VCPN610 - VMware Certified Professional - Network Virtualization Exam
Go back to
VMware
Example Questions
An administrator can only log into the NSX manager using local credentials and not Active Directory credentials. Which option would cause this issue?
The NSX manager has not been connected to the lookup service
Which statement describes the traffic throughput of the NSX Distributed Firewall?
Firewall services are implemented as kernel modules and provide traffic filtering between the virtual machine's vNIC and the vSwitch.
Which tool is used to display VXLAN connection information?
NSX Controller CLI
A company has augmented its Data Center infrastructure by using vCloud Hybrid Service during peak hours. The company wants to extend their existing subnets into the cloud while workloads retain their existing IP addresses. The virtual machines in these subnets use an NSX Edge Gateway as their default gateway. Which solution should this company use?
Layer 2 VPN
What are three switch features found only on vSphere Distributed Switches? (Choose three.)
Network I/O Control
LLDP
Port Mirroring
What is the minimum MTU size recommended by VMware for the physical network when deploying NSX for vSphere?
1600
Which is not a valid Destination option for a General Logical Firewall rule?
MAC Set
Which characteristic or feature is required for VXLAN traffic to successfully travel across virtual and physical networks?
Network device support for jumbo frames.
A user needs to be given the ability to make configuration changes on a specific NSX Edge device. What role and scope could be used to meet this requirement?
Security Administrator role and Limit Access scope
What is the frequency of the heartbeat between the active and standby NSX Edge instances when configured for HA?
Every 1 second.
Which two actions take place when an active NSX Edge instance fails? (Choose two.)
Once the original NSX Edge instance is recovered, the NSX Manager attempts to place it on a different host from the other NSX Edge instance.
The standby NSX Edge instance becomes the active instance and retains any routing neighbor adjacencies.
You are tasked with designing a data center architecture that should maximize the use of vMotion within your environment. You must use these VMware best practices: - The network must utilize widely offered layer 2 switching and layer 3 switching services - Purchase of new equipment should be minimized Which two network design architectures will provide the requirements for vMotion in your data center? (Choose two.)
Utilize layer 3 switching from the access layer through the core.
Deploy an overlay technology for the deployment of your virtual network.
An administrator has created a logical switch, but when attempting to select a transport zone, the dropdown box is empty. Which option is causing this issue?
A VXLAN has not been created
An administrator needs to perform a configuration backup of NSX. From which two locations can this task be performed? (Choose two.)
Directly on the NSX Manager
Using the NSX API
You have deployed a vShield Endpoint for antivirus and malware detection on an NSX network and need to monitor audit messages for the endpoint. Which log file are the audit messages recorded in?
vmware.log on the virtual machine
Which two web browsers are supported for programming the NSX REST API? (Choose two.)
Chrome
Firefox
Which NSX component can validate that security policies at your organization are being enforced correctly?
Activity Monitoring
Which statement is true regarding multicast traffic when implementing NSX?
A multicast address range is required when using ESXi 5.1 hosts
What is the default delay when the active NSX Edge instance fails before the standby instance takes the active role?
15 seconds.
A company hosts an internal website on multiple virtual machines on a Logical Switch with VNI 7321. A Distributed Router serves as the virtual machines' default gateway. When an user resolves the URL for the website, the internal DNS server responds with the IP address of one of the virtual machine's IP addresses in a round robin fashion. The company wants to deploy an NSX Edge Service Load Balancer and maintain the use of the Distributed Router for the virtual machines' default gateway. Which mode can the NSX Edge Load Balancer can be deployed to meet the Company's needs?
One-Arm
An administrator has deployed and powered on a new virtual machine configured to get its networking information via DHCP. The virtual machine is connected to an NSX network and connectivity has been verified. After reconfiguring the virtual machine with a static IP address, network connectivity is lost. Which statement explains what happened?
SpoofGuard is enabled and the operation mode is set to automatic
Which components are required to enable layer 2 bridging? (Choose two.)
Distributed firewall rule to allow layer 2 traffic in the bridge.
Deployed Logical Router.
You have deployed a two-tiered application using four virtual machines: - Two virtual machines are web application servers - Two virtual machines providing a clustered database service What feature can you configure to provide the most accurate account for only the traffic between the web servers and the clustered database?
