ExamGecko
Login
Home / VMware / 5V0-41.21 / List of questions
Ask Question

VMware 5V0-41.21 Practice Test - Questions Answers, Page 3

List of questions

Question 21

Report Export Collapse

What must an administrator deploy to provide Linux based VMs with antivirus protection?

Antivirus Agent in NSX
Antivirus Agent in NSX
Antivirus Agent in vCenter
Antivirus Agent in vCenter
Guest Introspection Thin Agent
Guest Introspection Thin Agent
Guest Customization Agent
Guest Customization Agent
Suggested answer: C
Explanation:

NSX provides a feature called Guest Introspection that allows administrators to provide security services to virtual machines, including antivirus protection. One of the components of Guest Introspection is the Guest Introspection Thin Agent, which must be deployed to provide Linux-based VMs with antivirus protection. The Thin Agent is a lightweight agent that runs inside the guest operating system of virtual machines and communicates with the NSX Manager to provide security services.

Once the Guest Introspection Thin Agent is deployed, the administrator can configure the antivirus service to scan virtual machines for malware and take action on any threats that are detected.

Reference:

VMware NSX Guest Introspection documentation https://docs.vmware.com/en/VMware-NSX-TData-Center/3.1/com.vmware.nsxt.guest_introspection.doc/GUID-A86FBAF1-A8D9-4E12-8F3D-04B3D89B8F7E.html

VMware NSX Guest Introspection Thin Agent documentation https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/com.vmware.nsxt.guest_introspection.doc/GUID-A86FBAF1-A8D9-4E12-8F3D-04B3D89B8F7E.html

asked 16/09/2024
Nick Wells
52 questions

Question 22

Report Export Collapse

A company's CTO has requested that all logging should be enabled for all NSX-T Data Center Distributed Firewall rules. What should be considered prior to executing this request?

Large amounts of log information can fill up the vSphere Server database.
Large amounts of log information can fill up the vSphere Server database.
Logging can only be enabled for sections and not for single rules.
Logging can only be enabled for sections and not for single rules.
Once logging is enabled for all rules it cannot be disabled afterwards.
Once logging is enabled for all rules it cannot be disabled afterwards.
Large amounts of log information will likely affect performance.
Large amounts of log information will likely affect performance.
Suggested answer: A
asked 16/09/2024
Quintin van Rooyen
51 questions

Question 23

Report Export Collapse

An administrator has configured a new firewall rule but needs to change the Applied-To parameter.

Which two are valid options that the administrator can configure? (Choose two.)

DFW
DFW
rule
rule
services
services
profiles
profiles
groups
groups
Suggested answer: A, D
Explanation:

For further reading, see the VMware NSX-T Data Center Administration Guide

(https://pubs.vmware.com/NSX-T-Data-Center/index.html#com.vmware.nsxt.admin.doc/GUID-704E1B2F-1E43-4E7F-97F2-59BBF8F6C9F6.html) for more information on configuring firewall rules.

asked 16/09/2024
Jessica Mahoney
45 questions

Question 24

Report Export Collapse

Which of the following are the local user accounts used to administer NSX-T Data Center?

operator, admin, audit
operator, admin, audit
admin, super, read-only
admin, super, read-only
operator, admin, root
operator, admin, root
admin, audit, root
admin, audit, root
Suggested answer: A
Explanation:

For further reading, see the VMware NSX-T Data Center Administration Guide

(https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/com.vmware.nsxt.admin.doc/GUID-4A4E9FBE-50B3-4F8F-B6C4-8527E7A08A67.html) for more information on user accounts andpermissions in NSX-T Data Center.

asked 16/09/2024
Quratulain Damani
43 questions

Question 25

Report Export Collapse

As part of an audit, an administrator is required to demonstrate that measures have been taken to prevent critical vulnerabilities from being exploited. Which Distributed IDS/IPS event filter can the administrator show as proof?

Attack Type
Attack Type
CVSS
CVSS
CVE
CVE
Signature ID
Signature ID
Suggested answer: C
Explanation:

For further reading, see the VMware NSX-T Data Center Administration Guide

(https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.1/com.vmware.nsxt.admin.doc/GUIDA1A7F233-5F9F-4B2E-B3D3-0F8B593032F6.html) for more information on configuring theas the CVE filter can be used to filter out any events which are related to a specific vulnerability

asked 16/09/2024
kevin klyn
42 questions

Question 26

Report Export Collapse

Which two are used to define dynamic groups for an NSX Distributed Firewall? (Choose two.)

segment
segment
physical servers
physical servers
machine name
machine name
tags
tags
segment's port
segment's port
Suggested answer: C, D
Explanation:

For further reading, see the VMware NSX-T Data Center Administration Guide

(https://pubs.vmware.com/NSX-T-Data-Center/index.html#com.vmware.nsxt.admin.doc/GUIDBEDA8D9F-ACBC-42B1-B7F5-FEEF0E0D899C.html) for more information on configuring dynamicgroups.

asked 16/09/2024
Velli Mutham
38 questions

Question 27

Report Export Collapse

What type of IDS/IPS system deployment allows an administrator to block a known attack?

A system deployed in SPAN port mode.
A system deployed in SPAN port mode.
A system deployed inline with ALERT and DROP action.
A system deployed inline with ALERT and DROP action.
A system deployed inline with ALERT action.
A system deployed inline with ALERT action.
A system deployed in TERM mode.
A system deployed in TERM mode.
Suggested answer: B
Explanation:

(https://pubs.vmware.com/NSX-T-Data-Center/index.html#com.vmware.nsxt.admin.doc/GUIDQuestionsand Answers PDF 16/38D9A6B1E7-FFCD-47A7-8E0C-FDD3DE6AC2B6.html) for more information on configuring an IDS/IPS system.

asked 16/09/2024
Mpho Ntshontsi
50 questions

Question 28

Report Export Collapse

A security administrator is verifying the health status of an NSX Service Instance.

Which two parameters must be functioning for the health status to show as Up? (Choose two.)

VMs must have at least one vNIC.
VMs must have at least one vNIC.
VMs must not have existing endpoint protection rules.
VMs must not have existing endpoint protection rules.
VMs must have virtual hardware version 9 or higher.
VMs must have virtual hardware version 9 or higher.
VMs must be available on the host.
VMs must be available on the host.
VMs must be powered on.
VMs must be powered on.
Suggested answer: D, E
Explanation:

The health status of an NSX Service Instance is an indicator of the overall health and functionality of the service.

For an NSX Service Instance to show as Up, the following two parameters must be functioning:

D. VMs must be available on the host - The VMs that are associated with the service must be present on the host and able to communicate with the NSX Manager. If a VM is not available on the host, the service will not be able to function properly.

E. VMs must be powered on - The VMs that are associated with the service must be powered on and running. If a VM is not powered on, the service will not be able to function properly.

asked 16/09/2024
Charles Smith
51 questions

Question 29

Report Export Collapse

Which vCenter component is used by the NSX Manager to deploy the Partner Service VM on every host of a cluster configured for guest introspection?

ESXi Agent Manager (EAM)
ESXi Agent Manager (EAM)
Auto Deploy
Auto Deploy
Update Manager (VUM)
Update Manager (VUM)
Component Manager
Component Manager
Suggested answer: D
Explanation:

Component Manager is used to deploy the Partner Service VM on every host of a cluster configured for guest introspection.

For further reading, see the VMware NSX-T Data Center Administration Guide

(https://pubs.vmware.com/NSX-T-Data-Center/index.html#com.vmware.nsxt.admin.doc/GUIDACB4CE1E-4F6E-4B4F-96BF-9FA9DFFF9229.html) for more information on configuring guestintrospection.

asked 16/09/2024
Tamilselvi R
40 questions

Question 30

Report Export Collapse

To which object can time based rules be applied?

Gateway Firewall only
Gateway Firewall only
DFW and Gateway Firewall both
DFW and Gateway Firewall both
DFW only
DFW only
DFW or Gateway Firewall, but not both at the same time
DFW or Gateway Firewall, but not both at the same time
Suggested answer: C
Explanation:

For further reading, see the VMware NSX-T Data Center Administration Guide

(https://pubs.vmware.com/NSX-T-Data-Center/index.html#com.vmware.nsxt.admin.doc/GUID-8F9C6E9E-9C83-4CAD-BB3A-F4E4A25C6FE7.html) for more information on configuring time basedrules.

asked 16/09/2024
Ken Wilson
48 questions
Total 70 questions
Go to page: of 7
Open VPLUS File
Convert VPLUS to PDF

Related questions

An organization is using VMware Identity Manager (vIDM) to authenticate NSX-T Data Center users Which two selections are prerequisites before configuring the service? (Choose two.)
Refer to the exhibit. Referencing the exhibit, what is the VMware recommended number of NSX Manager Nodes to additionally deploy to form an NSX-T Manager Cluster?
Which 3 CU commands ant required to configure remote logging on an ESXI host? (Choose three.)
Which three are required by URL Analysis? (Choose three.)
An administrator is creating the first distributed firewall rules for a company's salts department. What is the first object that must be created in the distributed firewall'
An administrator needs to configure their NSX-T logging to audit changes on firewall security policy. The administrator Is using the following command from NSX-T3.1 documentation : Which Message ID from the following list will allow the administrator to track changes on firewall security rules?
When using URL Analysis In NSX-T, which two services must be set in the URL rule to capture traffic over TCP and UDP? (Choose two.)
Refer to the exhibit. A security administrator is configuring a time window to create a time-based distributed firewall rule. While configuring the time window, an error displayed as shown in the exhibit. Which action will resolve the problem?
An NSX administrator is trying to find the dvfilter name of the sa-web-01 virtual machine to capture the sa-web-01 VM traffic. What could be a reason the sa-web-01 VM dvfilter name is missing from the command output?
A company's CTO has requested that all logging should be enabled for all NSX-T Data Center Distributed Firewall rules. What should be considered prior to executing this request?