2V0-641 VMware Certified Professional 6 Network Virtual Exam Set 5

Which two options are valid SpoofGuard operational modes? (Choose two.) A. Allow Local Address as Valid Address in This Namespace  B. Allow and Approve DHCP Requests Regardless of Enabled Mode C. Automatically Trust IP Assignments on Their First Use D. Manually Inspect and Approve All IP Assignments Before Use 


Options are :

  • C,D (Correct)
  • B,D
  • A,C
  • A,B

Answer : C,D

A company has augmented its Data Center infrastructure by using vCloud Hybrid Service during peak hours. The company wants to extend their existing sub nets into the cloud while workloads retain their existing IP addresses. The virtual machines in these sub nets use an NSX Edge Gateway as their default gateway. Which solution should this company use? 


Options are :

  • MPLS VPN
  • SSL VPN
  • IPSec VPN
  • Layer 2 VPN (Correct)

Answer : Layer 2 VPN

An administrator manages a TFTP server virtual machine that is connected to a Logical Switch with a VNI of 7321. The TFTP server has been configured to use port 1069. An NSX Edge Service Gateway is connected to VNI 7321 and has an uplink interface with access to the physical network. Assume external users can reach the Service Gateway. What should the administrator configure to ensure external connections to the TFTP server are successful?   


Options are :

  • Create a DNAT rule with the original port of 69 and translated port of 1069. (Correct)
  • Create a DNAT rule with the original port of 1069 and translated port of 69
  • Create a SNAT rule with the original port of 69 and translated port of 1069.
  • Create a SNAT rule with the original port of 1069 and translated port of 69.

Answer : Create a DNAT rule with the original port of 69 and translated port of 1069.

VCPC610 VMware Certified Professional 6 Cloud Practice Test Set 1

Where does the Distributed Logical Firewall enforce firewall rules?


Options are :

  • At the Logical Switch virtual port that the Virtual Machine connects to.
  • At the ESXi host vmnic used by the vSphere Distributed Switch.
  • At the Virtual Machine's virtual Network Interface Card (vNIC). (Correct)
  • At the NSX Controller's firewall kernel module.

Answer : At the Virtual Machine's virtual Network Interface Card (vNIC).

Which statement is true regarding an NSX Edge gateway device configured with a DNS Server? 


Options are :

  • The NSX Edge configuration will override the DNS Server configured by the NSX Manager.
  • The NSX Edge will forward all DNS requests from virtual machines sent to it to the DNS Server. (Correct)
  • The NSX Edge periodically synchronizes its DNS tables with the primary DNS Server.
  • The NSX Edge registers the DNS Server with the NSX Controller.

Answer : The NSX Edge will forward all DNS requests from virtual machines sent to it to the DNS Server.

An administrator wishes to control traffic flow between two virtual machines. The virtual machines are in the same subnet, but are located on separate ESXi hosts. The administrator deploys an Edge Firewall to one of the hosts and verifies the default firewall rule is set to deny, but the two virtual machines can still communicate with each other. What task will correct this issue? 


Options are :

  • Configure both ESXi host firewalls to deny traffic from the virtual machine on the other host.
  • Remove any other firewall appliances that may exist on either of the ESXi hosts.
  • Deploy a Distributed Firewall with firewall rules to prevent traffic between the virtual machines. (Correct)
  • Deploy another Edge Firewall on the host running the second virtual machine.

Answer : Deploy a Distributed Firewall with firewall rules to prevent traffic between the virtual machines.

VMware VDCD510 Advanced Professional Data Center Design Exam Set 1

A vSphere administrator wants to setup an NSX Edge Service Gateway to provide traveling employees secure access to company servers located in specific network segments within the corporate Data Centers. The solution has to be as scalable as possible. Which Virtual Private Network solution will satisfy the administrator's requirements? 


Options are :

  • MPLS VPN
  • SSL VPN (Correct)
  • IPSec VPN
  • Layer 2 VPN

Answer : SSL VPN

What is the most restrictive NSX role that can be used to create and publish security policies? 


Options are :

  • Auditor
  • Enterprise Administrator (Correct)
  • NSX Administrator
  • Security Administrator

Answer : Enterprise Administrator

A user needs to be given the ability to make configuration changes on a specific NSX Edge device. What role and scope could be used to meet this requirement? 


Options are :

  • NSX Administrator role and No restriction scope
  • Security Administrator role and Limit Access scope (Correct)
  • NSX Administrator role and Limit Access scope
  • Security Administrator role and No restriction scope

Answer : Security Administrator role and Limit Access scope

VMware Certified Professional VCP6-DCV Practice Test Set 5

Where is the layer 2 bridge instance deployed when configuring a bridge connection between a logical switch and a VLAN?


Options are :

  • On each virtual machine that will utilize the layer 2 bridge
  • On the ESXi host running the logical router (Correct)
  • On the ESXi host running the logical switch
  • On both ESXi hosts that make up the layer 2 bridge

Answer : On the ESXi host running the logical router

When preparing a vSphere host cluster to work with VMware NSX, which two options show VIBs that are installed and registered with all hosts within the prepared cluster? (Choose two.) A. NSX VXLAN B. NSX Distributed Firewall C. NSX Edge D. NSX Data Security 


Options are :

  • B,D
  • A,B (Correct)
  • A,C
  • C,D

Answer : A,B

A vSphere administrator deployed an NSX Edge Load Balancer in High Availability (HA) mode. What happens in the event the Load Balancer has a failure? 


Options are :

  • HA will start the NSX Edge Load Balancer on another ESXi host in the cluster. All existing flows will need to have their connections reestablished.
  • The secondary NSX Edge Load Balancer assumes the role of primary. Existing Flows will need to have their connections reestablished. (Correct)
  • HA will start the NSX Edge Load Balancer on another ESXi host in the cluster. The NSX Controller caches existing flows and hands them to the Load Balancer when it is back up.
  • The secondary NSX Edge Load Balancer assumes the role of primary. The NSX Controller caches existing flows and hands them to the Load Balancer when it is back up.

Answer : The secondary NSX Edge Load Balancer assumes the role of primary. Existing Flows will need to have their connections reestablished.

VMware VDCD510 Advanced Professional Data Center Design Exam Set 5

A vSphere administrator wants to setup an NSX Edge Service Gateway to provide traveling employees secure access to company servers located in specific network segments within the corporate Data Center. The remote access solution must provide a method to authenticate the users. Which two methods can be used with the NSX Edge Service Gateway? (Choose two.) A. TACACS+ B. MS-CHAP C. RSA Secure ID D. Active Directory 


Options are :

  • A,B
  • C,D (Correct)
  • A,C
  • B,D

Answer : C,D

Which component automates the consumption of third-party services and provides mapping to virtual machines using a logical policy? 


Options are :

  • NSX Data Security
  • NSX Manager
  • Cloud Management Platform (CMP)
  • Service Composer (Correct)

Answer : Service Composer

How many Logical Interfaces can be assigned to a single Distributed Router instance? 


Options are :

  • 1200
  • 12
  • 1000 (Correct)
  • 1

Answer : 1000

VCP550D VMware Certified Professional 5 Data Center Exam Set 5

Which Virtual Machine cannot be protected by the Distributed Firewall?   


Options are :

  • A Virtual Machine connected to a vDS Portgroup running on an ESXi 5.5 host.
  • A Virtual Machine connected to a logical switch running on an ESXi 5.1 host.
  • A Virtual Machine connected to a vSS Portgroup running on an ESXi 5.5 host. (Correct)
  • A Virtual Machine connected to a vDS Portgroup running on an ESXi 5.1 host.

Answer : A Virtual Machine connected to a vSS Portgroup running on an ESXi 5.5 host.

Which two options are use cases of Layer 2 bridging in NSX for vSphere? (Choose two.) A. Extend the network security to physical devices in the physical network by use of the Distributed Firewall. B. Extend physical services to Virtual Machines in virtual network. C. Allow clustering of multiple NSX Managers in a single vCenter Server instance. D. Allow physical devices in the physical network to use the NSX Edge Gateway as a default router.   


Options are :

  • A,C
  • A,B
  • C,D
  • None
  • B,D (Correct)

Answer : B,D

How is the Bridge Instance chosen? 


Options are :

  • It is chosen based on the ESXi host where the Logical Router Control VM is running. (Correct)
  • During an election process among all ESXi hosts. The host with the highest MAC address is selected.
  • It is manually assigned by the vSphere administrator when the distributed portgroup is configured.
  • The VTEP configured with the highest VXLAN Network Identifier (VNI) is selected.

Answer : It is chosen based on the ESXi host where the Logical Router Control VM is running.

VCPVCD510 VMware Certified Professional 5 IAAS Practice Exam Set 2

A company hosts an internal website on multiple virtual machines attached to a Logical Switch with VNI 7321. A Distributed Router serves as the virtual machines' default gateway. When a user resolves the URL for the website, the internal DNS server responds with the IP address of one of the virtual machine's IP addresses in a round robin fashion. This approach results in some virtual machines having a much higher number of user sessions than others. The company wants to deploy a NSX Edge Service Load Balancer to improve on this situation. Which distribution method can be configured on the NSX Edge Load Balancer to meet the company's needs? 


