Accelerate your career with our cutting-edge resources designed for VMware NSX 4.x Professional certification. Dive into the world of software-defined networking (SDN) and VMware Network Virtualization with our comprehensive study guides. Master NSX-T Data Center architecture, deployment strategies, and advanced features with expert-backed insights. Explore micro-segmentation, security best practices, and troubleshooting techniques to elevate your skills. Our VMware Certified Professional NSX materials cover design best practices, integration, load balancing, and automation. Unlock the full potential of NSX-T Data Center with our training resources. Prepare confidently and efficiently for the NSX 4.x Professional Exam, paving the way for success in the dynamic field of network virtualization. Start your journey now!
Q31. Which three DHCP Services are supported by NSX? (Choose three.)
A. Port DHCP per VNF
B. Segment DHCP
C. Gateway DHCP
D. VRF DHCP Server
E. DHCP Relay
Q32. Which two statements are true for IPSec VPN? (Choose two.)
A. VPNs can be configured on the command line interface on the NSX manager.
B. Dynamic routing is supported for any IPSec mode in NSX.
C. IPSec VPNs use the DPDK accelerated performance library.
D. IPSec VPN services can be configured at Tier-0 and Tier-1 gateways.
Q33. Which two CLI commands could be used to see if vmnic link status is down? (Choose two.)
A. esxcfg-nics -1
B. esxcfg-vmknic -1
C. esxcli network vswitch dvs vmware list
E. esxcli network nic list
Q34. HOTSPOT –
Refer to the exhibit.
Which two items must be configured to enable OSPF for the Tier-0 Gateway in the image? Mark your answers by clicking twice on the image.
1. Enable OSPF 2. Set Area Definition
Q35. A customer has a network where BGP has been enabled and the BGP neighbor is configured on the Tier-0 Gateway. An NSX administrator used the get gateways command to retrieve this information:
Which two commands must be executed to check BGP neighbor status? (Choose two.)
A. vrf 3
B. sa-nsxedge-01(tier1_sr)> get bgp neighbor
C. vrf 4
D. sa-nsxedge-01(tier0_dr)> get bgp neighbor
E. vrf 1
F. sa-nsxedge-01(tier0_sr)> get bgp neighbor
Q36. Which two of the following are used to configure Distributed Firewall on VDS? (Choose two.)
A. vCenter API
B. NSX UI
C. NSX CLI
D. vSphere API
E. NSX API
Q37. What are four NSX built-in role-based access control (RBAC) roles? (Choose four.)
B. Network Admin
C. Full Access
D. Enterprise Admin
E. LB Operator
Q38. Which two built-in VMware tools will help identify the cause of packet loss on VLAN Segments? (Choose two.)
A. Packet Capture
B. Live Flow
D. Flow Monitoring
E. Activity monitoring
Q39. Which two statements are correct about East-West Malware Prevention? (Choose two.)
A. NSX Application Platform must have Internet access.
B. NSX Edge nodes must have Internet access.
C. A SVM is deployed on every ESXi host.
D. An agent must be installed on every NSX Edge node.
E. An agent must be installed on every ESXi host.
Q40. As part of an organization’s IT security compliance requirement, NSX Manager must be configured for 2FA (two-factor authentication). What should an NSX administrator have ready before the integration can be configured?
A. VMware Identity Manager with NSX added as a Web Application
B. Active Directory LDAP integration with OAuth Client added
C. VMware Identity Manager with an OAuth Client added
D. Active Directory LDAP integration with ADFS
Q41. An NSX administrator is creating a NAT rule on a Tier-0 Gateway configured in active-standby high availability mode. Which two NAT rule types are supported for this configuration? (Choose two.)
A. Destination NAT
B. Reflexive NAT
C. Port NAT
D. Source NAT
E. 1:1 NAT
Q42. What is the VMware recommended way to deploy a virtual NSX Edge Node?
A. Through the NSX UI
B. Through automated or interactive mode using an ISO
C. Through the vSphere Web Client
D. Through the OVF command line tool
Q43. Which of the following exist only on Tier-1 Gateway firewall configurations and not on Tier-0?
A. Applied To
Q44. Which three security features are dependent on the NSX Application Platform? (Choose three.)
A. NSX Intelligence
B. NSX Firewall
C. NSX Network Detection and Response
D. NSX TLS Inspection
E. NSX Distributed IDS/IPS
F. NSX Malware Prevention
Q45. Which two of the following will be used for ingress traffic on the Edge node supporting a Single Tier topology? (Choose two.)
A. Inter-Tier interface on the Tier-0 gateway
B. Tier-0 Uplink interface
C. Downlink Interface for the Tier-0 DR
D. Tier-1 SR Router Port
E. Downlink Interface for the Tier-1 DR