VMware NSX 4.x Professional 2V0-41.23 Exam Practice Test

Page: 1 / 14
Total 107 questions
Question 1

An NSX administrator wants to create a Tler-0 Gateway to support equal cost multi-path (ECMP) routing. Which failover detection protocol must be used to meet this requirement?



Answer : A

According to the VMware NSX 4.x Professional documents and tutorials, BFD is a failover detection protocol that provides fast and reliable detection of link failures between two routing devices.BFD can be used with ECMP routing to monitor the health of the ECMP paths and trigger a route change in case of a failure12.BFD is supported by both BGP and OSPF routing protocols in NSX-T3.BFD can also be configured with different timers to achieve different detection times3.


Question 2

When configuring OSPF on a Tler-0 Gateway, which three of the following must match in order to establish a neighbor relationship with an upstream router? (Choose three.)



Answer : B, C, F

according to the VMware NSX Documentation, these are the three parameters that must match in order to establish an OSPF neighbor relationship with an upstream router on a tier-0 gateway:

MTU of the Uplink: The maximum transmission unit (MTU) of the uplink interface must match the MTU of the upstream router interface. Otherwise, OSPF packets may be fragmented or dropped, causing neighbor adjacency issues.

Subnet mask: The subnet mask of the uplink interface must match the subnet mask of the upstream router interface. Otherwise, OSPF packets may not reach the correct destination or be rejected by the upstream router.

Area ID: The area ID of the uplink interface must match the area ID of the upstream router interface. Otherwise, OSPF packets may be ignored or discarded by the upstream router.

https://www.computernetworkingnotes.com/ccna-study-guide/ospf-neighborship-condition-and-requirement.html


Question 3

Which two logical router components span across all transport nodes? (Choose two.)



Answer : C, D

https://docs.vmware.com/en/VMware-Validated-Design/5.0.1/com.vmware.vvd.sddc-nsxt-design.doc/GUID-74141ABD-C9AF-4A92-8338-092CD67EB56E.html

https://www.hydra1303.com/nsx-t-routing-part-i#:~:text=Logical%20routing%20in%20NSX%2DT,using%20static%20routes%20or%20BGP

. https://www.delltechnologies.com/asset/en-us/products/converged-infrastructure/technical-support/docu96042.pdf


Question 4

A customer is preparing to deploy a VMware Kubernetes solution in an NSX environment.

What is the minimum MTU size for the UPLINK profile?



Answer : C

The minimum MTU size for the UPLINK profile is 1700 bytes. This is because the UPLINK profile is used to configure the physical NICs that connect to the NSX-T overlay network. The overlay network uses geneve encapsulation, which adds an overhead of 54 bytes to the original packet. Therefore, to support a standard MTU of 1500 bytes for the inner packet, the outer packet must have an MTU of at least 1554 bytes. However, VMware recommends adding an extra buffer of 146 bytes to account for possible additional headers or VLAN tags. Therefore, the minimum MTU size for the UPLINK profile is 1700 bytes (1554 + 146).Reference: : VMware NSX-T Data Center Installation Guide, page 23. : VMware NSX-T Data Center Administration Guide, page 102. : VMware NSX-T Data Center Installation Guide, page 24.

https://nsx.techzone.vmware.com/resource/nsx-reference-design-guide#a-31-the-nsx-virtual-switch


Question 5

Which two are supported by L2 VPN clients? (Choose two.)



Answer : C, D

The following L2 VPN clients are recommended:

1. NSX Managed NSX Edge in a separate NSX Managed environment.

* Overlay and VLAN segments can be extended.

2. Autonomous Edge:

* Enables L2 VPN access from a non-a NSX environment to NSX environments.

* Deployed by using an OVF file on a host that is not managed by NSX.

* Only VLAN segments can be extended.


Question 6

Which command on ESXI is used to verify the Local Control Plane connectivity with Central Control Plane?

A)

B)

C)

D)



Answer : B

According to the web search results, the command that is used to verify the Local Control Plane (LCP) connectivity with Central Control Plane (CCP) on ESXi isget control-cluster status. This command displays the status of the LCP and CCP components on the ESXi host, such as the LCP agent, CCP client, CCP server, and CCP connection. It also shows the IP address and port number of the CCP server that the LCP agent is connected to. If the LCP agent or CCP client are not running or not connected, it means that there is a problem with the LCP connectivity .


Question 7

What are the four types of role-based access control (RBAC) permissions? (Choose four.)



Answer : A, B, D, F

The four types of role-based access control (RBAC) permissions areRead,None,Full access, andExecute1. Read permission allows the user to view the configuration and status of the system. None permission denies any access to the system. Full access permission grants all permissions including Create, Read, Update, and Delete (CRUD).Execute permission includes Read and Update permissions1. Auditor, Enterprise Admin, and Network Admin are not types of permissions, but types of roles that have different sets of permissions.Reference:NSX Features

There are four types of permissions. Included in the list are the abbreviations for the permissions that are used in theRoles and PermissionsandRoles and Permissions for Manager Modetables.

Full access (FA) - All permissions including Create, Read, Update, and Delete

Execute (E) - Includes Read and Update

Read (R)

None

NSX-T Data Centerhas the following built-in roles. Role names in the UI can be different in the API. InNSX-T Data Center, if you have permission, you can clone an existing role, add a new role, edit newly created roles, or delete newly created roles.

Role-Based Access Control (vmware.com)


Page:    1 / 14   
Total 107 questions