01. Which three are required by URL Analysis?
(Choose three.)
a) OFW rule allowing traffic OUT to Internet
b) Tier-1 gateway
c) Medium-sized edge node (or higher), or a physical form factor edge
d) Tier-0 gateway
e) Layer 7 DNS firewall rule on NSX Edge cluster
f) NSX Enterprise or higher license key
02. As part of an audit, an administrator is required to demonstrate that measures have been taken to prevent critical vulnerabilities from being exploited. Which Distributed IDS/IPS event filter can the administrator show as proof?
a) CVE
b) CVSS
c) Attack Type
d) Signature ID
03. In a brownfield environment with NSX-T Data Center deployed and configured, a customer is interested in Endpoint Protection integrations. What recommendation should be provided to the customer when it comes to their existing virtual machines?
a) Virtual machine must be protected by vSphere HA.
b) Virtual machine hardware should be version 10 or higher.
c) A minimum installation of VMware tools is required.
d) A custom install of VMware tools is required to select the drivers.
04. Which are the four use cases for NSX Tags?
a) Accountability, Third-party sharing/context sharing. Security, and Logging
b) Manageability, Third-party sharing/context sharing, Security, and Troubleshooting (Traceability)
c) Accountability, Third-party sharing/context sharing, Security, and Troubleshooting (Traceability)
d) Manageability, Third-party sharing/context sharing. Security, and Logging
05. Which vCenter component is used by the NSX Manager to deploy the Partner Service VM on every host of a cluster configured for guest introspection?
a) Update Manager (VUM)
b) Component Manager
c) Auto Deploy
d) ESXi Agent Manager (EAM)
06. What type of IDS/IPS system deployment allows an administrator to block a known attack?
a) A system deployed inline with ALERT and DROP action.
b) A system deployed in TERM mode.
c) A system deployed in SPAN port mode.
d) A system deployed inline with ALERT action.
07. How does N5X Distributed IDS/IPS keep up to date with signatures?
a) NSX-T Data Center is using a cloud based database to download the IDS/IPS signatures.
b) NSX Edge uses manually uploaded signatures by the security administrator.
c) NSX Manager has a local IDS/IPS signatures database that does not need to be updated.
d) NSX Distributed IDS/IPS signatures are retrieved from updates.vmware.com.
08. When using URL Analysis In NSX-T, which two services must be set in the URL rule to capture traffic over TCP and UDP?
(Choose two.)
a) DHCPv6
b) DHCP
c) DNS-TSIG
d) DNS
e) DNS-UDP
09. To which network operations does a user with the Security Engineer role have full access permission?
a) Networking IP Address Pools, Networking NAT, Networking DHCP
b) Networking Forwarding Policies, Networking NAT, Networking VPN
c) Networking Load Balancing, Networking DNS, Networking Forwarding Policies
d) Networking DHCP, Networking NAT, Networking Segments
10. Where is a partner security virtual machine (Partner SVM) deployed to process the redirected North-South traffic in an efficient manner?
a) Deployed close to the Partner Manager.
b) Deployed close to the NSX Edge nodes.
c) Deployed close to the VMware vCenter Server.
d) Deployed close to the compute nodes.
We have prepared VMware NSX-T Data Center 3.1 Security (5V0-41.21) certification sample questions to make you aware of actual exam properties. This sample question set provides you with information about the NSX-T Data Center 3.1 Security exam pattern, question formate, a difficulty level of questions and time required to answer each question. To get familiar with VMware NSX-T Data Center Security Skills 2024 exam, we suggest you try our Sample VMware 5V0-41.21 Certification Practice Exam in simulated VMware certification exam environment.