VMware 5V0-41.21 VMware NSX-T Data Center 3.1 Security Exam Practice Test

Answer : D

NSX Intelligence uses machine learning algorithms to analyze network traffic and provide recommendations for security and compliance. The administrator can configure the time range of the input entities to be analyzed, so that the recommendations are based on changes in the scope of the input entities over that period of time.

To achieve the requirement of getting recommendations based on the changes in the scope of the input entities every hour, the administrator needs to adjust the time range to 1 hour. This will ensure that the analysis and recommendations are based on the most recent hour of network traffic.

VMware NSX Intelligence documentation https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/com.vmware.nsxt.intelligence.doc/GUID-F2F1D7E8-F6B2-4870-9E38-7C8D3D3F9B1E.html

VMware NSX Intelligence Configuration documentation https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/com.vmware.nsxt.intelligence.config.doc/GUID-7F44F3D3-3A3C-4EBE-A5D5-F1E3E3F59A8B.html

Answer : D

NSX Distributed Firewall is used to create firewall rules to control traffic between networks.

For further reading, see the VMware NSX-T Data Center Administration Guide (https://pubs.vmware.com/NSX-T-Data-Center/index.html#com.vmware.nsxt.admin.doc/GUID-4B6A4A87-F9C7-4AAB-923F-C6B84C33AF7D.html)for more information on configuring firewall rules.

Answer : B

Answer : A, E

The two statements that are true about NSX Intelligence are that it assists to build service insertion with Partner SVM and that it supports planning of NSX-T Edge Firewall rules and policy. NSX Intelligence can be used in conjunction with vRealize Network Insight to provide visibility and insights into the network, but it cannot be used to visualize the physical infrastructure. Additionally, while it can help to plan firewall rules and policy, it does not support planning of distributed firewall rules and policy.

Answer : C

vSphere Tags are labels that can be used to group and categorize virtual machines and other objects. The security administrator can create a tag for quarantined VMs and assign it to any VMs that are confirmed to be infected. This will help identify and isolate the infected VMs more quickly and easily in the future.

Answer : B

The port number used by transport nodes to export firewall statistics to NSX Manager is 4789.

For further reading, see the VMware NSX-T Data Center Administration Guide (https://pubs.vmware.com/NSX-T-Data-Center/index.html#com.vmware.nsxt.admin.doc/GUID-15A2EBC2-C39D-45F3-B847-DC18F7B1E9B9.html)for more information on transport nodes and firewall statistics.

Answer : C

The four use cases for NSX Tags are Manageability, Third-party sharing/context sharing, Security, and Troubleshooting (Traceability). NSX Tags provide an easy way to organize, document, and manage virtual networks and can be used to track changes and enforce security policies. They can also be used to share context between third-party providers, such as cloud service providers, to ensure that security policies are adhered to. Additionally, NSX Tags can be used for logging and troubleshooting by providing traceability and making it easier to debug network issues. Reference: [1]https://docs.vmware.com/en/VMware-NSX-T/3.0/vmware-nsx-t-30-administration-guide/GUID-2F3E7A3F-3C85-48E1-8F7E-2A2F7C2F8FCC.html[2]https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/nsx/vmware-nsx-data-center-for-vsphere-tag-based-security-guide.pdf