Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

NSX VCP-NV > NSX Set 6 > Flashcards

NSX Set 6 Flashcards

1
Q

Which component is not a security service facilitated by Guest or Network Introspection?

a. Data loss prevention
b. Network Address Translation
c. Malware protection
d. Vulnerability management

A

b. Network Address Translation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which security service is not facilitated by Network Introspection?

a. Intrusion prevention
b. Data security
c. Malware protection
d. Antivirus protection

A

d. Antivirus protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which statement is a valid example of a security service protecting a virtual
machine?

a. The logical switch sends traffic that leaves the virtual machine and is directed to the security service appliance.
b. The distributed firewall sends traffic that arrives for the virtual machine from the security service appliance.
c. The ESXi host redirects virtual machine traffic to the security service module running in the host’s kernel.
d. The ESXi host redirects the virtual machine traffic to the security service appliance using the IOChain.

A

a. The logical switch sends traffic that leaves the virtual machine and is directed to the security service appliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the first step in consuming a security service from a provider?

a. Register the security service with NSX Manager.
b. Register the security service with vCenter.
c. Register the ESXi hosts with the security service.
d. Create a profile with the security service provider.

A

a. Register the security service with NSX Manager.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which is not a dynamic selection option for a security group?

a. Virtual machine name
b. Computer OS name
c. LDAP group
d. Entity

A

c. LDAP group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How do you prevent a virtual machine from being a member of a security group?

a. Do not include the virtual machine in the Define Dynamic Objects view.
b. Do not include the virtual machine in the Select Objects to Include view.
c. Add the virtual machine to the Select Objects to Exclude view.
d. Add the virtual machine to the NSX Manager’s Exclusion List.

A

c. Add the virtual machine to the Select Objects to Exclude view.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

If two security policies are associated with the same security group, which policy gets enforced first?

a. The security policy that is associated first
b. The security policy that is associated last
c. The security policy that has the highest weight
d. The security policy with the most secure service

A

c. The security policy that has the highest weight

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which is not a policy that can be configured as part of a security policy?

a. Guest Introspection Services
b. Network Introspection Services
c. Distributed firewall rule
d. SpoofGuard

A

d. SpoofGuard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A security policy named Santa Maria is configured with a distributed firewall
rule and then applied to a security group named La Pinta.
Based on this configuration, which two conditions are true? (Choose two.)

a. The source or the destination of the distributed firewall rule is La Pinta.
b. The distributed firewall rule is added below any existing rules, but above the default rule.
c. Both the source and destination of the distributed firewall rule can be Any.
d. Santa Maria can be applied to another security group.
e. The distributed firewall rule is added at the top so it will be enforced before any existing rules.

A

a. The source or the destination of the distributed firewall rule is La Pinta.
d. Santa Maria can be applied to another security group.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Where are security tags created?

a. In NSX Manager
b. In vCenter
c. In Service Composer
d. In the security service provider

A

a. In NSX Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How does VMware Data Security provide its services to virtual machines?

a. VMware Data Security scans, via an appliance, data stored in protected virtual machines to check against security compliance.
b. VMware Data Security scans, via NSX Manager, data stored in protected virtual machines to check against security compliance.
c. VMware Data Security scans, via vCenter, data stored in protected virtual machines to check against security compliance.
d. VMware Data Security scans, via NSX Edge, data stored in protected virtual machines to check against security compliance.

A

a. VMware Data Security scans, via an appliance, data stored in protected virtual machines to check against security compliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which two components are required to successfully implement VMware Data Security? (Choose two.)

a. A data security appliance deployed to the data center where you want to enable Data Security.
b. An EPSEC-MUX agent deployed to the ESXi host where you want to enable Data Security.
c. A security policy with Guest Introspection Services of Data Security.
d. A logical firewall rule that allows Data Security, applied to the virtual machines that require protection.

A

b. An EPSEC-MUX agent deployed to the ESXi host where you want to enable Data Security.
c. A security policy with Guest Introspection Services of Data Security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which two steps are used to enable data collection in a virtual machine? (Choose two.)

a. Right-click the virtual machine and select Edit Settings. In the VM Options tab, check the Enable Activity Monitoring Data Collection box.
b. In the virtual machine’s Manage tab, select NSX Activity Monitoring, click Edit, and answer Yes in the pop-up window.
c. Add the virtual machine to the Security Group Activity Monitoring Data Collection.
d. From the Networking and Security home page, select Activity Monitoring. In the VM Activity tab, click Add VM.

A

b. In the virtual machine’s Manage tab, select NSX Activity Monitoring, click Edit, and answer Yes in the pop-up window.
c. Add the virtual machine to the Security Group Activity Monitoring Data Collection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What activity is displayed by the Inter Container Interaction activity report?

a. Activities between virtual machines running on the same ESXi host.
b. Activities between virtual machines in the same cluster.
c. Activities between monitored virtual machines.
d. Activities of users in the selected Active Directory group.

