VMware 5V0-41.21 VMware NSX-T Data Center 3.1 Security Online Training
VMware 5V0-41.21 Online Training
The questions for 5V0-41.21 were last updated at Dec 20,2024.
- Exam Code: 5V0-41.21
- Exam Name: VMware NSX-T Data Center 3.1 Security
- Certification Provider: VMware
- Latest update: Dec 20,2024
Which three are required by URL Analysis? (Choose three.)
- A . NSX Enterprise or higher license key
- B . Tier-1 gateway
- C . Tier-0 gateway
- D . OFW rule allowing traffic OUT to Internet
- E . Medium-sized edge node (or higher), or a physical form factor edge
- F . Layer 7 DNS firewall rule on NSX Edge cluster
What needs to be configured on each transport node prior to using NSX-T Data Center Distributed Firewall time-based rule publishing?
- A . DNS
- B . NTP
- C . PAT
- D . NAT
An NSX administrator is trying to find the dvfilter name of the sa-web-01 virtual machine to capture the sa-web-01 VM traffic.
What could be a reason the sa-web-01 VM dvfilter name is missing from the command output?
- A . sa-web-01 VM has the no firewall rules configured.
- B . ESXi host has 5SH disabled.
- C . sa-web-01 is powered Off on ESXi host.
- D . ESXi host has the firewall turned off.
Which two statements are true about IDS/IPS signatures? (Choose two.)
- A . Users can upload their own IDS signature definitions from the NSX UI.
- B . IDS Signatures can be High Risk, Suspicious, Low Risk and Trustworthy.
- C . Users can create their own IDS signature definitions from the NSX UI.
- D . An IDS signature contains data used to identify known exploits and vulnerabilities.
- E . An IDS signature contains a set of instructions that determine which traffic is analyzed.
An organization is using VMware Identity Manager (vIDM) to authenticate NSX-T Data Center users Which two selections are prerequisites before configuring the service? (Choose two.)
- A . Validate vIDM functionality
- B . Assign a role to users
- C . Time Synchronization
- D . Configure vIDM Integration
- E . Certificate Thumbprint from vIDM
Which esxcli command lists the firewall configuration on ESXi hosts?
- A . esxcli network firewall ruleset list
- B . vsipioct1 getrules -filter <filter-name>
- C . esxcli network firewall rules
- D . vsipioct1 getrules -f <filter-name>
Which three are required to configure a firewall rule on a getaway to allow traffic from the internal to web servers? (Choose three.)
- A . Create a URL analysis profile for web hosting category.
- B . Create a firewall rule in System category.
- C . Enable Firewall Service for gateway.
- D . Create a firewall policy in Local Gateway category.
- E . Add a firewall rule in Local Gateway category.
- F . Disable the firewall rule in Default category.
Which are two use-cases for the NSX Distributed Firewall'(Choose two.)
- A . Zero-Trust with segmentation
- B . Security Analytics
- C . Lateral Movement of Attacks prevention
- D . Software defined networking
- E . Network Visualization
A security administrator is required to protect East-West virtual machine traffic with the NSX Distributed Firewall.
What must be completed with the virtual machine’s vNIC before applying the rules?
- A . It is connected to the underlay.
- B . It must be connected to a vSphere Standard Switch.
- C . It is connected to an NSX managed segment.
- D . It is connected to a transport zone.
An administrator wants to use Distributed Intrusion Detection.
How is this implemented in an NSX-T Data Center?
- A . As a distributed solution across multiple ESXi hosts.
- B . As a distributed solution across multiple KVM hosts.
- C . As a distributed solution across multiple NSX Managers.
- D . As a distributed solution across multiple NSX Edge nodes.