최신 2V0-41.23 무료덤프 - VMware NSX 4.x Professional

문제1

Sort the rule processing steps of the Distributed Firewall. Order responses from left to right.

정답:

Explanation:
The correct order of the rule processing steps of the Distributed Firewall is as follows:
* Packet arrives at vfilter connection table. If matching entry in the table, process the packet.
* If connection table has no match, compare the packet to the rule table.
* If the packet matches source, destination, service, profile and applied to fields, apply the action defined.
* If the rule table action is allow, create an entry in the connection table and forward the packet.
* If the rule table action is reject or deny, take that action.
This order is based on the description of how the Distributed Firewall works in the web search results1. The first step is to check if there is an existing connection entry for the packet in the vfilter connection table, which is a cache of flow entries for rules with an allow action. If there is a match, the packet is processed according to the connection entry. If there is no match, the packet is compared to the rule table, which contains all the security policy rules. The rules are evaluated from top to bottom until a match is found. The match criteria include source, destination, service, profile and applied to fields. The action defined by the matching rule is applied to the packet. The action can be allow, reject or deny. If the action is allow, a new connection entry is created for the packet and the packet is forwarded to its destination. If the action is reject or deny, the packet is dropped and an ICMP message or a TCP reset message is sent back to the source.

문제2

Which two commands does an NSX administrator use to check the IP address of the VMkernel port for the Geneve protocol on the ESXi transport node? (Choose two.)

A. esxcfg-nics -1l

B. esxcli network ip interface ipv4 get

C. esxcfg-vmknic -1

D. esxcli network nic list

E. net-dvs

정답: B,D

설명: (DumpTOP 회원만 볼 수 있음)

문제3

In an NSX environment, an administrator is observing low throughput and congestion between the Tier-O Gateway and the upstream physical routers.
Which two actions could address low throughput and congestion? (Choose two.)

A. Add an additional vNIC to the NSX Edge node.

B. Configure a Tier-1 gateway and connect it directly to the physical routers.

C. Deploy Large size Edge node/s.

D. Configure ECMP on the Tier-0 gateway.

E. Configure NAT on the Tier-0 gateway.

정답: C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제4

Which VPN type must be configured before enabling a L2VPN?

A. Route-based IPSec VPN

B. SSL-bosed IPSec VPN

C. Policy based IPSec VPN

D. Port-based IPSec VPN

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제5

How is the RouterLink port created between a Tier-1 Gateway and Tler-0 Gateway?

A. Manually create a Logical Switch and connect to bother Tler-1 and Tier-0 Gateways.

B. Automatically created when Tier-t Is connected with Tier-0 from NSX UI.

C. Automatically created when Tler-1 is created.

D. Manually create a Segment and connect to both Titrr-1 and Tier-0 Gateways.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which three DHCP Services are supported by NSX? (Choose three.)

A. Gateway DHCP

B. DHCP Relay

C. VRF DHCP Server

D. Segment DHCP

E. Port DHCP per VNF

정답: A,B,D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Which two BGP configuration parameters can be configured in the VRF Lite gateways? (Choose two.)

A. BGP Neighbors

B. Local AS

C. Route Aggregation

D. Route Distribution

E. Graceful Restart

정답: A,C

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which two tools are used for centralized logging in VMware NSX? (Choose two.)

A. VMware Aria Operations for Logs

B. Syslog Server

C. VMware Aria Operations

D. VMware Aria Operations for Networks

E. VMware Aria Automation

정답: A,B

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Which of the two following characteristics about NAT64 are true? (Choose two.)

A. NAT64 requires the Tier-1 gateway to be configured in active-active mode.

B. NAT64 is stateless and requires gateways to be deployed in active-standby mode.

C. NAT64 requires the Tier-1 gateway to be configured in active-standby mode.

D. NAT64 is supported on Tier-1 gateways only.

E. NAT64 is supported on Tier-0 and Tier-1 gateways.

정답: C,E

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Which CLI command is used for packet capture on the ESXi Node?

A. set capture

B. tcpdump

C. pktcap-uw

D. debug

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

최신 2V0-41.23 무료덤프 - VMware NSX 4.x Professional

우리와 연락하기

유용한 링크

최신 업데이트