ExamGecko
Search Search Login
Home Home / VMware / 2V0-41.23
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which two are requirements for FQDN Analysis? (Choose two.)
Which three of the following describe the Border Gateway Routing Protocol (BGP) configuration on a Tier-0 Gateway? (Choose three.)
An NSX administrator wants to create a Tler-0 Gateway to support equal cost multi-path (ECMP) routing. Which failover detection protocol must be used to meet this requirement?
An NSX administrator Is treating a NAT rule on a Tler-0 Gateway configured In active-standby high availability mode. Which two NAT rule types are supported for this configuration? (Choose two.)
Which TraceFlow traffic type should an NSX administrator use tor validating connectivity between App and DB virtual machines that reside on different segments?
Which CLI command would an administrator use to allow syslog on an ESXi transport node when using the esxcli utility?
An administrator has connected two virtual machines on the same overlay segment. Ping between both virtual machines is successful. What type of network boundary does this represent?
Which three DHCP Services are supported by NSX? (Choose three.)
A company Is deploying NSX micro-segmentation in their vSphere environment to secure a simple application composed of web. app, and database tiers. The naming convention will be: * WKS-WEB-SRV-XXX * WKY-APP-SRR-XXX * WKI-DB-SRR-XXX What is the optimal way to group them to enforce security policies from NSX?
Which two statements describe the characteristics of an Edge Cluster in NSX? (Choose two.)

Question 31 - 2V0-41.23 discussion

Report
Export

Which three data collection sources are used by NSX Network Detection and Response to create correlations/Intrusion campaigns? (Choose three.)

A.
Files and anti-malware (lie events from the NSX Edge nodes and the Security Analyzer
Answers
A.
Files and anti-malware (lie events from the NSX Edge nodes and the Security Analyzer
B.
East-West anti-malware events from the ESXi hosts
Answers
B.
East-West anti-malware events from the ESXi hosts
C.
Distributed Firewall flow data from the ESXi hosts
Answers
C.
Distributed Firewall flow data from the ESXi hosts
D.
IDS/IPS events from the ESXi hosts and NSX Edge nodes
Answers
D.
IDS/IPS events from the ESXi hosts and NSX Edge nodes
E.
Suspicious Traffic Detection events from NSX Intelligence
Answers
E.
Suspicious Traffic Detection events from NSX Intelligence
Suggested answer: A, D, E

Explanation:

The correct answers are A. Files and anti-malware (file) events from the NSX Edge nodes and the Security Analyzer, D. IDS/IPS events from the ESXi hosts and NSX Edge nodes, and E. Suspicious Traffic Detection events from NSX Intelligence.According to the VMware NSX Documentation3, these are the three data collection sources that are used by NSX Network Detection and Response to create correlations/intrusion campaigns.

The other options are incorrect or not supported by NSX Network Detection and Response.East-West anti-malware events from the ESXi hosts are not collected by NSX Network Detection and Response3.Distributed Firewall flow data from the ESXi hosts are not used for correlation/intrusion campaigns by NSX Network Detection and Response3.

https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/administration/GUID-14BBE50D-9931-4719-8FA7-884539C0D277.html

Show Answer
asked 16/09/2024
alain giansily
40 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms