An organization is using VMware Identity Manager (vIDM) to authenticate NSX-T Data Center users Which two selections are prerequisites before configuring the service? (Choose two.)
An organization is using VMware Identity Manager (vIDM) to authenticate NSX-T Data Center users Which two selections are prerequisites before configuring the service? (Choose two.)A . Validate vIDM functionality B. Assign a role to users C. Time Synchronization D. Configure vIDM Integration E. Certificate Thumbprint from vIDMView AnswerAnswer: D,E Explanation:...
Which dot color indicates an on-going attack of medium severity in the IDS/IPS events tab of NSX-T Data Center?
Which dot color indicates an on-going attack of medium severity in the IDS/IPS events tab of NSX-T Data Center? A. blinking yellow dot B. solid red dot C. solid orange dot D. blinking orange dotView AnswerAnswer: C Explanation: The dot color that indicates an on-going attack of medium severity in...
What could be causing the issue?
An administrator has enabled the "logging" option on a specific firewall rule. The administrator does not see messages on the Logging Server related to this firewall rule. What could be causing the issue?A . The logging on the firewall policy needs to be enabled. B. Firewall Rule Logging is only...
Which are two use-cases for the NSX Distributed Firewall'(Choose two.)
Which are two use-cases for the NSX Distributed Firewall'(Choose two.)A . Zero-Trust with segmentation B. Security Analytics C. Lateral Movement of Attacks prevention D. Software defined networking E. Network VisualizationView AnswerAnswer: A,C Explanation: Zero-Trust with segmentation is a security strategy that uses micro-segmentation to protect a network from malicious actors....
Which esxcli command lists the firewall configuration on ESXi hosts?
Which esxcli command lists the firewall configuration on ESXi hosts?A . esxcli network firewall ruleset list B. vsipioct1 getrules -filter <filter-name> C. esxcli network firewall rules D. vsipioct1 getrules -f <filter-name>View AnswerAnswer: A Explanation: This command allows you to display the current firewall ruleset configuration on an ESXi host. It...
When configuring members of a Security Group, which membership criteria art permitted?
When configuring members of a Security Group, which membership criteria art permitted?A . Virtual Machine, Physical Machine, Cloud Native Service Instance, and IP Set B. Segment Port, Segment, Virtual Machine, and IP Set C. Virtual Interface, Segment, Cloud Native Service Instance, and IP Set. D. Virtual Interface, Segment, Physical Machine,...
What is the default action of the Default Layer 3 distributed firewall rule?
What is the default action of the Default Layer 3 distributed firewall rule?A . Drop B. Allow C. Forward D. RejectView AnswerAnswer: B Explanation: The default action of the Default Layer 3 distributed firewall rule in NSX-T Data Center is to allow. This default policy is to allow all unless...
What could be a reason the sa-web-01 VM dvfilter name is missing from the command output?
An NSX administrator is trying to find the dvfilter name of the sa-web-01 virtual machine to capture the sa-web-01 VM traffic. What could be a reason the sa-web-01 VM dvfilter name is missing from the command output?A . sa-web-01 VM has the no firewall rules configured. B. ESXi host has...
Which two parameters must be functioning for the health status to show as Up?
A security administrator is verifying the health status of an NSX Service Instance. Which two parameters must be functioning for the health status to show as Up? (Choose two.)A . VMs must have at least one vNIC. B. VMs must not have existing endpoint protection rules. C. VMs must have...
What recommendation should be provided to the customer when it comes to their existing virtual machines?
In a brownfield environment with NSX-T Data Center deployed and configured, a customer is interested in Endpoint Protection integrations. What recommendation should be provided to the customer when it comes to their existing virtual machines? A. Virtual machine must be protected by vSphere HA. B. Virtual machine hardware should be...