Practice Free 2V0-41.23 Exam Online Questions
Question #31
Which two statements are correct about East-West Malware Prevention? (Choose two.)
- A . A SVM is deployed on every ESXi host.
- B . NSX Application Platform must have Internet access.
- C . An agent must be installed on every ESXi host.
- D . An agent must be installed on every NSX Edge node.
- E . NSX Edge nodes must have Internet access.
Correct Answer: AB
AB
Explanation:
Reference: https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-0A8BF7D8-9C2E-48A5-8219-17C00F1EC13A.html https://www.wwt.com/blog/primer-series-napp-malware-prevention
AB
Explanation:
Reference: https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-0A8BF7D8-9C2E-48A5-8219-17C00F1EC13A.html https://www.wwt.com/blog/primer-series-napp-malware-prevention
Question #32
An administrator has a requirement to have consistent policy configuration and enforcement across NSX instances.
What feature of NSX fulfills this requirement?
- A . Load balancer
- B . Federation
- C . Multi-hypervisor support
- D . Policy-driven configuration
Correct Answer: B
B
Explanation:
Federation is a feature of NSX that allows the administrator to manage multiple NSX instances with a single pane of glass view, create gateways and segments that span one or more locations, and configure and enforce firewall rules consistently across locations1. Federation provides centralized policy management for security and networking services for all locations and pushes it down to NSX Local Managers at the respective sites for enforcement1. Federation also enables disaster recovery and workload mobility scenarios by providing consistent network and security policies across different sites1. References: 1: NSX Federation – VMware Docs(https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-D5B6DC79-6733-44A7-8072-50221CF2122A.html)
B
Explanation:
Federation is a feature of NSX that allows the administrator to manage multiple NSX instances with a single pane of glass view, create gateways and segments that span one or more locations, and configure and enforce firewall rules consistently across locations1. Federation provides centralized policy management for security and networking services for all locations and pushes it down to NSX Local Managers at the respective sites for enforcement1. Federation also enables disaster recovery and workload mobility scenarios by providing consistent network and security policies across different sites1. References: 1: NSX Federation – VMware Docs(https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-D5B6DC79-6733-44A7-8072-50221CF2122A.html)
Question #33
What must be configured on Transport Nodes for encapsulation and decapsulation of Geneve protocol?
- A . VXIAN
- B . UDP
- C . STT
- D . TEP
Correct Answer: D
D
Explanation:
According to the VMware NSX Documentation, TEP stands for Tunnel End Point and is a logical interface that must be configured on transport nodes for encapsulation and decapsulation of Geneve protocol. Geneve is a tunneling protocol that encapsulates the original packet with an outer header that contains metadata such as the virtual network identifier (VNI) and the transport node IP address. TEPs are responsible for adding and removing the Geneve header as the packet traverses the overlay network.
D
Explanation:
According to the VMware NSX Documentation, TEP stands for Tunnel End Point and is a logical interface that must be configured on transport nodes for encapsulation and decapsulation of Geneve protocol. Geneve is a tunneling protocol that encapsulates the original packet with an outer header that contains metadata such as the virtual network identifier (VNI) and the transport node IP address. TEPs are responsible for adding and removing the Geneve header as the packet traverses the overlay network.
Question #34
What should an NSX administrator check to verify that VMware Identity Manager Integration Is successful?
- A . From VMware Identity Manager the status of the remote access application must be green.
- B . From the NSX UI the status of the VMware Identity Manager Integration must be "Enabled".
- C . From the NSX CLI the status of the VMware Identity Manager Integration must be "Configured".
- D . From the NSX UI the URI in the address bar must have "locaNfatse" part of it.
Correct Answer: B
B
Explanation:
From the NSX UI the status of the VMware Identity Manager Integration must be “Enabled”. According to the VMware NSX Documentation1, after configuring VMware Identity Manager integration, you can validate the functionality by checking the status of the integration in the NSX UI. The status should be “Enabled” if the integration is successful. The other options are either incorrect or not relevant.
B
Explanation:
From the NSX UI the status of the VMware Identity Manager Integration must be “Enabled”. According to the VMware NSX Documentation1, after configuring VMware Identity Manager integration, you can validate the functionality by checking the status of the integration in the NSX UI. The status should be “Enabled” if the integration is successful. The other options are either incorrect or not relevant.