Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

NSX VCP-NV > NSX Set 8 > Flashcards

NSX Set 8 Flashcards

1
Q

What is the purpose of a DHCP Relay Agent in an NSX Edge configuration?

A. Configures virtual machine interfaces to which DHCP messages are relayed.

B. Configures Edge interfaces from which DHCP messages are relayed.

C. Configures Edge interfaces to which DHCP messages are relayed.

D. Configures virtual machine interfaces from which DHCP messages are relayed.

A

B. Configures Edge interfaces from which DHCP messages are relayed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

When configuration BGP routing in NSX, what is the purpose of the Graceful Restart check box?

A.
Automatically restart the peer router when BGP session is established.

B.
Allow packet forwarding to be uninterrupted during restart of BGP services.

C.
Automatically restart the local router when BGP session is established.

D.
Allow packet forwarding to be paused during restart of BGP services.

A

B.

Allow packet forwarding to be uninterrupted during restart of BGP services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An application requires load balancing with minimal impact to network performance. An NSX administrator is
deploying a load balancer to meet the stated requirements.
Which load balancing engine should be deployed?

A.
Layer 5

B.
Layer 6

C.
Layer 7

D.
Layer 4

A

D.

Layer 4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which three changes to a distributed switch configuration could trigger a rollback?

A.
Blocking all ports in the distributed port group containing the management VMkernel network adapter.

B.
Configure the virtual machine system traffic to enable bandwidth allocation using Network I/O Control.

C.
Adding a new host with a previous vDS configuration.

D.
Changing the MTU.

E.
Changing the VLAN settings in the distributed port group of the management VMkernel adapter.

A

A.
Blocking all ports in the distributed port group containing the management VMkernel network adapter.

D.
Changing the MTU.

E.
Changing the VLAN settings in the distributed port group of the management VMkernel adapter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How is high availability of the NSX Edge Gateway accomplished?

A.
HA Application Monitoring on the Edge Gateway sends a heartbeat to the ESXi host.

B.
VMware Tools on the Edge Gateway sends a heartbeat to the ESXi host.

C.
The Edge appliance sends a heartbeat through an uplink interface.

D.
The Edge appliance sends a heartbeat through an internal interface.

A

D.

The Edge appliance sends a heartbeat through an internal interface.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Where can firewall rules be applied on the NSX Edge Services Gateway?

A.
Rules can be applied on the uplink interface only.

B.
Rules can be applied on either the uplink interface or internal interface.

C.
Rules can be on either the uplink, internal, or management interfaces.

D.
Rules can be applied on the management and uplink interfaces only.

A

B.

Rules can be applied on either the uplink interface or internal interface.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An administrator creates a SpoofGuard policy for specific networks.
Which two modes are associated with this type of policy?

A.
Automatically trust IP assignments on their first use

B.
Manually inspect and approve all IP assignments before use

C.
Manually approve IP assignments listed in the Host file before use

D.
Automatically inspect and trust IP assignments on every use

A

A.
Automatically trust IP assignments on their first use

B.
Manually inspect and approve all IP assignments before use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

When creating a new security policy how is the default weight determined?

A.
The default weight is equal to the highest defined weight minus 1000.

B.
The default weight is equal to the highest defined weight plus 1000.

C.
The default weight is equal to the highest defined weight.

D.
The default weight is incremented by 100, starting at 0.

A

B.

The default weight is equal to the highest defined weight plus 1000.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In a Cross-vCenter environment, where is information about local logical switches and local logical routers
maintained?

A.
Local Controller Cluster

B.
Platform Services Controller

C.
Universal Controller Cluster

D.
Local Transport Zone

A

C.

Universal Controller Cluster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An organization has a PCI compliant application deployed as part of a larger NSX environment. Every year a
team of contractors evaluates the security of the environment and recommends changes.
What NSX Role and Scope should the contractors be given to minimize access but still allow them to fulfill the
stated requirement?

A.
NSX Administrator, Limit access scope

B.
Enterprise Administrator, Limit access scope

C.
Auditor, Limit access scope

D.
Security Administrator, No restrictions

A

B.

Enterprise Administrator, Limit access scope

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which two are accurate statements with regards to Guest Introspection installation?

A.
The service virtual machine performs data security and activity monitoring.

B.
The installation deploys a virtual machine to hosts prepared for VMware NSX.

C.
A security policy weight of 4300 is assigned to hosts prepared to Guest Introspection.

D.
Guest Introspection is deployed with NSX Data Security by default.

A

A.
The service virtual machine performs data security and activity monitoring.
D.
Guest Introspection is deployed with NSX Data Security by default.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are two requirements of the network infrastructure to virtualize the access layer? (Choose two.)

A.
IPv4 connectivity among ESXi hosts provided by a spine-leaf network design.

B.
IPv4 connectivity among ESXi hosts.

C.
Increased MTU if the virtual machines are using the default MTU size of 1500.

D.
A Redundant, Layer 3, Top-of-Rack network design to provide high availability to ESX hosts.

A

A.
IPv4 connectivity among ESXi hosts provided by a spine-leaf network design.

C.
Increased MTU if the virtual machines are using the default MTU size of 1500.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which two network services are abstracted from the underlying hardware by NSX?

A.
Virtual Private Networks

B.
Multiprotocol Label Switching

C.
Load Balancing

D.
Overlay Transport Virtualizations

A

A.
Virtual Private Networks

C.
Load Balancing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are two things that should be done before upgrading from vCloud Networking and Security to NSX?

A.
Power off vShield Manager

B.
Deploy NSX Manager virtual appliance

C.
Uninstall vShield Data Security

D.
Ensure that forward and reverse DNS is functional

A

C.
Uninstall vShield Data Security

D.
Ensure that forward and reverse DNS is functional

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A group of users needs secured access to a set of web-based applications in a SDDC.
Which VPN option is best suited for this?

A.
IPSec VPN

B.
SSL VPN-Plus

C.
L2VPN

D.
Application VPN

A

B.

SSL VPN-Plus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is one of the benefits of using logical switches in an NSX environment?

A.
Quality of Service parameters are automatically configured in a logical switch.

B.
The physical infrastructure is responsible for maintaining the logical switch broadcast tables.

C.
The physical infrastructure is not constrained by MAC/FIB table limits.

D.
IP subnet definitions can be migrated into logical switches using the NSX Manager.

A

C.

The physical infrastructure is not constrained by MAC/FIB table limits.

17
Q

Which virtual machine does VMware recommended be manually excluded from the Distributed Firewall?

A.
NSX Manager

B.
Microsoft SQL Server

C.
vRealize Automation Appliance

D.
vCenter Server

A

D.

vCenter Server

18
Q

Which three methods can be used by the NSX Distributed Firewall to discover IP addresses?

A.
DHCP Snooping

B.
IP Sets

C.
Spoofguard configured for Trust on First Use.

D.
VMware Tools installed on every guest virtual machine.

E.
ARP Snooping

A

A.
DHCP Snooping

D.
VMware Tools installed on every guest virtual machine.

E.
ARP Snooping

19
Q

A network administrator has been tasked with deploying a 3-tier application across two data centers. Tier-1 and
tier-2 will be located in Datacenter-A and tier-3 will be located in Datacenter-B.
Which NSX components are needed to make this deployment functional?

A.
A universal transport zone deployed with a universal distributed logical router (UDLR), a universal logical
switch and two local logical switches connected to the UDLR.

B.
A universal transport zone deployed with a universal distributed logical router (UDLR), two universal logical
switches and a single logical switch connected to the UDLR.

C.
A universal transport zone deployed with a universal distributed logical router (UDLR) and three universal
logical switches connected to the UDLR.

D.
A universal transport zone, a universal distributed logical router (UDLR) and three local switches in each
data center connected to the UDLR

A

A.
A universal transport zone deployed with a universal distributed logical router (UDLR), a universal logical
switch and two local logical switches connected to the UDLR.

20
Q

Which vSphere network object abstracts the physical network, provides access-level switching in the hypervisorand enables support for overlay networking?

A.
Standard Switch

B.
Distributed Port Group

C.
Distributed Switch

D.
Logical Switch

A

C.

Distributed Switch

21
Q

Which three objects are supported for universal synchronization in a Cross-vCenter NSX deployment? (Choose
three.)

A.
IP Pools

B.
IP Sets

C.
L2 bridges

D.
MAC Sets

E.
Transport Zones

A 
A.
IP Pools
D.
MAC Sets
E.
Transport Zones
22
Q

What is the effect on NSX Edge virtual machines when NSX Edge high availability is configured but vSphere
HA is NOT configured?

A.
The active-standby NSX Edge pair will survive one failure. However, the virtual machines must reside on
the same host to prevent NSX Edge availability from being compromised.

B.
The active-standby NSX Edge HA pair will survive multiple failures.

C.
The active-standby NSX Edge HA pair will survive one failure. However, if another failure happens before
the second Edge appliance is restored, NSX Edge availability can be compromised.

D.
The active-standby NSX Edge HA pair will survive two failures. However, the virtual machines must reside
on two different hosts.

A

C.
The active-standby NSX Edge HA pair will survive one failure. However, if another failure happens before
the second Edge appliance is restored, NSX Edge availability can be compromised.

23
Q

Which type of VPN should be configured to ensure application mobility between data centers?

A.
Application VPN

B.
L2VPN

C.
IPSec VPN

D.
SSL VPN-Plus

A

B.

L2VPN

24
Q

Which is required to support unicast mode in NSX?

A.
Hardware VTEP

B.
Distributed Logical Router

C.
NSX Controller

D.
NSX Edge

A

C.

NSX Controller

NSX VCP-NV (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions