VMware Certified Professional 6 - Network Virtualization (NSX v6.2) Exam v12.0
Question 1
When creating a new security policy how is the default weight determined?
- A. The default weight is equal to the highest defined weight plus 1000.
- B. The default weight is incremented by 100, starting at 0.
- C. The default weight is equal to the highest defined weight minus 1000
- D. The default weight is equal to the highest defined weight
Answer : A
Explanation: https://pubs.vmware.com/NSX-
6/index.jsp?topic=%2Fcom.vmware.nsx.admin.doc%2FGUID-607C399F-0D11-4B95-
90DA-A6E17E8C906E.html
Question 2
What is the best practice workflow for a NSX installation to support logical switching?
- A. Deploy NSX Manager, Configure Logical Switches, Register with vCenter, Deploy Controllers. Prepare hosts
- B. Deploy NSX Manager, Deploy Controllers, Configure Logical Switches, Register withvCenter, Prepare hosts
- C. Deploy NSX Manager, Register with vCenter, Prepare hosts, Deploy Controllers, Configure Logical Switches
- D. Deploy NSX Manager, Register with vCenter, Deploy Controllers, Prepare hosts, Configure Logical Switches
Answer : B
Question 3
Which tool is used to detect rogue services?
- A. NSX Logical Firewall
- B. NSX Logical Router
- C. Activity Monitoring
- D. Flow Monitoring
Answer : D
Question 4
What is one of the benefits of a spine-leaf network topology?
- A. A loop prevention protocol is not required
- B. Automatic propagation of security policies to all nodes
- C. Allows for VXl ANs to be defined in h traditional network topology
- D. Network virtualization relies on spine leaf topologies to create logical switches
Answer : D
Question 5
An NSX environment requires physical NIC redundancy for all dvPortGroups when connecting hosts to the physical network. There are two 10Gb NIC's per host.
Which two teaming methods should be used to ensure both links are utilized simultaneously? (Choose two )
- A. Virtual Port Channel
- B. LACP Port-Channel
- C. Static Port-Channel
- D. Explicit Failover Order
Answer : AB
Question 6
Where can firewall rules be applied on the NSX Edge Services Gateway?
- A. Rules can be applied on the uplink interface only.
- B. Rules can be applied on either the uplink interface or internal interface.
- C. Rules can be on either the uplink, internal, or management interfaces.
- D. Rules can be applied on the management and uplink interfaces only.
Answer : B
Question 7
Which two statements are true about NSX Data Security support? (Choose two )
- A. It supports HIPAA and PCI-DSS compliance policies as well as U.S. Driver License and Social Security numbers.
- B. It supports both Windows and Linux-based virtual machines.
- C. It only supports HIPAA and PCI-DSS compliance policies.
- D. It only supports Windows-based virtual machines.
Answer : BC
Explanation:
Referencehttps://www.vmware.com/products/nsx.html
Question 8
In a Cross-vCenter environment where is information about local logical switches and local logical routers maintained?
- A. Platform Services Controller
- B. Local transport /one
- C. Local Controller Cluster
- D. Universal Controller Cluster
Answer : D
Question 9
Which port is used for NSX REST API Requests?
- A. 80
- B. 443
- C. 5480
- D. 8443
Answer : B
Question 10
When designing a multi-site NSX deployment, which capably requires Enhanced Linked
Mode to function?
- A. Creating Universal Transport Zones
- B. Creating Universal Logical Switches
- C. Cross-vCenter vMotion
- D. Registering a Secondary NSX Manager
Answer : A
Explanation:
Referencehttps://pubs.vmware.com/NSX-
62/topic/com.vmware.ICbase/PDF/nsx_62_cross_vc_install.pdf
Question 11
You have deployed an Edge Services Gateway with the following interface configuration:
Your customer has requested that you provide the ability to use Remote Desktop Protocol to log into a virtual machine that has a tenant IP address of 192.168.7.21 using the provider
IP address 192.168.100.4. You have performed the following configuration however, you cannot RDP into the virtual machine.
What configuration change do you need to make to allow this connection?
- A. ChangeApplied Onto “Uplink”
- B. Change theProtocolto “any”.
- C. Change theTranslated Port/Rangeto “rdp”.
- D. Swap theOriginal IP/RangeandTranslated IP/RangeIP Addresses.
Answer : A
Question 12
Which type of VPN should be configured to ensure application mobility data centers?
- A. Application VPN
- B. L2VPN
- C. IPSec VPN
- D. SSL VPN-Plus
Answer : B
Explanation:
Referencehttps://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/ nsx/vmw-nsx-network-virtualization-design-guide.pdf(page 23)
Question 13
Which service cannot be included in a Security Policy using Service Composer?
- A. Endpoint Services
- B. Firewall Rules
- C. Virtual Private Network Services
- D. Network Introspection Services
Answer : C
Question 14
What configuration change do you need to make to allow this connection?
- A. Change Applied On to “Uplink”
- B. Change the Translated Port/Range to “rdp”
- C. Swap the Original IP/Range and Translated IP/Range IP Addresses
- D. Change the Protocol to “any”
Answer : C
Question 15
The fact that NSX Data Security has visibility into sensitive data provides which two benefits? (Choose two )
- A. It helps address compliance and risk management requirements.
- B. It acts as a forensic tool to analyze TCP and UDP connections between virtual machines
- C. It is able to trace packets between a source and destination without requiring access to the guest OS
- D. It eliminates the typical agent footprint that exists with legacy software agents
Answer : AB