VMware NSX 4.X Professional V2 2V0-41.24 Exam Practice Test

Page: 1 / 14
Total 115 questions
Question 1

Which of the following exist only on Tler-1 Gateway firewall configurations and not on Tier-0?



Answer : C


Question 2

Which troubleshooting step will resolve an error with code 1001 during the configuration of a time-based firewall rule?



Answer : A

An error with code 1001 during the configuration of a time-based firewall rule often indicates a time synchronization issue. Restarting the NTP service on the ESXi host can resolve this issue by ensuring that the host's time is synchronized correctly, which is essential for time-based rules to function accurately.


Question 3

Which three security features are dependent on the NSX Application Platform? (Choose three.)



Answer : A, C, F

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/nsx-application-platform/GUID-42EDE0AD-CD65-41AC-9694-AD0CCEC35969.html


Question 4

An administrator wants to validate the BGP connection status between the Tier-0 Gateway and the upstream physical router.

What sequence of commands could be used to check this status on NSX Edge node?



Answer : A

To validate the BGP connection status between the Tier-0 Gateway and the upstream physical router on an NSX Edge node, the correct sequence involves enabling the specific logical router (Tier-0 Gateway), checking the VRF (Virtual Routing and Forwarding) context, and then using the show bgp neighbor command to view the BGP session status.

enable <LR-D>: This command enables the logical router interface (Tier-0 Gateway) to access its configuration.

get vrf <ID>: This command checks the specific VRF (used for routing separation) to see the associated routing table.

show bgp neighbor: This command displays the status of the BGP connection, including details about the neighbor relationships and their state.


Question 5

An NSX administrator has deployed a single NSX Manager node and will be adding two additional nodes to form a 3-node NSX Management Cluster for a production environment. The administrator will deploy these two additional nodes and Cluster VIP using the NSX UI.

What two are the prerequisites for this configuration? (Choose two.)



Answer : B, D

For a 3-node NSX Manager cluster, all nodes must be within the same subnet to ensure proper communication and functionality between them.

A compute manager must be configured before adding nodes to the cluster, as it provides the necessary integration between the NSX Manager and the underlying virtualization infrastructure (such as vSphere or vCenter).


Question 6

A company security policy requires all users to log into applications using a centralized authentication system.

Which two authentication, authorization, and accounting (AAA) systems are available when integrating NSX with VMware Identity Manager? (Choose two.)



Answer : A, D

RSA SecureID: RSA SecureID is a commonly used two-factor authentication (2FA) system that can integrate with VMware Identity Manager for enhanced security during authentication, making it a suitable AAA system for user authentication.

LDAP and OpenLDAP based on Active Directory (AD): VMware Identity Manager can integrate with LDAP and OpenLDAP directories, including Active Directory (AD), for centralized user authentication. This allows users to authenticate against an organization's directory service.


Question 7

Which two logical router components span across all transport nodes? (Choose two.)



Answer : B, D

TIER0_DISTRIBUTED_ROUTER: The Tier-0 Distributed Router spans all transport nodes, providing distributed routing capabilities across the NSX environment at the Tier-0 level.

DISTRIBUTED_ROUTER_TIER1: Similarly, the Tier-1 Distributed Router spans all transport nodes, enabling distributed routing at the Tier-1 level, which allows routing functions to occur closer to the workload VMs across the transport nodes.


Page:    1 / 14   
Total 115 questions