VMware 2V0-41.24 Exam Practice Test Instant Access

Question 1

Which field in a Tier-1 Gateway Firewall would be used to allow access for a collection of trustworthy web sites?

ASource

BProfiles -> Context Profiles

CDestination

DProfiles -> L7 Access Profile

Answer : D

The field in a Tier-1 Gateway Firewall that would be used to allow access for a collection of trustworthy web sites isProfiles -> L7 Access Profile.This field allows the user to create a Layer 7 access profile that defines a list of allowed or blocked URLs based on categories, reputation, or custom entries1.The user can then apply the L7 access profile to a firewall rule to control the traffic based on the URL filtering criteria1. The other options are incorrect because they are not related to URL filtering.The Source field specifies the source IP address or group of the firewall rule1.The Destination field specifies the destination IP address or group of the firewall rule1.The Profiles -> Context Profiles field allows the user to create a context profile that defines a list of application signatures or attributes that can be used to identify and classify network traffic1.Reference:Gateway Firewall

Question 2

Which steps are required to activate Malware Prevention on the NSX Application Platform?

ASelect Cloud Region and Deploy Network Detection and Response.

BActivate NSX Network Detection and Response and run Pre-checks.

CActivate NSX Network Detection and Response and Deploy Malware Prevention.

DSelect Cloud Region and run Pre-checks.

Answer : D

To activate Malware Prevention on the NSX Application Platform, the steps are:

In the NSX Manager UI, select System and in the Configuration section, select NSX Application Platform.

Navigate to the Features section, locate the NSX Malware Prevention feature card, and click Activate or anywhere in the card.

In the NSX Malware Prevention activation window, select one of the available cloud regions from which you can access the NSX Advanced Threat Prevention cloud service.

Click Run Prechecks. This precheck process can take some time as the system validates that the minimum license requirement is met and that it is eligible for use with the NSX Advanced Threat Prevention cloud service. The system also validates that the selected cloud region is reachable.

Click Activate.This step can take some time1. Therefore, the correct answer is D. The other options are incorrect because they involve activating or deploying NSX Network Detection and Response, which is a different feature from Malware Prevention.Reference:Activate NSX Malware Prevention

Question 3

Which NSX feature can be leveraged to achieve consistent policy configuration and simplicity across sites?

AVRF Lite

BEthernet VPN

CNSX MTML5 UI

DNSX Federation

Answer : D

According to the VMware NSX Documentation, this is the NSX feature that can be leveraged to achieve consistent policy configuration and simplicity across sites:

NSX Federation: This feature allows you to create and manage a global network infrastructure that spans across multiple sites using a single pane of glass. You can use this feature to synchronize policies, segments, gateways, firewalls, VPNs, load balancers, and other network services across sites.

Question 4

Which three security features are dependent on the NSX Application Platform? (Choose three.)

ANSX Intelligence

BNSX Firewall

CNSX Network Detection and Response

DNSX TLS Inspection

ENSX Distributed IDS/IPS

FNSX Malware Prevention

Answer : A, C, F

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/nsx-application-platform/GUID-42EDE0AD-CD65-41AC-9694-AD0CCEC35969.html

Question 5

What are two valid BGP Attributes that can be used to influence the route path traffic will take? (Choose two.)

AAS-Path Prepend

BBFD

CCost

DMED

Answer : A, D

AS-Path Prepend: This attribute allows you to prepend one or more AS numbers to the AS path of a route, making it appear longer and less preferable to other BGP routers. You can use this attribute to manipulate the inbound traffic from your BGP peers by advertising a longer AS path for some routes and a shorter AS path for others.

MED: This attribute stands for Multi-Exit Discriminator and allows you to specify a preference value for a route among multiple exit points from an AS. You can use this attribute to manipulate the outbound traffic to your BGP peers by advertising a lower MED value for some routes and a higher MED value for others.

Question 6

Which CLI command on NSX Manager and NSX Edge is used to change NTP settings?

Aset timezone

Bset ntp-server

Cget timezone

Dget time-server

Answer : B

The set ntp-server command is used on NSX Manager and NSX Edge to configure the NTP (Network Time Protocol) settings. This command allows administrators to specify the NTP server, ensuring that the NSX components synchronize their time accurately with the designated time server.

Question 7

Which three of the following describe the Border Gateway Routing Protocol (BGP) configuration on a Tier-0 Gateway? (Choose three.)

AIt supports a 4-byte autonomous system number.

BCan be used as an Exterior Gateway Protocol.

CThe network is divided into areas that are logical groups.

DEIGRP is disabled by default.

EBGP is enabled by default.

Answer : A, B, E

It supports a 4-byte autonomous system number: BGP on a Tier-0 Gateway supports 4-byte AS (Autonomous System) numbers, which are necessary for larger routing domains.

Can be used as an Exterior Gateway Protocol: BGP is commonly used as an Exterior Gateway Protocol to establish routing between different autonomous systems (AS).

BGP is enabled by default: On a Tier-0 Gateway, BGP is typically enabled by default, allowing administrators to configure it for external routing.

VMware 2V0-41.24 VMware NSX 4.X Professional V2 Exam Practice Test