing protocols offers the most flexible policy control when peering with the physical environment?
A.
B.
C.
D.
BGP
OSPF
ISIS
EIGRP
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 37
What is the best practice workflow for a NSX installation to support logical switching?
https://www.gratisexam.com/
A.
B.
C.
D.
Deploy NSX Manager, Configure Logical Switches, Register with vCenter, Deploy Controllers. Prepare hosts
Deploy NSX Manager, Deploy Controllers, Configure Logical Switches, Register with vCenter, Prepare hosts
Deploy NSX Manager, Register with vCenter, Prepare hosts, Deploy Controllers, Configure Logical Switches
Deploy NSX Manager, Register with vCenter, Deploy Controllers, Prepare hosts, Configure Logical Switches
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 38
https://www.gratisexam.com/
What can be enabled on the vSphere Distributed Switch to monitor IP packets that are passing through a distributed port group?
A.
B.
C.
D.
Traffic Marking
TraceFlow
Traffic Filtering
NetFlow
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/vsphere-60/index.jsp?topic=%2Fcom.vmware.vsphere.networking.doc%2FGUID-3CF9AEEB-08B0-47F5-A3B6ADD8A919DFA0.html
QUESTION 39
Which two statements are true regarding L2 Bridges and Distributed Logical Routers? (Choose two.)
A.
B.
C.
D.
There can only be one instance of an L2 Bridge on a DLR.
Each L2 bridge instance can map to multiple VLANs.
Each L2 bridge instance can only map to a single VLAN.
There can be multiple instances of an L2 bridge on a DLR.
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
Reference: http://www.virtualizationblog.com/nsx-step-step-part-12-deploying-l2-bridge-using-distributed-logical-router/
QUESTION 40
Which is a best practice to secure system traffic, ensure optimal performance and satisfy prerequisites for NSX?
A. Configure a single VMkernel and a single distributed port group for all the system traffic.
B. Configure a single distributed port group with a single VMkernel for Management and iSCSI traffic, a separate VMkernel for vMotion and VSAN traffic.
C. Dedicate separate VMkernel adapters for each type of system traffic. Dedicate separate distributed port groups for each VMkernel adapter and isolate the
VLANs for each type of system traffic.
D. Dedicate separate VMkernel adapters for each type of system traffic and dedicate separate standard switches for each type of system traffic connected to a
single physical network.
https://www.gratisexam.com/
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 41
When designing a multi-site NSX deployment, which capability requires Enhanced Linked Mode to function?
https://www.gratisexam.com/
A.
B.
C.
D.
Creating Universal Transport Zones
Creating Universal Logical Switches
Cross-vCenter vMotion
Registering a Secondary NSX Manager
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-62/topic/com.vmware.ICbase/PDF/nsx_62_cross_vc_install.pdf
QUESTION 42
Which details can an administrator verify from the Summary tab of the VMware NSX Manager? (Choose three.)
A.
B.
C.
D.
E.
Current time
Average MTBF
Version
Storage utilization
Health Score
Correct Answer: ACD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 43
Which three ways can membership be defined in a dynamic security group? (Choose three.)
A.
B.
C.
D.
E.
Distributed Firewall Rules
Locale ID
Security Tags
Security Groups
Regular Expressions
https://www.gratisexam.com/
Correct Answer: CDE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 44
Which two statements are true about NSX Data Security support? (Choose two.)
A.
B.
C.
D.
It supports HIPAA and PCI-DSS compliance policies as well as U.S. Driver License and Social Security numbers.
It supports both Windows and Linux-based virtual machines.
It only supports HIPAA and PCI-DSS compliance policies.
It only supports Windows-based virtual machines.
Correct Answer: AD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 45
Which two functions are provided by VMkernel ports? (Choose two.)
A.
B.
C.
D.
VXLAN Port Configuration
vSphere vMotion
ESXi Host Management
802.1Q VLAN tagging
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
Reference: http://www.pearsonitcertification.com/articles/article.aspx?p=2190191&seqNum=10
QUESTION 46
A network administrator is troubleshooting an issue and needs to observe an injected packet as it passes through the physical and logical network.
https://www.gratisexam.com/
Which tool will accomplish this?
A.
B.
C.
D.
