2V0-41.20 Professional VMware NSX-T Data Center exams demo
Exam A
QUESTION 1
An NSX administrator noticed that the nsxcli command times out after 600 secs of idle time.
Which CLI command disables the nsxcli time out value on NSX Manager?
A. set cli-timeout 0
B. set cli-timeout enabled
C. set cli-timeout disabled
D. set cli-timeout 1
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 2
An NSX administrator is configuring the KVM hypervisor host as a transport node and wants to apply the
Failover Order as a NIC teaming policy.
Which profile allows the administrator to configure the NIC Teaming policy as Failover Order?
A. N-VDS/VDS Profile
B. Transport Node Profile
C. Host Switch Profile
D. Uplink Profile
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 3
Which two choices are prerequisites to configure NSX-T on VDS? (Choose two.)
A. MTU 1500
B. MTU 1400
C. vSphere Distributed Switch 6.5
D. vSphere Distributed Switch 7.0
E. MTU 1600
Correct Answer: DE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 4
Which command is used to display the network configuration of the Tunnel Endpoint (TEP) IP on a bare metal
transport node?
96CE4376707A97CE80D4B1916F054522
A. ifconfig
B. tcpdump
C. debug
D. ipconfig
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 5
Which three steps are required to create an IPsec VPN tunnel? (Choose three.)
A. Create an IPsec service.
B. Add a local endpoint.
C. Configure an IPsec session.
D. Configure a distributed firewall policy.
E. Add a logical switch.
Correct Answer: ABC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 6
An NSX administrator wants to create a Tier-0 Gateway to support equal cost multi-path (ECMP) routing.
Which failover detection protocol must be used to meet this requirement?
A. Beacon Probing (BP)
B. Host Standby Router Protocol (HSRP)
C. Bidirectional Forwarding Detection (BFD)
D. Virtual Router Redundancy Protocol (VRRP)
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 7
What are two supported N-VDS modes? (Choose two.)
A. DPDK Datapath
B. Overlay Datapath
C. Secure Datapath
D. Enhanced Datapath
E. Standard Datapath
96CE4376707A97CE80D4B1916F054522
Correct Answer: DE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 8
A user is assigned these two roles in NSX Manager:
LB Admin
Network Engineer
What privileges does this user have in the system?
A. read permissions on all networking services and full access permissions on load balancing features
B. full access permissions on all networking services and full access permissions on load balancing features
C. full access permissions on all networking services and read permissions on load balancing features
D. read permissions on all networking services and read permissions on load balancing features
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 9
An NSX administrator has configured a KVM hypervisor as a transport node.
Which kernel module on KVM implements a N-VDS?
A. openvswitch
B. etherswitch
C. nsx-vswitch
D. dyswitch
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 10
Which CLI command should be executed on a KVM hypervisor to retrieve the VM interface UUID?
A. virsh dumpxml <VM Name> | grep interfaceid
B. virsh get-interface <VM Name>
C. virsh show <VM Name> | grep interfaceid
D. virsh list-interface <VM Name>
Correct Answer: A
Section: (none)
Explanation
96CE4376707A97CE80D4B1916F054522
Explanation/Reference:
QUESTION 11
What are two types of supported IPSec VPNs in NSX-T Data Center? (Choose two.)
A. policy-based IPSec VPN
B. Layer-7 based IPSec VPN
C. route-based IPSec VPN
D. Open source based IPSec VPN
E. SSL based IPSec VPN
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 12
Which two choices are use cases for Distributed Intrusion Detection? (Choose two.)
A. Identify security vulnerabilities in the workloads.
B. Use agentless antivirus with Guest Introspection.
C. Quarantine workloads based on vulnerabilities.
D. Identify risk and reputation of accessed websites.
E. Gain insight about micro-segmentation traffic flows.
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 13
An NSX administrator has been tasked with deploying a NSX Edge Virtual machine through an ISO image.
Which virtual network interface card (vNIC) type must be selected while creating the NSX Edge VM allow
participation in overlay and VLAN transport zones?
A. e1000
B. VMXNET2
C. VMXNET3
D. Flexible
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 14
What needs to be configured on a Tier-0 Gateway to make NSX Edge Services available to a VM on a VLANbacked
logical switch?
A. Service interface
B. Loopback Router Port
C. Downlink interface
D. VLAN Uplink
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 15
Which CLI command does an NSX administrator run on the NSX Manager to generate support bundle logs if
the NSX UI is inaccessible?
A. get support-bundle file vcpnv.tgz
B. set support-bundle file vcpnv.tgz
C. vm-support
D. esxcli system syslog config logger set --id=nsxmanager
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 16
An NSX administrator would like to export syslog events that capture messages related to NSX host
preparation events.
Which message ID (msgid) should be used in the syslog export configuration command as a filter?
A. SYSTEM
B. FABRIC
C. GROUPING
D. MONITORING
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 17
Which CLI command shows syslog on NSX Manager?
A. show log manager follow
B. get log-file auth.log
C. get log-file syslog
96CE4376707A97CE80D4B1916F054522
D. /var/log/sysloq/syslog.log
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 18
Which three protocols could an NSX administrator use to transfer log messages to a remote log server?
(Choose three.)
A. SSL
B. HTTPS
C. TLS
D. UDP
E. SSH
F. TCP
Correct Answer: CDF
Section: (none)
Explanation
Explanation/Reference:
QUESTION 19
Which command is used to set the NSX Manager's logging-level to debug mode for troubleshooting?
A. set service nsx-manager logging-level debug
B. set service nsx-manager log-level debug
C. set service manager log-level debug
D. set service manager logging-level debug
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 20
The NSX Control Plane is responsible for which two functions? (Choose two.)
A. receive and validate configuration from NSX Policy
B. host API services
C. propagate topology information
D. push stateless configurations to forwarding engines
E. maintain packet-level statistics
Correct Answer: CD
Section: (none)
Explanation
96CE4376707A97CE80D4B1916F054522
Explanation/Reference:
QUESTION 21
An NSX administrator is using ping to check connectivity between VM1 running on ESXi1 to VM2 running on
ESXi2. The ping tests fails. The administrator knows the maximum transmission unit size on the physical
switch is 1600.
Which command does the administrator use to check the VMware kernel ports for tunnel end point
communication?
A. esxcli network diag ping -H <destination IP address>
B. vmkping ++netstack=geneve -d -s 1572 <destination IP address>
C. vmkping ++netstack=vxlan-d -s 1572 <destination IP address>
D. esxcli network diag ping -I vmk0 -H <destination IP address>
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 22
How is the RouterLink port created between a Tier-1 Gateway and Tier-0 Gateway?
A. Automatically created when Tier-1 is created.
B. Manually create a Segment and connect to both Tier-1 and Tier-0 Gateways.
C. Manually create a Logical Switch and connect to bother Tier-1 and Tier-0 Gateways.
D. Automatically created when Tier-1 is connected with Tier-0 from NSX UI.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference
BUY full version for more questions
QUESTION 1
An NSX administrator noticed that the nsxcli command times out after 600 secs of idle time.
Which CLI command disables the nsxcli time out value on NSX Manager?
A. set cli-timeout 0
B. set cli-timeout enabled
C. set cli-timeout disabled
D. set cli-timeout 1
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 2
An NSX administrator is configuring the KVM hypervisor host as a transport node and wants to apply the
Failover Order as a NIC teaming policy.
Which profile allows the administrator to configure the NIC Teaming policy as Failover Order?
A. N-VDS/VDS Profile
B. Transport Node Profile
C. Host Switch Profile
D. Uplink Profile
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
QUESTION 3
Which two choices are prerequisites to configure NSX-T on VDS? (Choose two.)
A. MTU 1500
B. MTU 1400
C. vSphere Distributed Switch 6.5
D. vSphere Distributed Switch 7.0
E. MTU 1600
Correct Answer: DE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 4
Which command is used to display the network configuration of the Tunnel Endpoint (TEP) IP on a bare metal
transport node?
96CE4376707A97CE80D4B1916F054522
A. ifconfig
B. tcpdump
C. debug
D. ipconfig
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 5
Which three steps are required to create an IPsec VPN tunnel? (Choose three.)
A. Create an IPsec service.
B. Add a local endpoint.
C. Configure an IPsec session.
D. Configure a distributed firewall policy.
E. Add a logical switch.
Correct Answer: ABC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 6
An NSX administrator wants to create a Tier-0 Gateway to support equal cost multi-path (ECMP) routing.
Which failover detection protocol must be used to meet this requirement?
A. Beacon Probing (BP)
B. Host Standby Router Protocol (HSRP)
C. Bidirectional Forwarding Detection (BFD)
D. Virtual Router Redundancy Protocol (VRRP)
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 7
What are two supported N-VDS modes? (Choose two.)
A. DPDK Datapath
B. Overlay Datapath
C. Secure Datapath
D. Enhanced Datapath
E. Standard Datapath
96CE4376707A97CE80D4B1916F054522
Correct Answer: DE
Section: (none)
Explanation
Explanation/Reference:
QUESTION 8
A user is assigned these two roles in NSX Manager:
LB Admin
Network Engineer
What privileges does this user have in the system?
A. read permissions on all networking services and full access permissions on load balancing features
B. full access permissions on all networking services and full access permissions on load balancing features
C. full access permissions on all networking services and read permissions on load balancing features
D. read permissions on all networking services and read permissions on load balancing features
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 9
An NSX administrator has configured a KVM hypervisor as a transport node.
Which kernel module on KVM implements a N-VDS?
A. openvswitch
B. etherswitch
C. nsx-vswitch
D. dyswitch
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 10
Which CLI command should be executed on a KVM hypervisor to retrieve the VM interface UUID?
A. virsh dumpxml <VM Name> | grep interfaceid
B. virsh get-interface <VM Name>
C. virsh show <VM Name> | grep interfaceid
D. virsh list-interface <VM Name>
Correct Answer: A
Section: (none)
Explanation
96CE4376707A97CE80D4B1916F054522
Explanation/Reference:
QUESTION 11
What are two types of supported IPSec VPNs in NSX-T Data Center? (Choose two.)
A. policy-based IPSec VPN
B. Layer-7 based IPSec VPN
C. route-based IPSec VPN
D. Open source based IPSec VPN
E. SSL based IPSec VPN
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 12
Which two choices are use cases for Distributed Intrusion Detection? (Choose two.)
A. Identify security vulnerabilities in the workloads.
B. Use agentless antivirus with Guest Introspection.
C. Quarantine workloads based on vulnerabilities.
D. Identify risk and reputation of accessed websites.
E. Gain insight about micro-segmentation traffic flows.
Correct Answer: AC
Section: (none)
Explanation
Explanation/Reference:
QUESTION 13
An NSX administrator has been tasked with deploying a NSX Edge Virtual machine through an ISO image.
Which virtual network interface card (vNIC) type must be selected while creating the NSX Edge VM allow
participation in overlay and VLAN transport zones?
A. e1000
B. VMXNET2
C. VMXNET3
D. Flexible
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 14
What needs to be configured on a Tier-0 Gateway to make NSX Edge Services available to a VM on a VLANbacked
logical switch?
A. Service interface
B. Loopback Router Port
C. Downlink interface
D. VLAN Uplink
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 15
Which CLI command does an NSX administrator run on the NSX Manager to generate support bundle logs if
the NSX UI is inaccessible?
A. get support-bundle file vcpnv.tgz
B. set support-bundle file vcpnv.tgz
C. vm-support
D. esxcli system syslog config logger set --id=nsxmanager
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 16
An NSX administrator would like to export syslog events that capture messages related to NSX host
preparation events.
Which message ID (msgid) should be used in the syslog export configuration command as a filter?
A. SYSTEM
B. FABRIC
C. GROUPING
D. MONITORING
Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:
QUESTION 17
Which CLI command shows syslog on NSX Manager?
A. show log manager follow
B. get log-file auth.log
C. get log-file syslog
96CE4376707A97CE80D4B1916F054522
D. /var/log/sysloq/syslog.log
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
QUESTION 18
Which three protocols could an NSX administrator use to transfer log messages to a remote log server?
(Choose three.)
A. SSL
B. HTTPS
C. TLS
D. UDP
E. SSH
F. TCP
Correct Answer: CDF
Section: (none)
Explanation
Explanation/Reference:
QUESTION 19
Which command is used to set the NSX Manager's logging-level to debug mode for troubleshooting?
A. set service nsx-manager logging-level debug
B. set service nsx-manager log-level debug
C. set service manager log-level debug
D. set service manager logging-level debug
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 20
The NSX Control Plane is responsible for which two functions? (Choose two.)
A. receive and validate configuration from NSX Policy
B. host API services
C. propagate topology information
D. push stateless configurations to forwarding engines
E. maintain packet-level statistics
Correct Answer: CD
Section: (none)
Explanation
96CE4376707A97CE80D4B1916F054522
Explanation/Reference:
QUESTION 21
An NSX administrator is using ping to check connectivity between VM1 running on ESXi1 to VM2 running on
ESXi2. The ping tests fails. The administrator knows the maximum transmission unit size on the physical
switch is 1600.
Which command does the administrator use to check the VMware kernel ports for tunnel end point
communication?
A. esxcli network diag ping -H <destination IP address>
B. vmkping ++netstack=geneve -d -s 1572 <destination IP address>
C. vmkping ++netstack=vxlan-d -s 1572 <destination IP address>
D. esxcli network diag ping -I vmk0 -H <destination IP address>
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
QUESTION 22
How is the RouterLink port created between a Tier-1 Gateway and Tier-0 Gateway?
A. Automatically created when Tier-1 is created.
B. Manually create a Segment and connect to both Tier-1 and Tier-0 Gateways.
C. Manually create a Logical Switch and connect to bother Tier-1 and Tier-0 Gateways.
D. Automatically created when Tier-1 is connected with Tier-0 from NSX UI.
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference
BUY full version for more questions
Leave a comment