Which three are required to configure a firewall rule on a getaway to allow traffic from the internal to web servers? (Choose three.)
Which three are required to configure a firewall rule on a getaway to allow traffic from the internal to web servers? (Choose three.)A . Create a URL analysis profile for web hosting category. B. Create a firewall rule in System category. C. Enable Firewall Service for gateway. D. Create a...
Which virtual network interface card (vNIC) type must be selected while creating the NSX Edge VM allow participation in overlay and VLAN transport zones?
An NSX administrator has been tasked with deploying a NSX Edge Virtual machine through an ISO image. Which virtual network interface card (vNIC) type must be selected while creating the NSX Edge VM allow participation in overlay and VLAN transport zones?A . e1000 B. VMXNET2 C. VMXNET3 D. FlexibleView AnswerAnswer:...
How does N5X Distributed IDS/IPS keep up to date with signatures?
How does N5X Distributed IDS/IPS keep up to date with signatures?A . NSX Edge uses manually uploaded signatures by the security administrator. B. NSX-T Data Center is using a cloud based database to download the IDS/IPS signatures. C. NSX Manager has a local IDS/IPS signatures database that does not need...
What does the red dashed line for the UDP: 137 flow represent?
Refer to the exhibit. An administrator is reviewing NSX Intelligence information as shown in the exhibit. What does the red dashed line for the UDP: 137 flow represent?A . Discovered communication B. Allowed communication C. Blocked communication D. Unprotected communicationView AnswerAnswer: C Explanation: The red dashed line for the UDP:137...
Which three are required by URL Analysis? (Choose three.)
Which three are required by URL Analysis? (Choose three.) A. NSX Enterprise or higher license key B. Tier-1 gateway C. Tier-0 gateway D. OFW rule allowing traffic OUT to Internet E. Medium-sized edge node (or higher), or a physical form factor edge F. Layer 7 DNS firewall rule on NSX...
What needs to be configured on each transport node prior to using NSX-T Data Center Distributed Firewall time-based rule publishing?
What needs to be configured on each transport node prior to using NSX-T Data Center Distributed Firewall time-based rule publishing?A . DNS B. NTP C. PAT D. NATView AnswerAnswer: B Explanation: In order to use NSX-T Data Center Distributed Firewall time-based rule publishing, the NTP (Network Time Protocol) needs to...
Which two statements are true about IDS/IPS signatures? (Choose two.)
Which two statements are true about IDS/IPS signatures? (Choose two.)A . Users can upload their own IDS signature definitions from the NSX UI. B. IDS Signatures can be High Risk, Suspicious, Low Risk and Trustworthy. C. Users can create their own IDS signature definitions from the NSX UI. D. An...
How is this implemented in an NSX-T Data Center?
An administrator wants to use Distributed Intrusion Detection. How is this implemented in an NSX-T Data Center?A . As a distributed solution across multiple ESXi hosts. B. As a distributed solution across multiple KVM hosts. C. As a distributed solution across multiple NSX Managers. D. As a distributed solution across...
What must be completed with the virtual machine's vNIC before applying the rules?
A security administrator is required to protect East-West virtual machine traffic with the NSX Distributed Firewall. What must be completed with the virtual machine's vNIC before applying the rules?A . It is connected to the underlay. B. It must be connected to a vSphere Standard Switch. C. It is connected...
Which menu item would the administrator select to configure the Security Groups?
An administrator wants to configure NSX-T Security Groups inside a distributed firewall rule. Which menu item would the administrator select to configure the Security Groups?A . System B. Inventory C. Security D. NetworkingView AnswerAnswer: C Explanation: To configure NSX-T Security Groups inside a distributed firewall rule, the administrator would select...