Traceflow
NetFlow
Flow Monitoring
Activity Monitoring
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference: https://pubs.vmware.com/NSX-62/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-05647D5E-B669-40A8-8B84-02C18781186F.html
QUESTION 47
What is true when configuring vSphere Distributed Switches (vDS)?
A.
B.
C.
D.
All configurations are done by the vCenter Server. Each ESXi host can be part of multiple vDS.
All configurations are done by the vCenter Server. Each ESXi host can be part of only one vDS.
All configurations are done by the NSX Manager. Each ESXi host can be part of only one vDS.
All configurations are done by the NSX Manager. Each ESXi host can be part of multiple vDS.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 48
An administrator is attempting to troubleshoot a routing issue between the Edge Services Gateway (ESG) and the Distributed Logical Router (DLR).
https://www.gratisexam.com/
Based on the exhibit, which method CANNOT be used to troubleshoot the issue?
A.
B.
C.
D.
SSH session into 192.168.100.3 on the ESG.
Console session into the ESG.
Console session into the DLR.
SSH session into 192.168.10.5 on the DLR.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
https://www.gratisexam.com/
QUESTION 49
An NSX administrator is validating the setup for a new NSX implementation and inputs this command:
A.
B.
C.
D.
It helps verify that VXLAN segments are functional and the transport network supports the proper MTU size for NSX.
It helps verify that the source virtual machine is configured with the proper MTU size for NSX.
It helps verify that the NSX Controller is communicating with the destination VTEP.
It helps verify that the NSX Logical Switch is routing packets to the destination host.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Reference: https://www.viktorious.nl/2014/12/02/nsx-basics-creating-logical-switch/
QUESTION 50
An NSX Administrator is examining a broken set of firewall rules and discovers that the Block Telnet rule was created in the wrong section.
https://www.gratisexam.com/
Based on the exhibit, which option would correct the issue with the least amount of effort?
A.
B.
C.
D.
Use the Merge Section functionality to correct this.
Use the Move rule Up icon to move rules between sections.
Add a new rule called Block Telnet to the correct section and then remove the existing rule.
Delete the rule and then re-add the rule to the correct section.
Correct Answer: B
Section: (none)
Explanation
https://www.gratisexam.com/
Explanation/Reference:
QUESTION 51
What is a requirement of NSX Data Security?
A.
B.
C.
D.
NSX manager must be configured for Active Directory integration.
The Global Flow Collection Status must be set to Enabled.
Guest Introspection must be installed on the cluster.
AN IP Pool must be created.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Reference: http://pubs.vmware.com/NSX-61/index.jsp?topic=%2Fcom.vmware.nsx.install.doc%2FGUID-62B22E0C-ABAC-42D8-93AA-BDFCD0A43FEA.html
QUESTION 52
Which is a prerequisite for deploying an Edge Service Gateway?
A.
B.
C.
D.
Firewall Default Policy
An interface
Default Gateway
High Availability
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
Reference: http://buildvirtual.net/vcp-nv-deploying-an-edge-services-gateway/
QUESTION 53
Two virtual machines are unable to communicate with one another. The virtual machines are in the same distributed portgroup, but reside on different ESXi hosts.
What are two possible causes for the communications issue? (Choose two.)
https://www.gratisexam.com/
A.
B.
C.
D.
Basic multicast filtering mode has been disabled on the ESXi hosts.
No physical NICs are assigned as active or standby uplinks in a NIC team.
The standby links are configured on different VLANs, preventing heartbeats from reaching each VM.
The physical NICs assigned as active or standby uplinks reside on different VLANs on the physical switch.
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 54
An administrator needs to perform a configuration backup of NSX. From which two locations can this task be performed? (Choose two.)
https://www.gratisexam.com/
A.
B.
C.
D.
Directly on the NSX Manager
From the vSphere Web Client
Using the NSX API
Directly on each NSX Controller
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 55
Where does an administrator configure logging for the NSX Manager?
A. In the vSphere Web Client
B. In the NSX Manager GUI
https://www.gratisexam.com/
C. In the NSX Manager command line interface (CLI)
D. In the vSphere Syslog Collector
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 56
An NSX environment requires physical NIC redundancy for all dvPortGroups when connecting hosts to the physical network. There are two 10Gb NIC's per host.
Which two teaming methods should be used to ensure both links are utilized simultaneously? (Choose two.)
