CertsTopics Logo

Summer Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 60certs

VMware 2V0-41.20 Dumps

Page: 1 / 3
Total 93 questions
Get 2V0-41.20 Full Access Download 2V0-41.20 PDF

Professional VMware NSX-T Data Center Questions and Answers

Question 1

What are three characteristics of a transport zone? (Choose three.)

Options:

A.

defines the potential reach of transport nodes

B.

configured with a Single N-VDS

C.

defines the scope and reachability of a Segment

D.

configured with multiple N-VDS

E.

optional for creating a segment

Question 2

An NSX administrator has configured a KVM hypervisor as a transport node. Which kernel module on KVM implements a N-VDS?

Options:

A.

openvswitch

B.

etherswitch

C.

nsx-vswitch

D.

dyswitch

Question 3

Which three functions require a Services Router (SR) component on an Edge node? (Choose three.)

Options:

A.

Service Insertion

B.

Distributed Routing

C.

Packet Forwarding

D.

Gateway Firewall

E.

Distributed Firewall

F.

Virtual Private Network

Question 4

Where do you configure the VLANs used in VRF Lite? (Choose two.)

Options:

A.

uplink interface of the default Tier-0 gateway

B.

uplink interface of the VRF gateway

C.

downlink interface of the default Tier-0 gateway

D.

segment connected to the Tier-1 gateway

E.

uplink trunk segment

Question 5

Which CLI command would an administrator use to allow syslog on an ESXi transport node when using the esxcli utility?

Options:

A.

esxcli network firewall ruleset -e syslog

B.

esxcli network firewall ruleset set -a -e false

C.

esxcli network firewall ruleset set -r syslog -e true

D.

esxcli network firewall ruleset set -r sysloq -e false

Question 6

An administrator has a requirement to have consistent policy configuration and enforcement across NSXT instances. What feature of NSX-T Data Center fulfills this requirement?

Options:

A.

Load balancer

B.

Policy-driven configuration

C.

Multi-hypervisor support

D.

Federation

Question 7

When a stateful service is enabled for the first time on a Tier-0 Gateway, what happens on the NSX Edge node?

Options:

A.

SR and DR doesn’t need to be connected to provide any stateful services.

B.

DR is instantiated and automatically connected with SR.

C.

SR is instantiated and automatically connected with DR.

D.

SR and DR is instantiated but requires manual connection.

Question 8

A company is deploying a NSX-T Data Center micro-segmentation in their vSphere environment to secure a simple application composed of web, app, and database tiers.

The naming convention will be:

  • WKS-WEB-SRV-XXX
  • WKY-APP-SRR-XXX
  • WKI-DB-SRR-XXX

What is the optimal way to group them in order to enforce security policies from NSX-T Data Center?

Options:

A.

Create an Ethernet based security policy.

B.

Group all by means of tags membership.

C.

Use Edge as a firewall between tiers.

D.

Do a service insertion to accomplish the task.

Question 9

What are two valid options when configuring the scope of a distributed firewall rule? (Choose two.)

Options:

A.

Segment Port

B.

Group

C.

Segment

D.

DFW

E.

Tier-1 Gateway

Question 10

Which two statements are true for a Tier-1 Gateway? (Choose two.)

Options:

A.

owned and configured by the Tenant

B.

connects to physical networks

C.

owned and configured by Service Provider

D.

always configured in active-standby mode E. supports ECMP

Question 11

An NSX administrator is reviewing syslog and notices that Distributed Firewall Rules hit counts are not being logged. What could cause this issue?

Options:

A.

Syslog is not configured on the NSX Manager

B.

Distributed Firewall Rule logging is not enabled

C.

Zero Trust Security is not enabled

D.

Syslog is not configured on the ESXi transport node

Question 12

Which two ports are used by a transport node to communicate with the management and control planes in NSX-T Data Center 3.0? (Choose two.)

Options:

A.

5685

B.

1235

C.

5671

D.

5678

E.

1234

Question 13

When deploying east-west network introspection, which Service Virtual Machine (SVM) deployment method achieves the least amount of traffic hair pinning?

Options:

A.

Create a secondary vNIC on each quest VM for SVM communication.

B.

Place a partner SVM on each compute cluster node.

C.

Centralize partner SVMs in a service cluster.

D.

Add partner SVMs to an edge cluster.

Page: 1 / 3
Total 93 questions
Get 2V0-41.20 Full Access Download 2V0-41.20 PDF