New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > VMware > VMware NSX-T Data Center Security Skills 2023 > 5V0-41.21

5V0-41.21 VMware NSX-T Data Center 3.1 Security Question and Answers

Question # 4

In a brownfield environment with NSX-T Data Center deployed and configured, a customer is interested in Endpoint Protection integrations. What recommendation should be provided to the customer when it comes to their existing virtual machines?

A.

Virtual machine must be protected by vSphere HA.

B.

Virtual machine hardware should be version 10 or higher.

C.

A minimum installation of VMware tools is required.

D.

A custom install of VMware tools is required to select the drivers.

Full Access
Question # 5

As part of an audit, an administrator is required to demonstrate that measures have been taken to prevent critical vulnerabilities from being exploited. Which Distributed IDS/IPS event filter can the administrator show as proof?

A.

Attack Type

B.

CVSS

C.

CVE

D.

Signature ID

Full Access
Question # 6

What type of IDS/IPS system deployment allows an administrator to block a known attack?

A.

A system deployed in SPAN port mode.

B.

A system deployed inline with ALERT and DROP action.

C.

A system deployed inline with ALERT action.

D.

A system deployed in TERM mode.

Full Access
Question # 7

Which of the following are the local user accounts used to administer NSX-T Data Center?

A.

operator, admin, audit

B.

admin, super, read-only

C.

operator, admin, root

D.

admin, audit, root

Full Access
Question # 8

Which two criteria would an administrator use to filter firewall connection logs on NSX?

A.

FIREWALL MONITORING

B.

FIREWALL-PKTLOG

C.

FIREWALL RULE TAG

D.

FIREWALL CONNECTION

E.

FIREWALL SYSTEM

Full Access
Question # 9

Which two are requirements for URL Analysis? (Choose two.)

A.

The ESXi hosts require access to the Internet to download category and reputation definitions.

B.

A layer 7 gateway firewall rule must be configured on the tier-0 gateway uplink to capture DNS traffic.

C.

A layer 7 gateway firewall rule must be configured on the tier-1 gateway uplink to capture DNS traffic,

D.

The NSX Edge nodes require access to the Internet to download category and reputation definitions.

E.

The NSX Manager requires access to the Internet to download category and reputation definitions.

Full Access
Question # 10

When configuring members of a Security Group, which membership criteria art permitted?

A.

Virtual Machine, Physical Machine, Cloud Native Service Instance, and IP Set

B.

Segment Port, Segment, Virtual Machine, and IP Set

C.

Virtual Interface, Segment, Cloud Native Service Instance, and IP Set.

D.

Virtual Interface, Segment, Physical Machine, and IP Set

Full Access