ExamGecko
Search Search Login
Home Home / VMware / 2V0-41.23

VMware 2V0-41.23 Practice Test - Questions Answers, Page 11

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which three of the following describe the Border Gateway Routing Protocol (BGP) configuration on a Tier-0 Gateway? (Choose three.)
Which two are requirements for FQDN Analysis? (Choose two.)
Which TraceFlow traffic type should an NSX administrator use tor validating connectivity between App and DB virtual machines that reside on different segments?
An NSX administrator wants to create a Tler-0 Gateway to support equal cost multi-path (ECMP) routing. Which failover detection protocol must be used to meet this requirement?
An NSX administrator Is treating a NAT rule on a Tler-0 Gateway configured In active-standby high availability mode. Which two NAT rule types are supported for this configuration? (Choose two.)
Which two statements describe the characteristics of an Edge Cluster in NSX? (Choose two.)
Which CLI command would an administrator use to allow syslog on an ESXi transport node when using the esxcli utility?
An administrator has connected two virtual machines on the same overlay segment. Ping between both virtual machines is successful. What type of network boundary does this represent?
Which three DHCP Services are supported by NSX? (Choose three.)
Which two are supported by L2 VPN clients? (Choose two.)

Question 101

Report
Export
Collapse

A customer is preparing to deploy a VMware Kubernetes solution in an NSX environment.

What is the minimum MTU size for the UPLINK profile?

A.
1500
A.
1500
Answers
B.
1550
B.
1550
Answers
C.
1700
C.
1700
Answers
D.
1650
D.
1650
Answers
Suggested answer: C

Explanation:

The minimum MTU size for the UPLINK profile is 1700 bytes. This is because the UPLINK profile is used to configure the physical NICs that connect to the NSX-T overlay network. The overlay network uses geneve encapsulation, which adds an overhead of 54 bytes to the original packet. Therefore, to support a standard MTU of 1500 bytes for the inner packet, the outer packet must have an MTU of at least 1554 bytes. However, VMware recommends adding an extra buffer of 146 bytes to account for possible additional headers or VLAN tags. Therefore, the minimum MTU size for the UPLINK profile is 1700 bytes (1554 + 146).References: : VMware NSX-T Data Center Installation Guide, page 23. : VMware NSX-T Data Center Administration Guide, page 102. : VMware NSX-T Data Center Installation Guide, page 24.

https://nsx.techzone.vmware.com/resource/nsx-reference-design-guide#a-31-the-nsx-virtual-switch

Question 102

Report
Export
Collapse

Which of the following settings must be configured in an NSX environment before enabling stateful active-active SNAT?

A.
Tier-1 gateway in active-standby mode
A.
Tier-1 gateway in active-standby mode
Answers
B.
Tier-1 gateway in distributed only mode
B.
Tier-1 gateway in distributed only mode
Answers
C.
An Interface Group for the NSX Edge uplinks
C.
An Interface Group for the NSX Edge uplinks
Answers
D.
A Punting Traffic Group for the NSX Edge uplinks
D.
A Punting Traffic Group for the NSX Edge uplinks
Answers
Suggested answer: C

Explanation:

To enable stateful active-active SNAT on a Tier-0 or Tier-1 gateway, you must configure an Interface Group for the NSX Edge uplinks. An Interface Group is a logical grouping of NSX Edge interfaces that belong to the same failure domain. A failure domain is a set of NSX Edge nodes that share the same physical network infrastructure and are subject to the same network failures.By configuring an Interface Group, you can ensure that the stateful services are distributed across different failure domains and can recover from network failures1

Question 103

Report
Export
Collapse

Which two are supported by L2 VPN clients? (Choose two.)

A.
NSX for vSphere Edge
A.
NSX for vSphere Edge
Answers
B.
3rd party Hardware VPN Device
B.
3rd party Hardware VPN Device
Answers
C.
NSX Autonomous Edge
C.
NSX Autonomous Edge
Answers
D.
NSX Edge
D.
NSX Edge
Answers
Suggested answer: C, D

Explanation:

The following L2 VPN clients are recommended:

1. NSX Managed NSX Edge in a separate NSX Managed environment.

* Overlay and VLAN segments can be extended.

2. Autonomous Edge:

* Enables L2 VPN access from a non-a NSX environment to NSX environments.

* Deployed by using an OVF file on a host that is not managed by NSX.

* Only VLAN segments can be extended.

Question 104

Report
Export
Collapse

As part of an organization's IT security compliance requirement, NSX Manager must be configured for 2FA (two-factor authentication).

