2V0-41.19 Flashcards
Which tool injects packets and provides various observation points along the packet’s path between two NSX-T managed objects?
A. SPAN mirrors
B. Port Mirroring
C. Traceflow
D. IPFIX
Which two steps must an NSX administrator take to integrate VMware Identity Manager in NSX-T to support role-based access control?
A. Add NSX Manager as a Service Provider (SP) in VMware Identity Manager.
B. Create an OAuth 2.0 client in VMware Identity Manager.
C. Enter the service URL, Client Secret, and SSL thumbprint in NSX Manager.
D. Create a SAML authentication in VMware Identity Manager using the NSX Manager FQDN.
E. Enter the Identity Provider (IdP) metadata URL in NSX Manager.
Which CLI command is used for packet capture on the KVM Transport Node?
A. tcpdump
B. debug
C. set capture
D. tcpdump-uw
An NSX Administrator has disabled VMware Identity manager (vIDM) integration with NSX Manager. The administrator is no longer able to log in to VMware NSX manager and receives the error shown in the exhibit. Which NSX CLI command on the NSX Manager would fix this issue?
A. clear auth-policy vidm disabled
B. clear auth-policy vidm stop
C. clear auth-policy vidm enabled
D. clear auth-policy vidm start
What are three characteristics of a transport zone?
A. defines the potential reach of transport nodes
B. configured with a Single N-VDS
C. defines the scope and reachability of a Segment
D. configured with multiple N-VDS
E. optional for creating a segment
Which security feature on Tier-1 Gateways helps limit malicious traffic?
A. Unicast Reverse Path Forwarding (URPF)
B. Centralized Service Port (CSP)
C. Promiscuous Mode
D. Reverse Path Forwarding (RPF)
What needs to be configured on a Tier-0 Gateway to make NSX Edge Services available to a VM on a VLAN-backed logical switch?
A. Loopback Router Port
B. Centralized Service Port
C. VLAN Uplink
D. Downlink
Which command is used to verify the application of Distributed Firewall Rules applied to a VM on a KVM transport node?
A. esxcli network firewall get
B. esxcli network ip connection list
C. ovs-vsctl add-br br-int
D. ovs-appctl -t /var/run/openvswitch/nsxa-ctl dfw/rules
Which three different transport nodes could be configured in the data plane?
A. vShield Edge VM B. ESXi and KVM C. Linux-based Bare Metal server D. NSX Edge VM on KVM E. ESXi and Hyper-V F. VM or Bare Metal NSX Edge
An NSX administrator has deployed a single NSX Manager node and will be adding two additional nodes to form a 3-node NSX Management Cluster for a production environment. The administrator will deploy these two additional nodes and Cluster VIP using the NSX Simplified UI.
What are the pre-requisites for this configuration?
A. All nodes must be in the same subnet.
B. A compute manager must be configured.
C. All nodes must be in separate subnets.
D. NSX Manager must reside on a Windows Server.
E. The cluster configuration must be completed using API.
Considering Transport Zone limitations, how many NSX managed virtual distributed switches (N-VDSs) are needed on each ESXi to join all the Transport Zones?
A. 4
B. 3
C. 2
D. 1
Which two statements describe the characteristics of an Edge Cluster in NSX-T 2.4 Data Center?
A. must contain only one type of edge nodes (VM or bare metal)
B. can contain multiple types of edge nodes (VM or bare metal)
C. must have only active-active edge nodes
D. can have a maximum of 10 edge nodes
E. can have a maximum of 8 edge nodes
Which path is used to view the NSX Controller log file?
A. /var/log/cloudnet/nsx-ccp.log
B. /var/log/controller.log
C. /var/log/cloud/nsx-Icp.log
D. /var/log/ccp.log
Which CLI command is used to restart the Syslog service on a KVM transport node?
A. service.sh stop | start syslog
B. systemctl restart syslog
C. systemctl restart rsyslog
D. yum restart syslog
Which profile must be attached to the ESXi cluster to prepare the host for NSX-T Data Center?
A. Host Profile
B. Switching Profile
C. Uplink Profile
D. Transport Node Profile
Which two tools are used to configure centralized logging in NSX-T Data Center? (Choose two.)
A. vRealize Network Insight B. vRealize Automation C. vRealize Log Insight D. Syslog Server E. vRealize Operations
Which protocol uses the 6081 UDP port?
A. Network Virtualization using Generic Routing Encapsulation (NVGRE)
B. Generic Network Virtualization Encapsulation (GENEVE)
C. Stateless Transport Tunneling (STT)
D. Virtual Extensible LAN (VXLAN)
Which three CLI commands will list the TEP IPs configured on an ESXi transport node? (Choose three.)
A. esxcfg-vswitch -1 B. esxcfg-vmknic -1 C. esxcli network ip address list D. esxcli network ip netstack list E. esxcli network ip interface ipv4 get F. esxcli network ip interface list
Which TraceFlow traffic type should an NSX administrator use for validating connectivity between App and DB virtual machines that reside on different segments?
A. Multicast
B. Anycast
C. Broadcast
D. Unicast
An NSX administrator Is planning to deploy a multi-tier routing topology in their NSX-T Data Center environment to provide north-south connectivity for the VMs.
Which routing component must be deployed?
A. Tier-0 Gateway
B. Edge Node
C. Tier-1 Gateway
D. Edge Cluster
Which two CLI commands could be used to see if vmnic link status is down? (Choose two.)
