New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

VMware 5V0-41.21 VMware NSX-T Data Center 3.1 Security Exam Practice Test

Page: 1 / 7
Total 70 questions

VMware NSX-T Data Center 3.1 Security Questions and Answers

Question 1

How does N5X Distributed IDS/IPS keep up to date with signatures?

Options:

A.

NSX Edge uses manually uploaded signatures by the security administrator.

B.

NSX-T Data Center is using a cloud based database to download the IDS/IPS signatures.

C.

NSX Manager has a local IDS/IPS signatures database that does not need to be updated.

D.

NSX Distributed IDS/IPS signatures are retrieved from updates.vmware.com.

Question 2

Which esxcli command lists the firewall configuration on ESXi hosts?

Options:

A.

esxcli network firewall ruleset list

B.

vsipioct1 getrules -filter

C.

esxcli network firewall rules

D.

vsipioct1 getrules -f

Question 3

What is the default action of the Default Layer 3 distributed firewall rule?

Options:

A.

Drop

B.

Allow

C.

Forward

D.

Reject

Question 4

In a brownfield environment with NSX-T Data Center deployed and configured, a customer is interested in Endpoint Protection integrations. What recommendation should be provided to the customer when it comes to their existing virtual machines?

Options:

A.

Virtual machine must be protected by vSphere HA.

B.

Virtual machine hardware should be version 10 or higher.

C.

A minimum installation of VMware tools is required.

D.

A custom install of VMware tools is required to select the drivers.

Question 5

Refer to the exhibit.

Question # 5

Referencing the exhibit, what is the VMware recommended number of NSX Manager Nodes to additionally deploy to form an NSX-T Manager Cluster?

Options:

A.

4

B.

3

C.

2

D.

5

Question 6

An administrator wants to configure NSX-T Security Groups inside a distributed firewall rule. Which menu item would the administrator select to configure the Security Groups?

Options:

A.

System

B.

Inventory

C.

Security

D.

Networking

Question 7

An administrator needs to configure their NSX-T logging to audit changes on firewall security policy. The administrator Is using the following command from NSX-T3.1 documentation :

Question # 7

Which Message ID from the following list will allow the administrator to track changes on firewall security rules?

Options:

A.

FABRIC

B.

MONITOR

C.

SYSTEM

D.

FIREWALL

Question 8

Reference the CLI output.

Question # 8

What is the source IP address in the distributed firewall rule to accept HTTP traffic?

Options:

A.

172.16.30.11

B.

172.16.10.12

C.

172.16.10.11

D.

172.16.20.11

Question 9

Which two Guest OS drivers are required for the Identity Firewall to operate? (Choose two.)

Options:

A.

NSX Network Introspection

B.

vmxnet3

C.

NSX File Introspection

D.

Guest Introspection

E.

e1000e

Question 10

An NSX administrator has been tasked with configuring a remote logging server (192.168.110.60) to send FW connections and packets logs to a remote logging server. The administrator is using this command syntax found in the NSX-T 3.1 documentation:

Question # 10

Which of the following commands does the administrator use to complete the configuration task?

Options:

A.

set logging-server 192.168.110.60 proto udp level info facility syslog message Id FIREWALL-CONNECTION

B.

set logging-server 192.168.110.60 proto udp level info facility syslog message!- monitor. Firewall

C.

set logging-server 192.168.110.60 proto udp level info facility syslog message Id FIREWALL-PKTLOG

D.

set logging-server 192.168.110.60 proto udp level info facility syslog message Id system, fabric

Page: 1 / 7
Total 70 questions