On the vSphere Distributed Switch, configure Netflow for the distributed virtual port group and enable Process internal flows only for the distributed switch.
Where does the Distributed Logical Firewall enforce firewall rules?
At the Virtual Machine's virtual Network Interface Card (vNIC).
An administrator wants to implement NSX within the vSphere virtual environment. Which two statements correctly describe changes that will occur as a result of an NSX deployment? (Choose two.)
Use of ARP will decrease in the physical environment.
MAC address table usage will decrease in the physical environment.
What is the function of NSX Data Security?
Identifies sensitive data in your virtualized environment based upon regulation violation reports
Which condition could prevent an ESXi host from receiving VXLAN Tunnel End Point (VTEP) tables?
The netcpa agent is not running on the ESXi host
What is the maximum time span for viewing Flow Monitoring data?
2 weeks
Where are the distributed NSX firewall decisions logged?
ESXi host
Which two statements are true regarding NSX High Availability? (Choose two.)
NSX HA is configured as Active-Standby.
If an Active node fails, there is no service interruption during failover.
Where is the net-vdr command used?
ESXi host
An administrator will deploy NSX within an existing vSphere environment containing two vCenter Server instances. Each vCenter Server manages three clusters with 16 ESXi hosts per cluster. How many NSX Manager instances would be required for this deployment?
2
Which scenario can be configured to use 3DES encryption for virtual machine traffic?
Two virtual machines communicating across a point-to-point IPSec VPN connection.
Which two options are valid distribution methods used by the NSX Edge Load Balancer? (Choose two.)
URI
Round Robin
Which two characteristics of the underlying physical network does VMware NSX require for robust IP transport? (Choose two.)
The physical network should provide scalable network I/O using Equal Cost Multipathing (ECMP).
QoS classification and marking is required to provide end-to-end flow control.
Which two are valid types of authentication for an OSPF area? (Choose two.)
Password authentication
MD5 authentication
After deploying NSX, an administrator does not see the Networking & Security tab when connecting to the vCenter Server using the vSphere Web Client. What should the administrator do?
Register the NSX Manager with the vCenter Server.
What is the minimum number of vSphere Distributed Switches (vDS) that must be configured before deploying VMware NSX for vSphere?
1
Which statement is correct when upgrading vShield Data Security to NSX Data Security?
NSX Data Security does not support a direct upgrade.
A network security administrator wants to monitor traffic on several VLANs configured on a vSphere Distributed Switch. The traffic will be sent to another distributed port. What type of port mirroring session must be configured to meet these requirements?
Select the session type Remote Mirroring Destination when configuring the Port Mirroring session.
Which two vSphere components are required for NSX? (Choose two.)
Distributed Port Group
VMkernel port
A vSphere administrator deployed an NSX Edge Load Balancer in HA mode. What happens in the event the Load Balancer has a failure?
The secondary NSX Edge Load Balancer assumes the role of primary. Existing Flows will need to have their connections reestablished.
Using VMware's best practices, choose two statements that define the best solution for scaling layer 2 services for the virtual network. (Choose two.)
Employ a layer 3 switched network.
Use VXLAN for an overlay network.
Which component provides for installation of NSX hypervisor kernel components and user world agents?
NSX Manager
Which configuration change on the physical infrastructure is required when deploying NSX?
Increase the MTU size on the physical switches
What is the packet size of the VXLAN standard test packet when using the Ping test on the logical switches?
1550
Which statement is true regarding an NSX Edge gateway device configured with a DNS Server?
The NSX Edge will forward all DNS requests from virtual machines sent to it to the DNS Server.
Which statement describes proper packet processing of layer 3 traffic in an NSX for vSphere topology?
All packets are processed by the distributed router. No packets are processed by the Logical Router Control VM.
Which two Virtual Private Networks are supported by the NSX Edge Service Gateway? (Choose two.)
Layer 2 VPN
IPSec VPN
A vSphere administrator wants to setup an NSX Edge Service Gateway to provide traveling employees secure access to company servers located in specific network segments within the corporate Data Centers. The solution has to be as scalable as possible. Which Virtual Private Network solution will satisfy the administrator's requirements?
SSL VPN