A. esxcli network vswitch dvs vmware list B. esxcfg-nics -1 C. esxcfg-vmsvc/get.networks D. esxcfg-vmknic -1 E. esxcli network nic list
What is the correct prioritization for gateway policy categories?
A. Shared Pre-rules > Emergency > System > Local Gateway > Auto Service > Default
B. Shared Pre-rules > Emergency > Local Gateway > System > Auto Service > Default
C. Emergency > System > Shared Pre-rules > Auto Service > Local Gateway > Default
D. Emergency > System > Shared Pre-rules > Local Gateway > Auto Service > Default
Which three functions require a Services Router (SR) component on an Edge node? (Choose three.)
A. Distributed Firewall B. Service Insertion C. Gateway Firewall D. Virtual Private Network E. Distributed Routing F. Packet Forwarding
An NSX administrator has observed connectivity issues between the NSX Manager and the KVM Transport Node.
Which two log files could be used to troubleshoot the issue on the KVM Transport Node? (Choose two.)
A. /var/log/vmware/nsx-syslog B. /usr/vmware/log/syslog C. /var/log/nsx/syslog D. /usr/vmware/nsx-syslog E. /var/log/syslog
What are three possible installation options for NSX Edge?
A. Install NSX Edge on a bare-metal server.
B. Deploy NSX Edge using a QCOW2 image.
C. Install NSX Edge VM on KVM using an ISO image.
D. Deploy NSX Edge on KVM using ovftool.
E. Deploy NSX Edge VM on ESXi using OVA.
F. Install NSX Edge VM on ESXi using an ISO image.
Which three steps are required to create an IPSEC VPN tunnel? (Choose three.)
A. Create an IPSec service. B. Configure a distributed firewall policy. C. Configure a Tier-1 Gateway. D. Add a local endpoint. E. Configure an IPSec session. F. Add a logical switch.
An NSX administrator is retrieving a log bundle at the request of VMware Global Support. It is taking a long time to get the log bundle. The administrator reviews the configuration.
Which two changes to the configuration must be made to speed up the creation of the bundle. (Choose two.)
A. Disable upload bundle to remote file server
B. Change transfer protocol
C. Do not use ssh fingerprint
D. Create the support bundle from vCenterE. Disable Include core files and audit logs
How is the intra-tier transit link connection created between SR and DR for a Tier-0 Gateway?
A. Manually create a gateway interface and mark it as transit.
B. Automatically created when DR is created.
C. Automatically created when SR is initialized.
D. Manually create external uplink interface and mark it as transit.
Which two components are involved in the logical switching and N-VDS configuration during ESXi transport node installation? (Choose two.)
A. etherswitch B. Open vSwitch C. nsx-opsAgent D. vdl2 E. nsx-vswitch
A company is planning to implement NSX-T Data Center and will be using load balancing for 50 unique production workloads.
Which is the minimum NSX-T Edge size configuration required to support the production load balancer?
A. Large (8 vCPU 16GB RAM)
B. Medium (4 vCPU 8GB RAM)
C. Extra Large (12 vCPU 24GB RAM)
D. Small (2 vCPU 4GB RAM)
What are the advantages of using a Tier-0 Gateway in ECMP mode? (Choose two.)
A. stateful services leveraged B. increased north/south bandwidth C. traffic load balancing D. Failover of services E. traffic predictability
A user is assigned these two roles in NSX Manager:
• Load Balancer Administrator
• Network Engineer
What privileges does this user have in the system?
A. full access permissions on all networking services and full access permissions on load balancing features
B. read permissions on all networking services and read permissions on load balancing features
C. read permissions on all networking services and full access permissions on load balancing features
D. full access permissions on all networking services and read permissions on load balancing features
What are two valid options when configuring the scope of a distributed firewall rule? (Choose two.)
A. Group B. Tier-1 Gateway C. Segment Port D. Segment E. DFW
An NSX administrator has configured a KVM hypervisor as a transport node. Which kemel module on KVM implements a N VDS?
A. dvswitch
B. nsx-vswitch
C. openvswitch
D. etherswitch
An NSX administrator has configured a KVM hypervisor as a transport node. Which kemel module on KVM implements a N VDS?
A. dvswitch
B. nsx-vswitch
C. openvswitch
D. etherswitch
A customer is preparing to deploy VMware Kubernetes on an NSX-T Data Center.
What is the minimum MTU size for the UPLINK profile?
A. 1600
B. 1650
C. 1550
D. 1500
Which component does the hyperbus interface (vmk50) provide network connectivity to?
A. virtual machines and containers running across transport nodes
B. virtual machines running on the same hypervisor
C. containers running on ESXi/KVM transport nodes
D. virtual machines running in the same segment
An administrator wants to validate the BGP connection status between the Tier-0 Gateway and the upstream physical router.
What sequence of commands could be used to check this status on NSX Edge node?
A. – set vrf – show logical-routers- show bgp B. – show logical-routers- get vrf – show ip route bgp C. – enable – get vrf – show bgp neighbor D. – get logical-routers – vrf – get bgp neighbor
An NSX administrator is troubleshooting a connectivity issue with virtual machines running on an ESXi transport node.
Which feature in the NSX Manager Simplified UI shows the mapping between the virtual NIC and the host’s physical adapter?
A. N-VDS Visualization
B. Activity Monitoring
C. IPFIX
D. Port Mirroring
Which CLI command should be executed on a KVM hypervisor to retrieve the VM interface UUID?
A. virsh list-interface
B. virsh get-interface
C. virsh dumpxml | grep interfaceid
D. virsh show | grep interfaceid