Options are :

  • LEAST_LOAD
  • IP_HASH
  • URI
  • LEAST_CONN (Correct)

Answer : LEAST_CONN

Which port is used for NSX REST API Requests? 


Options are :

  • 443 (Correct)
  • 5480
  • 80
  • 8443

Answer : 443

Which two statements are true regarding NSX High Availability (HA)? (Choose two.) A. NSX HA is configured as Active-Active  B. NSX HA is configured as Active-Standby. C. If an Active node fails, there is no service interruption during failover. D. If an Active node fails, there is a 15 second service interruption during fail over. 


Options are :

  • A,B
  • A,D
  • C,D
  • B,C (Correct)

Answer : B,C

VCPVCD510 VMware Certified Professional 5 IAAS Practice Exam Set 5

Which two vSphere components are required for NSX? (Choose two.) A. Standard vSwitch B. Network I/O Control C. Distributed Port Group D. VMkernel port 


Options are :

  • C,D (Correct)
  • B,D
  • A,B
  • A,C

Answer : C,D

VCPC550 VMware Certified Professional Cloud Practice Test Set 11

Which tool detects a VLAN mis configuration between virtual and physical switches?   


Options are :

  • esxtop
  • esxcfg-vswitch
  • VDS Health Check (Correct)
  • NSX Controller command line interface (CLI)

Answer : VDS Health Check

An administrator needs to perform a configuration backup of NSX. From which two locations can this task be performed? (Choose two.) A. Directly on the NSX Manager B. From the vSphere Web Client C. Using the NSX API D. Directly on each NSX Controller 


Options are :

  • A,B
  • A,C (Correct)
  • B,D
  • C,D

Answer : A,C

In a 3-Tier Data Center design without virtualization, which statement most closely defines the architecture of network services? 


Options are :

  • Network services such as routing and firewalls are typically deployed at the L2/L3 boundary. (Correct)
  • Network QoS services such as classification and marking are performed by software in the compute nodes.
  • Network services such as NAT and firewalls are typically distributed throughout the access layer.
  • Network services such as NAT and firewalls are typically deployed in-line with the applications.

Answer : Network services such as routing and firewalls are typically deployed at the L2/L3 boundary.

VMware VDCD510 Advanced Professional Data Center Design Exam Set 7

Where does an administrator configure logging for the NSX Manager? 


Options are :

  • In the vSphere Web Client
  • In the vSphere Syslog Collector
  • In the NSX Manager command line interface (CLI)
  • In the NSX Manager GUI (Correct)

Answer : In the NSX Manager GUI

What is required before running an Activity Monitoring report? 


Options are :

  • Enable data collection on the virtual machine (Correct)
  • Enable data collection on the NSX Controller.
  • Enable data collection on the NSX Manager.
  • Enable data collection on the vCenter Server.

Answer : Enable data collection on the virtual machine

After deploying NSX, an administrator does not see the Networking & Security tab when connecting to the vCenter Server using the vSphere Web Client. What should the administrator do? 


Options are :

  • Register the NSX Manager with the vCenter Server (Correct)
  • The NSX Controllers must be deployed before NSX Manager is available.
  • The NSX Manager must be configured to use Single Sign-On before it will be available
  • Register the NSX Manager with the Inventory Service.

Answer : Register the NSX Manager with the vCenter Server

VCPVCD510 VMware Certified Professional 5 IAAS Practice Exam Set 4

An administrator enables the NSX Ticket Logger to track infrastructure changes. The administrator logs out for lunch, returns and logs back in to complete the task. What is the status of ticket logger when the administrator logs back in? 


Options are :

  • The ticket logger will display an error.
  • The ticket logger will prompt the user if they still want to continue tracking changes.
  • The ticket logger is turned off. (Correct)
  • The ticket logger still tracks changes until it is turned off by the administrator.

Answer : The ticket logger is turned off.

Which Layer 2 bridge is supported by the Distributed Router? 


Options are :

  • VXLAN to VLAN bridge (Correct)
  • VCD-NI to PVLAN bridge
  • VXLAN to PVLAN bridge
  • VCD-NI to VLAN bridge

Answer : VXLAN to VLAN bridge

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions

Subscribe to See Videos

Subscribe to my Youtube channel for new videos : Subscribe Now