A

c. Activities between monitored virtual machines.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What two appliances must be deployed for Activity Monitoring to work? (Choose two.)

a. VMware Data Security virtual appliance
b. VMware Activity Monitoring virtual appliance
c. NSX Data Security virtual appliance
d. Universal services virtual machine

A

a. VMware Data Security virtual appliance

d. Universal services virtual machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which entity collects the traffic flow information when Flow Monitoring is enabled?

a. vCenter
b. The configured IPFix collector
c. The NSX Manager
d. The NSX Edge device(s)

A

c. The NSX Manager

17
Q

Which is not a source exclusion container option for Flow Monitoring?

a. IP sets
b. Virtual machines
c. ESXi host
d. vNIC

A

c. ESXi host

18
Q

Which Traceflow is used when enabling a multicast Traceflow?

a. Layer 2 Traceflow
b. Layer 3 Traceflow
c. Layer 4 Traceflow
d. A Traceflow where both the source and destination are virtual machines.

A

a. Layer 2 Traceflow

19
Q

You are assigning a role to a user. Where does NSX Manager obtain the user information?

a. From the configured LDAP server in NSX Manager.
b. From the configured AD server in NSX Manager.
c. From a list of users manually entered into NSX Manager.
d. From the list of users known to vCenter.

A

d. From the list of users known to vCenter.

20
Q

Which of the following is not a role in NSX Manager?

a. NSX administrator
b. Security administrator
c. Read-only
d. Enterprise administrator

A

c. Read-only

21
Q

Which two are entities the consumption plane communicates with? (Choose two.)

a. NSX Controller
b. NSX Edge
c. vCenter
d. NSX Manager

A

c. vCenter

d. NSX Manager

22
Q

What is the name of a REST entity that has an HTTP URI?

a. Web page
b. Resource
c. End point
d. REST client

A

b. Resource

23
Q

Which HTTP method is not supported by NSX APIs?

a. GET
b. COPY
c. POST
d. PUT

A

b. COPY

24
Q

Which two Content-Types do NSX APIs support? (Choose two.)

a. Text
b. XML
c. JSON
d. HTML

A

b. XML

c. JSON

25
Q

Which URL can be used to query the existing transport zones in an NSX Manager?

a. https://NSXMGR-IP/api/4.0/scopes/
b. https://NSXMGR-IP/api/2.0/vdn/scopes/
c. https://NSXMGR-IP/api/2.0/scopes/
d. https://NSXMGR-IP/api.4.0/vdn/scopes/

A

b. https://NSXMGR-IP/api/2.0/vdn/scopes/

26
Q

When deploying a distributed logical router, what is the value of the type tag?

a. gatewayServices
b. distributedRouter
c. logicalDistributedRouter
d. distributedLogicalRouter

A

b. distributedRouter

27
Q

A logical router was deployed via the NSX APIs, but no Control VM was provisioned. What tag and value were used to prevent the Control VM from being deployed?

a. Tag: deployAppliances, Value: no
b. Tag: applianceSize, Value: Null
c. Tag: deployAppliances, Value: false
d. Tag: applianceSize, Value: noAppliance

A

c. Tag: deployAppliances, Value: false

28
Q

What XML tag is used to connect an NSX Edge’s interface to a logical switch?

a. connectedToId
b. type
c. portgroupId
d. isConnected

A

c. portgroupId

29
Q

Which is not a valid vRealize network profile?

a. Routed network profile
b. NAT network profile
c. Load balancer network profile
d. External network profile

A

c. Load balancer network profile

30
Q

You are a vRA Tenant Administrator for tenant ABC. You want to create a blueprint that deploys a logical router. What must you do to prepare a blueprint to deploy logical routers?

a. In vRealize Orchestrator, create a workflow that includes the NSX API calls to create a logical router and call the workflow from the blueprint.
b. In vRealize Orchestrator, create a logical router network profile and add the logical router network profile to the blueprint.
c. In vRA, create a logical router network profile and add the logical router network profile to the blueprint.
d. In vRA, create a routed network profile that includes the logical router and add the routed network profile to the blueprint.

A

a. In vRealize Orchestrator, create a workflow that includes the NSX API calls to create a logical router and call the workflow from the blueprint.

31
Q

Which versions of vCNS can be upgraded to NSX for vSphere?

a. vCNS 5.0 and higher
b. vCNS 5.1 and higher
c. vCNS 5.5 and higher
d. vCNS 5.5u3 and higher

A

c. vCNS 5.5 and higher

NSX VCP-NV (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions