VMware 3V0-42.20 Exam Practice Test Instant Access

Question 1

An architect is helping an organization with the Logical Design of an NSX-T Data Center solution.

This information was gathered during the Assessment Phase:

Data between two networks connected over a public network needs to be encrypted.

Certificate authentication is required.

Dynamic route learning is preferred.

Which selection should the architect include in their design? (Choose the best answer.)

ADeploy a Tier-0 gateway in Active/Standby mode. Configure policy-based IPSec VPN with SHA512 with RSA as the hash algorithm.

BDeploy a Tier-0 gateway in Active/Active mode. Configure route-based IPSec VPN with SHA512 with RSA as the hash algorithm.

CDeploy a Tier-0 gateway in Active/Standby mode. Configure route-based IPSec VPN with SHA512 with RSA as the hash algorithm.

DDeploy a Tier-0 gateway in Active/Active mode. Configure policy-based IPSec VPN with SHA512 with RSA as the hash algorithm.

Answer : C

Route-based IPSec VPN provides tunneling on traffic based on the static routes or routes learned dynamically.

Tier-0 gateway in the active-standby state supports the following services:

NAT

Load balancing

Stateful firewall

VPN

Reference Docs:

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.0/administration/GUID-C0E5AF10-576D-493A-A079-C4C95D8F5373.html

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.0/administration/GUID-7B0CD287-C5EB-493C-A57F-EEA8782A741A.html#GUID-7B0CD287-C5EB-493C-A57F-EEA8782A741A

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.0/administration/GUID-DF689847-252E-451E-84B5-DB507CC010AC.html

Question 2

An architect is helping an organization with the Logical Design of an NSX-T Data Center solution. This information was gathered during the Assessment Phase:

There isn't much budget available for a new off shore site.

The new site is decentralized and no communication with the main data center is required.

The design will need to cater for availability, upgrades, and failure scenarios.

N+1 must be maintained at all times.

Which three selections should the architect recommend in their design? (Choose three.)

ASeparate the hosts physical NICs for VSS and N-VDS.

BMake all pNICs part of N-VDS and VMKs will be migrated.

CCollapse the Management/Edge/Compute cluster.

DInstall a minimum 4 ESXi hosts in the site.

EA Shared Edge/Management cluster and one for Compute.

FInstall a minimum of 3 ESXi hosts in the site.

Answer : B, D, E

Question 3

An architect is helping an organization with the Logical Design of an NSX-T Data Center solution. This information was gathered during the Assessment Phase:

Maximum performance and availability is required between the physical and virtual network.

Load Balancing service is required for back-end web servers.

NAT is required.

Which selection should the architect include in their design? (Choose the best answer.)

ADeploy a Tier-1 gateway and connect it to an Active/Active Tier-0 gateway with ECMP configured.

BDeploy an Active/Active Tier-0 gateway and configure ECMP.

CDeploy an Active/Standby Tier-0 gateway and configure ECMP.

DCreate two separate VLANs to connect the Tier-0 gateway upstream traffic and configure ECMP.

Answer : A

LB must be attached to Tier-1 gateway. In a typical deployment, the Tier-1 gateway is connected to a Tier-0 gateway in active-active mode, and as we know just in Tier-0 is supported ECMP.

Question 4

Refer to the exhibits.

Design Option1:

Design Option 2:

Design Option 3:

Design Option 4:

An architect is helping an organization with the Conceptual Design of an NSX-T Data Center solution.

The conceptual design includes these requirements, assumptions, constraints, and risks:

Critical applications must run across sites without changing IP address.

Business continuity and disaster recovery (BCDR) plans will leverage a second site running vSphere.

RTO/RPO must be reduced for recovery of applications on secondary site.

IT Teams require automation tools for configuration.

Which Conceptual Design would the architect recommend to the customer? (Choose the best answer.)

ADesign Option 4

BDesign Option 2

CDesign Option 1

DDesign Option 3

Answer : B

Question 5

Which two benefits can be achieved using in-band management of an NSX Bare Metal Edge Node? (Choose two.)

AReduces storage requirements.

BReduces cost.

CPreserves packet locality.

DReduces egress data.

EPreserves switchports.

Answer : B, E

https://docs.vmware.com/en/VMware-Validated-Design/services/deployment-of-nsx-t-edge-nodes-on-bare-metal-hardware-for-vmware-cloud-foundation-40/GUID-AAA3EDD0-2F19-49F8-B9B3-F5B1505CBB28.html

Question 6

Refer to the exhibit.

A financial company is adopting micro-services with the intent of simplifying network security. An NSX-T architect is proposing a NSX-T Data Center micro-segmentation logical design. The architect has created a diagram to share with the customer.

How many security levels will be implemented according to this Logical Design? (Choose the best answer.)

A5 levels

B3 levels

C9 levels

D4 levels

Answer : D

Each circle in this design is a 'level' starting at the most granular level which is the sub-component of the app (web, db., or app), then risk level (high, med, low) then deployment zone (prod, dev, test), and then finally infrastructure services level.

Question 7

Which three choices are non-functional requirements? (Choose three.)

Aauthorization

Bcertification

Cavailability

Dauthentication

Escalability

Fcost

Answer : C, E, F

https://technicloud.com/category/vmware/

VMware Advanced Design VMware NSX-T Data Center 3V0-42.20 Exam Practice Test