A.
B.
C.
D.
Virtual Port Channel
LACP Port-Channel
Static Port-Channel
Explicit Failover Order
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
QUESTION 57
What is required before running an Activity Monitoring report?
A.
B.
C.
D.
Enable data collection on the NSX Controller.
Enable data collection on the vCenter Server.
Enable data collection on the NSX Manager.
Enable data collection on the virtual machine.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
https://www.gratisexam.com/
QUESTION 58
An administrator wants to perform Activity Monitoring on a large group of virtual machines in an NSX environment. How would this task be accomplished with
minimal administrative effort?
A.
B.
C.
D.
Create a PowerCLI script to enable virtual machine data collection on each virtual machine.
Create a security group in Service Composer and add the virtual machines to the security group.
Add the virtual machines to the pre-defined Activity Monitoring security group in Service Composer.
Add the virtual machines to a VM folder in vCenter Server and enable data collection.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 59
A workload was attached to a logical switch port group in Compute Cluster 1. Users are complaining that they can communicate with other workloads on that port
group in the cluster, but not with other workloads on different networks.
https://www.gratisexam.com/
What is the most probable cause?
A.
B.
C.
D.
The distributed firewall has a default rule set to deny all.
The Distributed Logical Router was not configured on Compute Cluster 1.
Compute Cluster 1 is NOT a member of the Transport Zone.
An NSX Edge has NOT been deployed into Compute Cluster 1.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 60
https://www.gratisexam.com/
There is intermittent connectivity reported between virtual machines on separate hosts over logical switching.
What command-line tool can be used to test the MTU between two hosts?
A.
B.
C.
D.
netstat -1
esxcli network ip neighbor list
vmkping
traceroute
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 61
An NSX administrator determines that routing adjacency between a NSX Edge device and a Top Of Rack L3 switch CANNOT be established. Which two logs would
be the most useful in resolving this issue? (Choose two.)
A.
B.
C.
D.
NSX Manager Logs
Edge Services Gateway logs
Distributed Router Logs
NSX Controller logs
Correct Answer: BD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 62
Which service cannot be included in a Security Policy using Service Composer?
A.
B.
C.
D.
Endpoint Services
Firewall Rules
Virtual Private Network Services
Network Introspection Services
https://www.gratisexam.com/
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 63
Which load balancing algorithm is only available on a vSphere Distributed Switch?
A.
B.
C.
D.
Route Based on Source MAC Hash
Route Based on Originating Virtual Port
Route Based on IP Hash
Route Based on Physical NIC Load
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Reference: https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.networking.doc/GUID-959E1CFE-2AE4-4A67-B4D4-2D2E13765715.html
QUESTION 64
Which action is not an option for adding Virtual Machines to a Security Group?
A.
B.
C.
D.
Adding Virtual Machines to a Security Group and nesting it within another Security Group.
Defining Dynamic Membership in the Security Group.
Adding Virtual Machines to a Security Policy and associating it with a Security Group.
Selecting objects to include within a Security Group.
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 65
An NSX administrator notices that when configuring Flow Monitoring, the graphs do not include the IPFix flows. Where are these flows displayed?
https://www.gratisexam.com/
A.
B.
C.
D.
In the IPFix collector's interface.
In the Flow Monitor UI.
In the vRealize Operations UI.
In the IPFix tab of the NSX Manager UI.
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 66
An administrator is deploying NSX in a Cross-vCenter configuration across three data centers located 100 miles apart Datacenter-1 and Datacenter-3 already
have NSX deployed locally and Datacenter-2 does not have NSX deployed yet. What is the correct order of steps to configure all three data centers for this
solution?
A. 1. Remove the NSX manager from Datacenter-1 and Datacenter-3.
2. Reinstall all three NSX managers at the same time.
3. Deploy a universal transport zone.
4. Deploy a universal distributed logical router.
B. 1. Deploy an NSX manager at Dataсenter-2.
2. Change the roles of the NSX managers in Datacentar-1 and Datacenter-3 to Transit Mode.
3. Deploy a universal transport zone.
4. Configure the Primary and Secondary roles on all three NSX managers.
C. 1. Deploy an NSX manager in Datacenter 2.
2. Update the NSX manager role in Datacenter-1 to Primary.
3. Update the roles in Datacenter-2 and Datacentar-3 to Secondary.
4. Deploy a universal transport zone.
D. 1. Deploy the NSX manager at Datacenter-2.
2. Update the NSX manager role in Datacenter-1 to Primary.
3. Deploy a universal transport zone.
4. Deploy a universal distributed logical router.
Correct Answer: C
Section: (none)
Explanation
https://www.gratisexam.com/
Explanation/Reference:
QUESTION 67
A security administrator needs to create a Security Group based on an Active Directory group. However, AD Groups are not available as an option. What must the
administrator configure before AD Groups are available?
A.
B.
C.
D.
Guest Introspection virtual machines must be joined to the domain
Inventory Service must be registered with a domain account
NSX Manager must be registered with Active Directory
NSX Controller must be registered with Active Directory
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 68
What is the most restrictive NSX role that can be used to create and publish security policies and install virtual appliances?
A.
B.
C.
D.
Security Administrator
NSX Administrator
Auditor
Enterprise Administrator
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 69
In a Cross-vCenter NSX deployment, what are two requirements that must be met in order for an administrator to deploy both universal logical switches and local
logical switches within the same vCenter instance? (Choose two.)
A. A universal distributed logical router must be created.
https://www.gratisexam.com/
B. A local distributed logical router must be created.
C. A universal transport zone must be created.
D. A local transport zone must be created.
Correct Answer: CD
Section: (none)
Explanation
Explanation/Reference:
QUESTION 70
What are two benefits of the NSX Distributed Firewall? (Choose two.)
A.
B.
C.
D.
VMs are protected even as they are vMotioned.
Each VM is individually protected by a L2-L4 stateful firewall.
ESXi hosts are automatically protected by a distributed firewall.
VXLANs are automatically protected by the Transport Zone definition.
Correct Answer: AB
Section: (none)
Explanation
Explanation/Reference:
QUESTION 71
How many vCenter Server environments can a single NSX Manager serve at one time?
A.
B.
C.
D.
2000 vCenter Servers
10 vCenter Servers
1 vCenter Server
2 vCenter Servers
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
https://www.gratisexam.com/
QUESTION 72
A new ESXi host was added to an existing cluster, prepared for NSX and enabled for Distributed Firewall, logical switching and Logical Routing. The Host
Preparation page in the NSX Web UI shows this new host is in Ready state and the Logical Network Preparation tab displays the VXLAN VTEPs are correctly
configured. Virtual machines on the new host can communicate with each other but CANNOT communicate with VMs running on other hosts and connected to the
same Logical Switch. Which condition below will result in the described behavior on the new host?
A.
B.
C.
D.
NSX Edge is powered off
Host Agent (vpxa) to vCenter is disconnected
Rabbitmq message bus connection (vsfwd) to NSX Manager is down
Network Control Plane Agent (netcpa) connection to the controller is down
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 73
An administrator enables the NSX Ticket Logger to track infrastructure changes. The administrator logs out for lunch, returns and logs back in to complete the task.
What is the status of ticket logger when the administrator logs back in?
A.
B.
C.
D.
The ticket logger still tracks changes until it is turned off by the administrator.
The ticket logger is turned off.
The ticket logger will prompt the user if they still want to continue tracking changes.
The ticket logger will display an error.
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 74
What are two requirements of the network infrastructure to the access layer? (Choose two)
https://www.gratisexam.com/
A.
B.
C.
D.
IPv4 connectivity among ESXi hosts provided by a spine-leaf network design.
IPv4 connectivity among ESXi hosts.
Increased MTU if the virtual machines are using the default MTU size of 1500.
A Redundant, Layer 3, Top-of-Rack network design to provide high availability to ESX hosts.
Correct Answer: BC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 75
Which tool is used to detect rogue services?
A.
B.
C.
D.
NSX Logical Firewall
NSX Logical Router
Activity Monitoring
Flow Monitoring
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
https://www.gratisexam.com/
https://www.gratisexam.com/
Related documents
(1)
(1)
NSX Datasheet PDF
NSX Datasheet PDF
8.512 Theory of Solids II
8.512 Theory of Solids II
Analyze energy data to optimize operation of
Analyze energy data to optimize operation of
Best-in-class breaking capacity for marine
Best-in-class breaking capacity for marine
Download
advertisement