What should an NSX administrator have ready before the integration can be configured? O

A.
Active Directory LDAP integration with OAuth Client added
A.
Active Directory LDAP integration with OAuth Client added
Answers
B.
VMware Identity Manager with an OAuth Client added
B.
VMware Identity Manager with an OAuth Client added
Answers
C.
Active Directory LDAP integration with ADFS
C.
Active Directory LDAP integration with ADFS
Answers
D.
VMware Identity Manager with NSX added as a Web Application
D.
VMware Identity Manager with NSX added as a Web Application
Answers
Suggested answer: B

Explanation:

To configure NSX Manager for two-factor authentication (2FA), an NSX administrator must have VMware Identity Manager (vIDM) with an OAuth Client added. vIDM provides identity management services and supports various 2FA methods, such as VMware Verify, RSA SecurID, and RADIUS. An OAuth Client is a configuration entity in vIDM that represents an application that can use vIDM for authentication and authorization. NSX Manager must be registered as an OAuth Client in vIDM before it can use 2FA.References: : VMware NSX-T Data Center Installation Guide, page 19. : VMware NSX-T Data Center Administration Guide, page 102.: VMware Blogs: Two-Factor Authentication with VMware NSX-T

Question 105

Report
Export
Collapse

Which three protocols could an NSX administrator use to transfer log messages to a remote log server? (Choose three.)

A.
HTTPS
A.
HTTPS
Answers
B.
TCP
B.
TCP
Answers
C.
SSH
C.
SSH
Answers
D.
UDP
D.
UDP
Answers
E.
TLS
E.
TLS
Answers
F.
SSL
F.
SSL
Answers
Suggested answer: B, D, E

Explanation:

An NSX administrator can use TCP, UDP, or TLS protocols to transfer log messages to a remote log server. These protocols are supported by NSX Manager, NSX Edge, and hypervisors for remote logging. A Log Insight log server supports all these protocols, as well as LI and LI-TLS, which are specific to Log Insight and optimize network usage. HTTPS, SSH, and SSL are not valid protocols for remote logging in NSX-T Data Center.References: : VMware NSX-T Data Center Administration Guide, page 102.: VMware Docs: Configure Remote Logging

Question 106

Report
Export
Collapse

Which two commands does an NSX administrator use to check the IP address of the VMkernel port for the Geneve protocol on the ESXi transport node? (Choose two.)

A.
esxcfg-nics -1l
A.
esxcfg-nics -1l
Answers
B.
esxcli network ip interface ipv4 get
B.
esxcli network ip interface ipv4 get
Answers
C.
esxcli network nic list
C.
esxcli network nic list
Answers
D.
esxcfg-vmknic -1
D.
esxcfg-vmknic -1
Answers
E.
net-dvs
E.
net-dvs
Answers
Suggested answer: B, D

Explanation:

To check the IP address of the VMkernel port for the Geneve protocol on the ESXi transport node, an NSX administrator can use the following commands:

esxcli network ip interface ipv4 get: This command displays the IPv4 configuration of all VMkernel interfaces on the host, including their IP addresses, netmasks, and gateways.The Geneve protocol uses a VMkernel interface named geneve0 by default1

esxcfg-vmknic -l: This command lists all VMkernel interfaces on the host, along with their MAC addresses, MTU, and netstack.The Geneve protocol uses a netstack named nsx-overlay by default

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/installation/GUID-B7E7371E-A9F6-4880-B184-E00A62C0C818.html https://www.vmadmin.co.uk/resources/35-esxserver/49-vmkniccmd

Question 107

Report
Export
Collapse

Which two steps must an NSX administrator take to integrate VMware Identity Manager in NSX to support role-based access control? (Choose two.)

A.
Create a SAML authentication in VMware Identity Manager using the NSX Manager FQDN.
A.
Create a SAML authentication in VMware Identity Manager using the NSX Manager FQDN.
Answers
B.
Enter the Identity Provider (IdP) metadata URL in NSX Manager.
B.
Enter the Identity Provider (IdP) metadata URL in NSX Manager.
Answers
C.
Create an OAuth 2.0 client in VMware Identity Manager.
C.
Create an OAuth 2.0 client in VMware Identity Manager.
Answers
D.
Add NSX Manager as a Service Provider (SP) in VMware Identity Manager.
D.
Add NSX Manager as a Service Provider (SP) in VMware Identity Manager.
Answers
E.
Enter the service URL, Client Secret, and SSL thumbprint in NSX Manager.
E.
Enter the service URL, Client Secret, and SSL thumbprint in NSX Manager.
Answers
Suggested answer: C, E

Explanation:

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-EAAD1FBE-F750-4A5A-A3BF-92B1E7D016FE.html


Total 107 questions
Go to page: of 11
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms