VMware NSX 4.x Professional v1.0

Page:    1 / 8   
Exam contains 106 questions
Expand All

An NSX administrator is creating a Tier-1 Gateway configured in Active-Standby High Availability Mode. In the event of node failure, the failover policy should not allow the original failed node to become the Active node upon recovery.
Which failover policy meets this requirement?

  • A. Enable Preemptive
  • B. Non-Preemptive
  • C. Preemptive
  • D. Disable Preemptive


Answer : B

Which two statements are true about IDS Signatures? (Choose two.)

  • A. Users can upload their own IDS signature definitions.
  • B. An IDS signature contains data used to identify the creator of known exploits and vulnerabilities.
  • C. IDS signatures can be High Risk, Suspicious, Low Risk and Trustworthy.
  • D. An IDS signature contains data used to identify known exploits and vulnerabilities.
  • E. An JDS signature contains a set of instructions that determine which traffic is analyzed.


Answer : CD

A company security policy requires all users to log into applications using a centralized authentication system.
Which two authentication, authorization, and accounting (AAA) systems are available when integrating NSX with VMware Identity Manager? (Choose two.)

  • A. LDAP and OpenLDAP based on Active Directory (AD)
  • B. RSA SecureID
  • C. Keygen Enterprise
  • D. SecureDAP
  • E. RADII 2.0


Answer : AB

Which three of the following describe the Border Gateway Routing Protocol (BGP) configuration on a Tier-0 Gateway? (Choose three.)

  • A. It supports a 4-byte autonomous system number.
  • B. The network is divided into areas that are logical groups.
  • C. Can be used as an Exterior Gateway Protocol.
  • D. BGP is enabled by default.
  • E. EIGRP is disabled by default.


Answer : ACD

Which is an advantages of a L2 VPN in an NSX 4.x environment?

  • A. Enables Multi-Cloud solutions
  • B. Enables VM mobility with re-IP
  • C. Achieve better performance
  • D. Use the same broadcast domain


Answer : D

Which NSX feature can be leveraged to achieve consistent policy configuration and simplicity across sites?

  • A. NSX HTML5 UI
  • B. Ethernet VPN
  • C. VRF Lite
  • D. NSX Federation


Answer : D

Which two choices are use cases for Distributed Intrusion Detection? (Choose two.)

  • A. Identify risk and reputation of accessed websites.
  • B. Quarantine workloads based on vulnerabilities.
  • C. Gain insight about micro-segmentation traffic flows.
  • D. Identify security vulnerabilities in the workloads.
  • E. Use agentless antivirus with Guest Introspection.


Answer : BD

Which command is used to set the NSX Manager's logging-level to debug mode for troubleshooting?

  • A. set service manager logging-level debug
  • B. set service nsx-manager logging-level debug
  • C. set service nsx-manager log-level debug
  • D. set service manager log-level debug


Answer : D

What are two valid BGP Attributes that can be used to influence the route path traffic will take? (Choose two.)

  • A. AS-Path Prepend
  • B. Cost
  • C. BFD
  • D. MED


Answer : AD

What must be configured on Transport Nodes for encapsulation and decapsulation of Geneve protocol?

  • A. STT
  • B. TEP
  • C. UDP
  • D. VXLAN


Answer : B

An NSX administrator would like to export syslog events that capture messages related to NSX host preparation events.
Which message ID (msgid) should be used in the syslog export configuration command as a filter?

  • A. MONITORING
  • B. GROUPING
  • C. FABRIC
  • D. SYSTEM


Answer : C

HOTSPOT -
Refer to the exhibit.
An administrator configured NSX Advanced Load Balancer to redistribute the traffic between the web servers. However, requests are sent to only one server.
Which of the following pool configuration settings needs to be adjusted to resolve the problem? Mark the correct answer by clicking on the image.



Answer :

Which of the two following characteristics about NAT64 are true? (Choose two.)

  • A. NAT64 is stateless and requires gateways to be deployed in active-standby mode.
  • B. NAT64 is supported on Tier-1 gateways only.
  • C. NAT64 is supported on Tier-0 and Tier-1 gateways.
  • D. NAT64 requires the Tier-1 gateway to be configured in active-standby mode.
  • E. NAT64 requires the Tier-1 gateway to be configured in active-active mode.


Answer : CD

Refer to the exhibit.
An administrator would like to change the private IP address of the NAT VM 172.16.101.11 to a public address of 80.80.80.1 as the packets leave the NAT-Segment network.
Which type of NAT solution should be implemented to achieve this?

  • A. DNAT
  • B. Reflexive NAT
  • C. NAT64
  • D. SNAT


Answer : D

DRAG DROP -
Refer to the exhibits.
Drag and drop the NSX graphic element icons on the left found in an NSX Intelligence visualization graph to its correct description on the right.



Answer :

Page:    1 / 8   
Exam contains 106 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy